Rehber HijackThis Log Paylaşımı ve Çözümleri

Cesar dedi:
revo uninstaller
Genişletmek için tıkla...
Revo ile bir şey kaldırmayın bu sistem dosyalarına zarar veren bir yazılım. Kullanmasını tam bilmeyenler için sorun teşkil eder.
chkdsk /f /r çalıştırın. Sonrasında sistem açılınca sfc /scannow çalıştırın.
 
@aidenfocus
Bunları fixleyin:
Kod: 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = hxxp://vvv.joygame.com/games.aspx?g=2001
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyOverride] = *.local
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6E43EFE9-1785-408C-BBA2-08ED4B8C5C6D}: [SuggestionsURL] = hxxp://asp.assoc-amazon.co.uk/suggestions?q={searchTerms}&t=hp-uk1-vsb-21 - Amazon (UK) Search Suggestions
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6E43EFE9-1785-408C-BBA2-08ED4B8C5C6D}: [SuggestionsURL_JSON] = hxxp://completion.amazon.co.uk/search/complete?method=completion&q={searchTerms}&search-alias=aps&client=amzn-search-suggestions/9fe582406fb5106f343a84083d78795713c12d68&mkt=3 - Amazon (UK) Search Suggestions
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6E43EFE9-1785-408C-BBA2-08ED4B8C5C6D}: [URL] = hxxp://vvv.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5FcPortugueseode=qs&index=aps&field-keywords={searchTerms} - Amazon (UK) Search Suggestions
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = hxxps://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = hxxps://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{6E43EFE9-1785-408C-BBA2-08ED4B8C5C6D}: [SuggestionsURL] = hxxp://asp.assoc-amazon.co.uk/suggestions?q={searchTerms}&t=hp-uk1-vsb-21 - Amazon (UK) Search Suggestions
R4 - SearchScopes: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{6E43EFE9-1785-408C-BBA2-08ED4B8C5C6D}: [SuggestionsURL_JSON] = hxxp://completion.amazon.co.uk/search/complete?method=completion&q={searchTerms}&search-alias=aps&client=amzn-search-suggestions/9fe582406fb5106f343a84083d78795713c12d68&mkt=3 - Amazon (UK) Search Suggestions
R4 - SearchScopes: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{6E43EFE9-1785-408C-BBA2-08ED4B8C5C6D}: [URL] = hxxp://vvv.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5FcPortugueseode=qs&index=aps&field-keywords={searchTerms} - Amazon (UK) Search Suggestions
O4 - HKU\S-1-5-19\..\RunOnce: [OMENCC_InstallationBooster] = C:\system.sav\util\OMENCC_InstallationBooster.exe (User 'Local service') (sign: 'HP Inc.')
O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'Local service') (sign: 'Microsoft')
O4 - HKU\S-1-5-20\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'Network service') (sign: 'Microsoft')
O4 - HKU\S-1-5-20\..\RunOnce: [OMENCC_InstallationBooster] = C:\system.sav\util\OMENCC_InstallationBooster.exe (User 'Network service') (sign: 'HP Inc.')
O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'Network service') (sign: 'Microsoft')
O4 - MountPoints2: HKCU\..\{af539a70-ef72-11ed-a618-489ebd2accb0}\shell\AutoRun\command: (default) = D:\HiSuiteDownLoader.exe (file missing)

O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\\x01 MEGA (Pending): (no name) - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\\x01 MEGA (Synced): (no name) - {05B38830-F4E9-4329-978B-1DD28605D202} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\\x01 MEGA (Syncing): (no name) - {0596C850-7BDD-4C9D-AFDF-873BE6890637} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O22 - BITS Job: (download) {5D4AA69E-68AD-4CB3-BA2D-211410EDCEB8} - hxxps://vvv.google.com/dl/release2/chrome_component/acwcdm4bj7lx4xbm2ireywxlhvca_4.10.2710.0/oimompecagnajdejgnnjijobebaeigek_4.10.2710.0_win64_adsurwm4gclupf32xdrpgdnapira.crx3 -> C:\Users\focus\AppData\Local\Temp\chrome_BITS_10100_1316965821\oimompecagnajdejgnnjijobebaeigek_4.10.2710.0_win64_adsurwm4gclupf32xdrpgdnapira.crx3
O22 - BITS Job: (download) {A038556D-222D-4B9B-80E7-58193C7BBA0E} - hxxp://edgedl.me.gvt1.com/edgedl/release2/chrome_component/acwcdm4bj7lx4xbm2ireywxlhvca_4.10.2710.0/oimompecagnajdejgnnjijobebaeigek_4.10.2710.0_win64_adsurwm4gclupf32xdrpgdnapira.crx3 -> C:\Users\focus\AppData\Local\Temp\chrome_BITS_10804_2052589905\oimompecagnajdejgnnjijobebaeigek_4.10.2710.0_win64_adsurwm4gclupf32xdrpgdnapira.crx3
O22 - BITS Job: (download) {BC678153-FFCA-4121-88F3-2E91296CD0A6} - hxxps://dl.google.com/release2/chrome_component/acwcdm4bj7lx4xbm2ireywxlhvca_4.10.2710.0/oimompecagnajdejgnnjijobebaeigek_4.10.2710.0_win64_adsurwm4gclupf32xdrpgdnapira.crx3 -> C:\Users\focus\AppData\Local\Temp\chrome_BITS_11148_483035686\oimompecagnajdejgnnjijobebaeigek_4.10.2710.0_win64_adsurwm4gclupf32xdrpgdnapira.crx3

O22 - Tasks_Migrated: (disabled) aidenfocus - C:\WINDOWS\system32\cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v aidenfocus /t REG_SZ /d "explorer.exe hxxp://exinariuminix.info" (sign: 'Microsoft')
O22 - Tasks_Migrated: ASC_PerformanceMonitor - C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe /Task (file missing)
O22 - Tasks_Migrated: ASC_SkipUac_aidenfocus - C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe /SkipUac (file missing)
O22 - Tasks_Migrated: Driver Booster Scheduler - C:\Program Files (x86)\IObit\Driver Booster\9.5.0\Scheduler.exe /scheduler (file missing)
O22 - Tasks_Migrated: Driver Booster SkipUAC (aidenfocus) - C:\Program Files (x86)\IObit\Driver Booster\9.5.0\DriverBooster.exe /skipuac (file missing)
O22 - Tasks_Migrated: Driver Booster Update - C:\Program Files (x86)\IObit\Driver Booster\9.5.0\AutoUpdate.exe /auto (file missing)
O23 - Driver S3: cpuz150 - C:\WINDOWS\temp\cpuz150\cpuz150_x64.sys (file missing)

Sürücü bulucu kullanmışsınız kullanmayın hiçbir zaman.
 
çok teşekkür ederim
 
Genel sistem performansını arttırmak için cevaplar mısınız?

Kod: 
Logfile of HiJackThis+ (Plus) build 2024-04-18 Alpha v.3.4.0.9

Platform:  x64 Windows 10 (Home Single Language), 10.0.19045.4780 (ReleaseId: 2009, 22H2), Service Pack: 0
Time:      24.08.2024 - 00:22 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Memory:    28186 MiB Free. Loading RAM (15 %), CPU (7 %)
Elevated:  Yes
Ran by:    BARIS    (group: Administrators; type: Local) on DESKTOP-UUCGUO0, FirstRun: yes

Chrome:  127.0.6533.120
Internet Explorer: 11.0.19041.4355
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal (Secure Boot: On)

Running processes:
Number | Path
   4  C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.18\avp.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.18\avpui.exe
   1  C:\Program Files (x86)\Keyboard LEDs\KeyboardLeds.exe
   1  C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
   7  C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
   1  C:\Program Files (x86)\Steam\steam.exe
   1  C:\Program Files\Cloudflare\Cloudflare WARP\warp-svc.exe
   1  C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
   9  C:\Program Files\Google\Chrome\Application\chrome.exe
   1  C:\Program Files\LGHUB\lghub_agent.exe
   1  C:\Program Files\LGHUB\lghub_updater.exe
   1  C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe
   2  C:\Program Files\NVIDIA Corporation\NvBroadcast.NvContainer\NvBroadcast.Container.exe
   2  C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
   1  C:\Program Files\NVIDIA Corporation\NVIDIA Broadcast\NVIDIA Broadcast UI.exe
   1  C:\Program Files\NVIDIA Corporation\NVIDIA Broadcast\NvVirtualCamera\NVIDIA Broadcast.exe
   1  C:\Program Files\OpenVPN Connect\agent_ovpnconnect.exe
   1  C:\Program Files\OpenVPN Connect\ovpnhelper_service.exe
   1  C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2405.2.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
   1  C:\Program Files\WindowsApps\Microsoft.YourPhone_1.24072.111.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
   6  C:\Users\BARIS\AppData\Local\Discord\app-1.0.9159\Discord.exe
   1  C:\Users\BARIS\Desktop\HiJackThis.exe
   1  C:\Windows\explorer.exe
   1  C:\Windows\ImmersiveControlPanel\SystemSettings.exe
   1  C:\Windows\System32\AggregatorHost.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   1  C:\Windows\System32\audiodg.exe
   1  C:\Windows\System32\CompPkgSrv.exe
   1  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   2  C:\Windows\System32\dllhost.exe
   2  C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_78cd02ab022cd554\Display.NvContainer\NVDisplay.Container.exe
   2  C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_af49968a824c7864\RtkAudUService64.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\oobe\UserOOBEBroker.exe
   7  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  25  C:\Windows\System32\svchost.exe
   2  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\wbem\unsecapp.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\System32\WUDFHost.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe


O2 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (sign: 'Tonec Inc.')
O2-32 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (sign: 'Tonec Inc.')
O4 - ActiveSetup: HKLM\..\{8A69D345-D564-463c-AFF1-A69D9E530F96}: [StubPath] = C:\Program Files\Google\Chrome\Application\127.0.6533.120\Installer\chrmstp.exe --configure-user-settings --verbose-logging --system-level --channel=stable (sign: 'Google LLC')
O4 - Autorun.inf: E:\autorun.inf - open - sources\SetupError.exe x64 (file missing)
O4 - HKCU\..\Run: [Discord] = C:\Users\BARIS\AppData\Local\Discord\Update.exe --processStart Discord.exe (sign: 'Discord Inc.')
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_FB3CE416330CF976E50BF9D7EB60672D] = C:\Program Files\Google\Chrome\Application\chrome.exe --no-startup-window /prefetch:5 (sign: 'Google LLC')
O4 - HKCU\..\Run: [KeyboardLeds.exe] = C:\Program Files (x86)\Keyboard LEDs\KeyboardLeds.exe (not signed - KARPOLAN - 6A39C612A152AFE9CDD5D4D78393F36DC06649A8)
O4 - HKCU\..\Run: [LGHUB] = C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe --minimized (sign: 'Logitech Inc')
O4 - HKCU\..\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (sign: 'Valve Corp.')
O4 - HKCU\..\StartupApproved\Run: [IDMan] = C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot (2024/06/21) (sign: 'Tonec Inc.')
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_01B5E43E01F651100BCAD52F0506BE4A] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --win-session-start (2024/06/21) (sign: 'Microsoft')
O4 - HKLM\..\Run: [RtkAudUService] = C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_af49968a824c7864\RtkAudUService64.exe -background (sign: 'Realtek Semiconductor Corp.')
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\Windows\system32\SecurityHealthSystray.exe (sign: 'Microsoft')
O4 - HKLM\..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Cloudflare WARP.lnk    ->    C:\Program Files (x86)\Cloudflare\Cloudflare WARP\Cloudflare WARP.exe (file missing) (2024/08/09)
O7 - Policy: (UAC) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System: [ConsentPromptBehaviorAdmin] = 0
O7 - Policy: (UAC) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System: [EnableLUA] = 0
O7 - Policy: (UAC) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System: [PromptOnSecureDesktop] = 0
O7 - Policy: HKLM\Software\Microsoft\Windows Defender: [DisableAntiSpyware] = 1
O7 - Policy: HKLM\Software\Microsoft\Windows Defender: [DisableAntiVirus] = 1
O7 - Policy: HKLM\Software\Policies\Microsoft\Windows Defender: [DisableAntiSpyware] = 1
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\IDM ile indir: (default) = C:\Program Files (x86)\Internet Download Manager\IEExt.htm (not signed - no company - 1A49C5F7A98580F8002AC1D6115AB39CB753975B)
O15 - Trusted Zone: hxxps://istanbuledutr-files.sharepoint.com
O15 - Trusted Zone: hxxps://istanbuledutr-myfiles.sharepoint.com
O17 - DHCP DNS 1: 94.140.14.49
O17 - DHCP DNS 2: 94.140.14.59
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll (sign: 'Tonec Inc.')
O22 - Tasks: (disabled) (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (sign: 'Microsoft')
O22 - Tasks: (disabled) (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (sign: 'Microsoft')
O22 - Tasks: (disabled) (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Office\Office Performance Monitor - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (sign: 'Microsoft')
O22 - Tasks: (telemetry) NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe (sign: 'NVIDIA Corporation')
O22 - Tasks: (telemetry) NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe (sign: 'NVIDIA Corporation')
O22 - Tasks: (telemetry) NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe (sign: 'NVIDIA Corporation')
O22 - Tasks: (telemetry) NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe (sign: 'NVIDIA Corporation')
O22 - Tasks: \GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem129.0.6651.0{8ABA123E-BE52-42A0-9CD4-15821EAA6210} - C:\Program Files (x86)\Google\GoogleUpdater\129.0.6651.0\updater.exe --wake --system (sign: 'Google LLC')
O22 - Tasks: \Microsoft\Office\Office Serviceability Manager - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe /checkin (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\SMB\UninstallSMB1ClientTask - C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\Windows\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client" (sign: '')
O22 - Tasks: \Microsoft\Windows\SMB\UninstallSMB1ServerTask - C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\Windows\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server" (sign: '')
O22 - Tasks: Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} - C:\Program Files\Common Files\AV\Kaspersky\upgrade_launcher.exe /waitUpgrade (sign: 'AO Kaspersky Lab')
O22 - Tasks: NvBroadcast_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA Broadcast\NVIDIA Broadcast UI.exe -minimized (sign: 'NVIDIA Corporation')
O22 - Tasks: NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log (sign: 'NVIDIA Corporation')
O22 - Tasks: NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (sign: 'NVIDIA Corporation')
O22 - Tasks: NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler (sign: 'NVIDIA Corporation')
O22 - Tasks: NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (sign: 'NVIDIA Corporation')
O22 - Tasks: NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (sign: 'NVIDIA Corporation')
O23 - Service R2: Cloudflare WARP - (CloudflareWARP) - C:\Program Files\Cloudflare\Cloudflare WARP\warp-svc.exe (sign: 'Cloudflare, Inc.')
O23 - Service R2: Kaspersky Hizmeti 21.18 - (AVP21.18) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.18\avp.exe -r (sign: 'Kaspersky Lab JSC')
O23 - Service R2: LGHUB Updater Service - (LGHUBUpdaterService) - C:\Program Files\LGHUB\lghub_updater.exe --run-as-service (sign: 'Logitech Inc')
O23 - Service R2: NVIDIA Broadcast LocalSystem Container - (NvBroadcast.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvBroadcast.NvContainer\NvBroadcast.Container.exe -s NvBroadcast.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvBroadcast.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvBroadcast.NvContainer\plugins\LocalSystem" -r -p 30000  (sign: 'Nvidia Corporation')
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_78cd02ab022cd554\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_78cd02ab022cd554\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem /ert (sign: 'NVIDIA Corporation')
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -ert (sign: 'NVIDIA Corporation')
O23 - Service R2: OpenVPN Agent agent_ovpnconnect - (agent_ovpnconnect) - C:\Program Files\OpenVPN Connect\agent_ovpnconnect.exe (sign: 'OpenVPN Inc.')
O23 - Service R2: OpenVPN Connect Helper Service - (ovpnhelper_service) - C:\Program Files\OpenVPN Connect\ovpnhelper_service.exe (sign: 'OpenVPN Inc.')
O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_af49968a824c7864\RtkAudUService64.exe (sign: 'Realtek Semiconductor Corp.')
O23 - Service S2: GoogleUpdater InternalService 129.0.6651.0 (GoogleUpdaterInternalService129.0.6651.0) - (GoogleUpdaterInternalService129.0.6651.0) - C:\Program Files (x86)\Google\GoogleUpdater\129.0.6651.0\updater.exe --system --windows-service --service=update-internal (sign: 'Google LLC')
O23 - Service S2: GoogleUpdater Service 129.0.6651.0 (GoogleUpdaterService129.0.6651.0) - (GoogleUpdaterService129.0.6651.0) - C:\Program Files (x86)\Google\GoogleUpdater\129.0.6651.0\updater.exe --system --windows-service --service=update (sign: 'Google LLC')
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe (sign: 'BattlEye Innovations e.K.')
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\127.0.6533.120\elevation_service.exe (sign: 'Google LLC')
O23 - Service S3: Kaspersky Volume Shadow Copy Service Bridge 21.18 - (klvssbridge64_21.18) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.18\x64\vssbridge64.exe (sign: 'AO Kaspersky Lab')
O23 - Service S3: Microsoft Defender Çekirdek Hizmeti - (MDCoreSvc) - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24060.7-0\MpDefenderCoreService.exe (sign: 'Microsoft')
O23 - Service S3: NVIDIA FrameView SDK service - (FvSvc) - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe -service (sign: 'NVIDIA Corporation')
O23 - Service S3: ProtonVPN Service - C:\Program Files\Proton\VPN\v3.3.0\ProtonVPNService.exe (sign: 'Proton AG')
O23 - Service S3: ProtonVPN WireGuard - C:\Program Files\Proton\VPN\v3.3.0\ProtonVPN.WireGuardService.exe "C:\Program Files\Proton\VPN\v3.3.0\ServiceData\WireGuard\ProtonVPN.conf" "tls" (sign: 'Proton AG')
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService (sign: 'Valve Corp.')
O23 - Service S3: Uncheater for BattleGrounds_GL - (ucldr_battlegrounds_gl) - C:\Program Files\Common Files\Wellbia.com\ucldr_battlegrounds_gl.exe (sign: 'Wellbia.com Co., Ltd.')
O23 - Service S3: XIGNCODE3 for KnightOnline GB - (xldr_KnightOnline_GB) - C:\Program Files\Common Files\Wellbia.com\xldr_KnightOnline_GB.exe (sign: 'Wellbia.com Co., Ltd.')
O23 - Service S3: Zakynthos Service - (zksvc) - C:\Program Files\Common Files\PUBG\zksvc.exe (sign: 'KRAFTON, Inc.')
O23 - Driver R0: AMD PSP Service - (amdpsp) - C:\Windows\System32\drivers\amdpsp.sys (sign: 'Advanced Micro Devices')
O23 - Driver R0: AO Kaspersky Lab Cryptographic Module x64 (56 bit) - (cm_km) - C:\Windows\system32\DRIVERS\cm_km.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R0: klupd_K4W-21-18_arkmon - C:\Windows\System32\Drivers\klupd_K4W-21-18_arkmon.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R0: klupd_K4W-21-18_klbg - C:\Windows\System32\Drivers\klupd_K4W-21-18_klbg.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Anti-Virus NDIS 6 Filter - (klim6) - C:\Windows\system32\DRIVERS\klim6.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab Driver.K4W-21-18 - (KLIF.K4W-21-18) - C:\Windows\system32\DRIVERS\K4W-21-18\klif.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab format recognizer driver.K4W-21-18 - (klpd.K4W-21-18) - C:\Windows\system32\DRIVERS\K4W-21-18\klpd.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab Kernel DLL.K4W-21-18 - (klflt.K4W-21-18) - C:\Windows\system32\DRIVERS\K4W-21-18\klflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab klbackupdisk.K4W-21-18 - (klbackupdisk.K4W-21-18) - C:\Windows\system32\DRIVERS\K4W-21-18\klbackupdisk.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab klbackupflt.K4W-21-18 - (klbackupflt.K4W-21-18) - C:\Windows\system32\DRIVERS\K4W-21-18\klbackupflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab KLKBDFLT.K4W-21-18 - (klkbdflt.K4W-21-18) - C:\Windows\system32\DRIVERS\K4W-21-18\klkbdflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab klpnpflt.K4W-21-18 - (klpnpflt.K4W-21-18) - C:\Windows\system32\DRIVERS\K4W-21-18\klpnpflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab Security Extender Driver.K4W-21-18 - (klgse.K4W-21-18) - C:\Windows\system32\DRIVERS\K4W-21-18\klgse.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab service driver.K4W-21-18 - (klhk.K4W-21-18) - C:\Windows\system32\DRIVERS\K4W-21-18\klhk.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: kldisk.K4W-21-18 - C:\Windows\system32\DRIVERS\K4W-21-18\kldisk.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: klwtp.K4W-21-18 - C:\Windows\system32\DRIVERS\K4W-21-18\klwtp.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: kneps.K4W-21-18 - C:\Windows\system32\DRIVERS\K4W-21-18\kneps.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R2: IDMWFP - C:\Windows\System32\drivers\idmwfp.sys (sign: 'Microsoft' - Tonec Inc.)
O23 - Driver R3: AMD GPIO Client Driver - (amdgpio2) - C:\Windows\System32\drivers\amdgpio2.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R3: AMD GPIO Client Driver - (amdgpio3) - C:\Windows\System32\drivers\amdgpio3.sys (sign: 'ASMedia Technology Inc.')
O23 - Driver R3: AMD PCI - (AMDPCIDev) - C:\Windows\System32\drivers\AMDPCIDev.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R3: Kaspersky Lab KLMOUFLT.K4W-21-18 - (klmouflt.K4W-21-18) - C:\Windows\system32\DRIVERS\K4W-21-18\klmouflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R3: klids.K4W-21-18 - C:\ProgramData\Kaspersky Lab\AVP21.18\Bases\klids.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R3: klupd_K4W-21-18_klark - C:\Windows\System32\Drivers\klupd_K4W-21-18_klark.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R3: klupd_K4W-21-18_mark - C:\Windows\System32\Drivers\klupd_K4W-21-18_mark.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R3: Logitech G HUB Translation Layer Driver - (logi_joy_xlcore) - C:\Windows\system32\drivers\logi_joy_xlcore.sys (sign: 'Logitech Inc')
O23 - Driver R3: Logitech G HUB Virtual Bus Enumerator Driver - (logi_joy_bus_enum) - C:\Windows\system32\drivers\logi_joy_bus_enum.sys (sign: 'Logitech Inc')
O23 - Driver R3: Logitech G HUB Virtual HID Device Driver - (logi_joy_vir_hid) - C:\Windows\system32\drivers\logi_joy_vir_hid.sys (sign: 'Logitech Inc')
O23 - Driver R3: NVIDIA Broadcast - (nvrtxvad_WaveExtensible) - C:\Windows\system32\drivers\nvrtxvad64v.sys (sign: 'Nvidia Corporation')
O23 - Driver R3: NVIDIA Virtual Audio Device (Wave Extensible) (WDM) - (nvvad_WaveExtensible) - C:\Windows\system32\drivers\nvvad64v.sys (sign: 'NVIDIA Corporation')
O23 - Driver R3: nvlddmkm - C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_78cd02ab022cd554\nvlddmkm.sys (sign: 'NVIDIA Corporation')
O23 - Driver R3: NvModuleTracker - C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys (sign: 'NVIDIA Corporation')
O23 - Driver R3: NVVHCI Enumerator Service - (nvvhci) - C:\Windows\System32\drivers\nvvhci.sys (sign: 'Nvidia Corporation')
O23 - Driver R3: ovpn-dco - C:\Windows\System32\drivers\ovpn-dco.sys (sign: 'Microsoft' - OpenVPN, Inc)
O23 - Driver R3: Realtek RT640 NT Driver - (rt640x64) - C:\Windows\System32\drivers\rt640x64.sys (+safe mode) (sign: 'Realtek Semiconductor Corp.')
O23 - Driver R3: Service for NVIDIA High Definition Audio Driver - (NVHDA) - C:\Windows\system32\drivers\nvhda64v.sys (sign: 'NVIDIA Corporation')
O23 - Driver R3: Service for Realtek HD Audio (WDM) - (IntcAzAudAddService) - C:\Windows\system32\drivers\RTKVHD64.sys (sign: 'Realtek Semiconductor Corp.')
O23 - Driver R3: TAP-Windows Adapter V9 for OpenVPN Connect - (tap_ovpnconnect) - C:\Windows\System32\drivers\tap_ovpnconnect.sys (+safe mode) (sign: 'Microsoft' - The OpenVPN Project)
O23 - Driver S3: Intel(R) Serial IO GPIO Controller Driver - (iaLPSSi_GPIO) - C:\Windows\System32\drivers\iaLPSSi_GPIO.sys (sign: 'Intel Corporation - Client Components Group')
O23 - Driver S3: ProtonVPNCallout - C:\Program Files\Proton\VPN\v3.3.0\Resources\ProtonVPN.CalloutDriver.sys (+safe mode) (sign: 'Proton AG')
O23 - Driver S3: Wintun - (wintun) - C:\Windows\System32\drivers\wintun.sys (sign: 'Microsoft' - WireGuard LLC)
O23 - Driver S3: WireGuard - C:\Windows\System32\drivers\wireguard.sys (sign: 'Microsoft' - WireGuard LLC)
O23 - Driver S3: xhunter1 - C:\Windows\xhunter1.sys (sign: 'Wellbia.com Co., Ltd.')
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'klim6'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'klwtp.K4W-21-18'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'ProtonVPN Service'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'ProtonVPNCallout'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'rt640x64'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'tap_ovpnconnect'
O26 - Debugger: HKLM\..\NvTelemetryContainer.exe: [Debugger] = C:\Windows\System32\taskkill.exe (sign: 'Microsoft')
O27 - RDP: (Other) HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server: [fDenyTSConnections] = 0


--
End of file - Time spent: 15,2 sec. - 1300970 bytes, CRC32: FFFFFFFF. Sign: 勮鞝
 
Temiz önyükleme yapın. Keyboard LEDs kendiniz mi yüklediniz? Kaldırmanızı tavsiye ederim. Cloudflare kendiniz mi kurdunuz?
Bunları fixleyin:
Kod: 
O4 - ActiveSetup: HKLM\..\{8A69D345-D564-463c-AFF1-A69D9E530F96}: [StubPath] = C:\Program Files\Google\Chrome\Application\127.0.6533.120\Installer\chrmstp.exe --configure-user-settings --verbose-logging --system-level --channel=stable (sign: 'Google LLC')
O4 - Autorun.inf: E:\autorun.inf - open - sources\SetupError.exe x64 (file missing)
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_FB3CE416330CF976E50BF9D7EB60672D] = C:\Program Files\Google\Chrome\Application\chrome.exe --no-startup-window /prefetch:5 (sign: 'Google LLC')
O4 - HKCU\..\Run: [KeyboardLeds.exe] = C:\Program Files (x86)\Keyboard LEDs\KeyboardLeds.exe (not signed - KARPOLAN - 6A39C612A152AFE9CDD5D4D78393F36DC06649A8)
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_01B5E43E01F651100BCAD52F0506BE4A] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --win-session-start (2024/06/21) (sign: 'Microsoft')
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\Windows\system32\SecurityHealthSystray.exe (sign: 'Microsoft')

OpenVPN ve Proton VPN ikisinden birini kaldırın.
Hem Defender hem de Kasperskuy aktif olarak kullanmayın otomatik kapanması gerekirdi Defender kendiniz açtıysanız kapatın.
 

Keyboard leds ve WARP Cloudflare kendim kullanıyorum hocam aktif olarak.
OpenVPN ve proton VPN'de aynı şekilde farklı zamanlarda kullanımı oluyor benim için.
Defender'i kapatmadan Kaspersky kurmuştum. Sonrasında sizin önceden paylaştığınız reg dosyasını çalıştırdım şu anda kapalı gözüküyordur muhtemelen. Teşekkürler.
 
Merhaba,
Malware ve sistem performansı için yardım istiyorum.


Kod: 
Logfile of HiJackThis+ (Plus) build 2024-04-18 Alpha v.3.4.0.9

Platform:  x64 Windows 10 (Pro), 10.0.19045.4780 (ReleaseId: 2009, 22H2), Service Pack: 0
Time:      29.08.2024 - 01:03 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: English (0x409). Non-Unicode: Turkish (0x41F)
Memory:    9295 MiB Free. Loading RAM (44 %), CPU (26 %)
Elevated:  Yes
Ran by:    Alper    (group: Administrators; type: Local) on DESK-ALP, FirstRun: no

Chrome:  128.0.6613.85
Firefox: 129.0.1.559
Internet Explorer: 11.0.19041.4355
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal (Secure Boot: Off)

Running processes:
Number | Path
   1  C:\Program Files (x86)\AIMP\AIMP.exe
   1  C:\Program Files (x86)\Clipdiary\Clipdiary.exe
   1  C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
   1  C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\9.0.3.46\AdskLicensingService\AdskLicensingService.exe
   1  C:\Program Files (x86)\Common Files\Foxit\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe
   1  C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
   1  C:\Program Files (x86)\DFX\dfx.exe
   1  C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe
   1  C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp64.exe
   1  C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\FoxitPDFReader.exe
   1  C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
   1  C:\Program Files (x86)\Internet Download Manager\IDMan.exe
   1  C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
   1  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
   1  C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
   1  C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
   1  C:\Program Files (x86)\Stardock\Groupy\GroupyCtrl.exe
   1  C:\Program Files (x86)\Stardock\Groupy\GroupyHelp32.exe
   1  C:\Program Files (x86)\Stardock\Groupy\GroupyHelp64.exe
   1  C:\Program Files (x86)\Stardock\Groupy\GroupySrv.exe
   1  C:\Program Files (x86)\USB Disk Security\USBGuard.exe
   1  C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
   2  C:\Program Files\Everything\Everything.exe
  25  C:\Program Files\Google\Chrome\Application\chrome.exe
   1  C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
   1  C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
   1  C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
   1  C:\Program Files\OO Software\Defrag\oodag.exe
   1  C:\Program Files\TeraCopy\TeraCopyService.exe
   1  C:\Program Files\WindowsApps\40459File-New-Project.EarTrumpet_2.3.0.0_x86__1sdd7yawvg6ne\EarTrumpet\EarTrumpet.exe
   1  C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2433.3.0_x64__cv1g1gvanyjgm\WhatsApp.exe
   1  C:\Program Files\WindowsApps\Microsoft.YourPhone_1.24081.89.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
   1  C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungQuickShare_1.7.55.0_x64__wyx1vj98g3asy\QuickShareService\QuickShareService.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpDefenderCoreService.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MsMpEng.exe
   1  C:\Users\Alper\AppData\Roaming\DesktopOK\DesktopOK_x64.exe
   1  C:\Windows\explorer.exe
   1  C:\Windows\ImmersiveControlPanel\SystemSettings.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   1  C:\Windows\System32\audiodg.exe
   2  C:\Windows\System32\backgroundTaskHost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dasHost.exe
   3  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   2  C:\Windows\System32\nvvsvc.exe
   1  C:\Windows\System32\oobe\UserOOBEBroker.exe
   1  C:\Windows\System32\prevhost.exe
   2  C:\Windows\System32\rundll32.exe
   8  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SecurityHealthSystray.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  75  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\SystemSettingsBroker.exe
   2  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\System32\WUDFHost.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   1  C:\Windows\SysWOW64\vmnat.exe
   1  C:\Windows\SysWOW64\vmnetdhcp.exe
   1  Z:\E\indirilenlerim\Compressed\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyOverride] = *.local
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = hxxps://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = hxxps://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O1 - Hosts: Reset contents to default
O1 - Hosts: 127.0.0.1 activation.acronis.com web-api-tih.acronis.com
O1 - Hosts: 127.0.0.1 activation.acronis.com web-api-tih.acronis.com
O1 - Hosts: 127.0.0.1 liveupdate.acronis.com
O1 - Hosts: 127.0.0.1 download.acronis.com
O1 - Hosts: 127.0.0.1 orders.acronis.com
O1 - Hosts: 127.0.0.1 ns1.acronis.com
O1 - Hosts: 127.0.0.1 ns2.acronis.com
O1 - Hosts: 127.0.0.1 ns3.acronis.com
O1 - Hosts: 127.0.0.1 account.acronis.com
O1 - Hosts: 127.0.0.1 gateway.acronis.com
O1 - Hosts: 127.0.0.1 192.150.14.69
O1 - Hosts: 127.0.0.1 192.150.18.101
O1 - Hosts: 127.0.0.1 192.150.18.108
O1 - Hosts: 127.0.0.1 192.150.22.40
O1 - Hosts: 127.0.0.1 192.150.8.100
O1 - Hosts: 127.0.0.1 192.150.8.118
O1 - Hosts: 127.0.0.1 209-34-83-73.ood.opsource.net
O1 - Hosts: 127.0.0.1 3dns-1.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-4.adobe.com
O1 - Hosts: 127.0.0.1 3dns.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip1.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip2.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip4.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-1.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-4.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe.activate.com
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 crl.verisign.net
O1 - Hosts: 127.0.0.1 CRL.VERISIGN.NET.*
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip1.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip2.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip4.adobe.com
O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com
O1 - Hosts: 127.0.0.1 ood.opsource.net
O1 - Hosts: 127.0.0.1 practivate.adobe
O1 - Hosts: 127.0.0.1 practivate.adobe.*
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.ipp
O1 - Hosts: 127.0.0.1 practivate.adobe.newoa
O1 - Hosts: 127.0.0.1 practivate.adobe.ntp
O1 - Hosts: 127.0.0.1 tss-geotrust-crl.thawte.com
O1 - Hosts: 127.0.0.1 wip.adobe.com
O1 - Hosts: 127.0.0.1 wip1.adobe.com
O1 - Hosts: 127.0.0.1 wip2.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip4.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 license.piriform.com
O1 - Hosts: 127.0.0.1 vvv.license.piriform.com
O1 - Hosts: 127.0.0.1 speccy.piriform.com
O1 - Hosts: 127.0.0.1 vvv.speccy.piriform.com
O1 - Hosts: 127.0.0.1 recuva.piriform.com
O1 - Hosts: 127.0.0.1 vvv.recuva.piriform.com
O1 - Hosts: 127.0.0.1 defraggler.piriform.com
O1 - Hosts: 127.0.0.1 vvv.defraggler.piriform.com
O1 - Hosts: 127.0.0.1 ccleaner.piriform.com
O1 - Hosts: 127.0.0.1 vvv.ccleaner.piriform.com
O1 - Hosts: 127.0.0.1 license-api.ccleaner.com
O2 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (sign: 'Tonec Inc.')
O2-32 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (sign: 'Tonec Inc.')
O4 - ActiveSetup: HKLM\..\{8A69D345-D564-463c-AFF1-A69D9E530F96}: [StubPath] = C:\Program Files\Google\Chrome\Application\128.0.6613.85\Installer\chrmstp.exe --configure-user-settings --verbose-logging --system-level --channel=stable (sign: 'Google LLC')
O4 - HKCU\..\Run: [Clipdiary] = C:\Program Files (x86)\Clipdiary\clipdiary.exe (not signed - no company - 1D91A74383FDA79FFAB4CE66088CAC8505987F41)
O4 - HKCU\..\Run: [DesktopOK] = C:\Users\Alper\AppData\Roaming\DesktopOK\DesktopOK_x64.exe -bg -startup (sign: 'Nenad Hrg')
O4 - HKCU\..\StartupApproved\Run: [BingSvc] = C:\Users\Alper\AppData\Local\Microsoft\BingSvc\BingSvc.exe (2023/08/11) (sign: 'Microsoft')
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\Alper\AppData\Local\Discord\Update.exe --processStart Discord.exe (2022/03/25) (sign: 'Discord Inc.')
O4 - HKCU\..\StartupApproved\Run: [f.lux] = C:\Users\Alper\AppData\Local\FluxSoftware\Flux\flux.exe /noshow (2023/06/21) (sign: 'F.lux Software LLC')
O4 - HKCU\..\StartupApproved\Run: [IDMan] = C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot (2023/02/27) (not signed - Tonec Inc. - 2948C4356C6AE01720FEC22AE131747F84067911)
O4 - HKCU\..\StartupApproved\Run: [Microsoft Edge Update] = C:\Users\Alper\AppData\Local\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateCore.exe (2022/03/25) (sign: 'Microsoft')
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_C2A78EA9E078EE19A41E2485CE0B013E] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --win-session-start (2023/11/10) (sign: 'Microsoft')
O4 - HKCU\..\StartupApproved\Run: [Opera Browser Assistant] = C:\Users\Alper\AppData\Local\Programs\Opera\assistant\browser_assistant.exe (2021/05/18) (sign: 'Opera Software AS')
O4 - HKCU\..\StartupApproved\Run: [SmartSwitchPDLR.exe] = C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPDLR.exe Run Kies4 (2023/11/10) (sign: 'Samsung Electronics Co., Ltd.')
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\Alper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DeskPins.lnk    ->    C:\Program Files (x86)\DeskPins\deskpins.exe (2023/01/27) (not signed - Elias Fotinis - 344E1BC44210594F4AB4AC9BE349E4F906E5D354)
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\Alper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote'a Gönder.lnk    ->    C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE /tsr (2023/08/11) (sign: 'Microsoft')
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\Alper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk    ->    C:\Program Files\Rainmeter\Rainmeter.exe (2023/09/14) (invalid sign: CERT_E_CHAINING - Rainmeter - 9C8F89FE3362B1DDB4140B4AD942C0D8A293F9A1)
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\Alper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Telegram.lnk    ->    C:\Users\Alper\AppData\Roaming\Telegram Desktop\Telegram.exe -autostart (2023/02/06) (not signed - Telegram FZ-LLC - 875C6E432182411C008BA9478D3E2B234444BBDF)
O4 - HKLM\..\Run: [Everything] = C:\Program Files\Everything\Everything.exe -startup (sign: 'voidtools')
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations] = C:\Program Files\Google\Chrome\Temp -> DELETE (file missing)
O4 - HKLM\..\StartupApproved\Run: [Acronis Scheduler2 Service] = C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (2023/02/12) (sign: 'Acronis International GmbH')
O4 - HKLM\..\StartupApproved\Run: [AdobeAAMUpdater-1.0] = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (2023/02/27) (sign: 'Adobe Systems Incorporated')
O4 - HKLM\..\StartupApproved\Run: [Cobian Reflector] = C:\Program Files\Cobian Reflector\Cobian.Reflector.Application.exe (2023/02/23) (sign: 'Luis Cobian Dorta')
O4 - HKLM\..\StartupApproved\Run: [HotKeysCmds] = C:\Windows\system32\hkcmd.exe (2021/05/17) (sign: 'Intel(R) pGFX')
O4 - HKLM\..\StartupApproved\Run: [IgfxTray] = C:\Windows\system32\igfxtray.exe (2021/05/17) (sign: 'Intel(R) pGFX')
O4 - HKLM\..\StartupApproved\Run: [Persistence] = C:\Windows\system32\igfxpers.exe (2021/05/17) (sign: 'Intel(R) pGFX')
O4 - HKLM\..\StartupApproved\Run: [Reflect UI] = C:\Program Files\Macrium\Common\ReflectUI.exe (2023/02/06) (invalid sign: TRUST_E_BAD_DIGEST - Paramount Software UK Ltd - 3CB8C7991D57971CB4D49C9F89DFA7BD1EC813E6)
O4 - HKLM\..\StartupApproved\Run: [WindowsMasterUI] = C:\Program Files\Microsoft PC Manager\MSPCManager.exe --Source=Auto --Activate=False (2024/02/12) (sign: 'Microsoft')
O4 - HKLM\..\StartupApproved\Run32: [AcronisTibMounterMonitor] = C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe (2023/07/03) (sign: 'Acronis International GmbH')
O4 - HKLM\..\StartupApproved\Run32: [AdobeCS6ServiceManager] = C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin (2023/02/27) (sign: 'Adobe Systems Incorporated')
O4 - HKLM\..\StartupApproved\Run32: [PWRISOVM.EXE] = C:\Program Files\PowerISO\PWRISOVM.EXE -startup (2021/05/30) (sign: 'Power Software Limited')
O4 - HKLM\..\StartupApproved\Run32: [SwitchBoard] = C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (2023/02/27) (invalid sign: CERT_E_CHAINING - Adobe Systems Incorporated - 679F13F7B14613F3AD93E7CBC04D1B5241741723)
O4 - HKLM\..\StartupApproved\Run32: [TrueImageMonitor.exe] = C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (2021/05/17) (sign: 'Acronis International GmbH')
O4 - HKLM\..\StartupApproved\Run32: [vmware-tray.exe] = C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe (2021/05/18) (sign: 'VMware, Inc.')
O4 - HKU\S-1-5-19\..\StartupApproved\Run: [OneDriveSetup] = C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (2023/05/24) (sign: 'Microsoft')
O4 - HKU\S-1-5-20\..\StartupApproved\Run: [OneDriveSetup] = C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (2023/05/24) (sign: 'Microsoft')
O4 - MountPoints2: HKCU\..\F\shell\AutoRun\command: (default) = F:\setup.exe (file missing)
O4-32 - HKLM\..\Run: [FxSound] = C:\Program Files (x86)\DFX\dfx.exe -startup (invalid sign: TRUST_E_BAD_DIGEST - no company - C955C7C09E673F01451BD3C69493A9A9FE871BF2)
O4-32 - HKLM\..\Run: [USB Security] = C:\Program Files (x86)\USB Disk Security\USBGuard.exe (sign: 'Lanzhou Itanium Software Technology Co., Ltd.')
O4-32 - HKLM\..\RunOnce: [ccleaner_update_helper] = C:\Program Files\CCleaner\ccleaner_update_helper.exe (sign: 'PIRIFORM SOFTWARE LIMITED')
O5 - Applet: C:\Windows\System32\plotman.cpl (sign: 'Autodesk, Inc.')
O5 - Applet: C:\Windows\System32\RTSnMg64.cpl (sign: 'Realtek Semiconductor Corp')
O5 - Applet: C:\Windows\System32\styleman.cpl (sign: 'Autodesk, Inc.')
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders, {374DE290-123F-4565-9164-39C4925E467B} = Z:\E\indirilenlerim
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders, {374DE290-123F-4565-9164-39C4925E467B} = Z:\E\indirilenlerim
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders, Desktop = C:\Users\Alper\Desktop
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders, My Pictures = C:\Users\Alper\Pictures
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders, Personal = C:\Users\Alper\Documents
O7 - Policy: (UAC) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System: [PromptOnSecureDesktop] = 0
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\IDM ile indir: (default) = C:\Program Files (x86)\Internet Download Manager\IEExt.htm (not signed - no company - 1A49C5F7A98580F8002AC1D6115AB39CB753975B)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Se&nd to OneNote: (default) = C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll (file missing)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Tüm bağlantıları IDM ile indir: (default) = C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm (not signed - no company - 6FF2653314DDAD254AD252B1867D0925B30BB196)
O10 - Unknown file in Winsock LSP: C:\Program Files (x86)\Bonjour\mdnsNSP.dll (sign: 'Apple Inc.')
O17 - DHCP DNS 1: 8.8.8.8 (Well-known DNS: Google)
O17 - DHCP DNS 2: 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{0006f2d4-b50f-4d7a-b865-9581653269a8}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{0006f2d4-b50f-4d7a-b865-9581653269a8}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_25_10_39287.dll (sign: 'Acronis International GmbH')
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll (sign: 'Tonec Inc.')
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Users\Alper\AppData\Local\MEGAsync\ShellExtX64.dll (sign: 'Mega Limited')
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Windows\system32\AcSignIcon.dll (sign: 'Autodesk, Inc.')
O22 - Task (.job): CCleanerCrashReporting.job - C:\Program Files\CCleaner\CCleanerBugReport.exe (sign: 'PIRIFORM SOFTWARE LIMITED')
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Google (empty)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HP (empty)
O22 - Tasks: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\Windows\system32\MusNotification.exe /RunOnAC Reboot (sign: 'Microsoft')
O22 - Tasks: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\Windows\system32\MusNotification.exe /RunOnBattery Reboot (sign: 'Microsoft')
O22 - Tasks: (disabled) \Agent Activation Runtime\S-1-5-21-2353887585-3353250695-3115532236-1001 - C:\Windows\System32\AgentActivationRuntimeStarter.exe (sign: 'Microsoft')
O22 - Tasks: (disabled) \MEGA\MEGAsync Update Task S-1-5-21-2353887585-3353250695-3115532236-1001 - C:\Users\Alper\AppData\Local\MEGAsync\MEGAupdater.exe (sign: 'Mega Limited')
O22 - Tasks: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\Windows\system32\fclip.exe (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (sign: 'Microsoft')
O22 - Tasks: (disabled) CCleanerCrashReporting - C:\Program Files\CCleaner\CCleanerBugReport.exe --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "45617df3-f429-42df-809d-085bc182ec24" --version "6.14.10584" --silent (sign: 'PIRIFORM SOFTWARE LIMITED')
O22 - Tasks: (disabled) OneDrive Standalone Update Task-S-1-5-21-2353887585-3353250695-3115532236-500 - C:\Users\Alper\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (file missing)
O22 - Tasks: (disabled) SamsungMagician - C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe /AUTOHIDE (sign: 'Samsung Electronics Co., Ltd.')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (sign: 'Microsoft')
O22 - Tasks: \GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem129.0.6651.2{4EAD3ECD-1618-499C-B7D7-61C73A5A4094} - C:\Program Files (x86)\Google\GoogleUpdater\129.0.6651.2\updater.exe --wake --system (sign: 'Google LLC')
O22 - Tasks: \Mozilla\Firefox Default Browser Agent E7CF176E110C211B - C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B" (sign: 'Mozilla Corporation')
O22 - Tasks: CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe (sign: 'PIRIFORM SOFTWARE LIMITED')
O22 - Tasks: CCleanerSkipUAC - Alper - C:\Program Files\CCleaner\CCleaner.exe $(Arg0) (sign: 'PIRIFORM SOFTWARE LIMITED')
O22 - Tasks: klcp_update - C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe /verysilent /update /freq=30 (not signed - no company - 745559FF74A560957B438DBD3287D1054A76B68B)
O22 - Tasks: MicrosoftEdgeUpdateTaskUserS-1-5-21-2353887585-3353250695-3115532236-1001Core - C:\Users\Alper\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /c (sign: 'Microsoft')
O22 - Tasks: MicrosoftEdgeUpdateTaskUserS-1-5-21-2353887585-3353250695-3115532236-1001UA - C:\Users\Alper\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /ua /installsource scheduler (sign: 'Microsoft')
O22 - Tasks: OneDrive Standalone Update Task-S-1-5-21-1058129444-4087973727-844704433-500 - C:\Users\Alper\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (file missing)
O22 - Tasks: Opera scheduled assistant Autoupdate 1621283805 - C:\Users\Alper\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Alper\AppData\Local\Programs\Opera\assistant" $(Arg0) (sign: 'Opera Software AS')
O22 - Tasks: Opera scheduled Autoupdate 1621283799 - C:\Users\Alper\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (sign: 'Opera Software AS')
O23 - Service R2: Acronis Nonstop Backup Service - (afcdpsrv) - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (sign: 'Acronis International GmbH')
O23 - Service R2: Autodesk Desktop Licensing Service - (AdskLicensingService) - C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe (sign: 'Autodesk, Inc.')
O23 - Service R2: CCleaner Performance Optimizer Service - (CCleanerPerformanceOptimizerService) - C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe (sign: 'PIRIFORM SOFTWARE LIMITED')
O23 - Service R2: Everything - C:\Program Files\Everything\Everything.exe -svc (sign: 'voidtools')
O23 - Service R2: FlexNet Licensing Service - C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe (sign: 'Flexera Software LLC')
O23 - Service R2: Foxit PDF Reader Update Service - (FoxitReaderUpdateService) - C:\Program Files (x86)\Common Files\Foxit\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe (sign: 'FOXIT SOFTWARE INC.')
O23 - Service R2: Microsoft Defender Core Service - (MDCoreSvc) - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpDefenderCoreService.exe (sign: 'Microsoft')
O23 - Service R2: NVIDIA Display Driver Service - (nvsvc) - C:\Windows\system32\nvvsvc.exe (sign: 'NVIDIA Corporation')
O23 - Service R2: NVIDIA Stereoscopic 3D Driver Service - (Stereo Service) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (sign: 'NVIDIA Corporation')
O23 - Service R2: O&O Defrag - (OODefragAgent) - C:\Program Files\OO Software\Defrag\oodag.exe (sign: 'O&O Software GmbH')
O23 - Service R2: Quick Share - (Quick Share Service) - C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungQuickShare_1.7.55.0_x64__wyx1vj98g3asy\QuickShareService\QuickShareService.exe (not signed - no company - 8C391B31E8257D23A4D67E9D56CAF57FC8D17FC0)
O23 - Service R2: SAMSUNG Mobile Connectivity Service - (ss_conn_service) - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (sign: 'Samsung Electronics CO., LTD.')
O23 - Service R2: SAMSUNG Mobile Connectivity Service V2 - (ss_conn_service2) - C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe (sign: 'Samsung Electronics Co., Ltd.')
O23 - Service R2: Stardock Groupy - (Groupy) - C:\Program Files (x86)\Stardock\Groupy\GroupySrv.exe (sign: 'STARDOCK SYSTEMS, INC.')
O23 - Service R2: TeraCopy Service - (TeraCopyService.exe) - C:\Program Files\TeraCopy\TeraCopyService.exe (sign: 'Code Sector')
O23 - Service R2: VMware DHCP Service - (VMnetDHCP) - C:\Windows\SysWOW64\vmnetdhcp.exe (sign: 'VMware, Inc.')
O23 - Service R2: VMware NAT Service - C:\Windows\SysWOW64\vmnat.exe (sign: 'VMware, Inc.')
O23 - Service R3: Intel(R) Security Assist - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe (not signed - Intel Corporation - 2CB81A3DD394504C855056DF869CC00470753AF3)
O23 - Service R3: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (sign: 'Malwarebytes Inc.') (+safe mode)
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc (sign: 'Google LLC')
O23 - Service S2: GoogleUpdater InternalService 129.0.6651.2 (GoogleUpdaterInternalService129.0.6651.2) - (GoogleUpdaterInternalService129.0.6651.2) - C:\Program Files (x86)\Google\GoogleUpdater\129.0.6651.2\updater.exe --system --windows-service --service=update-internal (sign: 'Google LLC')
O23 - Service S2: GoogleUpdater Service 129.0.6651.2 (GoogleUpdaterService129.0.6651.2) - (GoogleUpdaterService129.0.6651.2) - C:\Program Files (x86)\Google\GoogleUpdater\129.0.6651.2\updater.exe --system --windows-service --service=update (sign: 'Google LLC')
O23 - Service S2: Intel(R) Security Assist Helper - (isaHelperSvc) - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe (not signed - no company - E2CAAD27F718CB9FEF12AC616CBA3F3917FCF922)
O23 - Service S2: x827206 - C:\Windows\System32\svchost.exe -k DcomLaunch; "ServiceDll" = C:\Windows\System32\x827206.dat (file missing)
O23 - Service S3: Adobe SwitchBoard - (SwitchBoard) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (invalid sign: CERT_E_CHAINING - Adobe Systems Incorporated - 679F13F7B14613F3AD93E7CBC04D1B5241741723)
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\128.0.6613.85\elevation_service.exe (sign: 'Google LLC')
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc (sign: 'Google LLC')
O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe (sign: 'Intel® Trusted Connect Service')
O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\Windows\SysWow64\IntelCpHeciSvc.exe (sign: 'Intel(R) pGFX')
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (sign: 'Mozilla Corporation')
O23 - Service S3: wampapache - J:\wamp\bin\apache\apache2.2.22\bin\httpd.exe -k runservice (not signed - Apache Software Foundation - 01F83EE6059BE738299C38B68909A35767A24897)
O23 - Service S3: wampmysqld - J:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe wampmysqld (not signed - no company - 8F342B0C613B67BBC4F717F1E5AD17CCD6BB4EBF)
O23 - Driver R: PowerISO Virtual Drive - C:\Windows\System32\Drivers\SCDEmu.SYS (sign: 'Power Software Limited')
O23 - Driver R: VMware virtual network driver (64-bit) - C:\Windows\system32\DRIVERS\VMNET.SYS (sign: 'Microsoft' - VMware, Inc.)
O23 - Driver R0: Acronis File Tracker Driver - (file_tracker) - C:\Windows\system32\DRIVERS\file_tracker.sys (sign: 'Acronis International GmbH')
O23 - Driver R0: Acronis Snapshots Manager - (snapman) - C:\Windows\system32\DRIVERS\snapman.sys (sign: 'Acronis International GmbH')
O23 - Driver R0: Acronis Storage Filter Management - (fltsrv) - C:\Windows\system32\DRIVERS\fltsrv.sys (+safe mode) (sign: 'Acronis International GmbH')
O23 - Driver R0: Acronis Volume Tracker - (volume_tracker) - C:\Windows\system32\DRIVERS\volume_tracker.sys (+safe mode) (sign: 'Acronis International GmbH')
O23 - Driver R0: Macrium Change Block Tracker - (mrcbt) - C:\Windows\system32\drivers\mrcbt.sys (sign: 'Microsoft' - Windows (R) Win 7 DDK provider)
O23 - Driver R0: mrigflt - C:\Windows\system32\drivers\mrigflt.sys (sign: 'Microsoft' - Windows (R) Win 7 DDK provider)
O23 - Driver R0: PxHlpa64 - C:\Windows\System32\Drivers\PxHlpa64.sys (+safe mode) (sign: 'Sonic Solutions')
O23 - Driver R0: VMware VMCI Bus Driver - (vmci) - C:\Windows\System32\drivers\vmci.sys (+safe mode) (sign: 'Microsoft' - VMware, Inc.)
O23 - Driver R0: vSockets Virtual Machine Communication Interface Sockets driver - (vsock) - C:\Windows\system32\DRIVERS\vsock.sys (+safe mode) (sign: 'Microsoft' - VMware, Inc.)
O23 - Driver R1: ngscan - C:\Windows\system32\DRIVERS\ngscan.sys (sign: 'Acronis International GmbH')
O23 - Driver R1: VMware Input Filter and Injection Driver (vmkbd) - (vmkbd3) - C:\Windows\system32\DRIVERS\vmkbd.sys (sign: 'VMware, Inc.')
O23 - Driver R2: Acronis File Protector Driver - (file_protector) - C:\Windows\system32\DRIVERS\file_protector.sys (sign: 'Acronis International GmbH')
O23 - Driver R2: Acronis TIB Mounter - (tib_mounter) - C:\Windows\system32\DRIVERS\tib_mounter.sys (sign: 'Acronis International GmbH')
O23 - Driver R2: Acronis Virtual File Driver - (virtual_file) - C:\Windows\system32\DRIVERS\virtual_file.sys (+safe mode) (sign: 'Acronis International GmbH')
O23 - Driver R2: BdDci Service - (BdDci) - C:\Windows\system32\DRIVERS\bddci.sys (sign: 'Bitdefender SRL')
O23 - Driver R2: IDMWFP - C:\Windows\system32\DRIVERS\idmwfp.sys (sign: 'Microsoft' - Tonec Inc.)
O23 - Driver R2: MBAMChameleon - (mbamchameleon) - C:\Windows\System32\Drivers\MbamChameleon.sys (sign: 'Microsoft' - Malwarebytes)
O23 - Driver R2: Mrvdp - C:\Windows\system32\drivers\mrvdp.sys (sign: 'Paramount Software UK Ltd')
O23 - Driver R2: Mrvmdk - C:\Windows\system32\drivers\mrvmdk.sys (sign: 'Microsoft' - Windows (R) Win 7 DDK provider)
O23 - Driver R2: VMware Bridge Protocol - (VMnetBridge) - C:\Windows\system32\DRIVERS\vmnetbridge.sys (+safe mode) (sign: 'Microsoft' - VMware, Inc.)
O23 - Driver R2: VMware hcmon - (hcmon) - C:\Windows\system32\DRIVERS\hcmon.sys (sign: 'VMware, Inc.')
O23 - Driver R2: VMware Virtual Ethernet Userif for VMnet - (VMnetuserif) - C:\Windows\system32\DRIVERS\vmnetuserif.sys (+safe mode) (sign: 'Microsoft' - VMware, Inc.)
O23 - Driver R2: VMware vmx86 - (vmx86) - C:\Windows\system32\DRIVERS\vmx86.sys (sign: 'Microsoft' - VMware, Inc.)
O23 - Driver R2: WiseFs - C:\Windows\WiseFs64.sys (sign: 'Microsoft' - no company)
O23 - Driver R3: DFX Audio Enhancer - (DFX12) - C:\Windows\system32\drivers\dfx12x64.sys (sign: 'Power Technology')
O23 - Driver R3: igfx - C:\Windows\system32\DRIVERS\igdkmd64.sys (sign: 'Microsoft' - Intel Corporation)
O23 - Driver R3: Intel(R) Management Engine Interface  - (MEIx64) - C:\Windows\System32\drivers\TeeDriverW8x64.sys (sign: 'Intel Corporation - Embedded Subsystems and IP Blocks Group')
O23 - Driver R3: MBAMSwissArmy - C:\Windows\System32\Drivers\mbamswissarmy.sys (sign: 'Microsoft' - Malwarebytes)
O23 - Driver R3: nvlddmkm - C:\Windows\system32\DRIVERS\nvlddmkm.sys (sign: 'NVIDIA Corporation')
O23 - Driver R3: Service for NVIDIA High Definition Audio Driver - (NVHDA) - C:\Windows\system32\drivers\nvhda64v.sys (sign: 'NVIDIA Corporation')
O23 - Driver R3: Service for Realtek HD Audio (WDM) - (IntcAzAudAddService) - C:\Windows\system32\drivers\RTKVHD64.sys (sign: 'Realtek Semiconductor Corp')
O23 - Driver R3: VMware Virtual Ethernet Adapter Driver - (VMnetAdapter) - C:\Windows\system32\DRIVERS\vmnetadapter.sys (+safe mode) (sign: 'Microsoft' - VMware, Inc.)
O23 - Driver S3: @oem16.inf,%VBoxNetAdp6Service_Desc%;VirtualBox NDIS 6.0 Miniport Service - (VBoxNetAdp) - C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys (+safe mode) (sign: 'Oracle Corporation')
O23 - Driver S3: @oem22.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM) - (nvvad_WaveExtensible) - C:\Windows\system32\drivers\nvvad64v.sys (sign: 'NVIDIA Corporation')
O23 - Driver S3: Acronis TIB Manager - (tib) - C:\Windows\system32\DRIVERS\tib.sys (+safe mode) (sign: 'Acronis International GmbH')
O23 - Driver S3: Acronis Try&Decide filter - (tnd) - C:\Windows\system32\DRIVERS\tnd.sys (+safe mode) (sign: 'Acronis International GmbH')
O23 - Driver S3: AsrDrv101 - C:\Windows\SysWOW64\Drivers\AsrDrv101.sys (sign: 'ASROCK Incorporation')
O23 - Driver S3: DFX Audio Enhancer 11.1 - (DFX11_1) - C:\Windows\system32\drivers\dfx11_1x64.sys (sign: 'Power Technology')
O23 - Driver S3: Intel(R) Serial IO GPIO Controller Driver - (iaLPSSi_GPIO) - C:\Windows\System32\drivers\iaLPSSi_GPIO.sys (sign: 'Intel Corporation - Client Components Group')
O23 - Driver S3: Mrvhdx - C:\Windows\system32\drivers\mrvhdx.sys (sign: 'Microsoft' - Windows (R) Win 7 DDK provider)
O23 - Driver S3: SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.) - (ssudmdm) - C:\Windows\system32\DRIVERS\ssudmdm.sys (sign: 'Samsung Electronics CO., LTD.')
O23 - Driver S3: SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.) - (dg_ssudbus) - C:\Windows\system32\DRIVERS\ssudbus2.sys (+safe mode) (sign: 'Samsung Electronics CO., LTD.')
O23 - Driver S3: SliceDisk5 - C:\Program Files\A-FF Find and Mount\slicedisk-x64.sys (sign: 'OOO Sfera-Tehno')
O23 - Driver S3: VMware USB Client Driver - (vmusb) - C:\Windows\System32\drivers\vmusb.sys (sign: 'VMware, Inc.')
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'VBoxNetAdp'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'VMnetAdapter'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'VMnetuserif'
O26 - Debugger: HKLM\..\notepad.exe: [Debugger] = C:\Program Files\Notepad2\Notepad2.exe /z (not signed - no company - F8F9C191D37B643A20870AB8D0AF39780C4677FF)
O26 - Tools: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\DefragPath (default) = C:\Program Files\OO Software\Defrag\oodcnt.exe
O27 - Account: (Bad profile) Folder is not referenced by any of user SIDs: C:\Users\Administrator
O27 - Account: (Bad profile) Folder is not referenced by any of user SIDs: C:\Users\Guest
O27 - Account: (Bad profile) Folder is not referenced by any of user SIDs: C:\Users\VarsayılanHesap
O27 - Account: (Bad profile) Folder is not referenced by any of user SIDs: C:\Users\WDAGUtilityAccount


--
End of file - Time spent: 43 sec. - 75038 bytes, CRC32: FFFFFFFF. Sign: ም鲐
 
kamilson dedi:
Malware ve sistem performansı için yardım istiyorum.
Genişletmek için tıkla...
Stardock, Malwarebytes, OO Software, DesktopOK, Internet Download Manager, Intel(R) Security Assist, flux gibi yazılımlar başlangıçta açık olduğu için sistem açılışına çok yük bindirir. Gereksiz olanları kaldırıp. Temiz önyükleme yapmanız gerekli.

Bunları fixleyin dediklerimi uygulayacaksanız:
Kod: 
O4 - ActiveSetup: HKLM\..\{8A69D345-D564-463c-AFF1-A69D9E530F96}: [StubPath] = C:\Program Files\Google\Chrome\Application\128.0.6613.85\Installer\chrmstp.exe --configure-user-settings --verbose-logging --system-level --channel=stable (sign: 'Google LLC')
O4 - HKCU\..\Run: [Clipdiary] = C:\Program Files (x86)\Clipdiary\clipdiary.exe (not signed - no company - 1D91A74383FDA79FFAB4CE66088CAC8505987F41)
O4 - HKCU\..\Run: [DesktopOK] = C:\Users\Alper\AppData\Roaming\DesktopOK\DesktopOK_x64.exe -bg -startup (sign: 'Nenad Hrg')
O4 - HKCU\..\StartupApproved\Run: [BingSvc] = C:\Users\Alper\AppData\Local\Microsoft\BingSvc\BingSvc.exe (2023/08/11) (sign: 'Microsoft')
O4 - HKCU\..\StartupApproved\Run: [f.lux] = C:\Users\Alper\AppData\Local\FluxSoftware\Flux\flux.exe /noshow (2023/06/21) (sign: 'F.lux Software LLC')
O4 - HKCU\..\StartupApproved\Run: [IDMan] = C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot (2023/02/27) (not signed - Tonec Inc. - 2948C4356C6AE01720FEC22AE131747F84067911)
O4 - HKCU\..\StartupApproved\Run: [Microsoft Edge Update] = C:\Users\Alper\AppData\Local\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateCore.exe (2022/03/25) (sign: 'Microsoft')
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_C2A78EA9E078EE19A41E2485CE0B013E] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --win-session-start (2023/11/10) (sign: 'Microsoft')
O4 - HKCU\..\StartupApproved\Run: [Opera Browser Assistant] = C:\Users\Alper\AppData\Local\Programs\Opera\assistant\browser_assistant.exe (2021/05/18) (sign: 'Opera Software AS')
O4 - HKCU\..\StartupApproved\Run: [SmartSwitchPDLR.exe] = C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPDLR.exe Run Kies4 (2023/11/10) (sign: 'Samsung Electronics Co., Ltd.')
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\Alper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DeskPins.lnk    ->    C:\Program Files (x86)\DeskPins\deskpins.exe (2023/01/27) (not signed - Elias Fotinis - 344E1BC44210594F4AB4AC9BE349E4F906E5D354)
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\Alper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote'a Gönder.lnk    ->    C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE /tsr (2023/08/11) (sign: 'Microsoft')
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\Alper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk    ->    C:\Program Files\Rainmeter\Rainmeter.exe (2023/09/14) (invalid sign: CERT_E_CHAINING - Rainmeter - 9C8F89FE3362B1DDB4140B4AD942C0D8A293F9A1)
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\Alper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Telegram.lnk    ->    C:\Users\Alper\AppData\Roaming\Telegram Desktop\Telegram.exe -autostart (2023/02/06) (not signed - Telegram FZ-LLC - 875C6E432182411C008BA9478D3E2B234444BBDF)
O4 - HKLM\..\Run: [Everything] = C:\Program Files\Everything\Everything.exe -startup (sign: 'voidtools')
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations] = C:\Program Files\Google\Chrome\Temp -> DELETE (file missing)
O4 - HKLM\..\StartupApproved\Run: [Acronis Scheduler2 Service] = C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (2023/02/12) (sign: 'Acronis International GmbH')
O4 - HKLM\..\StartupApproved\Run: [AdobeAAMUpdater-1.0] = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (2023/02/27) (sign: 'Adobe Systems Incorporated')
O4 - HKLM\..\StartupApproved\Run: [Cobian Reflector] = C:\Program Files\Cobian Reflector\Cobian.Reflector.Application.exe (2023/02/23) (sign: 'Luis Cobian Dorta')
O4 - HKLM\..\StartupApproved\Run: [Reflect UI] = C:\Program Files\Macrium\Common\ReflectUI.exe (2023/02/06) (invalid sign: TRUST_E_BAD_DIGEST - Paramount Software UK Ltd - 3CB8C7991D57971CB4D49C9F89DFA7BD1EC813E6)
O4 - HKLM\..\StartupApproved\Run: [WindowsMasterUI] = C:\Program Files\Microsoft PC Manager\MSPCManager.exe --Source=Auto --Activate=False (2024/02/12) (sign: 'Microsoft')
O4 - HKLM\..\StartupApproved\Run32: [AcronisTibMounterMonitor] = C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe (2023/07/03) (sign: 'Acronis International GmbH')
O4 - HKLM\..\StartupApproved\Run32: [PWRISOVM.EXE] = C:\Program Files\PowerISO\PWRISOVM.EXE -startup (2021/05/30) (sign: 'Power Software Limited')
O4 - HKLM\..\StartupApproved\Run32: [TrueImageMonitor.exe] = C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (2021/05/17) (sign: 'Acronis International GmbH')
O4 - MountPoints2: HKCU\..\F\shell\AutoRun\command: (default) = F:\setup.exe (file missing)
O4-32 - HKLM\..\RunOnce: [ccleaner_update_helper] = C:\Program Files\CCleaner\ccleaner_update_helper.exe (sign: 'PIRIFORM SOFTWARE LIMITED')
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders, {374DE290-123F-4565-9164-39C4925E467B} = Z:\E\indirilenlerim
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders, {374DE290-123F-4565-9164-39C4925E467B} = Z:\E\indirilenlerim
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders, Desktop = C:\Users\Alper\Desktop
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders, My Pictures = C:\Users\Alper\Pictures
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders, Personal = C:\Users\Alper\Documents
O7 - Policy: (UAC) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System: [PromptOnSecureDesktop] = 0
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Users\Alper\AppData\Local\MEGAsync\ShellExtX64.dll (sign: 'Mega Limited')
O22 - Task (.job): CCleanerCrashReporting.job - C:\Program Files\CCleaner\CCleanerBugReport.exe (sign: 'PIRIFORM SOFTWARE LIMITED')
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Google (empty)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HP (empty)
O23 - Service R2: CCleaner Performance Optimizer Service - (CCleanerPerformanceOptimizerService) - C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe (sign: 'PIRIFORM SOFTWARE LIMITED')
Bunların ardından sfc /scannow yapsanız iyi olur.
 
Görev Yöneticisini açtığım anda CPU kullanımı yüzde altmışlardan sekizlere düşüyor, yarım saat önce usb yardımıyla format atmama rağmen, virüsten şüpheleniyorum.

Kod: 
Logfile of HiJackThis+ (Plus) build 2024-04-18 Alpha v.3.4.0.9

Platform:  x64 Windows 10 (Pro), 10.0.19045.3803 (ReleaseId: 2009, 22H2), Service Pack: 0
Time:      31.08.2024 - 18:55 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Memory:    11820 MiB Free. Loading RAM (29 %), CPU (4 %)
Elevated:  Yes
Ran by:    emre    (group: Administrators; type: Local) on DESKTOP-FBPVKN9, FirstRun: yes

Chrome:  128.0.6613.114
Firefox: 129.0.2.591
Internet Explorer: 11.0.19041.3636
Default: "C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe" --single-argument %1 (Brave)

Boot mode: Normal (Secure Boot: On)

Running processes:
Number | Path
   1  C:\Program Files (x86)\MSI\MSI Center\AI Engine\PowerModeWatcher.exe
   1  C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe
   1  C:\Program Files (x86)\MSI\MSI Center\Engine\CC_Engine_x64.exe
   1  C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe
   1  C:\Program Files (x86)\MSI\MSI Center\MSI.TerminalServer.exe
   1  C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe
   1  C:\Program Files\AMD\CNext\CNext\amdow.exe
   1  C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
   1  C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
   1  C:\Program Files\AMD\CNext\CNext\cncmd.exe
   1  C:\Program Files\AMD\CNext\CNext\CPUMetricsServer.exe
   1  C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
  20  C:\Program Files\Google\Chrome\Application\chrome.exe
   1  C:\Program Files\Windows Defender\MsMpEng.exe
   1  C:\Program Files\Windows Defender\NisSrv.exe
   1  C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICenter_2.0.41.0_x64__kzh8wxbdkxb8p\DCv2\DCv2.exe
   1  C:\Program Files\WinRAR\WinRAR.exe
   1  C:\Riot Games\Riot Client\RiotClientCrashHandler.exe
   6  C:\Riot Games\Riot Client\RiotClientElectron\Riot Client.exe
   2  C:\Riot Games\Riot Client\RiotClientServices.exe
   1  C:\Users\emre\Desktop\HiJackThis.exe
   1  C:\Windows\explorer.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   1  C:\Windows\System32\audiodg.exe
   1  C:\Windows\System32\cmd.exe
   1  C:\Windows\System32\CompPkgSrv.exe
   4  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_5f2cd636dbc40dd2\amdfendrsr.exe
   2  C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_32b266092fc6592d\RtkAudUService64.exe
   1  C:\Windows\System32\DriverStore\FileRepository\u0405470.inf_amd64_2e71ce0e27c179e1\B404884\atieclxx.exe
   1  C:\Windows\System32\DriverStore\FileRepository\u0405470.inf_amd64_2e71ce0e27c179e1\B404884\atiesrxx.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   5  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchFilterHost.exe
   1  C:\Windows\System32\SearchIndexer.exe
   2  C:\Windows\System32\SearchProtocolHost.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SecurityHealthSystray.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  65  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\SystemSettingsBroker.exe
   2  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   2  C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

O4 - ActiveSetup: HKLM\..\{8A69D345-D564-463c-AFF1-A69D9E530F96}: [StubPath] = C:\Program Files\Google\Chrome\Application\128.0.6613.114\Installer\chrmstp.exe --configure-user-settings --verbose-logging --system-level --channel=stable (sign: 'Google LLC')
O4 - ActiveSetup: HKLM\..\{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}: [StubPath] = C:\Program Files\BraveSoftware\Brave-Browser\Application\128.1.69.160\Installer\chrmstp.exe --configure-user-settings --verbose-logging --system-level (sign: 'Brave Software, Inc.')
O4 - HKCU\..\Run: [AMDNoiseSuppression] = C:\Windows\system32\AMD\ANR\AMDNoiseSuppression.exe (file missing)
O4 - HKCU\..\Run: [RiotClient] = C:\Riot Games\Riot Client\RiotClientServices.exe --launch-background-mode (sign: 'Riot Games, Inc.')
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\emre\AppData\Local\Discord\Update.exe --processStart Discord.exe (2024/08/31) (sign: 'Discord Inc.')
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_E4B6158330865F68A7A950146713DC84] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start (2024/08/31) (sign: 'Microsoft')
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\emre\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2024/08/31) (sign: 'Microsoft')
O4 - HKCU\..\StartupApproved\Run: [Spotify] = C:\Users\emre\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized (2024/08/31) (sign: 'Spotify AB')
O4 - HKCU\..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2024/08/31) (sign: 'Valve Corp.')
O4 - HKLM\..\Run: [Riot Vanguard] = C:\Program Files\Riot Vanguard\vgtray.exe (sign: 'Riot Games, Inc.')
O4 - HKLM\..\Run: [RtkAudUService] = C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_32b266092fc6592d\RtkAudUService64.exe -background (sign: 'Realtek Semiconductor Corp.')
O17 - DHCP DNS 1: 1.1.1.1 (Well-known DNS: Cloudflare / APNIC)
O17 - DHCP DNS 2: 1.0.0.1 (Well-known DNS: Cloudflare / APNIC)
O22 - BITS Job: (download) {9DAE7F4E-1FE2-4A76-92B7-34F8FA246881} - hxxp://edgedl.me.gvt1.com/edgedl/release2/chrome_component/ad4yxgp7ngdthbmnljttvjzk5vka_20240820.666556390.14/obedbbhbpmojnkanicioggnmelmoomoc_20240820.666556390.14_all_TR500000_ejbkov7a6ebf4kv2fqz6mgjxk4.crx3 -> C:\Users\emre\AppData\Local\Temp\chrome_BITS_3712_1927040929\obedbbhbpmojnkanicioggnmelmoomoc_20240820.666556390.14_all_TR500000_ejbkov7a6ebf4kv2fqz6mgjxk4.crx3
O22 - BITS Job: (download) {E6C5C255-61CB-4F83-813C-D63A0279AC4D} - hxxp://edgedl.me.gvt1.com/edgedl/release2/chrome_component/acwcdm4bj7lx4xbm2ireywxlhvca_4.10.2710.0/oimompecagnajdejgnnjijobebaeigek_4.10.2710.0_win64_adsurwm4gclupf32xdrpgdnapira.crx3 -> C:\Users\emre\AppData\Local\Temp\chrome_BITS_6868_2057600893\oimompecagnajdejgnnjijobebaeigek_4.10.2710.0_win64_adsurwm4gclupf32xdrpgdnapira.crx3
O22 - BITS Job: Fix all (including legit)
O22 - Task (.job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\Windows\explorer.exe (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\Windows\system32\fclip.exe (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (sign: 'Microsoft')
O22 - Tasks: \GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{19057630-E4C3-4351-8F4C-DEEF37A654BA} - C:\Program Files (x86)\Google\GoogleUpdater\130.0.6679.0\updater.exe --wake --system (sign: 'Google LLC')
O22 - Tasks: \Mozilla\Firefox Background Update S-1-5-21-298814588-93093852-3401933221-1001 308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate (sign: 'Mozilla Corporation')
O22 - Tasks: \Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" (sign: 'Mozilla Corporation')
O22 - Tasks: AMDInstallLauncher - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe /InstallAUEP (sign: 'Advanced Micro Devices')
O22 - Tasks: AMDLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -AMDLinkUpdate (sign: 'Advanced Micro Devices')
O22 - Tasks: AMDRyzenMasterSDKTask - C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe (sign: 'Advanced Micro Devices')
O22 - Tasks: BraveSoftwareUpdateTaskMachineCore{D1F3A171-D864-4933-B473-72D836A04B87} - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /c (sign: 'Brave Software, Inc.')
O22 - Tasks: BraveSoftwareUpdateTaskMachineUA{FF4833D7-903E-419B-9938-4D673D9055B1} - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /ua /installsource scheduler (sign: 'Brave Software, Inc.')
O22 - Tasks: ModifyLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -UpdateCurrentUser (sign: 'Advanced Micro Devices')
O22 - Tasks: OneDrive Reporting Task-S-1-5-21-298814588-93093852-3401933221-1001 - C:\Users\emre\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (sign: 'Microsoft')
O22 - Tasks: Opera GX scheduled Autoupdate 1725117116 - C:\Users\emre\AppData\Local\Programs\Opera GX\autoupdate\opera_autoupdate.exe --scheduledtask --bypasslauncher $(Arg0) (sign: 'Opera Norway AS')
O22 - Tasks: StartCN - C:\Program Files\AMD\CNext\CNext\cncmd.exe startwithdelay (sign: 'Advanced Micro Devices')
O22 - Tasks: StartDVR - C:\Program Files\AMD\CNext\CNext\RSServCmd.exe (sign: 'Advanced Micro Devices')
O23 - Service R2: AMD Crash Defender Service - C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_5f2cd636dbc40dd2\amdfendrsr.exe (sign: 'Microsoft')
O23 - Service R2: AMD External Events Utility - C:\Windows\System32\DriverStore\FileRepository\u0405470.inf_amd64_2e71ce0e27c179e1\B404884\atiesrxx.exe (sign: 'Microsoft')
O23 - Service R2: MSI Center Service - (MSI_Center_Service) - C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O23 - Service R2: MSI_Case_Service - C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_32b266092fc6592d\RtkAudUService64.exe (sign: 'Realtek Semiconductor Corp.')
O23 - Service S2: Brave Güncelleme Hizmeti (brave) - (brave) - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /svc (sign: 'Brave Software, Inc.')
O23 - Service S2: GoogleUpdater InternalService 130.0.6679.0 (GoogleUpdaterInternalService130.0.6679.0) - (GoogleUpdaterInternalService130.0.6679.0) - C:\Program Files (x86)\Google\GoogleUpdater\130.0.6679.0\updater.exe --system --windows-service --service=update-internal (sign: 'Google LLC')
O23 - Service S2: GoogleUpdater Service 130.0.6679.0 (GoogleUpdaterService130.0.6679.0) - (GoogleUpdaterService130.0.6679.0) - C:\Program Files (x86)\Google\GoogleUpdater\130.0.6679.0\updater.exe --system --windows-service --service=update (sign: 'Google LLC')
O23 - Service S3: Brave Elevation Service (BraveElevationService) - (BraveElevationService) - C:\Program Files\BraveSoftware\Brave-Browser\Application\128.1.69.160\elevation_service.exe (sign: 'Brave Software, Inc.')
O23 - Service S3: Brave Güncelleme Hizmeti (bravem) - (bravem) - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /medsvc (sign: 'Brave Software, Inc.')
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\128.0.6613.114\elevation_service.exe (sign: 'Google LLC')
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (sign: 'Mozilla Corporation')
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService (sign: 'Valve Corp.')
O23 - Service S3: vgc - C:\Program Files\Riot Vanguard\vgc.exe (sign: 'Riot Games, Inc.')
O23 - Driver R0: AMD PCI Root Bus Lower Filter - (amdkmpfd) - C:\Windows\System32\drivers\amdkmpfd.sys (+safe mode) (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R0: AMD PSP Service - (amdpsp) - C:\Windows\System32\drivers\amdpsp.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R2: AMDRyzenMasterDriverV20 - C:\Windows\system32\AMDRyzenMasterDriver.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R2: AMDRyzenMasterDriverV26 - C:\Program Files\AMD\RyzenMasterSDK\bin\AMDRyzenMasterDriver.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R3: AMD Crash Defender Driver - (amdfendr) - C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_5f2cd636dbc40dd2\amdfendr.sys (sign: 'Microsoft' - Advanced Micro Devices, Inc.)
O23 - Driver R3: AMD Crash Defender Manager Driver - (amdfendrmgr) - C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_5f2cd636dbc40dd2\amdfendrmgr.sys (sign: 'Microsoft' - Advanced Micro Devices, Inc.)
O23 - Driver R3: AMD Function Driver for HD Audio Service - (AtiHDAudioService) - C:\Windows\System32\DriverStore\FileRepository\atihdwt6.inf_amd64_5bf3de4243c61001\AtihdWT6.sys (sign: 'Advanced Micro Devices')
O23 - Driver R3: AMD GPIO Client Driver - (amdgpio2) - C:\Windows\System32\drivers\amdgpio2.sys (sign: 'Advanced Micro Devices INC.')
O23 - Driver R3: AMD GPIO Client Driver - (amdgpio3) - C:\Windows\System32\drivers\amdgpio3.sys (sign: 'ASMedia Technology Inc.')
O23 - Driver R3: AMD Link Controller Emulation - (AMDXE) - C:\Windows\System32\drivers\amdxe.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R3: AMD PCI - (AMDPCIDev) - C:\Windows\System32\drivers\AMDPCIDev.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R3: AMDSAFD - C:\Windows\System32\DriverStore\FileRepository\amdsafd.inf_amd64_960126269e89c62e\amdsafd.sys (sign: 'Advanced Micro Devices')
O23 - Driver R3: amdwddmg - C:\Windows\System32\DriverStore\FileRepository\u0405470.inf_amd64_2e71ce0e27c179e1\B404884\amdkmdag.sys (sign: 'Microsoft' - Advanced Micro Devices, Inc.)
O23 - Driver R3: NTIOLib_CC_COMM - C:\Program Files (x86)\MSI\MSI Center\Lib\SYS\NTIOLib_X64.sys (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O23 - Driver R3: Realtek RT640 NT Driver - (rt640x64) - C:\Windows\System32\drivers\rt640x64.sys (+safe mode) (sign: 'Realtek Semiconductor Corp.')
O23 - Driver R3: Service for Realtek HD Audio (WDM) - (IntcAzAudAddService) - C:\Windows\system32\drivers\RTKVHD64.sys (sign: 'Realtek Semiconductor Corp.')
O23 - Driver S1: vgk - C:\Program Files\Riot Vanguard\vgk.sys (sign: 'Riot Games, Inc.')
O23 - Driver S3: Intel(R) Serial IO GPIO Controller Driver - (iaLPSSi_GPIO) - C:\Windows\System32\drivers\iaLPSSi_GPIO.sys (sign: 'Intel Corporation - Client Components Group')
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'rt640x64'


--
End of file - Time spent: 13,2 sec. - 33616 bytes, CRC32: FFFFFFFF. Sign: �ᮧ
 
Mesaj yazmak için giriş yapmalı ya da kaydolmalısınız.

Benzer konular

HijackThis Log Paylaşımı
Mesaj
0
Görüntüleme
550
taylaan
Android Silinmeyen Trojan Virüsü Temizleme
Mesaj
5
Görüntüleme
5.688
quarest
Kaspersky silinmeyen trojan
Mesaj
2
Görüntüleme
1.006
acv
A
B
Kaspersky Security Cloud trojan buldu
2 3
Mesaj
21
Görüntüleme
3.007
Murat5038
2
  • Makale
Rehber  Kaspersky Virus Removal Tool ile Zararlı Yazılım Temizliği
Mesaj
7
Görüntüleme
14.561
Windows 11 Bükücü
Menü
Giriş yap
Kaydol
Bu siteyi kullanmak için çerezler gereklidir. Siteyi kullanmaya devam etmek için çerezleri kabul etmelisiniz. Daha Fazlasını Öğren.…