1543056134722.png


Sisteminizde yaşadığınız performans düşüşü, kilitlenme, zararlı etkisi, uygulama hatalarından kaynaklanan sorunsalları analiz etmek ve performans iyileştirmesi, zararlı etkisini inaktif etmek için bize HijackThis yazılımı ile yaptığınız tarama Logunu burada paylaşmanız gerekmektedir.



Kullanımı:

1)
Bir geliştirici tarafından yeni özellikler kazandırılan güncel sürümünü buradan indirip, arşiv dosyasından masaüstüne uygulamayı çıkartın.

Alternatif: Download HiJackThis Fork - MajorGeeks

Eski Sürüm: HiJackThis | Free software downloads at SourceForge.net

2) Bilgisayarınızı yeniden başlatın 3 dk işlem yapmadan bekleyin.

3) HijackThis yazılımına sağ tıklayıp yönetici olarak çalıştırın (XP için geçerli değil).

1543056459730.png


4) Açılan arayüzde, "Do a system scan and save a log file" butonuna tıklayın.

1543053000396.png


5) Otomatik olarak Hijackthis taraması başlayacak, taramanın tamamlanması sürece fare ve klavyeyi kullanmayın.
1543053111358.png


6) Tarama tamamlandığında HijackThis raporunu içeren bir Log dosyası karşınıza gelecektir.

1543053449185.png



*7) Log dosyasını incelememiz için buraya cevaplama bölümünden eklemeniz gerekmektedir.

1543053710016.png

Kod'a tıklayın.

1543053809056.png


Log'da yazanları mavi bölmenin içine yapıştırıp "Devam Et" butonuna basın.

Uyarı: Sitede kod eklemede sorun yaşarsanız kod paylaşımlarını altta verilen sitelerden birine yapıştırıp linki paylaşmanız gerekmektedir. Bu durumda *7. seçeneği şu anlık kullanmayın.

Paste ofCode

8) Ayrıca sisteminizde var olan sorunu detaylıca (Performans düşüşü, Malware varlığı şüphesi vb.) belirterek konuyu cevaplayın.
(Bunu yapmayana cevap verilmeyecektir)

Fixleme:

Konuda şahsım tarafından veya uzman kişilerden geri dönüş yapıldığında Hijackthis uygulama arayüzünden söylediğimiz satırların başlarına tik işareti koyun. Ardından "Fix checked" butonuna basın.
1543054420492.png
 
Son düzenleme:
bilgisayarım 2 haftadır sürekli takılma ve donmalar yaşıyor.


Kod:
Logfile of HijackThis+ (Alpha version) by Alex Dragokas v.3.3.0.7

Platform:  x64 Windows 10 (Pro), 10.0.19045.3693 (ReleaseId: 2009, 22H2), Service Pack: 0
Time:      23.11.2023 - 21:23 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Memory:    12504 MiB Free. Loading RAM (25 %), CPU (18 %)
Elevated:  Yes
Ran by:    User    (group: Administrators; type: Local) on DESKTOP-AUQE7QM, FirstRun: yes

Chrome:  119.0.6045.160
Internet Explorer: 11.0.19041.3636
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal (Secure Boot: Off) (Code Integrity: On)

Running processes:
Number | Path
   1  C:\Program Files (x86)\Google\Update\1.3.36.332\GoogleCrashHandler.exe
   1  C:\Program Files (x86)\Google\Update\1.3.36.332\GoogleCrashHandler64.exe
   1  C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
   1  C:\Program Files\AMD\CNext\CNext\amdow.exe
   1  C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
   1  C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
  18  C:\Program Files\Google\Chrome\Application\chrome.exe
   1  C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
   1  C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2345.6.0_x64__cv1g1gvanyjgm\WhatsApp.exe
   1  C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23092.158.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
   1  C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2309.6.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe
   1  C:\Users\User\Downloads\HiJackThis\HiJackThis.exe
   1  C:\Windows\explorer.exe
   1  C:\Windows\ImmersiveControlPanel\SystemSettings.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   1  C:\Windows\System32\audiodg.exe
   1  C:\Windows\System32\CompPkgSrv.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\DriverStore\FileRepository\c0360470.inf_amd64_b06c374aee20d185\B360357\atieclxx.exe
   1  C:\Windows\System32\DriverStore\FileRepository\c0360470.inf_amd64_b06c374aee20d185\B360357\atiesrxx.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\LsaIso.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\oobe\UserOOBEBroker.exe
   6  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchFilterHost.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SearchProtocolHost.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SecurityHealthSystray.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
   1  C:\Windows\System32\sppsvc.exe
  78  C:\Windows\System32\svchost.exe
   2  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\Taskmgr.exe
   1  C:\Windows\System32\vmcompute.exe
   1  C:\Windows\System32\vmms.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe

O1 - Hosts.ICS: 172.19.208.1 DESKTOP-AUQE7QM.mshome.net # 2028 11 2 21 18 12 23 558
O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_351\bin\jp2ssv.dll (sign: 'Oracle America, Inc.')
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_351\bin\ssv.dll (sign: 'Oracle America, Inc.')
O4 - ActiveSetup: HKLM\..\{8A69D345-D564-463c-AFF1-A69D9E530F96}: [StubPath] = C:\Program Files\Google\Chrome\Application\119.0.6045.160\Installer\chrmstp.exe --configure-user-settings --verbose-logging --system-level --channel=stable (sign: 'Google LLC')
O4 - HKCU\..\StartupApproved\Run: [GoogleChromeAutoLaunch_BCEA24321E5E4F1401136BBEDFB545FE] = C:\Program Files\Google\Chrome\Application\chrome.exe --no-startup-window /prefetch:5 (2023/11/19) (sign: 'Google LLC')
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_C46CFC0629905CC775E70B50EA8A519C] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --win-session-start (2023/05/17) (sign: 'Microsoft')
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Program Files\Microsoft OneDrive\OneDrive.exe /background (2023/06/07) (sign: 'Microsoft')
O4 - HKCU\..\StartupApproved\Run: [RiotClient] = C:\Riot Games\Riot Client\RiotClientServices.exe --launch-background-mode (file missing) (2023/07/30)
O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s (sign: 'Microsoft')
O4 - HKLM\..\StartupApproved\Run: [AdobeAAMUpdater-1.0] = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (2023/10/01) (sign: 'Adobe Systems Incorporated')
O4 - HKLM\..\StartupApproved\Run: [AdobeGCInvoker-1.0] = C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (2023/10/01) (sign: 'Adobe Inc.')
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (file missing) (2023/05/17)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\E&xport to Microsoft Excel: (default) = C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE (file missing)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Se&nd to OneNote: (default) = C:\Program Files\Microsoft Office\root\Office16\ONBttnIE.dll (file missing)
O17 - DHCP DNS 1: 192.168.1.1
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (user missing) (sign: 'Microsoft')
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (user missing) (sign: 'Microsoft')
O22 - Tasks: (disabled) \Agent Activation Runtime\S-1-5-21-3204771105-4256266711-2647506906-1001 - C:\Windows\System32\AgentActivationRuntimeStarter.exe (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\Windows\system32\fclip.exe (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\Windows\system32\usoclient.exe StartWork (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\AppListBackup\BackupNonMaintenance - {E0DCC2CC-3354-45F2-8914-519E07809082} - C:\Windows\system32\AppListBackupLauncher.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\CloudRestore\Backup - {722D0F89-B69C-4700-AE8C-4A44350E4876},$(Arg0) - C:\Windows\System32\CloudRestoreLauncher.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\ConsentUX\UnifiedConsent\UnifiedConsentSyncTask - {82aa0895-198a-4c1b-b2d1-c16894218afb} - C:\Windows\System32\unifiedconsent.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache - {07369A67-07A6-4608-ABEA-379491CB7C46} - C:\Windows\System32\UpdatePolicy.dll (sign: 'Microsoft')
O22 - Tasks: AdobeGCInvoker-1.0 - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe -mode=scheduled (sign: 'Adobe Inc.')
O22 - Tasks: Adobe-Genuine-Software-Integrity-Scheduler-1.0 - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (sign: 'Adobe Inc.')
O22 - Tasks: Google Play Games Notifier - D:\Play Games\Bootstrapper.exe /bg (file missing)
O22 - Tasks: GoogleUpdateTaskMachineCore{5EFC8BE7-6AC5-4F76-9295-41B6BEBAF734} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c (sign: 'Google LLC')
O22 - Tasks: GoogleUpdateTaskMachineUA{FF6F482B-ED84-443F-8B1A-60B2CEB1E112} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler (sign: 'Google LLC')
O22 - Tasks: OneDrive Per-Machine Standalone Update Task - C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe (sign: 'Microsoft')
O22 - Tasks: OneDrive Reporting Task-S-1-5-21-3204771105-4256266711-2647506906-1001 - C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe /reporting (sign: 'Microsoft')
O22 - Tasks: StartCN - C:\Program Files\AMD\CNext\CNext\cncmd.exe startwithdelay (sign: 'Advanced Micro Devices INC.')
O22 - Tasks: StartDVR - C:\Program Files\AMD\CNext\CNext\RSServCmd.exe (sign: 'Advanced Micro Devices INC.')
O23 - Service R2: AMD External Events Utility - C:\Windows\System32\DriverStore\FileRepository\c0360470.inf_amd64_b06c374aee20d185\B360357\atiesrxx.exe (sign: 'Advanced Micro Devices INC.')
O23 - Service S2: Adobe Genuine Software Monitor Service - (AGMService) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (sign: 'Adobe Inc.')
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc (sign: 'Google LLC')
O23 - Service S2: Microsoft Edge Update Service (edgeupdate) - (edgeupdate) - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /svc (sign: 'Microsoft')
O23 - Service S2: XSplit VCam Capture Source Service - (XSpltVidSvc) - C:\Program Files\XSplit\VCam\service\XSpltVidSvc.exe (file missing)
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe (file missing)
O23 - Service S3: EABackgroundService - C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (sign: 'Electronic Arts, Inc.')
O23 - Service S3: Easy Anti-Cheat (Epic Online Services) - (EasyAntiCheat_EOS) - C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe (file missing)
O23 - Service S3: FileSyncHelper - C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncHelper.exe (sign: 'Microsoft')
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\119.0.6045.160\elevation_service.exe (sign: 'Google LLC')
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc (sign: 'Google LLC')
O23 - Service S3: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (sign: 'Microsoft') (+safe mode)
O23 - Service S3: Microsoft Edge Update Service (edgeupdatem) - (edgeupdatem) - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /medsvc (sign: 'Microsoft')
O23 - Service S3: OneDrive Updater Service - C:\Program Files\Microsoft OneDrive\23.226.1031.0003\OneDriveUpdaterService.exe (sign: 'Microsoft')
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService (sign: 'Valve Corp.')
O23 - Driver R0: AMD PCI Root Bus Lower Filter - (amdkmpfd) - C:\Windows\System32\drivers\amdkmpfd.sys (+safe mode) (sign: 'Advanced Micro Devices, Inc.')
O23 - Driver R2: MBAMChameleon - C:\Windows\System32\Drivers\MbamChameleon.sys (sign: 'Microsoft' - Malwarebytes)
O23 - Driver R3: amdkmdag - C:\Windows\System32\DriverStore\FileRepository\c0360470.inf_amd64_b06c374aee20d185\B360357\amdkmdag.sys (sign: 'Advanced Micro Devices, Inc.')
O23 - Driver R3: Service for Realtek HD Audio (WDM) - (IntcAzAudAddService) - C:\Windows\system32\drivers\RTKVHD64.sys (sign: 'Realtek Semiconductor Corp.')
O23 - Driver R3: XSplit VCam - (XSpltVid) - C:\Windows\system32\DRIVERS\XSpltVid.sys (sign: 'Microsoft' - SplitmediaLabs Limited)
O23 - Driver S3: Intel(R) Serial IO GPIO Controller Driver - (iaLPSSi_GPIO) - C:\Windows\System32\drivers\iaLPSSi_GPIO.sys (sign: 'Intel Corporation - Client Components Group')
O23 - Driver S3: MBAMSwissArmy - C:\Windows\System32\Drivers\mbamswissarmy.sys (sign: 'Microsoft' - Malwarebytes)
O23 - Driver S3: MpKsl4d93e741 - C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AB5FF61E-478E-4A8B-9FBE-D35780DB19D6}\MpKslDrv.sys (file missing)
O23 - Driver S3: Voicemod Virtual Audio Device (WDM) - (VOICEMOD_Driver) - C:\Windows\system32\drivers\mvvad.sys (sign: 'Voicemod Sociedad Limitada')


--
End of file - Time spent: 37,4 sec. - 28978 bytes, CRC32: FFFFFFFF. Sign: 龫綝
 
Bilgisayarım 2 haftadır sürekli takılma ve donmalar yaşıyor.
Bunları fixleyin:
Kod:
O1 - Hosts.ICS: 172.19.208.1 DESKTOP-AUQE7QM.mshome.net # 2028 11 2 21 18 12 23 558
O4 - ActiveSetup: HKLM\..\{8A69D345-D564-463c-AFF1-A69D9E530F96}: [StubPath] = C:\Program Files\Google\Chrome\Application\119.0.6045.160\Installer\chrmstp.exe --configure-user-settings --verbose-logging --system-level --channel=stable (sign: 'Google LLC')
O4 - HKCU\..\StartupApproved\Run: [GoogleChromeAutoLaunch_BCEA24321E5E4F1401136BBEDFB545FE] = C:\Program Files\Google\Chrome\Application\chrome.exe --no-startup-window /prefetch:5 (2023/11/19) (sign: 'Google LLC')
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_C46CFC0629905CC775E70B50EA8A519C] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --win-session-start (2023/05/17) (sign: 'Microsoft')
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Program Files\Microsoft OneDrive\OneDrive.exe /background (2023/06/07) (sign: 'Microsoft')
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (file missing) (2023/05/17)
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (user missing) (sign: 'Microsoft')
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (user missing) (sign: 'Microsoft')
O22 - Tasks: Google Play Games Notifier - D:\Play Games\Bootstrapper.exe /bg (file missing)
O22 - Tasks: OneDrive Per-Machine Standalone Update Task - C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe (sign: 'Microsoft')
O22 - Tasks: OneDrive Reporting Task-S-1-5-21-3204771105-4256266711-2647506906-1001 - C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe /reporting (sign: 'Microsoft')
Onedrive kullanmıyorsanız kaldırın, ses değiştiriciler kullanmayın, sfc /scannow komutu çalıştırın.
 
Kod:
Logfile of HijackThis+ by Alex Dragokas, build 2023-11-27 Alpha v.3.3.0.8

Platform:  x64 Windows 11 (Home), 10.0.22631.2715 (ReleaseId: 2009, 23H2), Service Pack: 0
Time:      27.11.2023 - 20:17 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Memory:    27539 MiB Free. Loading RAM (17 %), CPU (6 %)
Elevated:  Yes
Ran by:    doguk    (group: Administrators; type: Microsoft) on COMOLOKO, FirstRun: yes

Chrome:  119.0.6045.160
Internet Explorer: 11.0.22621.1
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal (Secure Boot: On)

Running processes:
Number | Path
   7  C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe
   1  C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
   1  C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
   1  C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe
   1  C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
   1  C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
   1  C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.20\AsusFanControlService.exe
   1  C:\Program Files (x86)\ASUS\AXSP\4.02.27\atkexComSvc.exe
   1  C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
   1  C:\Program Files (x86)\Google\Update\1.3.36.332\GoogleCrashHandler.exe
   1  C:\Program Files (x86)\Google\Update\1.3.36.332\GoogleCrashHandler64.exe
   2  C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.15\avp.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.15\avpui.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 23.2\kpm_service.exe
   1  C:\Program Files (x86)\LightingService\LightingService.exe
   6  C:\Program Files (x86)\Microsoft\EdgeWebView\Application\119.0.2151.72\msedgewebview2.exe
   1  C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
   1  C:\Program Files\ASUS\AacAmbientHal\AacAmbientLighting.exe
   1  C:\Program Files\ASUS\AacExtCard\extensionCardHal_x86.exe
   2  C:\Program Files\ASUS\AacMB\Aac3572MbHal_x86.exe
   1  C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe
   1  C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe
   1  C:\Program Files\ASUS\ASUS_Aac_DRAM\Aac3572DramHal_x86.exe
   1  C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x64.exe
   1  C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x86.exe
   1  C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
   1  C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
   2  C:\Program Files\COMODO\COMODO Internet Security\cis.exe
   2  C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
   1  C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
   1  C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
   3  C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
   3  C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
   1  C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
   1  C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21740.0_x64__8wekyb3d8bbwe\HxOutlook.exe
   1  C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21740.0_x64__8wekyb3d8bbwe\HxTsr.exe
   1  C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23092.158.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
   1  C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.29700.0.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
   1  C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.29700.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe
   6  C:\Users\doguk\AppData\Local\Discord\app-1.0.9024\Discord.exe
   1  C:\Users\doguk\OneDrive\Masaüstü\Yeni klasör\HiJackThis.exe
   1  C:\Windows\explorer.exe
   1  C:\Windows\ImmersiveControlPanel\SystemSettings.exe
   1  C:\Windows\System32\AggregatorHost.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   1  C:\Windows\System32\audiodg.exe
   3  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dasHost.exe
   2  C:\Windows\System32\dllhost.exe
   2  C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1fea8972dc2f0a69\Display.NvContainer\NVDisplay.Container.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\oobe\UserOOBEBroker.exe
   1  C:\Windows\System32\rundll32.exe
   5  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SecurityHealthSystray.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  82  C:\Windows\System32\svchost.exe
   2  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\wbem\unsecapp.exe
   1  C:\Windows\System32\wbem\WMIADAP.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\System32\wlanext.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   1  C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

O4 - ActiveSetup: HKLM\..\{8A69D345-D564-463c-AFF1-A69D9E530F96}: [StubPath] = C:\Program Files\Google\Chrome\Application\119.0.6045.160\Installer\chrmstp.exe --configure-user-settings --verbose-logging --system-level --channel=stable (sign: 'Google LLC')
O4 - HKCU\..\Run: [Discord] = C:\Users\doguk\AppData\Local\Discord\Update.exe --processStart Discord.exe (sign: 'Discord Inc.')
O4 - HKCU\..\Run: [EnlistedLauncher] = C:\Users\doguk\AppData\Local\Enlisted\launcher.exe (sign: 'Gaijin Network Ltd')
O4 - HKCU\..\Run: [kpm.exe] = C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 23.2\kpm.exe autoStart (sign: 'AO Kaspersky Lab')
O4 - HKCU\..\StartupApproved\Run: [CCleaner Smart Cleaning] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR (2023/11/26) (sign: 'PIRIFORM SOFTWARE LIMITED')
O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent -launchcontext=boot (sign: 'Epic Games Inc.')
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_5367AD2360CD75088E44BA6407378E06] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start /prefetch:5 (sign: 'Microsoft')
O4 - HKCU\..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2023/11/16) (sign: 'Valve Corp.')
O4 - HKLM\..\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] = C:\Program Files\COMODO\COMODO Internet Security\cis.exe --cistrayUI (sign: 'Comodo Security Solutions, Inc.')
O4 - HKU\S-1-5-19\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'Local service') (sign: 'Microsoft')
O4 - HKU\S-1-5-20\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'Network service') (sign: 'Microsoft')
O17 - DHCP DNS 1: 156.154.70.25
O17 - DHCP DNS 2: 156.154.71.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{78e4b3fc-f3c7-4b33-bc9a-4a244ff41325}: [NameServer] = 156.154.70.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{78e4b3fc-f3c7-4b33-bc9a-4a244ff41325}: [NameServer] = 156.154.71.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{c95e19dc-15ce-4eb4-aba2-0ae0a5eea7e4}: [NameServer] = 156.154.70.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{c95e19dc-15ce-4eb4-aba2-0ae0a5eea7e4}: [NameServer] = 156.154.71.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{ea1b626e-cb10-4b6f-87c7-e52a47ecf8c3}: [NameServer] = 198.51.100.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{ea1b626e-cb10-4b6f-87c7-e52a47ecf8c3}: [NameServer] = 198.51.100.2
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O22 - Task (.job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\Windows\explorer.exe (sign: 'Microsoft')
O22 - Task (.job): (Not scheduled) CCleanerCrashReporting.job - C:\Program Files\CCleaner\CCleanerBugReport.exe (sign: 'PIRIFORM SOFTWARE LIMITED')
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (user missing) (sign: 'Microsoft')
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (user missing) (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\MdmDiagnosticsCleanup - C:\Windows\system32\MdmDiagnosticsTool.exe /clean (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Shell\ThemeAssetTask_SyncFODState - {3BC5DD7D-EA3B-428C-B9B6-0723DB6A1057} - C:\Windows\System32\Windows.UI.Immersive.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\WaaSMedic\MaintenanceWork - {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32},MaintenanceWork - C:\Windows\System32\WaaSMedicSvc.dll (sign: 'Microsoft')
O22 - Tasks: (telemetry) \COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} - C:\Program Files\COMODO\COMODO Internet Security\cis.exe --telemetry (sign: 'Comodo Security Solutions, Inc.')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\sc.exe start InventorySvc (sign: '')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\SdbinstMergeDbTask - C:\Windows\system32\sdbinst.exe -mm (sign: 'Microsoft')
O22 - Tasks: (telemetry) NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe (sign: 'NVIDIA Corporation')
O22 - Tasks: (telemetry) NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe (sign: 'NVIDIA Corporation')
O22 - Tasks: (telemetry) NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe (sign: 'NVIDIA Corporation')
O22 - Tasks: (telemetry) NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe (sign: 'NVIDIA Corporation')
O22 - Tasks: \ASUS\AcPowerNotification - C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe (sign: 'ASUSTeK COMPUTER INC.')
O22 - Tasks: \ASUS\ArmourySocketServer - C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (sign: 'ASUSTeK COMPUTER INC.')
O22 - Tasks: \ASUS\ASUSUpdateTaskMachineCore1da187ea61f54e2 - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe /c (sign: 'ASUSTeK COMPUTER INC.')
O22 - Tasks: \ASUS\ASUSUpdateTaskMachineUA - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe /ua /installsource scheduler (sign: 'ASUSTeK COMPUTER INC.')
O22 - Tasks: \ASUS\Framework Service - C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe --delay (sign: 'ASUSTeK COMPUTER INC.')
O22 - Tasks: \ASUS\NoiseCancelingEngine - C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe (sign: 'ASUSTeK COMPUTER INC.')
O22 - Tasks: \ASUS\P508PowerAgent_sdk - C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (file missing)
O22 - Tasks: \COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} - C:\Program Files\COMODO\COMODO Internet Security\cis.exe --cistrayUI (sign: 'Comodo Security Solutions, Inc.')
O22 - Tasks: \COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} - C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {06A09C0F-DD9C-4191-A670-71115CD78627} (sign: 'Comodo Security Solutions, Inc')
O22 - Tasks: \COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} - C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {947247B5-026A-4437-9371-770782BE839D} (sign: 'Comodo Security Solutions, Inc')
O22 - Tasks: \COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} - C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {F140D794-60B6-4F00-9235-D6457AA25B22} (sign: 'Comodo Security Solutions, Inc')
O22 - Tasks: \COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} - C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} (sign: 'Comodo Security Solutions, Inc')
O22 - Tasks: \COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} - C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {A6D52E4F-569B-4756-B3D8-DF217313DA85} (sign: 'Comodo Security Solutions, Inc')
O22 - Tasks: \Microsoft\Windows\AppListBackup\BackupNonMaintenance - {E0DCC2CC-3354-45F2-8914-519E07809082} - C:\Windows\system32\AppListBackupLauncher.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\AppxDeploymentClient\UCPD velocity - C:\Windows\system32\UCPDMgr.exe (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\CloudRestore\Backup - {722D0F89-B69C-4700-AE8C-4A44350E4876},$(Arg0) - C:\Windows\System32\CloudRestoreLauncher.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\ConsentUX\UnifiedConsent\UnifiedConsentSyncTask - {82aa0895-198a-4c1b-b2d1-c16894218afb} - C:\Windows\System32\unifiedconsent.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Input\InputSettingsRestoreDataAvailable - {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA},InputSettingsRestoreDataAvailable - C:\Windows\System32\InputCloudStore.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Input\syncpensettings - {3ECEE215-83F5-4123-A592-74F1FE4C3D59},SYNC_PEN_SETTINGS - C:\Windows\System32\SettingsHandlers_Pen.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\InstallService\RestoreDevice - {7F019157-05C8-473F-8664-2BA04A090DC8} - C:\Windows\System32\InstallServiceTasks.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\Windows\system32\MusNotification.exe (file missing)
O22 - Tasks: CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe (sign: 'PIRIFORM SOFTWARE LIMITED')
O22 - Tasks: CCleanerCrashReporting - C:\Program Files\CCleaner\CCleanerBugReport.exe --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "4bd360ea-85fb-4f23-9df1-b2a09a03ed38" --version "6.18.10838" --silent (sign: 'PIRIFORM SOFTWARE LIMITED')
O22 - Tasks: CCleanerSkipUAC - doguk - C:\Program Files\CCleaner\CCleaner.exe $(Arg0) (sign: 'PIRIFORM SOFTWARE LIMITED')
O22 - Tasks: EOSv3 Scheduler onLogOn - C:\Users\doguk\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe LOGON (sign: 'ESET, spol. s r.o.')
O22 - Tasks: EOSv3 Scheduler onTime - C:\Users\doguk\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe SCHED (sign: 'ESET, spol. s r.o.')
O22 - Tasks: GoogleUpdateTaskMachineCore{DCC51E82-656C-4457-94C2-E5504ED205CF} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c (sign: 'Google LLC')
O22 - Tasks: GoogleUpdateTaskMachineUA{D2BB7FB6-8625-4125-BF63-48BB3778D94F} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler (sign: 'Google LLC')
O22 - Tasks: Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} - C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe /waitUpgrade (sign: 'AO Kaspersky Lab')
O22 - Tasks: NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log (sign: 'NVIDIA Corporation')
O22 - Tasks: NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (sign: 'NVIDIA Corporation')
O22 - Tasks: NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler (sign: 'NVIDIA Corporation')
O22 - Tasks: NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (sign: 'NVIDIA Corporation')
O22 - Tasks: NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (sign: 'NVIDIA Corporation')
O23 - Service R2: ARMOURY CRATE Service - (ArmouryCrateService) - C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service R2: ASUS AURA SYNC lighting service - (LightingService) - C:\Program Files (x86)\LightingService\LightingService.exe (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service R2: Asus Certificate Service - (AsusCertService) - C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service R2: ASUS Com Service - (asComSvc) - C:\Program Files (x86)\ASUS\AXSP\4.02.27\atkexComSvc.exe (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service R2: AsusFanControlService - C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.20\AsusFanControlService.exe (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service R2: COMODO Internet Security Helper Service - (CmdAgent) - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (sign: 'Comodo Security Solutions, Inc.')
O23 - Service R2: COMODO Internet Security Protected Helper Service - (CmdAgentProt) - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe /ProtectedSvc (sign: 'Comodo Security Solutions, Inc.')
O23 - Service R2: GameSDK Service - C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service R2: Kaspersky Hizmeti 21.15 - (AVP21.15) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.15\avp.exe -r (sign: 'Kaspersky Lab JSC')
O23 - Service R2: Kaspersky Password Manager 23.2 Service - (kpm_service_23.2) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 23.2\kpm_service.exe (sign: 'AO Kaspersky Lab')
O23 - Service R2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (sign: 'Microsoft') (+safe mode)
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1fea8972dc2f0a69\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1fea8972dc2f0a69\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem /ert (sign: 'Microsoft')
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" (sign: 'NVIDIA Corporation')
O23 - Service R2: ROG Live Service - C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service S2: ASUS Güncelleme Hizmeti (asus) - (asus) - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe /svc (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service S2: AsusUpdateCheck - C:\Windows\System32\AsusUpdateCheck.exe (sign: 'ASUSTeK Computer Inc.')
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc (sign: 'Google LLC')
O23 - Service S2: Kaspersky VPN Secure Connection Hizmeti 5.15 - (KSDE5.15) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.15\ksde.exe -r (sign: 'Kaspersky Lab JSC')
O23 - Service S2: Microsoft Edge Update Service (edgeupdate) - (edgeupdate) - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /svc (sign: 'Microsoft')
O23 - Service S3: ASUS Güncelleme Hizmeti (asusm) - (asusm) - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe /medsvc (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service S3: CCleaner Performance Optimizer Service - (CCleanerPerformanceOptimizerService) - C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe (sign: 'PIRIFORM SOFTWARE LIMITED')
O23 - Service S3: COMODO Virtual Service Manager - (cmdvirth) - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe (sign: 'Comodo Security Solutions, Inc.')
O23 - Service S3: Easy Anti-Cheat (Epic Online Services) - (EasyAntiCheat_EOS) - C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe (sign: 'EasyAntiCheat Oy')
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe (sign: 'EasyAntiCheat Oy')
O23 - Service S3: Epic Online Services - (EpicOnlineServices) - C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe (sign: 'Epic Games Inc.')
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\119.0.6045.160\elevation_service.exe (sign: 'Google LLC')
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc (sign: 'Google LLC')
O23 - Service S3: Kaspersky Volume Shadow Copy Service Bridge 21.15 - (klvssbridge64_21.15) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.15\x64\vssbridge64.exe (sign: 'AO Kaspersky Lab')
O23 - Service S3: Microsoft Edge Update Service (edgeupdatem) - (edgeupdatem) - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /medsvc (sign: 'Microsoft')
O23 - Service S3: NVIDIA FrameView SDK service - (FvSvc) - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe -service (sign: 'NVIDIA Corporation')
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService (sign: 'Valve Corp.')
O23 - Driver R: ASUS Kernel Mode Driver for NT  - C:\Windows\system32\drivers\IOMap64.sys (sign: 'ASUSTeK COMPUTER INC.')
O23 - Driver R0: AMD PSP Service - (amdpsp) - C:\Windows\System32\drivers\amdpsp.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R0: AO Kaspersky Lab Cryptographic Module x64 (56 bit) - (cm_km) - C:\Windows\system32\DRIVERS\cm_km.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R0: klupd_K4W-21-15_arkmon - C:\Windows\System32\Drivers\klupd_K4W-21-15_arkmon.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R0: klupd_K4W-21-15_klbg - C:\Windows\System32\Drivers\klupd_K4W-21-15_klbg.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Asusgio3 - C:\Windows\system32\drivers\AsIO3.sys (sign: 'ASUSTeK COMPUTER INC.')
O23 - Driver R1: COMODO Internet Security Eradication Driver - (cmderd) - C:\Windows\System32\DRIVERS\cmderd.sys (+safe mode) (sign: 'Comodo Security Solutions, Inc.')
O23 - Driver R1: COMODO Internet Security Firewall Driver - (inspect) - C:\Windows\system32\DRIVERS\inspect.sys (+safe mode) (sign: 'Comodo Security Solutions, Inc.')
O23 - Driver R1: COMODO Internet Security Helper Driver - (cmdhlp) - C:\Windows\system32\DRIVERS\cmdhlp.sys (+safe mode) (sign: 'Comodo Security Solutions, Inc.')
O23 - Driver R1: COMODO Internet Security Sandbox Driver - (cmdGuard) - C:\Windows\system32\DRIVERS\cmdguard.sys (sign: 'Comodo Security Solutions, Inc.')
O23 - Driver R1: CTIAIO - C:\Windows\system32\drivers\CtiAIo64.sys (sign: 'Microsoft' - Creative Technology Innovation Co., LTd.)
O23 - Driver R1: Kaspersky Anti-Virus NDIS 6 Filter - (klim6) - C:\Windows\system32\DRIVERS\klim6.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab Driver.K4W-21-15 - (KLIF.K4W-21-15) - C:\Windows\system32\DRIVERS\K4W-21-15\klif.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab format recognizer driver.K4W-21-15 - (klpd.K4W-21-15) - C:\Windows\system32\DRIVERS\K4W-21-15\klpd.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab Kernel DLL.K4W-21-15 - (klflt.K4W-21-15) - C:\Windows\system32\DRIVERS\K4W-21-15\klflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab klbackupdisk.K4W-21-15 - (klbackupdisk.K4W-21-15) - C:\Windows\system32\DRIVERS\K4W-21-15\klbackupdisk.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab klbackupflt.K4W-21-15 - (klbackupflt.K4W-21-15) - C:\Windows\system32\DRIVERS\K4W-21-15\klbackupflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab KLKBDFLT.K4W-21-15 - (klkbdflt.K4W-21-15) - C:\Windows\system32\DRIVERS\K4W-21-15\klkbdflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab klpnpflt.K4W-21-15 - (klpnpflt.K4W-21-15) - C:\Windows\system32\DRIVERS\K4W-21-15\klpnpflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab Security Extender Driver.K4W-21-15 - (klgse.K4W-21-15) - C:\Windows\system32\DRIVERS\K4W-21-15\klgse.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab service driver.K4W-21-15 - (klhk.K4W-21-15) - C:\Windows\system32\DRIVERS\K4W-21-15\klhk.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: kldisk.K4W-21-15 - C:\Windows\system32\DRIVERS\K4W-21-15\kldisk.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: klwfp.K4W-21-15 - C:\Windows\system32\DRIVERS\K4W-21-15\klwfp.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: klwtp.K4W-21-15 - C:\Windows\system32\DRIVERS\K4W-21-15\klwtp.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: kneps.K4W-21-15 - C:\Windows\system32\DRIVERS\K4W-21-15\kneps.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: MSIO - C:\Windows\system32\drivers\MsIo64.sys (sign: 'Microsoft' - MICSYS Technology Co., LTd)
O23 - Driver R2: MBAMChameleon - C:\Windows\System32\Drivers\MbamChameleon.sys (sign: 'Microsoft' - Malwarebytes)
O23 - Driver R3: ___ Windows 10 64 Bit için Intel(R) Wireless Bağdaştırıcı Sürücüsü  - (Netwtw10) - C:\Windows\System32\drivers\Netwtw10.sys (+safe mode) (sign: 'Intel Corporation')
O23 - Driver R3: AMD GPIO Client Driver - (amdgpio2) - C:\Windows\System32\drivers\amdgpio2.sys (sign: 'Advanced Micro Devices INC.')
O23 - Driver R3: AMD GPIO Client Driver - (amdgpio3) - C:\Windows\System32\drivers\amdgpio3.sys (sign: 'ASMedia Technology Inc.')
O23 - Driver R3: AMD PCI - (AMDPCIDev) - C:\Windows\System32\drivers\AMDPCIDev.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R3: Intel(R) Wireless Bluetooth(R) - (ibtusb) - C:\Windows\System32\DriverStore\FileRepository\ibtusb.inf_amd64_4f7e1b9cd53fcb37\ibtusb.sys (+safe mode) (sign: 'Intel Corporation')
O23 - Driver R3: Kaspersky Lab KLMOUFLT.K4W-21-15 - (klmouflt.K4W-21-15) - C:\Windows\system32\DRIVERS\K4W-21-15\klmouflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R3: Kaspersky VPN - (kltun) - C:\Windows\system32\DRIVERS\kltun.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R3: klids.K4W-21-15 - C:\ProgramData\Kaspersky Lab\AVP21.15\Bases\klids.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R3: klupd_K4W-21-15_klark - C:\Windows\System32\Drivers\klupd_K4W-21-15_klark.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R3: klupd_K4W-21-15_mark - C:\Windows\System32\Drivers\klupd_K4W-21-15_mark.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R3: MBAMSwissArmy - C:\Windows\System32\Drivers\mbamswissarmy.sys (sign: 'Microsoft' - Malwarebytes)
O23 - Driver R3: MBAMWebProtection - C:\Windows\system32\DRIVERS\mwac.sys (sign: 'Malwarebytes Inc.')
O23 - Driver R3: NVIDIA Virtual Audio Device (Wave Extensible) (WDM) - (nvvad_WaveExtensible) - C:\Windows\system32\drivers\nvvad64v.sys (sign: 'Nvidia Corporation')
O23 - Driver R3: nvlddmkm - C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1fea8972dc2f0a69\nvlddmkm.sys (sign: 'NVIDIA Corporation')
O23 - Driver R3: NvModuleTracker - C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys (sign: 'Nvidia Corporation')
O23 - Driver R3: NVVHCI Enumerator Service - (nvvhci) - C:\Windows\System32\drivers\nvvhci.sys (sign: 'Nvidia Corporation')
O23 - Driver R3: Realtek RT640 NT Driver - (rt640x64) - C:\Windows\System32\drivers\rt640x64.sys (+safe mode) (sign: 'Realtek Semiconductor Corp.')
O23 - Driver R3: Service for NVIDIA High Definition Audio Driver - (NVHDA) - C:\Windows\system32\drivers\nvhda64v.sys (sign: 'Nvidia Corporation')
O23 - Driver S1: epp - C:\EEK\bin64\epp.sys (file missing)
O23 - Driver S3: cpuz158 - C:\Windows\temp\cpuz158\cpuz158_x64.sys (file missing)
O23 - Driver S3: Intel(R) Serial IO GPIO Controller Driver - (iaLPSSi_GPIO) - C:\Windows\System32\drivers\iaLPSSi_GPIO.sys (sign: 'Intel Corporation - Client Components Group')
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'inspect'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'klim6'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'kltun'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'klwfp.K4W-21-15'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'klwtp.K4W-21-15'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'Netwtw10'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'rt640x64'


--
End of file - Time spent: 21 sec. - 67716 bytes, CRC32: FFFFFFFF. Sign: 쫕†

Kod:
Logfile of HijackThis+ by Alex Dragokas, build 2023-11-27 Alpha v.3.3.0.8

Platform: x64 Windows 11 (Home), 10.0.22631.2715 (ReleaseId: 2009, 23H2), Service Pack: 0
Time: 27.11.2023 - 20:17 (UTC+03:00)
Language: OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Memory: 27539 MiB Free. Loading RAM (17 %), CPU (6 %)
Elevated: Yes.
Ran by: doguk (group: Administrators; type: Microsoft) on COMOLOKO, FirstRun: yes.

Chrome: 119.0.6045.160
Internet Explorer: 11.0.22621.1
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal (Secure Boot: On)

Running processes:
Number | Path.
 7 C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe
 1 C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
 1 C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
 1 C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe
 1 C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
 1 C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
 1 C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.20\AsusFanControlService.exe
 1 C:\Program Files (x86)\ASUS\AXSP\4.02.27\atkexComSvc.exe
 1 C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
 1 C:\Program Files (x86)\Google\Update\1.3.36.332\GoogleCrashHandler.exe
 1 C:\Program Files (x86)\Google\Update\1.3.36.332\GoogleCrashHandler64.exe
 2 C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.15\avp.exe
 1 C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.15\avpui.exe
 1 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 23.2\kpm_service.exe
 1 C:\Program Files (x86)\LightingService\LightingService.exe
 6 C:\Program Files (x86)\Microsoft\EdgeWebView\Application\119.0.2151.72\msedgewebview2.exe
 1 C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
 1 C:\Program Files\ASUS\AacAmbientHal\AacAmbientLighting.exe
 1 C:\Program Files\ASUS\AacExtCard\extensionCardHal_x86.exe
 2 C:\Program Files\ASUS\AacMB\Aac3572MbHal_x86.exe
 1 C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe
 1 C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe
 1 C:\Program Files\ASUS\ASUS_Aac_DRAM\Aac3572DramHal_x86.exe
 1 C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x64.exe
 1 C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x86.exe
 1 C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
 1 C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
 2 C:\Program Files\COMODO\COMODO Internet Security\cis.exe
 2 C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
 1 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
 1 C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
 3 C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
 3 C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
 1 C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
 1 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21740.0_x64__8wekyb3d8bbwe\HxOutlook.exe
 1 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21740.0_x64__8wekyb3d8bbwe\HxTsr.exe
 1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23092.158.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
 1 C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.29700.0.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
 1 C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.29700.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
 1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe
 1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe
 6 C:\Users\doguk\AppData\Local\Discord\app-1.0.9024\Discord.exe
 1 C:\Users\doguk\OneDrive\Masaüstü\Yeni klasör\HiJackThis.exe
 1 C:\Windows\explorer.exe
 1 C:\Windows\ImmersiveControlPanel\SystemSettings.exe
 1 C:\Windows\System32\AggregatorHost.exe
 1 C:\Windows\System32\ApplicationFrameHost.exe
 1 C:\Windows\System32\audiodg.exe
 3 C:\Windows\System32\conhost.exe
 2 C:\Windows\System32\csrss.exe
 1 C:\Windows\System32\ctfmon.exe
 1 C:\Windows\System32\dasHost.exe
 2 C:\Windows\System32\dllhost.exe
 2 C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1fea8972dc2f0a69\Display.NvContainer\NVDisplay.Container.exe
 1 C:\Windows\System32\dwm.exe
 2 C:\Windows\System32\fontdrvhost.exe
 1 C:\Windows\System32\lsass.exe
 1 C:\Windows\System32\oobe\UserOOBEBroker.exe
 1 C:\Windows\System32\rundll32.exe
 5 C:\Windows\System32\RuntimeBroker.exe
 1 C:\Windows\System32\SearchIndexer.exe
 1 C:\Windows\System32\SecurityHealthService.exe
 1 C:\Windows\System32\SecurityHealthSystray.exe
 1 C:\Windows\System32\services.exe
 1 C:\Windows\System32\sihost.exe
 1 C:\Windows\System32\smartscreen.exe
 1 C:\Windows\System32\smss.exe
 1 C:\Windows\System32\spoolsv.exe
 82 C:\Windows\System32\svchost.exe
 2 C:\Windows\System32\taskhostw.exe
 1 C:\Windows\System32\wbem\unsecapp.exe
 1 C:\Windows\System32\wbem\WMIADAP.exe
 2 C:\Windows\System32\wbem\WmiPrvSE.exe
 1 C:\Windows\System32\wininit.exe
 1 C:\Windows\System32\winlogon.exe
 1 C:\Windows\System32\wlanext.exe
 1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
 1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe
 1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
 1 C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

O4 - ActiveSetup: HKLM\..\{8A69D345-D564-463c-AFF1-A69D9E530F96}: [StubPath] = C:\Program Files\Google\Chrome\Application\119.0.6045.160\Installer\chrmstp.exe --configure-user-settings --verbose-logging --system-level --channel=stable (sign: 'Google LLC')
O4 - HKCU\..\Run: [Discord] = C:\Users\doguk\AppData\Local\Discord\Update.exe --processStart Discord.exe (sign: 'Discord Inc.')
O4 - HKCU\..\Run: [EnlistedLauncher] = C:\Users\doguk\AppData\Local\Enlisted\launcher.exe (sign: 'Gaijin Network Ltd')
O4 - HKCU\..\Run: [kpm.exe] = C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 23.2\kpm.exe autoStart (sign: 'AO Kaspersky Lab')
O4 - HKCU\..\StartupApproved\Run: [CCleaner Smart Cleaning] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR (2023/11/26) (sign: 'PIRIFORM SOFTWARE LIMITED')
O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent -launchcontext=boot (sign: 'Epic Games Inc.')
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_5367AD2360CD75088E44BA6407378E06] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start /prefetch:5 (sign: 'Microsoft')
O4 - HKCU\..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2023/11/16) (sign: 'Valve Corp.')
O4 - HKLM\..\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] = C:\Program Files\COMODO\COMODO Internet Security\cis.exe --cistrayUI (sign: 'Comodo Security Solutions, Inc.')
O4 - HKU\S-1-5-19\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'Local service') (sign: 'Microsoft')
O4 - HKU\S-1-5-20\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'Network service') (sign: 'Microsoft')
O17 - DHCP DNS 1: 156.154.70.25
O17 - DHCP DNS 2: 156.154.71.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{78e4b3fc-f3c7-4b33-bc9a-4a244ff41325}: [NameServer] = 156.154.70.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{78e4b3fc-f3c7-4b33-bc9a-4a244ff41325}: [NameServer] = 156.154.71.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{c95e19dc-15ce-4eb4-aba2-0ae0a5eea7e4}: [NameServer] = 156.154.70.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{c95e19dc-15ce-4eb4-aba2-0ae0a5eea7e4}: [NameServer] = 156.154.71.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{ea1b626e-cb10-4b6f-87c7-e52a47ecf8c3}: [NameServer] = 198.51.100.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{ea1b626e-cb10-4b6f-87c7-e52a47ecf8c3}: [NameServer] = 198.51.100.2
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O22 - Task (.job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\Windows\explorer.exe (sign: 'Microsoft')
O22 - Task (.job): (Not scheduled) CCleanerCrashReporting.job - C:\Program Files\CCleaner\CCleanerBugReport.exe (sign: 'PIRIFORM SOFTWARE LIMITED')
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (user missing) (sign: 'Microsoft')
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (user missing) (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\MdmDiagnosticsCleanup - C:\Windows\system32\MdmDiagnosticsTool.exe /clean (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Shell\ThemeAssetTask_SyncFODState - {3BC5DD7D-EA3B-428C-B9B6-0723DB6A1057} - C:\Windows\System32\Windows.UI.Immersive.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\WaaSMedic\MaintenanceWork - {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32},MaintenanceWork - C:\Windows\System32\WaaSMedicSvc.dll (sign: 'Microsoft')
O22 - Tasks: (telemetry) \COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} - C:\Program Files\COMODO\COMODO Internet Security\cis.exe --telemetry (sign: 'Comodo Security Solutions, Inc.')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\sc.exe start InventorySvc (sign: '')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\SdbinstMergeDbTask - C:\Windows\system32\sdbinst.exe -mm (sign: 'Microsoft')
O22 - Tasks: (telemetry) NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe (sign: 'NVIDIA Corporation')
O22 - Tasks: (telemetry) NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe (sign: 'NVIDIA Corporation')
O22 - Tasks: (telemetry) NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe (sign: 'NVIDIA Corporation')
O22 - Tasks: (telemetry) NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe (sign: 'NVIDIA Corporation')
O22 - Tasks: \ASUS\AcPowerNotification - C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe (sign: 'ASUSTeK COMPUTER INC.')
O22 - Tasks: \ASUS\ArmourySocketServer - C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (sign: 'ASUSTeK COMPUTER INC.')
O22 - Tasks: \ASUS\ASUSUpdateTaskMachineCore1da187ea61f54e2 - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe /c (sign: 'ASUSTeK COMPUTER INC.')
O22 - Tasks: \ASUS\ASUSUpdateTaskMachineUA - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe /ua /installsource scheduler (sign: 'ASUSTeK COMPUTER INC.')
O22 - Tasks: \ASUS\Framework Service - C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe --delay (sign: 'ASUSTeK COMPUTER INC.')
O22 - Tasks: \ASUS\NoiseCancelingEngine - C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe (sign: 'ASUSTeK COMPUTER INC.')
O22 - Tasks: \ASUS\P508PowerAgent_sdk - C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (file missing)
O22 - Tasks: \COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} - C:\Program Files\COMODO\COMODO Internet Security\cis.exe --cistrayUI (sign: 'Comodo Security Solutions, Inc.')
O22 - Tasks: \COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} - C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {06A09C0F-DD9C-4191-A670-71115CD78627} (sign: 'Comodo Security Solutions, Inc')
O22 - Tasks: \COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} - C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {947247B5-026A-4437-9371-770782BE839D} (sign: 'Comodo Security Solutions, Inc')
O22 - Tasks: \COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} - C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {F140D794-60B6-4F00-9235-D6457AA25B22} (sign: 'Comodo Security Solutions, Inc')
O22 - Tasks: \COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} - C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} (sign: 'Comodo Security Solutions, Inc')
O22 - Tasks: \COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} - C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {A6D52E4F-569B-4756-B3D8-DF217313DA85} (sign: 'Comodo Security Solutions, Inc')
O22 - Tasks: \Microsoft\Windows\AppListBackup\BackupNonMaintenance - {E0DCC2CC-3354-45F2-8914-519E07809082} - C:\Windows\system32\AppListBackupLauncher.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\AppxDeploymentClient\UCPD velocity - C:\Windows\system32\UCPDMgr.exe (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\CloudRestore\Backup - {722D0F89-B69C-4700-AE8C-4A44350E4876},$(Arg0) - C:\Windows\System32\CloudRestoreLauncher.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\ConsentUX\UnifiedConsent\UnifiedConsentSyncTask - {82aa0895-198a-4c1b-b2d1-c16894218afb} - C:\Windows\System32\unifiedconsent.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Input\InputSettingsRestoreDataAvailable - {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA},InputSettingsRestoreDataAvailable - C:\Windows\System32\InputCloudStore.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Input\syncpensettings - {3ECEE215-83F5-4123-A592-74F1FE4C3D59},SYNC_PEN_SETTINGS - C:\Windows\System32\SettingsHandlers_Pen.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\InstallService\RestoreDevice - {7F019157-05C8-473F-8664-2BA04A090DC8} - C:\Windows\System32\InstallServiceTasks.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\Windows\system32\MusNotification.exe (file missing)
O22 - Tasks: CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe (sign: 'PIRIFORM SOFTWARE LIMITED')
O22 - Tasks: CCleanerCrashReporting - C:\Program Files\CCleaner\CCleanerBugReport.exe --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "4bd360ea-85fb-4f23-9df1-b2a09a03ed38" --version "6.18.10838" --silent (sign: 'PIRIFORM SOFTWARE LIMITED')
O22 - Tasks: CCleanerSkipUAC - doguk - C:\Program Files\CCleaner\CCleaner.exe $(Arg0) (sign: 'PIRIFORM SOFTWARE LIMITED')
O22 - Tasks: EOSv3 Scheduler onLogOn - C:\Users\doguk\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe LOGON (sign: 'ESET, spol. s r.o.')
O22 - Tasks: EOSv3 Scheduler onTime - C:\Users\doguk\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe SCHED (sign: 'ESET, spol. s r.o.')
O22 - Tasks: GoogleUpdateTaskMachineCore{DCC51E82-656C-4457-94C2-E5504ED205CF} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c (sign: 'Google LLC')
O22 - Tasks: GoogleUpdateTaskMachineUA{D2BB7FB6-8625-4125-BF63-48BB3778D94F} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler (sign: 'Google LLC')
O22 - Tasks: Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} - C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe /waitUpgrade (sign: 'AO Kaspersky Lab')
O22 - Tasks: NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log (sign: 'NVIDIA Corporation')
O22 - Tasks: NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (sign: 'NVIDIA Corporation')
O22 - Tasks: NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler (sign: 'NVIDIA Corporation')
O22 - Tasks: NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (sign: 'NVIDIA Corporation')
O22 - Tasks: NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (sign: 'NVIDIA Corporation')
O23 - Service R2: ARMOURY CRATE Service - (ArmouryCrateService) - C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service R2: ASUS AURA SYNC lighting service - (LightingService) - C:\Program Files (x86)\LightingService\LightingService.exe (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service R2: Asus Certificate Service - (AsusCertService) - C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service R2: ASUS Com Service - (asComSvc) - C:\Program Files (x86)\ASUS\AXSP\4.02.27\atkexComSvc.exe (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service R2: AsusFanControlService - C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.20\AsusFanControlService.exe (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service R2: COMODO Internet Security Helper Service - (CmdAgent) - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (sign: 'Comodo Security Solutions, Inc.')
O23 - Service R2: COMODO Internet Security Protected Helper Service - (CmdAgentProt) - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe /ProtectedSvc (sign: 'Comodo Security Solutions, Inc.')
O23 - Service R2: GameSDK Service - C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service R2: Kaspersky Hizmeti 21.15 - (AVP21.15) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.15\avp.exe -r (sign: 'Kaspersky Lab JSC')
O23 - Service R2: Kaspersky Password Manager 23.2 Service - (kpm_service_23.2) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 23.2\kpm_service.exe (sign: 'AO Kaspersky Lab')
O23 - Service R2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (sign: 'Microsoft') (+safe mode)
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1fea8972dc2f0a69\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1fea8972dc2f0a69\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem /ert (sign: 'Microsoft')
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" (sign: 'NVIDIA Corporation')
O23 - Service R2: ROG Live Service - C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service S2: ASUS Güncelleme Hizmeti (asus) - (asus) - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe /svc (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service S2: AsusUpdateCheck - C:\Windows\System32\AsusUpdateCheck.exe (sign: 'ASUSTeK Computer Inc.')
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc (sign: 'Google LLC')
O23 - Service S2: Kaspersky VPN Secure Connection Hizmeti 5.15 - (KSDE5.15) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.15\ksde.exe -r (sign: 'Kaspersky Lab JSC')
O23 - Service S2: Microsoft Edge Update Service (edgeupdate) - (edgeupdate) - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /svc (sign: 'Microsoft')
O23 - Service S3: ASUS Güncelleme Hizmeti (asusm) - (asusm) - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe /medsvc (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service S3: CCleaner Performance Optimizer Service - (CCleanerPerformanceOptimizerService) - C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe (sign: 'PIRIFORM SOFTWARE LIMITED')
O23 - Service S3: COMODO Virtual Service Manager - (cmdvirth) - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe (sign: 'Comodo Security Solutions, Inc.')
O23 - Service S3: Easy Anti-Cheat (Epic Online Services) - (EasyAntiCheat_EOS) - C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe (sign: 'EasyAntiCheat Oy')
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe (sign: 'EasyAntiCheat Oy')
O23 - Service S3: Epic Online Services - (EpicOnlineServices) - C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe (sign: 'Epic Games Inc.')
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\119.0.6045.160\elevation_service.exe (sign: 'Google LLC')
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc (sign: 'Google LLC')
O23 - Service S3: Kaspersky Volume Shadow Copy Service Bridge 21.15 - (klvssbridge64_21.15) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.15\x64\vssbridge64.exe (sign: 'AO Kaspersky Lab')
O23 - Service S3: Microsoft Edge Update Service (edgeupdatem) - (edgeupdatem) - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /medsvc (sign: 'Microsoft')
O23 - Service S3: NVIDIA FrameView SDK service - (FvSvc) - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe -service (sign: 'NVIDIA Corporation')
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService (sign: 'Valve Corp.')
O23 - Driver R: ASUS Kernel Mode Driver for NT - C:\Windows\system32\drivers\IOMap64.sys (sign: 'ASUSTeK COMPUTER INC.')
O23 - Driver R0: AMD PSP Service - (amdpsp) - C:\Windows\System32\drivers\amdpsp.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R0: AO Kaspersky Lab Cryptographic Module x64 (56 bit) - (cm_km) - C:\Windows\system32\DRIVERS\cm_km.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R0: klupd_K4W-21-15_arkmon - C:\Windows\System32\Drivers\klupd_K4W-21-15_arkmon.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R0: klupd_K4W-21-15_klbg - C:\Windows\System32\Drivers\klupd_K4W-21-15_klbg.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Asusgio3 - C:\Windows\system32\drivers\AsIO3.sys (sign: 'ASUSTeK COMPUTER INC.')
O23 - Driver R1: COMODO Internet Security Eradication Driver - (cmderd) - C:\Windows\System32\DRIVERS\cmderd.sys (+safe mode) (sign: 'Comodo Security Solutions, Inc.')
O23 - Driver R1: COMODO Internet Security Firewall Driver - (inspect) - C:\Windows\system32\DRIVERS\inspect.sys (+safe mode) (sign: 'Comodo Security Solutions, Inc.')
O23 - Driver R1: COMODO Internet Security Helper Driver - (cmdhlp) - C:\Windows\system32\DRIVERS\cmdhlp.sys (+safe mode) (sign: 'Comodo Security Solutions, Inc.')
O23 - Driver R1: COMODO Internet Security Sandbox Driver - (cmdGuard) - C:\Windows\system32\DRIVERS\cmdguard.sys (sign: 'Comodo Security Solutions, Inc.')
O23 - Driver R1: CTIAIO - C:\Windows\system32\drivers\CtiAIo64.sys (sign: 'Microsoft' - Creative Technology Innovation Co., LTd.)
O23 - Driver R1: Kaspersky Anti-Virus NDIS 6 Filter - (klim6) - C:\Windows\system32\DRIVERS\klim6.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab Driver.K4W-21-15 - (KLIF.K4W-21-15) - C:\Windows\system32\DRIVERS\K4W-21-15\klif.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab format recognizer driver.K4W-21-15 - (klpd.K4W-21-15) - C:\Windows\system32\DRIVERS\K4W-21-15\klpd.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab Kernel DLL.K4W-21-15 - (klflt.K4W-21-15) - C:\Windows\system32\DRIVERS\K4W-21-15\klflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab klbackupdisk.K4W-21-15 - (klbackupdisk.K4W-21-15) - C:\Windows\system32\DRIVERS\K4W-21-15\klbackupdisk.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab klbackupflt.K4W-21-15 - (klbackupflt.K4W-21-15) - C:\Windows\system32\DRIVERS\K4W-21-15\klbackupflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab KLKBDFLT.K4W-21-15 - (klkbdflt.K4W-21-15) - C:\Windows\system32\DRIVERS\K4W-21-15\klkbdflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab klpnpflt.K4W-21-15 - (klpnpflt.K4W-21-15) - C:\Windows\system32\DRIVERS\K4W-21-15\klpnpflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab Security Extender Driver.K4W-21-15 - (klgse.K4W-21-15) - C:\Windows\system32\DRIVERS\K4W-21-15\klgse.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab service driver.K4W-21-15 - (klhk.K4W-21-15) - C:\Windows\system32\DRIVERS\K4W-21-15\klhk.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: kldisk.K4W-21-15 - C:\Windows\system32\DRIVERS\K4W-21-15\kldisk.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: klwfp.K4W-21-15 - C:\Windows\system32\DRIVERS\K4W-21-15\klwfp.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: klwtp.K4W-21-15 - C:\Windows\system32\DRIVERS\K4W-21-15\klwtp.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: kneps.K4W-21-15 - C:\Windows\system32\DRIVERS\K4W-21-15\kneps.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: MSIO - C:\Windows\system32\drivers\MsIo64.sys (sign: 'Microsoft' - MICSYS Technology Co., LTd)
O23 - Driver R2: MBAMChameleon - C:\Windows\System32\Drivers\MbamChameleon.sys (sign: 'Microsoft' - Malwarebytes)
O23 - Driver R3: ___ Windows 10 64 Bit için Intel(R) Wireless Bağdaştırıcı Sürücüsü - (Netwtw10) - C:\Windows\System32\drivers\Netwtw10.sys (+safe mode) (sign: 'Intel Corporation')
O23 - Driver R3: AMD GPIO Client Driver - (amdgpio2) - C:\Windows\System32\drivers\amdgpio2.sys (sign: 'Advanced Micro Devices INC.')
O23 - Driver R3: AMD GPIO Client Driver - (amdgpio3) - C:\Windows\System32\drivers\amdgpio3.sys (sign: 'ASMedia Technology Inc.')
O23 - Driver R3: AMD PCI - (AMDPCIDev) - C:\Windows\System32\drivers\AMDPCIDev.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R3: Intel(R) Wireless Bluetooth(R) - (ibtusb) - C:\Windows\System32\DriverStore\FileRepository\ibtusb.inf_amd64_4f7e1b9cd53fcb37\ibtusb.sys (+safe mode) (sign: 'Intel Corporation')
O23 - Driver R3: Kaspersky Lab KLMOUFLT.K4W-21-15 - (klmouflt.K4W-21-15) - C:\Windows\system32\DRIVERS\K4W-21-15\klmouflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R3: Kaspersky VPN - (kltun) - C:\Windows\system32\DRIVERS\kltun.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R3: klids.K4W-21-15 - C:\ProgramData\Kaspersky Lab\AVP21.15\Bases\klids.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R3: klupd_K4W-21-15_klark - C:\Windows\System32\Drivers\klupd_K4W-21-15_klark.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R3: klupd_K4W-21-15_mark - C:\Windows\System32\Drivers\klupd_K4W-21-15_mark.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R3: MBAMSwissArmy - C:\Windows\System32\Drivers\mbamswissarmy.sys (sign: 'Microsoft' - Malwarebytes)
O23 - Driver R3: MBAMWebProtection - C:\Windows\system32\DRIVERS\mwac.sys (sign: 'Malwarebytes Inc.')
O23 - Driver R3: NVIDIA Virtual Audio Device (Wave Extensible) (WDM) - (nvvad_WaveExtensible) - C:\Windows\system32\drivers\nvvad64v.sys (sign: 'Nvidia Corporation')
O23 - Driver R3: nvlddmkm - C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1fea8972dc2f0a69\nvlddmkm.sys (sign: 'NVIDIA Corporation')
O23 - Driver R3: NvModuleTracker - C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys (sign: 'Nvidia Corporation')
O23 - Driver R3: NVVHCI Enumerator Service - (nvvhci) - C:\Windows\System32\drivers\nvvhci.sys (sign: 'Nvidia Corporation')
O23 - Driver R3: Realtek RT640 NT Driver - (rt640x64) - C:\Windows\System32\drivers\rt640x64.sys (+safe mode) (sign: 'Realtek Semiconductor Corp.')
O23 - Driver R3: Service for NVIDIA High Definition Audio Driver - (NVHDA) - C:\Windows\system32\drivers\nvhda64v.sys (sign: 'Nvidia Corporation')
O23 - Driver S1: epp - C:\EEK\bin64\epp.sys (file missing)
O23 - Driver S3: cpuz158 - C:\Windows\temp\cpuz158\cpuz158_x64.sys (file missing)
O23 - Driver S3: Intel(R) Serial IO GPIO Controller Driver - (iaLPSSi_GPIO) - C:\Windows\System32\drivers\iaLPSSi_GPIO.sys (sign: 'Intel Corporation - Client Components Group')
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'inspect'.
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'klim6'.
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'kltun'.
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'klwfp.K4W-21-15'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'klwtp.K4W-21-15'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'Netwtw10'.
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'rt640x64'.

--
End of file - Time spent: 21 sec. - 67716 bytes, CRC32: FFFFFFFF. Sign: 쫕†

4 hafta önce bilgisayarıma RAT virüsü bulaştı ve temiz bir kurulum yaptım fakat kurulumdan sonra bazı programlar düzgün çalışmıyor, örneğin dün gece Discord kendini kapattı 2 defa durduk yere bugün oyunda crash yedim bir sorun var mı inceler misiniz lütfen? Şimdiden çok teşekkür ederim.
 
4 hafta önce bilgisayarıma RAT virüsü bulaştı ve temiz bir kurulum yaptım fakat kurulumdan sonra bazı programlar düzgün çalışmıyor, örneğin dün gece Discord kendini kapattı 2 defa durduk yere bugün oyunda crash yedim bir sorun var mı inceler misiniz lütfen? Şimdiden çok teşekkür ederim.
Bu kadar güvenlik yazılımı yüklerseniz herşey olur :D Sistemde zararlı yok gereksiz güvenlik yazılımı mevcut. Kaspersky ücretli kullanıyorsan tüm diğer güvenlik araç ve yazılımlarını kaldırıp silin.
 
Bu kadar güvenlik yazılımı yüklerseniz her şey olur :D sistemde zararlı yok gereksiz güvenlik yazılımı mevcut. Kaspersky ücretli kullanıyorsan tüm diğer güvenlik araç ve yazılımlarını kaldırıp silin.

Kaspersky Premium kullanıyorum dediğinizi şu an yapıyorum sadece Comodo Firewall ve Kaspersky kullanacağım değerli görüşleriniz için teşekkür ederim.
 
Merhaba birkaç gündür sistemimde malware olduğunu düşünüyorum ekstradan performans da azalmalar oldu birkaç antivirüs uygulaması ile tarama yapıp virüsleri silsem de Windows Defender virüs olduğunu söylüyor ve bunları silemiyorum bütün adımları tamamladım ama eski sürümü indirdim eğer bir sıkıntı olacaksa yeni sürümü indiririm log link aşağıda teşekkürler.
Log

Merhaba birkaç gündür sistemimde malware olduğunu düşünüyorum ekstradan performans da azalmalar oldu birkaç antivirüs uygulaması ile tarama yapıp virüsleri silsem de Windows Defender virüs olduğunu söylüyor ve bunları silemiyorum bütün adımları tamamladım ama eski sürümü indirdim eğer bir sıkıntı olacaksa yeni sürümü indiririm log link aşağıda teşekkürler.
Log

yeni Log Malwarebytes'i silmiştim o yüzden yeni log koyuyorum.
 
Son düzenleme:
yeni Log Malwarebytes'i silmiştim o yüzden yeni log koyuyorum.
İOBİT ürünlerini tavsiye etmiyoruz.
Bunu fixleyin:

Kod:
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations] = C:\Users\umutv\AppData\Local\Temp\F606B0BD-9525-11EE-9B4C-B42E99C02A15 -> DELETE (file missing)

Bu klasör içini temizleyin:
C:\Users\umutv\AppData\Local\Temp

Bunları VT ile kontrol edin sorun yoksa bir işlem yapmaya gerek yok.
C:\Windows\System32\drivers\bthmodem.sys
C:\Windows\System32\drivers\BthA2dp.sys
C:\Windows\System32\drivers\bthhfenum.sys
 
Merhabalar, bazen PC anormalleşiyor. Şöyle ki, durduk yere açılırken kasmalar yapıyor. Sanki CPU %99'lardaymış gibi. Lakin öyle bir durum söz konusu değil. Ara ara GPU peekleme yapıyordu. Önce Windows'da aradık sorunu bulamadık, sonra Nvıdıa karttın sürücüsüdür dedik bir şey çıkmadı. Sonra kendi kendine düzeldi ama yine ara ara yapıyor bunu. Acaba virüs falan mıdır diye şansımı deneyim dedim. Defenderı ben kapadım bu arada, Kaspersky var sürekli. Dayatmalardan nefret ederim.
Kod:
Logfile of HijackThis+ build 2023-12-15 Alpha v.3.3.0.9

Platform:  x64 Windows 10 (Pro), 10.0.19045.3693 (ReleaseId: 2009, 22H2), Service Pack: 0
Time:      16.12.2023 - 22:07 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Memory:    13774 MiB Free. Loading RAM (17 %), CPU (0 %)
Elevated:  Yes
Ran by:    TrigoteryX    (group: Administrators; type: Local) on E-8, FirstRun: yes

Chrome:  120.0.6099.110
Internet Explorer: 11.3636.19041.0
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal (Secure Boot: Off) (Code Integrity: On)

Running processes:
Number | Path
   1  C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
   1  C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe
   1  C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe
   1  C:\Program Files (x86)\Internet Download Manager\IDMan.exe
   7  C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
   1  C:\Program Files (x86)\TxGameAssistant\AppMarket\QMEmulatorService.exe
   1  C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
   2  C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
   1  C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2349.2.0_x64__cv1g1gvanyjgm\WhatsApp.exe
   1  C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2307.4.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
   1  C:\Users\TrigoteryX\Desktop\HiJackThis\HiJackThis.exe
   2  C:\Windows\explorer.exe
   1  C:\Windows\ImmersiveControlPanel\SystemSettings.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   1  C:\Windows\System32\audiodg.exe
   2  C:\Windows\System32\backgroundTaskHost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dasHost.exe
   1  C:\Windows\System32\dllhost.exe
   2  C:\Windows\System32\DriverStore\FileRepository\nvrfi.inf_amd64_1c10d14458c9dd59\Display.NvContainer\NVDisplay.Container.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\LsaIso.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\oobe\UserOOBEBroker.exe
   1  C:\Windows\System32\rundll32.exe
   6  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smss.exe
  67  C:\Windows\System32\svchost.exe
   2  C:\Windows\System32\taskhostw.exe
   3  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
   1  C:\Windows\SysWOW64\CtHdaSvc.exe
   1  C:\Windows\SysWOW64\dllhost.exe
   1  MemCompression
   1  Registry
   1  Secure System

O1 - Hosts: is empty
O1 - Hosts.ICS: 0.0.0.0 www.nyrexscript.com
O1 - Hosts.ICS: 0.0.0.0 nyrexscript.com
O1 - Hosts.ICS: 0.0.0.0 apathe.net
O1 - Hosts.ICS: 0.0.0.0 www.apathe.net
O1 - Hosts.ICS: 0.0.0.0 www.cheatglobal.com
O1 - Hosts.ICS: 0.0.0.0 cheatglobal.com
O1 - Hosts.ICS: 0.0.0.0 www.cheatglobal.net
O1 - Hosts.ICS: 0.0.0.0 cheatglobal.net
O1 - Hosts.ICS: 0.0.0.0 www.cheatglobal.org
O1 - Hosts.ICS: 0.0.0.0 cheatglobal.org
O1 - Hosts.ICS: 0.0.0.0 www.cheatglobal.com
O1 - Hosts.ICS: 0.0.0.0 cheatglobal.com
O1 - Hosts.ICS: 0.0.0.0 www.metin2bot.com
O1 - Hosts.ICS: 0.0.0.0 metin2bot.com
O1 - Hosts.ICS: 0.0.0.0 www.metin2bot.org
O1 - Hosts.ICS: 0.0.0.0 metin2bot.org
O1 - Hosts.ICS: 0.0.0.0 www.metin2bot.net
O1 - Hosts.ICS: 0.0.0.0 metin2bot.net
O1 - Hosts.ICS: 0.0.0.0 www.dreamfancy.com
O1 - Hosts.ICS: 0.0.0.0 dreamfancy.com
O1 - Hosts.ICS: 0.0.0.0 www.dreamfancy.org
O1 - Hosts.ICS: 0.0.0.0 dreamfancy.org
O1 - Hosts.ICS: 0.0.0.0 www.dreamfancy.net
O1 - Hosts.ICS: 0.0.0.0 dreamfancy.net
O1 - Hosts.ICS: 0.0.0.0 www.realitycheats.com
O1 - Hosts.ICS: 0.0.0.0 realitycheats.com
O1 - Hosts.ICS: 0.0.0.0 www.realitycheats.org
O1 - Hosts.ICS: 0.0.0.0 realitycheats.org
O1 - Hosts.ICS: 0.0.0.0 www.realitycheats.net
O1 - Hosts.ICS: 0.0.0.0 realitycheats.net
O1 - Hosts.ICS: 0.0.0.0 www.realui.com
O1 - Hosts.ICS: 0.0.0.0 realui.com
O1 - Hosts.ICS: 0.0.0.0 www.realui.org
O1 - Hosts.ICS: 0.0.0.0 realui.org
O1 - Hosts.ICS: 0.0.0.0 www.realui.net
O1 - Hosts.ICS: 0.0.0.0 realui.net
O1 - Hosts.ICS: 0.0.0.0 realui.app
O1 - Hosts.ICS: 0.0.0.0 www.help.realui.com
O1 - Hosts.ICS: 0.0.0.0 help.realui.com
O1 - Hosts.ICS: 0.0.0.0 www.help.realui.org
O1 - Hosts.ICS: 0.0.0.0 help.realui.org
O1 - Hosts.ICS: 0.0.0.0 www.help.realui.net
O1 - Hosts.ICS: 0.0.0.0 help.realui.net
O1 - Hosts.ICS: 0.0.0.0 www.linkisalt.net
O1 - Hosts.ICS: 0.0.0.0 linkisalt.net
O1 - Hosts.ICS: 0.0.0.0 www.artecheats.com
O1 - Hosts.ICS: 0.0.0.0 artecheats.com
O1 - Hosts.ICS: 0.0.0.0 www.artecheats.org
O1 - Hosts.ICS: 0.0.0.0 artecheats.org
O1 - Hosts.ICS: 0.0.0.0 www.artecheats.net
O1 - Hosts.ICS: 0.0.0.0 artecheats.net
O1 - Hosts.ICS: 0.0.0.0 www.samcheats.com
O1 - Hosts.ICS: 0.0.0.0 samcheats.com
O1 - Hosts.ICS: 0.0.0.0 www.samcheats.org
O1 - Hosts.ICS: 0.0.0.0 samcheats.org
O1 - Hosts.ICS: 0.0.0.0 www.samcheats.net
O1 - Hosts.ICS: 0.0.0.0 samcheats.net
O1 - Hosts.ICS: 0.0.0.0 leaguehell.net
O1 - Hosts.ICS: 0.0.0.0 www.leaguehell.net
O1 - Hosts.ICS: 0.0.0.0 leaguehell.com
O1 - Hosts.ICS: 0.0.0.0 www.leaguehell.com
O1 - Hosts.ICS: 0.0.0.0 leaguehell.org
O1 - Hosts.ICS: 0.0.0.0 www.leaguehell.org
O1 - Hosts.ICS: 0.0.0.0 www.legendarycheats.net
O1 - Hosts.ICS: 0.0.0.0 www.legendarycheats.org
O1 - Hosts.ICS: 0.0.0.0 legendarycheats.net
O1 - Hosts.ICS: 0.0.0.0 legendarycheats.org
O1 - Hosts.ICS: 0.0.0.0 legendarycheats.org
O1 - Hosts.ICS: 0.0.0.0 8code.org
O1 - Hosts.ICS: 0.0.0.0 www.8code.org
O1 - Hosts.ICS: 185.199.110.133 raw.githubusercontent.com
O2 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (sign: 'Tonec Inc.')
O2-32 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (sign: 'Tonec Inc.')
O4 - ActiveSetup: HKLM\..\{8A69D345-D564-463c-AFF1-A69D9E530F96}: [StubPath] = C:\Program Files\Google\Chrome\Application\120.0.6099.110\Installer\chrmstp.exe --configure-user-settings --verbose-logging --system-level --channel=stable (sign: 'Google LLC')
O4 - HKCU\..\StartupApproved\Run: [IDMan] = C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot (2023/12/16) (not signed - Tonec Inc. - F575BA8062DEBCFEBA0D131D6A7050E4F7C03578)
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\Windows\system32\SecurityHealthSystray.exe (sign: 'Microsoft')
O4-32 - HKLM\..\Run: [CORSAIR iCUE Software] = C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe --autorun (sign: 'Corsair Memory, Inc.')
O4-32 - HKLM\..\Run: [Sound Blaster Z-Series Control Panel] = C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe /r (not signed - Creative Technology Ltd - 6611EA37F6032ECF03E42D2A95584F5FF72112E5)
O7 - Policy: (UAC) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System: [ConsentPromptBehaviorAdmin] = 0
O7 - Policy: (UAC) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System: [PromptOnSecureDesktop] = 0
O7 - Policy: HKLM\Software\Microsoft\Windows Defender: [DisableAntiSpyware] = 1
O7 - Policy: HKLM\Software\Microsoft\Windows Defender: [DisableAntiVirus] = 1
O7 - Policy: HKLM\Software\Microsoft\Windows Defender\Features: [TamperProtection] = 4
O7 - Policy: HKLM\Software\Microsoft\Windows Defender\Real-Time Protection: [DisableRealtimeMonitoring] = 1
O7 - Policy: HKLM\Software\Policies\Microsoft\Windows Defender: [DisableAntiSpyware] = 1
O7 - Policy: HKLM\Software\Policies\Microsoft\Windows Defender: [DisableAntiVirus] = 1
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\IDM ile indir: (default) = C:\Program Files (x86)\Internet Download Manager\IEExt.htm (not signed - no company - 1A49C5F7A98580F8002AC1D6115AB39CB753975B)
O17 - DHCP DNS 1: 1.1.1.1 (Well-known DNS: Cloudflare / APNIC)
O17 - DHCP DNS 2: 8.8.8.8 (Well-known DNS: Google)
O17 - DHCP DNS 3: 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{012bb528-e4f4-4bb9-9489-f103c572e481}: [NameServer] = 1.1.1.1 (Well-known DNS: Cloudflare / APNIC)
O17 - HKLM\System\CCS\Services\Tcpip\..\{012bb528-e4f4-4bb9-9489-f103c572e481}: [NameServer] = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{012bb528-e4f4-4bb9-9489-f103c572e481}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{94000629-0c20-4a6b-a515-d502c1c27514}: [NameServer] = 1.1.1.1 (Well-known DNS: Cloudflare / APNIC)
O17 - HKLM\System\CCS\Services\Tcpip\..\{94000629-0c20-4a6b-a515-d502c1c27514}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{ec69ef23-67e7-4a64-80a8-370ab4f08130}: [NameServer] = 1.1.1.1 (Well-known DNS: Cloudflare / APNIC)
O17 - HKLM\System\CCS\Services\Tcpip\..\{ec69ef23-67e7-4a64-80a8-370ab4f08130}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{012BB528-E4F4-4BB9-9489-F103C572E481}: [NameServer] = 1.1.1.1 (Well-known DNS: Cloudflare / APNIC)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{012BB528-E4F4-4BB9-9489-F103C572E481}: [NameServer] = 192.168.1.1
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{012BB528-E4F4-4BB9-9489-F103C572E481}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{94000629-0C20-4A6B-A515-D502C1C27514}: [NameServer] = 1.1.1.1 (Well-known DNS: Cloudflare / APNIC)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{94000629-0C20-4A6B-A515-D502C1C27514}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{EC69EF23-67E7-4A64-80A8-370AB4F08130}: [NameServer] = 1.1.1.1 (Well-known DNS: Cloudflare / APNIC)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{EC69EF23-67E7-4A64-80A8-370AB4F08130}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O20 - HKLM\..\Winlogon\Notify\DfLogon: [DllName] = LogonDll.dll (file missing)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll (sign: 'Tonec Inc.')
O22 - Task (.job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\Windows\explorer.exe (sign: 'Microsoft')
O22 - Task (.job): update-S-1-5-21-4065357961-3247176416-3173248710-1001.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe (sign: 'OOO Lightshot')
O22 - Task (.job): update-sys.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe (sign: 'OOO Lightshot')
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (user missing) (sign: 'Microsoft')
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (user missing) (sign: 'Microsoft')
O22 - Tasks: (disabled) (telemetry) \Microsoft\Office\OfficeTelemetryAgentFallBack2016 - C:\Program Files\Microsoft Office\root\Office16\msoia.exe scan upload mininterval:2880 (sign: 'Microsoft')
O22 - Tasks: (disabled) (telemetry) \Microsoft\Office\OfficeTelemetryAgentLogOn2016 - C:\Program Files\Microsoft Office\root\Office16\msoia.exe scan upload (sign: 'Microsoft')
O22 - Tasks: (disabled) (telemetry) NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe (sign: 'NVIDIA Corporation')
O22 - Tasks: (disabled) (telemetry) NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe (sign: 'NVIDIA Corporation')
O22 - Tasks: (disabled) (telemetry) NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe (sign: 'NVIDIA Corporation')
O22 - Tasks: (disabled) (telemetry) NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe (sign: 'NVIDIA Corporation')
O22 - Tasks: (disabled) \Microsoft\Office\OfficeOsfInstaller - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\osfinstaller.exe (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\Windows\system32\fclip.exe (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (sign: 'Microsoft')
O22 - Tasks: (disabled) \WiseCleaner\WRCSkipUAC - C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe $UAC (sign: 'Lespeed Technology Co., Ltd')
O22 - Tasks: (disabled) AVeeScreenRecorder_UpdateSchedule - C:\Program Files (x86)\AVeeSoft LLC\AVee Screen Recorder\AVeeScreenRecorder.exe updsch (sign: 'Vandana Gupta')
O22 - Tasks: (disabled) Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} - C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe /waitUpgrade (sign: 'Kaspersky Lab JSC')
O22 - Tasks: (disabled) klcp_update - C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe /verysilent /update /freq=7 (not signed - no company - 745559FF74A560957B438DBD3287D1054A76B68B)
O22 - Tasks: (disabled) NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log (sign: 'NVIDIA Corporation')
O22 - Tasks: (disabled) NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (sign: 'NVIDIA Corporation')
O22 - Tasks: (disabled) NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler (sign: 'NVIDIA Corporation')
O22 - Tasks: (disabled) NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (sign: 'NVIDIA Corporation')
O22 - Tasks: (disabled) NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (sign: 'NVIDIA Corporation')
O22 - Tasks: (disabled) OneDrive Reporting Task-S-1-5-21-4065357961-3247176416-3173248710-1001 - C:\Users\TrigoteryX\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (file missing)
O22 - Tasks: (disabled) Opera scheduled Autoupdate 1701613163 - C:\Users\TrigoteryX\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (sign: 'Opera Norway AS')
O22 - Tasks: (disabled) update-S-1-5-21-4065357961-3247176416-3173248710-1001 - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate (sign: 'OOO Lightshot')
O22 - Tasks: (disabled) update-sys - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate (sign: 'OOO Lightshot')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\AppListBackup\BackupNonMaintenance - {E0DCC2CC-3354-45F2-8914-519E07809082} - C:\Windows\system32\AppListBackupLauncher.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\CloudRestore\Backup - {722D0F89-B69C-4700-AE8C-4A44350E4876},$(Arg0) - C:\Windows\System32\CloudRestoreLauncher.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\ConsentUX\UnifiedConsent\UnifiedConsentSyncTask - {82aa0895-198a-4c1b-b2d1-c16894218afb} - C:\Windows\System32\unifiedconsent.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache - {07369A67-07A6-4608-ABEA-379491CB7C46} - C:\Windows\System32\UpdatePolicy.dll (sign: 'Microsoft')
O22 - Tasks: GoogleUpdateTaskMachineCore{40B67FCA-D5DD-46C4-B0F3-EC866FE1346B} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c (sign: 'Google LLC')
O22 - Tasks: GoogleUpdateTaskMachineUA{9D96DB9E-660A-4ADF-8C05-DC82297EE851} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler (sign: 'Google LLC')
O23 - Service R2: Corsair Service - (CorsairService) - C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe (sign: 'Corsair Memory, Inc.')
O23 - Service R2: Microsoft Office Tıkla-Çalıştır Hizmeti - (ClickToRunSvc) - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe /service (sign: 'Microsoft')
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Windows\System32\DriverStore\FileRepository\nvrfi.inf_amd64_1c10d14458c9dd59\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvrfi.inf_amd64_1c10d14458c9dd59\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem /ert (sign: 'Microsoft')
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" (sign: 'NVIDIA Corporation')
O23 - Service R2: QMEmulatorService - C:\Program Files (x86)\TxGameAssistant\AppMarket\QMEmulatorService.exe (sign: 'Tencent Technology(Shenzhen) Company Limited')
O23 - Service R2: Sound Blaster Audio Service - (CtHdaSvc) - C:\Windows\sysWow64\CtHdaSvc.exe (sign: 'Microsoft')
O23 - Service S2: AsusUpdateCheck - C:\Windows\System32\AsusUpdateCheck.exe (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc (sign: 'Google LLC')
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\120.0.6099.110\elevation_service.exe (sign: 'Google LLC')
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc (sign: 'Google LLC')
O23 - Service S3: Kaspersky Anti-Virus Hizmeti 21.3 - (AVP21.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avp.exe -r (sign: 'Kaspersky Lab JSC')
O23 - Service S3: Kaspersky Volume Shadow Copy Service Bridge 21.3 - (klvssbridge64_21.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\vssbridge64.exe (sign: 'Kaspersky Lab JSC')
O23 - Service S3: NVIDIA FrameView SDK service - (FvSvc) - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe -service (sign: 'NVIDIA Corporation')
O23 - Service S3: Office 64 Source Engine - (ose64) - c:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (sign: 'Microsoft')
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService (sign: 'Valve Corp.')
O23 - Driver R0: AMD PSP Service - (amdpsp) - C:\Windows\System32\drivers\amdpsp.sys (sign: 'Advanced Micro Devices, Inc.')
O23 - Driver R0: AO Kaspersky Lab Cryptographic Module x64 (56 bit) - (cm_km) - C:\Windows\system32\DRIVERS\cm_km.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R0: klupd_klif_arkmon - C:\Windows\System32\Drivers\klupd_klif_arkmon.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R0: klupd_klif_klbg - C:\Windows\System32\Drivers\klupd_klif_klbg.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R0: nldrv - C:\Windows\system32\drivers\nldrv.sys (sign: 'Microsoft' - Locktime Software)
O23 - Driver R1: Kaspersky Anti-Virus NDIS 6 Filter - (klim6) - C:\Windows\system32\DRIVERS\klim6.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab Driver - (KLIF) - C:\Windows\system32\DRIVERS\klif.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab format recognizer driver - (klpd) - C:\Windows\system32\DRIVERS\klpd.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab Kernel DLL - (klflt) - C:\Windows\system32\DRIVERS\klflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab klbackupdisk - (klbackupdisk) - C:\Windows\system32\DRIVERS\klbackupdisk.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab klbackupflt - (klbackupflt) - C:\Windows\system32\DRIVERS\klbackupflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab klpnpflt - (klpnpflt) - C:\Windows\system32\DRIVERS\klpnpflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab Security Extender Driver - (klgse) - C:\Windows\system32\DRIVERS\klgse.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab service driver - (klhk) - C:\Windows\system32\DRIVERS\klhk.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: kldisk - C:\Windows\system32\DRIVERS\kldisk.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: klwfp - C:\Windows\system32\DRIVERS\klwfp.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: KLwtp - WFP callout traffic inspector - (klwtp) - C:\Windows\system32\DRIVERS\klwtp.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: kneps - C:\Windows\system32\DRIVERS\kneps.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R2: aow_drv - C:\Program Files (x86)\TxGameAssistant\UI\3.21.4873.80\aow_drv_x64_ev.sys (sign: 'Tencent Technology(Shenzhen) Company Limited')
O23 - Driver R2: CorsairLLAccess3B84E98236B28D4E075D5737DF9F567A1FB76E8A - C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys (sign: 'Microsoft' - Corsair Memory, Inc.)
O23 - Driver R2: IDMWFP - C:\Windows\System32\drivers\idmwfp.sys (sign: 'Microsoft' - Tonec Inc.)
O23 - Driver R3: AMD GPIO Client Driver - (amdgpio2) - C:\Windows\System32\drivers\amdgpio2.sys (sign: 'Advanced Micro Devices INC.')
O23 - Driver R3: AMD GPIO Client Driver - (amdgpio3) - C:\Windows\System32\drivers\amdgpio3.sys (invalid sign: CERT_E_CHAINING)
O23 - Driver R3: AMD I2C Controller Service - (amdi2c) - C:\Windows\System32\drivers\amdi2c.sys (+safe mode) (sign: 'Advanced Micro Devices INC.')
O23 - Driver R3: AMD PCI - (AMDPCIDev) - C:\Windows\System32\drivers\AMDPCIDev.sys (sign: 'Advanced Micro Devices INC.')
O23 - Driver R3: Corsair Bus - (CorsairVBusDriver) - C:\Windows\System32\drivers\CorsairVBusDriver.sys (sign: 'Microsoft' - Corsair)
O23 - Driver R3: Corsair virtual device - (CorsairVHidDriver) - C:\Windows\System32\drivers\CorsairVHidDriver.sys (sign: 'Microsoft' - Corsair)
O23 - Driver R3: Intel(R) PCI Express Network Connection Driver R - (e2fexpress) - C:\Windows\System32\DriverStore\FileRepository\e2f68.inf_amd64_6f3569c398020b3a\e2f68.sys (+safe mode) (sign: 'Intel Corporation')
O23 - Driver R3: Kaspersky Lab KLKBDFLT - (klkbdflt) - C:\Windows\system32\DRIVERS\klkbdflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R3: Kaspersky Lab KLMOUFLT - (klmouflt) - C:\Windows\system32\DRIVERS\klmouflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R3: klids - C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R3: NVIDIA Virtual Audio Device (Wave Extensible) (WDM) - (nvvad_WaveExtensible) - C:\Windows\system32\drivers\nvvad64v.sys (sign: 'Nvidia Corporation')
O23 - Driver R3: nvlddmkm - C:\Windows\System32\DriverStore\FileRepository\nvrfi.inf_amd64_1c10d14458c9dd59\nvlddmkm.sys (sign: 'NVIDIA Corporation')
O23 - Driver R3: NvModuleTracker - C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys (sign: 'Nvidia Corporation')
O23 - Driver R3: NVVHCI Enumerator Service - (nvvhci) - C:\Windows\System32\drivers\nvvhci.sys (sign: 'Nvidia Corporation')
O23 - Driver R3: ovpn-dco - C:\Windows\System32\drivers\ovpn-dco.sys (sign: 'Microsoft' - OpenVPN, Inc)
O23 - Driver R3: Sound Blaster Audio Controller Driver - (cthdb) - C:\Windows\system32\DRIVERS\cthdb.sys (sign: 'Creative Technology Ltd')
O23 - Driver R3: Sound Blaster Audio Driver - (cthda) - C:\Windows\system32\drivers\cthda.sys (sign: 'Creative Technology Ltd')
O23 - Driver R3: TAP-Windows Adapter V9 - (tap0901) - C:\Windows\System32\drivers\tap0901.sys (+safe mode) (sign: 'Microsoft' - The OpenVPN Project)
O23 - Driver S3: Corsair Gaming Audio Service - (CorsairGamingAudioService) - C:\Windows\System32\drivers\CorsairGamingAudio64.sys (sign: 'Microsoft' - Corsair Memory, Inc.)
O23 - Driver S3: Intel(R) Serial IO GPIO Controller Driver - (iaLPSSi_GPIO) - C:\Windows\System32\drivers\iaLPSSi_GPIO.sys (sign: 'Intel Corporation - Client Components Group')
O23 - Driver S3: klupd_klif_klark - C:\Windows\System32\Drivers\klupd_klif_klark.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver S3: klupd_klif_mark - C:\Windows\System32\Drivers\klupd_klif_mark.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver S3: PrivadoVPNSplitTunneling - C:\Windows\system32\DRIVERS\PrivadoVPNSplitTunneling.sys (sign: 'Privado Networks LLC')
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'e2fexpress'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'klim6'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'klwtp'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'tap0901'


--
End of file - Time spent: 11,6 sec. - 55752 bytes, CRC32: FFFFFFFF. Sign: 試꿕
 
Host dosyası dğişmiş orj. ile değiştirin.

Bunları fixleyin:
Kod:
O4 - ActiveSetup: HKLM\..\{8A69D345-D564-463c-AFF1-A69D9E530F96}: [StubPath] = C:\Program Files\Google\Chrome\Application\120.0.6099.110\Installer\chrmstp.exe --configure-user-settings --verbose-logging --system-level --channel=stable (sign: 'Google LLC')
O4 - HKCU\..\StartupApproved\Run: [IDMan] = C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot (2023/12/16) (not signed - Tonec Inc. - F575BA8062DEBCFEBA0D131D6A7050E4F7C03578)
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\Windows\system32\SecurityHealthSystray.exe (sign: 'Microsoft')
O4-32 - HKLM\..\Run: [CORSAIR iCUE Software] = C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe --autorun (sign: 'Corsair Memory, Inc.')
O20 - HKLM\..\Winlogon\Notify\DfLogon: [DllName] = LogonDll.dll (file missing)
Sound Blaster sürücünüz orj. değil doğru yerden indirin.
Wise Registry kaldırın.
Gereksiz Asus yazılımlarını kaldırın.
İnternet sürücülerinizi güncelleyin.

Bunların dışında zararlı olarak bir şey yok.
 

Technopat Haberler

Geri
Yukarı