Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.14
Platform: x64 Windows 10 (Pro), 10.0.19044.1379 (ReleaseId: 2009, 21H2), Service Pack: 0
Time: 08.01.2022 - 05:15 (UTC+03:00)
Language: OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated: Yes
Ran by: engin (group: Administrators) on ENGIN, FirstRun: yes
Chrome: 97.0.4692.71
Internet Explorer: 11.0.19041.1202
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)
Boot mode: Normal
Running processes:
Number | Path
1 C:\Program Files (x86)\Internet Download Manager\IDMan.exe
15 C:\Program Files\Google\Chrome\Application\chrome.exe
2 C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
1 C:\Program Files\WinRAR\WinRAR.exe
1 C:\Windows\explorer.exe
1 C:\Windows\servicing\TrustedInstaller.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\audiodg.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
3 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\MoUsoCoreWorker.exe
1 C:\Windows\System32\notepad.exe
3 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smss.exe
20 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
2 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe
1 C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1371_none_7e1bd7147c8285b0\TiWorker.exe
1 F:\Desktop\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://www.google.com.tr/
R0 - HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://www.google.com.tr/
R0 - HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://www.google.com.tr/
R0 - HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://www.google.com.tr/
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O1 - Hosts: Reset contents to default
O1 - Hosts: 0.0.0.0 ars.smartscreen.microsoft.com
O1 - Hosts: 0.0.0.0 az361816.vo.msecnd.net
O1 - Hosts: 0.0.0.0 az512334.vo.msecnd.net
O1 - Hosts: 0.0.0.0 blob.weather.microsoft.com
O1 - Hosts: 0.0.0.0 candycrushsoda.king.com
O1 - Hosts: 0.0.0.0 cdn.content.prod.cms.msn.com
O1 - Hosts: 0.0.0.0 cdn.onenote.net
O1 - Hosts: 0.0.0.0 choice.microsoft.com
O1 - Hosts: 0.0.0.0 choice.microsoft.com.nsatc.net
O1 - Hosts: 0.0.0.0 client.wns.windows.com
O1 - Hosts: 0.0.0.0 client-s.gateway.messenger.live.com
O1 - Hosts: 0.0.0.0 clientconfig.passport.net
O1 - Hosts: 0.0.0.0 deploy.static.akamaitechnologies.com
O1 - Hosts: 0.0.0.0 device.auth.xboxlive.com
O1 - Hosts: 0.0.0.0 dmd.metaservices.microsoft.com
O1 - Hosts: 0.0.0.0 dns.msftncsi.com
O1 - Hosts: 0.0.0.0 feedback.microsoft-hohm.com
O1 - Hosts: 0.0.0.0 feedback.search.microsoft.com
O1 - Hosts: 0.0.0.0 feedback.windows.com
O1 - Hosts: 0.0.0.0 img-s-msn-com.akamaized.net
O1 - Hosts: 0.0.0.0 insiderppe.cloudapp.net
O1 - Hosts: 0.0.0.0 licensing.mp.microsoft.com
O1 - Hosts: 0.0.0.0 mediaredirect.microsoft.com
O1 - Hosts: 0.0.0.0 msftncsi.com
O1 - Hosts: 0.0.0.0 officeclient.microsoft.com
O1 - Hosts: 0.0.0.0 oneclient.sfx.ms
O1 - Hosts: 0.0.0.0 pti.store.microsoft.com
O1 - Hosts: 0.0.0.0 query.prod.cms.rt.microsoft.com
O1 - Hosts: 0.0.0.0 register.cdpcs.microsoft.com
O1 - Hosts: 0.0.0.0 s0.2mdn.net
O1 - Hosts: 0.0.0.0 sO.2mdn.net
O1 - Hosts: 0.0.0.0 search.msn.com
O1 - Hosts: 0.0.0.0 settings-ssl.xboxlive.com
O1 - Hosts: 0.0.0.0 static.2mdn.net
O1 - Hosts: 0.0.0.0 store-images.s-microsoft.com
O1 - Hosts: 0.0.0.0 storeedgefd.dsx.mp.microsoft.com
O1 - Hosts: 0.0.0.0 support.microsoft.com
O1 - Hosts: 0.0.0.0 tile-service.weather.microsoft.com
O1 - Hosts: 0.0.0.0 time.windows.com
O1 - Hosts: 0.0.0.0 tk2.plt.msn.com
O1 - Hosts: 0.0.0.0 urs.smartscreen.microsoft.com
O1 - Hosts: 0.0.0.0 wdcp.microsoft.com
O1 - Hosts: 0.0.0.0 wdcpalt.microsoft.com
O1 - Hosts: 0.0.0.0 win10-trt.msedge.net
O1 - Hosts: 0.0.0.0 wscont.apps.microsoft.com
O1 - Hosts: 0.0.0.0 www.msftconnecttest.com
O1 - Hosts: 0.0.0.0 www.msftncsi.com
O1 - Hosts: 0.0.0.0 a-0001.a-msedge.net
O1 - Hosts: 0.0.0.0 a-0001.dc-msedge.net
O1 - Hosts: 0.0.0.0 a-0002.a-msedge.net
O1 - Hosts: 0.0.0.0 a-0003.a-msedge.net
O1 - Hosts: 0.0.0.0 a-0004.a-msedge.net
O1 - Hosts: 0.0.0.0 a-0005.a-msedge.net
O1 - Hosts: 0.0.0.0 a-0006.a-msedge.net
O1 - Hosts: 0.0.0.0 a-0007.a-msedge.net
O1 - Hosts: 0.0.0.0 a-0008.a-msedge.net
O1 - Hosts: 0.0.0.0 a-0009.a-msedge.net
O1 - Hosts: 0.0.0.0 a-0010.a-msedge.net
O1 - Hosts: 0.0.0.0 a-0011.a-msedge.net
O1 - Hosts: 0.0.0.0 a-0012.a-msedge.net
O1 - Hosts: 0.0.0.0 a-msedge.net
O1 - Hosts: 0.0.0.0 a.ads1.msn.com
O1 - Hosts: 0.0.0.0 a.ads2.msads.net
O1 - Hosts: 0.0.0.0 a.ads2.msn.com
O1 - Hosts: 0.0.0.0 a.rad.msn.com
O1 - Hosts: 0.0.0.0 ac3.msn.com
O1 - Hosts: 0.0.0.0 activity.windows.com
O1 - Hosts: 0.0.0.0 adnexus.net
O1 - Hosts: 0.0.0.0 adnxs.com
O1 - Hosts: 0.0.0.0 ads.msn.com
O1 - Hosts: 0.0.0.0 ads1.msads.net
O1 - Hosts: 0.0.0.0 ads1.msn.com
O1 - Hosts: 0.0.0.0 aidps.atdmt.com
O1 - Hosts: 0.0.0.0 aka-cdn-ns.adtech.de
O1 - Hosts: 0.0.0.0 array101-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 array102-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 array103-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 array104-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 array201-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 array202-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 array203-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 array204-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 array401-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 array402-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 array403-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 array404-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 array405-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 array406-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 array407-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 array408-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 b.ads1.msn.com
O1 - Hosts: 0.0.0.0 b.ads2.msads.net
O1 - Hosts: 0.0.0.0 b.rad.msn.com
O1 - Hosts: 0.0.0.0 bingads.microsoft.com
O1 - Hosts: 0.0.0.0 bl3301-a.1drv.com
O1 - Hosts: 0.0.0.0 bl3301-c.1drv.com
O1 - Hosts: 0.0.0.0 bl3301-g.1drv.com
O1 - Hosts: 0.0.0.0 bn1304-e.1drv.com
O1 - Hosts: 0.0.0.0 bn1306-a.1drv.com
O1 - Hosts: 0.0.0.0 bn1306-e.1drv.com
O1 - Hosts: 0.0.0.0 bn1306-g.1drv.com
O1 - Hosts: 0.0.0.0 bn2b-cor001.api.p001.1drv.com
O1 - Hosts: 0.0.0.0 bn2b-cor002.api.p001.1drv.com
O1 - Hosts: 0.0.0.0 bn3p-cor001.api.p001.1drv.com
O1 - Hosts: 0.0.0.0 bn2b-cor003.api.p001.1drv.com
O1 - Hosts: 0.0.0.0 bn2b-cor004.api.p001.1drv.com
O1 - Hosts: 0.0.0.0 bn2wns1.wns.windows.com
O1 - Hosts: 0.0.0.0 bn3sch020022328.wns.windows.com
O1 - Hosts: 0.0.0.0 by3301-a.1drv.com
O1 - Hosts: 0.0.0.0 by3301-c.1drv.com
O1 - Hosts: 0.0.0.0 by3301-e.1drv.com
O1 - Hosts: 0.0.0.0 bs.serving-sys.com
O1 - Hosts: 0.0.0.0 c.atdmt.com
O1 - Hosts: 0.0.0.0 c.msn.com
O1 - Hosts: 0.0.0.0 c-0001.dc-msedge.net
O1 - Hosts: 0.0.0.0 ca.telemetry.microsoft.com
O1 - Hosts: 0.0.0.0 cache.datamart.windows.com
O1 - Hosts: 0.0.0.0 cdn.atdmt.com
O1 - Hosts: 0.0.0.0 cds1204.lon.llnw.net
O1 - Hosts: 0.0.0.0 cds1293.lon.llnw.net
O1 - Hosts: 0.0.0.0 cds20417.lcy.llnw.net
O1 - Hosts: 0.0.0.0 cds20431.lcy.llnw.net
O1 - Hosts: 0.0.0.0 cds20450.lcy.llnw.net
O1 - Hosts: 0.0.0.0 cds20457.lcy.llnw.net
O1 - Hosts: 0.0.0.0 cds20475.lcy.llnw.net
O1 - Hosts: 0.0.0.0 cds21244.lon.llnw.net
O1 - Hosts: 0.0.0.0 cds26.ams9.msecn.net
O1 - Hosts: 0.0.0.0 cds425.lcy.llnw.net
O1 - Hosts: 0.0.0.0 cds459.lcy.llnw.net
O1 - Hosts: 0.0.0.0 cds494.lcy.llnw.net
O1 - Hosts: 0.0.0.0 cds965.lon.llnw.net
O1 - Hosts: 0.0.0.0 ch1-cor001.api.p001.1drv.com
O1 - Hosts: 0.0.0.0 ch1-cor002.api.p001.1drv.com
O1 - Hosts: 0.0.0.0 ch3301-c.1drv.com
O1 - Hosts: 0.0.0.0 ch3301-e.1drv.com
O1 - Hosts: 0.0.0.0 ch3301-g.1drv.com
O1 - Hosts: 0.0.0.0 ch3302-c.1drv.com
O1 - Hosts: 0.0.0.0 ch3302-e.1drv.com
O1 - Hosts: 0.0.0.0 compatexchange.cloudapp.net
O1 - Hosts: 0.0.0.0 compatexchange1.trafficmanager.net
O1 - Hosts: 0.0.0.0 continuum.dds.microsoft.com
O1 - Hosts: 0.0.0.0 corp.sts.microsoft.com
O1 - Hosts: 0.0.0.0 corpext.msitadfs.glbdns2.microsoft.com
O1 - Hosts: 0.0.0.0 cp101-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 cp201-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 cp401-prod.do.dsp.mp.microsoft.com
O1 - Hosts: 0.0.0.0 cs1.wpc.v0cdn.net
O1 - Hosts: 0.0.0.0 db3aqu.atdmt.com
O1 - Hosts: 0.0.0.0 db3wns2011111.wns.windows.com
O1 - Hosts: 0.0.0.0 db5.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101100122.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101100127.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101100831.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101100835.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101100917.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101100925.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101100928.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101100938.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101001.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101022.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101024.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101031.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101034.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101042.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101044.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101122.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101123.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101125.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101128.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101129.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101133.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101145.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101209.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101221.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101228.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101231.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101237.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101317.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101324.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101329.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101333.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101334.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101338.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101419.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101424.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101426.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101427.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101430.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101445.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101511.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101519.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101529.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101535.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101541.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101543.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101608.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101618.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101629.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101631.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101633.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101640.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101711.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101722.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101739.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101745.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101813.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101820.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101826.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101835.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101837.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101844.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101907.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101914.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101929.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101939.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101101941.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101102015.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101102017.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101102019.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101102023.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101102025.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101102032.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101102033.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110108.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110109.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110114.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110135.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110142.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110204.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110206.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110214.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110225.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110232.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110245.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110315.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110323.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110325.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110328.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110331.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110341.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110343.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110345.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110403.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110419.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110438.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110442.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110501.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110527.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110533.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110618.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110622.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110624.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110626.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110634.wns.windows.com
O1 - Hosts: 0.0.0.0 db5sch101110705.wns.window
O2 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
O2-32 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O4 - HKCU\..\StartupApproved\Run: [IDMan] = C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot (2022/01/08)
O4 - HKCU\..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2022/01/08)
O4 - HKU\S-1-5-18\..\RunOnce: [AppsUseLightTheme] = C:\Windows\system32\REG.exe ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" /v "AppsUseLightTheme" /t REG_DWORD /f /d 1 (User 'LocalSystem')
O4 - HKU\S-1-5-18\..\RunOnce: [GlobalUserDisabled] = C:\Windows\system32\REG.exe ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications" /v "GlobalUserDisabled" /t REG_DWORD /f /d 1 (User 'LocalSystem')
O4 - HKU\S-1-5-18\..\RunOnce: [ShellFeedsTaskbarViewMode] = C:\Windows\system32\REG.exe ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Feeds" /v "ShellFeedsTaskbarViewMode" /t REG_DWORD /f /d 2 (User 'LocalSystem')
O4 - HKU\S-1-5-18\..\RunOnce: [SystemUsesLightTheme] = C:\Windows\system32\REG.exe ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" /v "SystemUsesLightTheme" /t REG_DWORD /f /d 0 (User 'LocalSystem')
O4 - HKU\S-1-5-19\..\RunOnce: [AppsUseLightTheme] = C:\Windows\system32\REG.exe ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" /v "AppsUseLightTheme" /t REG_DWORD /f /d 1 (User 'Local service')
O4 - HKU\S-1-5-19\..\RunOnce: [GlobalUserDisabled] = C:\Windows\system32\REG.exe ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications" /v "GlobalUserDisabled" /t REG_DWORD /f /d 1 (User 'Local service')
O4 - HKU\S-1-5-19\..\RunOnce: [ShellFeedsTaskbarViewMode] = C:\Windows\system32\REG.exe ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Feeds" /v "ShellFeedsTaskbarViewMode" /t REG_DWORD /f /d 2 (User 'Local service')
O4 - HKU\S-1-5-19\..\RunOnce: [SystemUsesLightTheme] = C:\Windows\system32\REG.exe ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" /v "SystemUsesLightTheme" /t REG_DWORD /f /d 0 (User 'Local service')
O4 - HKU\S-1-5-20\..\RunOnce: [AppsUseLightTheme] = C:\Windows\system32\REG.exe ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" /v "AppsUseLightTheme" /t REG_DWORD /f /d 1 (User 'Network service')
O4 - HKU\S-1-5-20\..\RunOnce: [GlobalUserDisabled] = C:\Windows\system32\REG.exe ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications" /v "GlobalUserDisabled" /t REG_DWORD /f /d 1 (User 'Network service')
O4 - HKU\S-1-5-20\..\RunOnce: [ShellFeedsTaskbarViewMode] = C:\Windows\system32\REG.exe ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Feeds" /v "ShellFeedsTaskbarViewMode" /t REG_DWORD /f /d 2 (User 'Network service')
O4 - HKU\S-1-5-20\..\RunOnce: [SystemUsesLightTheme] = C:\Windows\system32\REG.exe ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" /v "SystemUsesLightTheme" /t REG_DWORD /f /d 0 (User 'Network service')
O6 - IE Policy: HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions - present
O6 - IE Policy: HKU\S-1-5-18\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions - present
O6 - IE Policy: HKU\S-1-5-19\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions - present
O6 - IE Policy: HKU\S-1-5-20\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions - present
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders, {374DE290-123F-4565-9164-39C4925E467B} = F:\downloads
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders, {4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4} = F:\saved games
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders, Desktop = F:\Desktop
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders, Personal = F:\documents
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders, {374DE290-123F-4565-9164-39C4925E467B} = F:\downloads
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders, Desktop = F:\Desktop
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders, Personal = F:\documents
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\IDM ile indir: (default) = C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O17 - DHCP DNS 1: 192.168.1.1
O17 - DHCP DNS 2: 192.168.68.1
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll
O22 - Task: (disabled) (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\compattelrunner.exe (file missing)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\Windows\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\WaaSMedic\PerformRemediation - {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32},None - (no file)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: \Microsoft\Windows\RetailDemo\CleanupOfflineContent - {61f77d5e-afe9-400b-a5e6-e9e80fc8e601} - (no file)
O22 - Task: \Microsoft\Windows\SMB\UninstallSMB1ClientTask - C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\Windows\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client"
O22 - Task: \Microsoft\Windows\SMB\UninstallSMB1ServerTask - C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\Windows\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server"
O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: Intel(R) TPM Provisioning Service - C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\TPMProvisioningService.exe
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\97.0.4692.71\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\SocketHeciServer.exe
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService
O26 - Debugger: HKLM\..\CompatTelRunner.exe: [Debugger] = C:\Windows\System32\taskkill.exe (Microsoft)
--
End of file - Time spent: 4,7 sec. - 47904 bytes, CRC32: FFFFFFFF. Sign: 沁