HijackThis Log Paylaşımı ve Çözümleri

Logfile of HiJackThis+ (Plus) build 2024-02-08 Alpha v.3.4.0.4

Platform:  x64 Windows 11 (Home), 10.0.22631.3155 (ReleaseId: 2009, 23H2), Service Pack: 0
Time:      18.02.2024 - 02:15 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Memory:    12175 MiB Free. Loading RAM (27 %), CPU (2 %)
Elevated:  Yes
Ran by:    ozden    (group: Administrators; type: Microsoft) on YUNUS, FirstRun: no

Chrome:  121.0.6167.185
Internet Explorer: 11.0.22621.1
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal (Secure Boot: On) (Code Integrity: On)

Running processes:
Number | Path
   7  C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe
   1  C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
   1  C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe
   1  C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
   1  C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
   1  C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
   1  C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.20\AsusFanControlService.exe
   1  C:\Program Files (x86)\ASUS\AXSP\4.02.32\atkexComSvc.exe
   1  C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
   1  C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe
   1  C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe
   1  C:\Program Files (x86)\Lenovo\LenovoDisplayControlCenterService\DCCPIPCtrlWnd.exe
   1  C:\Program Files (x86)\Lenovo\LenovoDisplayControlCenterService\DesktopParts.exe
   1  C:\Program Files (x86)\Lenovo\LenovoDisplayControlCenterService\FloatingMenu.exe
   1  C:\Program Files (x86)\Lenovo\LenovoDisplayControlCenterService\LenovoDCCBackGroundService.exe
   1  C:\Program Files (x86)\Lenovo\LenovoDisplayControlCenterService\LenovoDisplayControlCenterService.exe
   1  C:\Program Files (x86)\Lenovo\LenovoDisplayControlCenterService\MousePositioningWnd.exe
   1  C:\Program Files (x86)\Lenovo\LenovoDisplayControlCenterService\PrintAssitWnd.exe
   1  C:\Program Files (x86)\Lenovo\LenovoDisplayControlCenterService\WndMsgHelper.exe
   1  C:\Program Files (x86)\Lenovo\LenovoDisplayControlCenterService\x64\DCCDataHelper.exe
   1  C:\Program Files (x86)\LightingService\LightingService.exe
   1  C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
   1  C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
   1  C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe
   1  C:\Program Files\AMD\CNext\CNext\amdow.exe
   1  C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
   1  C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
   1  C:\Program Files\AMD\CNext\CNext\cncmd.exe
   1  C:\Program Files\AMD\CNext\CNext\CPUMetricsServer.exe
   1  C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
   1  C:\Program Files\AMD\Performance Profile Client\AUEPDU.exe
   1  C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
   1  C:\Program Files\ASUS\AacAmbientHal\AacAmbientLighting.exe
   1  C:\Program Files\ASUS\AacExtCard\extensionCardHal_x86.exe
   2  C:\Program Files\ASUS\AacMB\Aac3572MbHal_x86.exe
   1  C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe
   1  C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe
   1  C:\Program Files\ASUS\ASUS_Aac_DRAM\Aac3572DramHal_x86.exe
   1  C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x86.exe
   1  C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
   1  C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
   1  C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2401.5.0_x64__cv1g1gvanyjgm\WhatsApp.exe
   1  C:\Program Files\WindowsApps\Microsoft.GamingServices_18.86.14001.0_x64__8wekyb3d8bbwe\gamingservices.exe
   1  C:\Program Files\WindowsApps\Microsoft.GamingServices_18.86.14001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
   1  C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_11.2312.18.0_x64__8wekyb3d8bbwe\Notepad\Notepad.exe
   1  C:\Program Files\WindowsApps\Microsoft.YourPhone_1.24012.92.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
   1  C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.140.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
   1  C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.140.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
   1  C:\Users\ozden\AppData\Local\0install.net\implementations\sha256new_4JQWXZLCXCDXSTR2PYERT5XUXNT5ONOJYSERFTMRGS3Y7HK3Q5FQ\DeepL.exe
   5  C:\Users\ozden\AppData\Local\0install.net\implementations\sha256new_I3XEOP5HY3X6SEQ2EJEOEHJDVNO4CIOO67ZCT3B6FVNYCZKGQRZQ\CefSharp.BrowserSubprocess.exe
   1  C:\Users\ozden\Downloads\HiJackThis\HiJackThis.exe
   1  C:\Windows\explorer.exe
   1  C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
   1  C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
   1  C:\Windows\System32\AggregatorHost.exe
   1  C:\Windows\System32\amdfendrsr.exe
   1  C:\Windows\System32\audiodg.exe
   1  C:\Windows\System32\cmd.exe
   3  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\DataExchangeHost.exe
   2  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_31a20374e0a7b123\RtkAudUService64.exe
   1  C:\Windows\System32\DriverStore\FileRepository\u0398226.inf_amd64_c5d9587384e4b5ff\B398182\atieclxx.exe
   1  C:\Windows\System32\DriverStore\FileRepository\u0398226.inf_amd64_c5d9587384e4b5ff\B398182\atiesrxx.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\LsaIso.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\msiexec.exe
   4  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SearchProtocolHost.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SecurityHealthSystray.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  79  C:\Windows\System32\svchost.exe
   2  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\wbem\unsecapp.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\System32\WUDFHost.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe
   1  C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = hxxps://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = hxxps://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O4 - ActiveSetup: HKLM\..\{8A69D345-D564-463c-AFF1-A69D9E530F96}: [StubPath] = C:\Program Files\Google\Chrome\Application\121.0.6167.185\Installer\chrmstp.exe --configure-user-settings --verbose-logging --system-level --channel=stable (sign: 'Google LLC')
O4 - HKCU\..\Run: [AMDNoiseSuppression] = C:\Windows\system32\AMD\ANR\AMDNoiseSuppression.exe (sign: 'Advanced Micro Devices Inc.')
O4 - HKCU\..\Run: [WallpaperEngine] = C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe -silent (sign: 'Skutta, Kristjan')
O4 - HKCU\..\StartupApproved\Run: [Boom 3D] = "C:\Program Files\Global Delight\Boom 3D\Boom3D.exe" --tray (file missing) (2023/10/22)
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\ozden\AppData\Local\Discord\Update.exe --processStart Discord.exe (2023/04/24) (sign: 'Discord Inc.')
O4 - HKCU\..\StartupApproved\Run: [EADM] = C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe -silent (2023/04/26) (sign: 'Electronic Arts, Inc.')
O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent -launchcontext=boot (2023/04/25) (sign: 'Epic Games Inc.')
O4 - HKCU\..\StartupApproved\Run: [LenovoVantage] = C:\ProgramData\Lenovo\Vantage\Addins\LenovoCompanionAppAddin\1.0.0.23\LenovoVantage.exe (file missing) (2023/10/22)
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_9450EFF727EDCC536AF9F7B3B19BB836] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start (2023/04/25) (sign: 'Microsoft')
O4 - HKCU\..\StartupApproved\Run: [ProtonVPN] = C:\Program Files\Proton\VPN\ProtonVPN.Launcher.exe (file missing) (2023/09/17)
O4 - HKCU\..\StartupApproved\Run: [RiotClient] = C:\Riot Games\Riot Client\RiotClientServices.exe --launch-background-mode (file missing) (2023/06/19)
O4 - HKCU\..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2023/04/24) (sign: 'Valve Corp.')
O4 - HKLM\..\StartupApproved\Run: [Cm108BSound] = C:\Program Files\Xear Audio Center\CPL\FaceLift_x64.exe /h /d (2023/04/25) (not signed - no company - BB8CF2A206888AC397ABAB73DA7F5C580110D875)
O4 - HKLM\..\StartupApproved\Run: [RtkAudUService] = C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_31a20374e0a7b123\RtkAudUService64.exe -background (2023/04/25) (sign: 'Realtek Semiconductor Corp.')
O4 - HKLM\..\StartupApproved\Run: [SteelSeriesGG] = C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe -dataPath="C:\ProgramData\SteelSeries\GG" -dbEnv=production -auto=true (2023/12/23) (sign: 'SteelSeries ApS')
O4 - HKU\S-1-5-19\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'Local service') (sign: 'Microsoft')
O4 - HKU\S-1-5-20\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'Network service') (sign: 'Microsoft')
O4 - Startup: C:\Users\ozden\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DeepL auto-start.lnk    ->    C:\Users\ozden\AppData\Roaming\0install.net\desktop-integration\stubs\1eae01f3cdb5ff0ecf683b15a60a1489573c1188cb34abc205fcf7a924b4e54d\auto-start.exe (not signed - no company - FE3ABCDC59CD077ECF316CDDBA14D0B95C240951)
O7 - Policy: (UAC) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System: [ConsentPromptBehaviorAdmin] = 0
O7 - Policy: (UAC) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System: [PromptOnSecureDesktop] = 0
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Se&nd to OneNote: (default) = C:\Program Files\Microsoft Office\root\Office16\ONBttnIE.dll (file missing)
O17 - DHCP DNS 1: 192.168.1.1
O22 - Task (.job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\Windows\explorer.exe (sign: 'Microsoft')
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (user missing) (sign: 'Microsoft')
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (user missing) (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\MdmDiagnosticsCleanup - C:\Windows\system32\MdmDiagnosticsTool.exe /clean (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Shell\ThemeAssetTask_SyncFODState - {3BC5DD7D-EA3B-428C-B9B6-0723DB6A1057} - C:\Windows\System32\Windows.UI.Immersive.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Office\Office Performance Monitor - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\sc.exe start InventorySvc (sign: '')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\SdbinstMergeDbTask - C:\Windows\system32\sdbinst.exe -mm (sign: 'Microsoft')
O22 - Tasks: \ASUS\AcPowerNotification - C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe (sign: 'ASUSTeK COMPUTER INC.')
O22 - Tasks: \ASUS\Armoury Crate Service Task_CountDown - C:\ProgramData\ASUS\FestsEffect\data\CountDown\CountDown.exe (sign: 'ASUSTeK COMPUTER INC.')
O22 - Tasks: \ASUS\ArmourySocketServer - C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (sign: 'ASUSTeK COMPUTER INC.')
O22 - Tasks: \ASUS\ASUSUpdateTaskMachineCore - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe /c (sign: 'ASUSTeK COMPUTER INC.')
O22 - Tasks: \ASUS\ASUSUpdateTaskMachineUA - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe /ua /installsource scheduler (sign: 'ASUSTeK COMPUTER INC.')
O22 - Tasks: \ASUS\Framework Service - C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe --delay (sign: 'ASUSTeK COMPUTER INC.')
O22 - Tasks: \ASUS\NoiseCancelingEngine - C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe (sign: 'ASUSTeK COMPUTER INC.')
O22 - Tasks: \ASUS\P508PowerAgent_sdk - C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (file missing)
O22 - Tasks: \Lenovo\ImController\Lenovo iM Controller Monitor - C:\Windows\system32\ImController.InfInstaller.exe -checkremoval (sign: 'Lenovo')
O22 - Tasks: \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance - C:\Windows\system32\sc.exe START ImControllerService (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\Windows\system32\MusNotification.exe (file missing)
O22 - Tasks: AMDInstallLauncher - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe /InstallAUEP (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks: AMDLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -AMDLinkUpdate (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks: AMDRyzenMasterSDKTask - C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks: GoogleUpdateTaskMachineCore{87905B77-7330-4B23-BFF4-127D16C4DF9D} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c (sign: 'Google LLC')
O22 - Tasks: GoogleUpdateTaskMachineUA{B21CD2F9-9344-4649-83B4-7868AEA5A688} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler (sign: 'Google LLC')
O22 - Tasks: GPU Tweak III - C:\Program Files (x86)\ASUS\GPUTweakIII\GPU Tweak III.exe (file missing)
O22 - Tasks: ModifyLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -UpdateCurrentUser (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks: OneDrive Per-Machine Standalone Update Task - C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe (sign: 'Microsoft')
O22 - Tasks: OneDrive Reporting Task-S-1-5-21-2379456876-2201890296-3404235585-1001 - C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe /reporting (sign: 'Microsoft')
O22 - Tasks: StartAUEP - C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks: StartCN - C:\Program Files\AMD\CNext\CNext\cncmd.exe startwithdelay (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks: StartCNBM - C:\Program Files\AMD\CNext\CNext\cncmd.exe benchmark (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks: StartDVR - C:\Program Files\AMD\CNext\CNext\RSServCmd.exe (sign: 'Advanced Micro Devices Inc.')
O23 - Service R2: AMD Crash Defender Service - C:\Windows\System32\amdfendrsr.exe (sign: 'Microsoft')
O23 - Service R2: AMD External Events Utility - C:\Windows\System32\DriverStore\FileRepository\u0398226.inf_amd64_c5d9587384e4b5ff\B398182\atiesrxx.exe (sign: 'Advanced Micro Devices Inc.')
O23 - Service R2: AMD User Experience Program Data Uploader - (AUEPLauncher) - C:\Program Files\AMD\CIM\..\Performance Profile Client\AUEPDU.exe (sign: 'Advanced Micro Devices Inc.')
O23 - Service R2: ARMOURY CRATE Service - (ArmouryCrateService) - C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service R2: ASUS AURA SYNC lighting service - (LightingService) - C:\Program Files (x86)\LightingService\LightingService.exe (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service R2: ASUS Com Service - (asComSvc) - C:\Program Files (x86)\ASUS\AXSP\4.02.32\atkexComSvc.exe (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service R2: AsusCertService - C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service R2: AsusFanControlService - C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.20\AsusFanControlService.exe (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service R2: GameSDK Service - C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service R2: Gaming Services - (GamingServices) - C:\Program Files\WindowsApps\Microsoft.GamingServices_18.86.14001.0_x64__8wekyb3d8bbwe\GamingServices.exe (sign: 'Microsoft')
O23 - Service R2: Gaming Services - (GamingServicesNet) - C:\Program Files\WindowsApps\Microsoft.GamingServices_18.86.14001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe (sign: 'Microsoft')
O23 - Service R2: Lenovo Display Control Center Service - (LenovoDisplayControlCenterService) - C:\Program Files (x86)\Lenovo\LenovoDisplayControlCenterService\LenovoDCCBackGroundService.exe (sign: 'Lenovo (Beijing) Limited')
O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_31a20374e0a7b123\RtkAudUService64.exe (sign: 'Realtek Semiconductor Corp.')
O23 - Service R2: ROG Live Service - C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service R2: SAMSUNG Mobile Connectivity Service - (ss_conn_service) - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (sign: 'Samsung Electronics CO., LTD.')
O23 - Service R2: SAMSUNG Mobile Connectivity Service V2 - (ss_conn_service2) - C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe (sign: 'Samsung Electronics CO., LTD.')
O23 - Service R2: System Interface Foundation Service - (ImControllerService) - C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (sign: 'Lenovo')
O23 - Service S2: ASUS Güncelleme Hizmeti (asus) - (asus) - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe /svc (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service S2: AsusROGLSLService Download ROGLSLoader - (AsusROGLSLService) - C:\Program Files (x86)\ASUS\AsusROGLSLService\AsusROGLSLService.exe -runservice (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service S2: AsusUpdateCheck - C:\Windows\System32\AsusUpdateCheck.exe (sign: 'ASUSTeK Computer Inc.')
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc (sign: 'Google LLC')
O23 - Service S3: ASUS Güncelleme Hizmeti (asusm) - (asusm) - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe /medsvc (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe (sign: 'BattlEye Innovations e.K.')
O23 - Service S3: EAAntiCheatService - C:\Program Files\EA\AC\eaanticheat.gameservice.exe (sign: 'Electronic Arts, Inc.')
O23 - Service S3: EABackgroundService - C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (sign: 'Electronic Arts, Inc.')
O23 - Service S3: Easy Anti-Cheat (Epic Online Services) - (EasyAntiCheat_EOS) - C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe (sign: 'EasyAntiCheat Oy')
O23 - Service S3: Epic Online Services - (EpicOnlineServices) - C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe (sign: 'Epic Games Inc.')
O23 - Service S3: FileSyncHelper - C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\FileSyncHelper.exe (sign: 'Microsoft')
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\121.0.6167.185\elevation_service.exe (sign: 'Google LLC')
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc (sign: 'Google LLC')
O23 - Service S3: Kaspersky VPN Secure Connection Hizmeti 5.3 - (KSDE5.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe -r (sign: 'Kaspersky Lab JSC')
O23 - Service S3: OneDrive Updater Service - C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\OneDriveUpdaterService.exe (sign: 'Microsoft')
O23 - Service S3: Rockstar Game Library Service - (Rockstar Service) - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe (sign: 'Rockstar Games, Inc.')
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService (sign: 'Valve Corp.')
O23 - Service S3: SteelSeries GG Update Service Proxy - (SteelSeriesGGUpdateServiceProxy) - C:\Program Files\SteelSeries\GG\SteelSeriesGGUpdateServiceProxy.exe (sign: 'SteelSeries ApS')
O23 - Driver R: ASUS Kernel Mode Driver for NT  - C:\Windows\system32\drivers\IOMap64.sys (sign: 'ASUSTeK COMPUTER INC.')
O23 - Driver R0: AMD PCI Root Bus Lower Filter - (amdkmpfd) - C:\Windows\System32\drivers\amdkmpfd.sys (+safe mode) (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R0: AMD PSP Service - (amdpsp) - C:\Windows\System32\drivers\amdpsp.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R1: AsUpIO - C:\Windows\SysWow64\drivers\AsUpIO.sys (sign: 'ASUSTeK Computer Inc.')
O23 - Driver R1: Asusgio2 - C:\Windows\system32\drivers\AsIO2.sys (sign: 'ASUSTeK Computer Inc.')
O23 - Driver R1: Asusgio3 - C:\Windows\system32\drivers\AsIO3.sys (sign: 'ASUSTeK COMPUTER INC.')
O23 - Driver R1: CTIAIO - C:\Windows\system32\drivers\CtiAIo64.sys (sign: 'Microsoft' - Creative Technology Innovation Co., LTd.)
O23 - Driver R1: MSIO - C:\Windows\system32\drivers\MsIo64.sys (sign: 'Microsoft' - MICSYS Technology Co., LTd)
O23 - Driver R1: Steam Xbox Controller Enhanced Features Driver - (steamxbox) - C:\Windows\System32\drivers\steamxbox.sys (sign: 'Valve Corp.')
O23 - Driver R2: AMDRyzenMasterDriverV22 - C:\Windows\system32\AMDRyzenMasterDriver.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R3: AMD Crash Defender Driver - (amdfendr) - C:\Windows\System32\drivers\amdfendr.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R3: AMD Crash Defender Manager Driver - (amdfendrmgr) - C:\Windows\System32\drivers\amdfendrmgr.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R3: AMD Function Driver for HD Audio Service - (AtiHDAudioService) - C:\Windows\system32\drivers\AtihdWT6.sys (sign: 'Microsoft' - Advanced Micro Devices)
O23 - Driver R3: AMD GPIO Client Driver - (amdgpio2) - C:\Windows\System32\drivers\amdgpio2.sys (sign: 'Advanced Micro Devices INC.')
O23 - Driver R3: AMD GPIO Client Driver - (amdgpio3) - C:\Windows\System32\drivers\amdgpio3.sys (sign: 'ASMedia Technology Inc.')
O23 - Driver R3: AMD Link Controller Emulation - (AMDXE) - C:\Windows\System32\drivers\amdxe.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R3: AMD PCI - (AMDPCIDev) - C:\Windows\System32\drivers\AMDPCIDev.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R3: AMDSAFD - C:\Windows\System32\DriverStore\FileRepository\amdsafd.inf_amd64_54807f69fe156f14\amdsafd.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R3: amduw23g - C:\Windows\System32\DriverStore\FileRepository\u0398226.inf_amd64_c5d9587384e4b5ff\B398182\amdkmdag.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R3: Kaspersky Security Data Escort Adapter - (kltap) - C:\Windows\System32\drivers\kltap.sys (+safe mode) (sign: 'AnchorFree Inc')
O23 - Driver R3: Logitech Translation Layer Driver - (WmXlCore) - C:\Windows\system32\drivers\WmXlCore.sys (sign: 'Logitech')
O23 - Driver R3: Logitech Virtual Bus Enumerator Driver - (WmBEnum) - C:\Windows\system32\drivers\WmBEnum.sys (sign: 'Logitech')
O23 - Driver R3: Realtek NetAdapter Driver - (rt68cx21) - C:\Windows\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_92b2eef9fcc25565\rt68cx21x64.sys (sign: 'Realtek Semiconductor Corp.')
O23 - Driver R3: Service for Realtek HD Audio (WDM) - (IntcAzAudAddService) - C:\Windows\system32\drivers\RTKVHD64.sys (sign: 'Realtek Semiconductor Corp.')
O23 - Driver R3: SteelSeries Device Factory Service - (ssdevfactory) - C:\Windows\System32\drivers\ssdevfactory.sys (sign: 'Microsoft' - SteelSeries ApS)
O23 - Driver R3: SteelSeries HID Service - (sshid) - C:\Windows\System32\drivers\sshid.sys (sign: 'Microsoft' - SteelSeries ApS)
O23 - Driver R3: SteelSeries Sonar Driver - (SteelSeries_Sonar_VAD) - C:\Windows\System32\DriverStore\FileRepository\steelseries-sonar-vad.inf_amd64_da15ab44a6216a8e\SteelSeries-Sonar-VAD.sys (sign: 'SteelSeries ApS')
O23 - Driver R3: USB Audio Class 1.0 and 2.0 Device Driver - (CMUAC) - C:\Windows\System32\drivers\CMUAC.sys (not signed - C-MEDIA - 6DCED93062311367A2D852961F138F7CFB044052)
O23 - Driver S2: rt25cx21 - (IDMWFP) - C:\Windows\System32\drivers\idmwfp.sys (file missing)
O23 - Driver S3: cpuz152 - C:\Windows\temp\cpuz152\cpuz152_x64.sys (sign: 'Microsoft' - CPUID)
O23 - Driver S3: cpuz154 - C:\Windows\temp\cpuz154\cpuz154_x64.sys (file missing)
O23 - Driver S3: cpuz157 - C:\Windows\temp\cpuz157\cpuz157_x64.sys (file missing)
O23 - Driver S3: EAAntiCheat - C:\Windows\system32\drivers\eaanticheat.sys (file missing)
O23 - Driver S3: Intel(R) Serial IO GPIO Controller Driver - (iaLPSSi_GPIO) - C:\Windows\System32\drivers\iaLPSSi_GPIO.sys (sign: 'Intel Corporation - Client Components Group')
O23 - Driver S3: Logitech Gaming HID Filter Driver - (WmFilter) - C:\Windows\system32\drivers\WmFilter.sys (sign: 'Logitech')
O23 - Driver S3: Logitech Virtual Hid Device Driver - (WmVirHid) - C:\Windows\system32\drivers\WmVirHid.sys (sign: 'Logitech')
O23 - Driver S3: SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.) - (ssudmdm) - C:\Windows\system32\DRIVERS\ssudmdm.sys (sign: 'Samsung Electronics CO., LTD.')
O23 - Driver S3: SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.) - (dg_ssudbus) - C:\Windows\system32\DRIVERS\ssudbus2.sys (+safe mode) (sign: 'Samsung Electronics CO., LTD.')
O23 - Driver S3: TAP-Windows Adapter V9 - (tap0901) - C:\Windows\System32\drivers\tap0901.sys (+safe mode) (sign: 'Microsoft' - The OpenVPN Project)
O23 - Driver S3: WireGuard - C:\Windows\System32\drivers\wireguard.sys (sign: 'Microsoft' - WireGuard LLC)
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'kltap'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'tap0901'
O27 - Account: (AutoLogon) HKLM\..\Winlogon: YUNUS\ozden (type: Microsoft)


--
End of file - Time spent: 4,5 sec. - 58884 bytes, CRC32: FFFFFFFF. Sign: 䣍⵽

R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = hxxps://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = hxxps://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O4 - ActiveSetup: HKLM\..\{8A69D345-D564-463c-AFF1-A69D9E530F96}: [StubPath] = C:\Program Files\Google\Chrome\Application\121.0.6167.185\Installer\chrmstp.exe --configure-user-settings --verbose-logging --system-level --channel=stable (sign: 'Google LLC')
O4 - HKCU\..\Run: [AMDNoiseSuppression] = C:\Windows\system32\AMD\ANR\AMDNoiseSuppression.exe (sign: 'Advanced Micro Devices Inc.')
O4 - HKCU\..\Run: [WallpaperEngine] = C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe -silent (sign: 'Skutta, Kristjan')
O4 - HKCU\..\StartupApproved\Run: [Boom 3D] = "C:\Program Files\Global Delight\Boom 3D\Boom3D.exe" --tray (file missing) (2023/10/22)
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\ozden\AppData\Local\Discord\Update.exe --processStart Discord.exe (2023/04/24) (sign: 'Discord Inc.')
O4 - HKCU\..\StartupApproved\Run: [EADM] = C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe -silent (2023/04/26) (sign: 'Electronic Arts, Inc.')
O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent -launchcontext=boot (2023/04/25) (sign: 'Epic Games Inc.')
O4 - HKCU\..\StartupApproved\Run: [LenovoVantage] = C:\ProgramData\Lenovo\Vantage\Addins\LenovoCompanionAppAddin\1.0.0.23\LenovoVantage.exe (file missing) (2023/10/22)
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_9450EFF727EDCC536AF9F7B3B19BB836] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start (2023/04/25) (sign: 'Microsoft')
O4 - HKCU\..\StartupApproved\Run: [ProtonVPN] = C:\Program Files\Proton\VPN\ProtonVPN.Launcher.exe (file missing) (2023/09/17)
O4 - HKCU\..\StartupApproved\Run: [RiotClient] = C:\Riot Games\Riot Client\RiotClientServices.exe --launch-background-mode (file missing) (2023/06/19)
O4 - HKU\S-1-5-19\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'Local service') (sign: 'Microsoft')
O4 - HKU\S-1-5-20\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'Network service') (sign: 'Microsoft')
O4 - Startup: C:\Users\ozden\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DeepL auto-start.lnk    ->    C:\Users\ozden\AppData\Roaming\0install.net\desktop-integration\stubs\1eae01f3cdb5ff0ecf683b15a60a1489573c1188cb34abc205fcf7a924b4e54d\auto-start.exe (not signed - no company - FE3ABCDC59CD077ECF316CDDBA14D0B95C240951)
O7 - Policy: (UAC) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System: [ConsentPromptBehaviorAdmin] = 0
O7 - Policy: (UAC) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System: [PromptOnSecureDesktop] = 0
O22 - Tasks: \ASUS\ASUSUpdateTaskMachineCore - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe /c (sign: 'ASUSTeK COMPUTER INC.')
O22 - Tasks: \ASUS\ASUSUpdateTaskMachineUA - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe /ua /installsource scheduler (sign: 'ASUSTeK COMPUTER INC.')
O22 - Tasks: GPU Tweak III - C:\Program Files (x86)\ASUS\GPUTweakIII\GPU Tweak III.exe (file missing)
O22 - Tasks: OneDrive Per-Machine Standalone Update Task - C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe (sign: 'Microsoft')
O22 - Tasks: OneDrive Reporting Task-S-1-5-21-2379456876-2201890296-3404235585-1001 - C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe /reporting (sign: 'Microsoft')
O22 - Tasks: StartAUEP - C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe (sign: 'Advanced Micro Devices Inc.')
O23 - Service S2: AsusUpdateCheck - C:\Windows\System32\AsusUpdateCheck.exe (sign: 'ASUSTeK Computer Inc.')
O23 - Service S3: OneDrive Updater Service - C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\OneDriveUpdaterService.exe (sign: 'Microsoft')
O23 - Driver R3: USB Audio Class 1.0 and 2.0 Device Driver - (CMUAC) - C:\Windows\System32\drivers\CMUAC.sys (not signed - C-MEDIA - 6DCED93062311367A2D852961F138F7CFB044052)
O23 - Driver S3: cpuz152 - C:\Windows\temp\cpuz152\cpuz152_x64.sys (sign: 'Microsoft' - CPUID)
O23 - Driver S3: cpuz154 - C:\Windows\temp\cpuz154\cpuz154_x64.sys (file missing)
O23 - Driver S3: cpuz157 - C:\Windows\temp\cpuz157\cpuz157_x64.sys (file missing)

1  C:\Program Files (x86)\AnyDesk\AnyDesk.exe
   1  C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
   1  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
  19  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
   6  C:\Program Files (x86)\Microsoft\EdgeWebView\Application\121.0.2277.128\msedgewebview2.exe
   1  C:\Program Files\Avast Software\Avast\aswEngSrv.exe
   1  C:\Program Files\Avast Software\Avast\aswidsagent.exe
   1  C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
   1  C:\Program Files\Avast Software\Avast\AvastSvc.exe
   3  C:\Program Files\Avast Software\Avast\AvastUI.exe
   1  C:\Program Files\Avast Software\Avast\wsc_proxy.exe
   1  C:\Program Files\SafeNet\Authentication\SAC\x64\SACMonitor.exe
   1  C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2401.5.0_x64__cv1g1gvanyjgm\WhatsApp.exe
   1  C:\Program Files\WindowsApps\Microsoft.YourPhone_1.24012.86.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
   1  C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2401.2.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
   1  C:\Users\PC\AppData\Local\Programs\Manager\Manager.exe
   2  C:\Users\PC\AppData\Local\Programs\phBot Testing\phBot.exe
   1  C:\Users\PC\OneDrive\Desktop\Yeni klasör\HiJackThis.exe
   1  C:\Windows\explorer.exe
   1  C:\Windows\System32\AggregatorHost.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   1  C:\Windows\System32\audiodg.exe
   1  C:\Windows\System32\CompPkgSrv.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dasHost.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\oobe\UserOOBEBroker.exe
   7  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchFilterHost.exe
   1  C:\Windows\System32\SearchIndexer.exe
   2  C:\Windows\System32\SearchProtocolHost.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  71  C:\Windows\System32\svchost.exe
   2  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\wbem\unsecapp.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   2  C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = hxxp://vvv.joygame.com/games.aspx?g=2001
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = hxxps://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = hxxps://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O2 - HKLM\..\BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll (sign: 'IObit Information Technology')
O2 - HKLM\..\BHO: McAfee WebAdvisor - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll (sign: 'McAfee, LLC')
O2-32 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_231\bin\jp2ssv.dll (sign: 'Oracle America, Inc.')
O2-32 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_231\bin\ssv.dll (sign: 'Oracle America, Inc.')
O2-32 - HKLM\..\BHO: McAfee WebAdvisor - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll (sign: 'McAfee, LLC')
O4 - HKCU\..\Run: [SepetTakip] = C:\SepetTakip\SepetTakip.exe (sign: 'SEPETTAKİP YAZILIM TEKNOLOJİLERİ ANONİM ŞİRKETİ')
O4 - HKCU\..\StartupApproved\Run: [AkisSIL.exe] = C:\Program Files (x86)\Palma\AkisSIL.exe (file missing) (2023/08/14)
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\PC\AppData\Local\Discord\Update.exe --processStart Discord.exe (2022/04/28) (sign: 'Discord Inc.')
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_B47356396DDD0FAAE76D0ED141F5CEA2] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --win-session-start (2022/04/28) (sign: 'Microsoft')
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = "C:\Users\PC\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background (file missing) (2022/04/28)
O4 - HKCU\..\StartupApproved\Run: [RiotClient] = C:\Riot Games\Riot Client\RiotClientServices.exe --launch-background-mode (2023/09/27) (sign: 'Riot Games, Inc.')
O4 - HKCU\..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2022/04/28) (sign: 'Valve Corp.')
O4 - HKLM\..\Run: [AvastUI.exe] = C:\Program Files\Avast Software\Avast\AvLaunch.exe /gui (sign: 'Avast Software s.r.o.')
O4 - HKLM\..\Run: [SACMonitor] = C:\Program Files\SafeNet\Authentication\SAC\x64\SACMonitor.exe (sign: 'GEMALTO SA')
O4 - HKLM\..\StartupApproved\Run: [Riot Vanguard] = C:\Program Files\Riot Vanguard\vgtray.exe (2022/12/12) (sign: 'Riot Games, Inc.')
O4 - HKLM\..\StartupApproved\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s (2022/07/10) (sign: 'Realtek Semiconductor Corp.')
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\Windows\system32\SecurityHealthSystray.exe (2022/07/10) (sign: 'Microsoft')
O4 - HKLM\..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk    ->    C:\Program Files (x86)\AnyDesk\AnyDesk.exe --control (2023/08/14) (sign: 'AnyDesk Software GmbH')
O4-32 - HKLM\..\Run: [phBot Manager] = C:\Users\PC\AppData\Local\Programs\Manager\Manager.exe --delay 0 (invalid sign: CERT_E_CHAINING - ProjectHax LLC - E3F440D60838C1BDEF90A8D3B27C608BD560415F)
O4-32 - HKLM\..\Run: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (sign: 'Oracle America, Inc.')
O5 - Applet: C:\Windows\System32\RTSnMg64.cpl (sign: 'Realtek Semiconductor Corp.')
O7 - Policy: (UAC) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System: [ConsentPromptBehaviorAdmin] = 0
O7 - Policy: (UAC) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System: [PromptOnSecureDesktop] = 0
O7 - Policy: HKLM\Software\Microsoft\Windows Defender: [DisableAntiSpyware] = 1
O7 - Policy: HKLM\Software\Microsoft\Windows Defender: [DisableAntiVirus] = 1
O9 - Button: HKLM\..\{48A61126-9A19-4C50-A214-FF08CB94995C}: McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll (sign: 'McAfee, LLC')
O9 - Tools menu item: HKLM\..\{48A61126-9A19-4C50-A214-FF08CB94995C}: McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll (sign: 'McAfee, LLC')
O9-32 - Button: HKLM\..\{48A61126-9A19-4C50-A214-FF08CB94995C}: McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll (sign: 'McAfee, LLC')
O9-32 - Tools menu item: HKLM\..\{48A61126-9A19-4C50-A214-FF08CB94995C}: McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll (sign: 'McAfee, LLC')
O17 - DHCP DNS 1: 8.8.8.8 (Well-known DNS: Google)
O17 - DHCP DNS 2: 1.1.1.1 (Well-known DNS: Cloudflare / APNIC)
O17 - HKLM\System\CCS\Services\Tcpip\..\{8798dee6-ec8d-4d43-8c18-690642da8a1b}: [NameServer] = 1.1.1.1 (Well-known DNS: Cloudflare / APNIC)
O17 - HKLM\System\CCS\Services\Tcpip\..\{8798dee6-ec8d-4d43-8c18-690642da8a1b}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O20 - HKLM\..\Winlogon\Notify\ScCertProp: [DllName] = (no file)
O20-32 - HKLM\..\Winlogon\Notify\ScCertProp: [DllName] = (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files\Avast Software\Avast\ashShell.dll (sign: 'Avast Software s.r.o.')
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files\Avast Software\Avast\x86\ashShell.dll (sign: 'Avast Software s.r.o.')
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Users\PC\AppData\Local\Microsoft\OneDrive\22.166.0807.0002\i386\FileSyncShell.dll (file missing)
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (user missing) (sign: 'Microsoft')
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (user missing) (sign: 'Microsoft')
O22 - Tasks: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\Windows\system32\MusNotification.exe /RunOnAC EngagedRebootReminder (sign: 'Microsoft')
O22 - Tasks: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\Windows\system32\MusNotification.exe /RunOnBattery EngagedRebootReminder (sign: 'Microsoft')
O22 - Tasks: (disabled) \Agent Activation Runtime\S-1-5-21-2495721802-3370218499-185983138-1001 - C:\Windows\System32\AgentActivationRuntimeStarter.exe (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (sign: 'Microsoft')
O22 - Tasks: (disabled) AMDAutoUpdate - C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks: (disabled) AMDLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -AMDLinkUpdate (sign: 'Advanced Micro Devices, Inc.')
O22 - Tasks: (disabled) AMDRyzenMasterSDKTask - C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe (not signed - Advanced Micro Devices, Inc. - 3B60E907C2E965E808C743030A004E61EA388D43)
O22 - Tasks: (disabled) GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c (sign: 'Google LLC')
O22 - Tasks: (disabled) GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler (sign: 'Google LLC')
O22 - Tasks: (disabled) ModifyLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -UpdateCurrentUser (sign: 'Advanced Micro Devices, Inc.')
O22 - Tasks: (disabled) OneDrive Reporting Task-S-1-5-21-2495721802-3370218499-185983138-1001 - C:\Users\PC\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (file missing)
O22 - Tasks: (disabled) OneDrive Reporting Task-S-1-5-21-2495721802-3370218499-185983138-1002 - C:\Users\PC\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (file missing)
O22 - Tasks: (disabled) OneDrive Standalone Update Task-S-1-5-21-2495721802-3370218499-185983138-1001 - C:\Users\PC\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (file missing)
O22 - Tasks: (disabled) OneDrive Standalone Update Task-S-1-5-21-2495721802-3370218499-185983138-1002 - C:\Users\PC\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (file missing)
O22 - Tasks: (disabled) StartAUEP - C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks: (disabled) StartCN - C:\Program Files\AMD\CNext\CNext\cncmd.exe startwithdelay (sign: 'Advanced Micro Devices, Inc.')
O22 - Tasks: (disabled) StartCNBM - C:\Program Files\AMD\CNext\CNext\cncmd.exe benchmark (sign: 'Advanced Micro Devices, Inc.')
O22 - Tasks: (disabled) StartDVR - C:\Program Files\AMD\CNext\CNext\RSServCmd.exe (sign: 'Advanced Micro Devices, Inc.')
O22 - Tasks: (disabled) Uninstaller_SkipUac_PC - C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe /UninstallExplorer (file missing)
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (sign: 'Microsoft')
O22 - Tasks: \Avast Software\Overseer - C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe /from_scheduler:1 (sign: 'Avast Software s.r.o.')
O22 - Tasks: Avast Emergency Update - C:\Program Files\Avast Software\Avast\AvEmUpdate.exe (sign: 'Avast Software s.r.o.')
O23 - Service R2: AnyDesk Service - (AnyDesk) - C:\Program Files (x86)\AnyDesk\AnyDesk.exe --service (sign: 'AnyDesk Software GmbH')
O23 - Service R2: Avast Antivirus - (avast! Antivirus) - C:\Program Files\Avast Software\Avast\AvastSvc.exe /runassvc (sign: 'Avast Software s.r.o.')
O23 - Service R2: Avast Tools - (avast! Tools) - C:\Program Files\Avast Software\Avast\aswToolsSvc.exe /runassvc (sign: 'Avast Software s.r.o.')
O23 - Service R2: AvastWscReporter - C:\Program Files\Avast Software\Avast\wsc_proxy.exe /runassvc /rpcserver (sign: 'Avast Software s.r.o.')
O23 - Service R3: aswbIDSAgent - C:\Program Files\Avast Software\Avast\aswidsagent.exe (sign: 'Avast Software s.r.o.')
O23 - Service S2: IObit Uninstaller Service - (IObitUnSvr) - C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe Files (x86)\IObit\IObit Uninstaller\IUService.exe (file missing)
O23 - Service S3: Chrome Uzaktan Masaüstü Hizmeti - (chromoting) - C:\Program Files (x86)\Google\Chrome Remote Desktop\121.0.6167.13\remoting_host.exe --type=daemon --host-config="C:\ProgramData\Google\Chrome Remote Desktop\host.json" (sign: 'Google LLC')
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe (sign: 'EasyAntiCheat Oy')
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\120.0.6099.111\elevation_service.exe (sign: 'Google LLC')
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService (sign: 'Valve Corp.')
O23 - Service S3: vgc - C:\Program Files\Riot Vanguard\vgc.exe (sign: 'Riot Games, Inc.')
O23 - Driver R0: AMD PSP Service - (amdpsp) - C:\Windows\System32\drivers\amdpsp.sys (sign: 'Advanced Micro Devices, Inc.')
O23 - Driver R0: aswArDisk - C:\Windows\system32\drivers\aswArDisk.sys (+safe mode) (sign: 'Microsoft' - Gen Digital Inc.)
O23 - Driver R0: aswbidsh - C:\Windows\system32\drivers\aswbidsh.sys (sign: 'Microsoft' - Gen Digital Inc.)
O23 - Driver R0: aswbuniv - C:\Windows\system32\drivers\aswbuniv.sys (sign: 'Microsoft' - Gen Digital Inc.)
O23 - Driver R0: aswRvrt - C:\Windows\system32\drivers\aswRvrt.sys (sign: 'Microsoft' - Gen Digital Inc.)
O23 - Driver R0: aswVmm - C:\Windows\system32\drivers\aswVmm.sys (sign: 'Microsoft' - Gen Digital Inc.)
O23 - Driver R1: aswArPot - C:\Windows\system32\drivers\aswArPot.sys (sign: 'Microsoft' - Gen Digital Inc.)
O23 - Driver R1: aswbidsdriver - C:\Windows\system32\drivers\aswbidsdriver.sys (sign: 'Microsoft' - Gen Digital Inc.)
O23 - Driver R1: aswKbd - C:\Windows\system32\drivers\aswKbd.sys (sign: 'Microsoft' - Gen Digital Inc.)
O23 - Driver R1: aswMonFlt - C:\Windows\system32\drivers\aswMonFlt.sys (sign: 'Microsoft' - Gen Digital Inc.)
O23 - Driver R1: aswNetHub - C:\Windows\system32\drivers\aswNetHub.sys (+safe mode) (sign: 'Microsoft' - Gen Digital Inc.)
O23 - Driver R1: aswRdr - C:\Windows\system32\drivers\aswRdr2.sys (+safe mode) (sign: 'Microsoft' - Gen Digital Inc.)
O23 - Driver R1: aswSnx - C:\Windows\system32\drivers\aswSnx.sys (sign: 'Microsoft' - Gen Digital Inc.)
O23 - Driver R1: aswSP - C:\Windows\system32\drivers\aswSP.sys (sign: 'Microsoft' - Gen Digital Inc.)
O23 - Driver R2: AMDRyzenMasterDriverV17 - C:\Program Files\AMD\CNext\CNext\AMDRyzenMasterDriver.sys (sign: 'Advanced Micro Devices INC.')
O23 - Driver R2: AMDRyzenMasterDriverV22 - C:\Program Files\AMD\RyzenMaster\bin\AMDRyzenMasterDriver.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R2: aswStm - C:\Windows\system32\drivers\aswStm.sys (+safe mode) (sign: 'Microsoft' - Gen Digital Inc.)
O23 - Driver R3: AMD Crash Defender Driver - (amdfendr) - C:\Windows\system32\DRIVERS\amdfendr.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R3: AMD Crash Defender Manager Driver - (amdfendrmgr) - C:\Windows\System32\drivers\amdfendrmgr.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R3: AMD Function Driver for HD Audio Service - (AtiHDAudioService) - C:\Windows\system32\drivers\AtihdWT6.sys (sign: 'Microsoft' - Advanced Micro Devices)
O23 - Driver R3: AMD GPIO Client Driver - (amdgpio2) - C:\Windows\System32\drivers\amdgpio2.sys (sign: 'Advanced Micro Devices INC.')
O23 - Driver R3: AMD GPIO Client Driver - (amdgpio3) - C:\Windows\System32\drivers\amdgpio3.sys (invalid sign: CERT_E_CHAINING - Advanced Micro Devices, Inc - 97330ABC93899A7D3728032CAD6F2D817FBCA852)
O23 - Driver R3: AMD Link Controller Emulation - (AMDXE) - C:\Windows\System32\drivers\amdxe.sys (sign: 'Advanced Micro Devices, Inc.')
O23 - Driver R3: AMDSAFD - C:\Windows\System32\DriverStore\FileRepository\amdsafd.inf_amd64_8e2568524f674315\amdsafd.sys (sign: 'Microsoft' - Advanced Micro Devices)
O23 - Driver R3: amdwddmg - C:\Windows\System32\DriverStore\FileRepository\u0390451.inf_amd64_39377efdd62734d1\B390182\amdkmdag.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R3: Audio Coprocessr Driver for DSP - (amdacpbus) - C:\Windows\System32\DriverStore\FileRepository\amdacpbus.inf_amd64_f6a71d71a2f4928d\amdacpbus.sys (sign: 'Microsoft' - Advanced Micro Devices)
O23 - Driver R3: Service for Realtek HD Audio (WDM) - (IntcAzAudAddService) - C:\Windows\system32\drivers\RTKVHD64.sys (sign: 'Realtek Semiconductor Corp.')
O23 - Driver R3: WO Mic Driver - (WOVAD) - C:\Windows\System32\drivers\womic.sys (sign: 'Microsoft' - Windows (R) Win 7 DDK provider)
O23 - Driver S1: vgk - C:\Program Files\Riot Vanguard\vgk.sys (sign: 'Riot Games, Inc.')
O23 - Driver S3: "Microsoft Bluetooth A2dp driver" ; {Placeholder="Microsoft Bluetooth"} - (BthA2dp) - C:\Windows\System32\drivers\BthA2dp.sys (not signed - Microsoft Corporation - 8C65FB4148E3017E9DD856D6E3BA56727EFF8715)
O23 - Driver S3: "Microsoft Bluetooth Hands-Free Profile driver" ; {Placeholder="Microsoft Bluetooth"} - (BthHFEnum) - C:\Windows\System32\drivers\bthhfenum.sys (not signed - Microsoft Corporation - 535BB930D78CE662B7AD9C080035C02AB98D9975)
O23 - Driver S3: Apple Lower Filter Driver - (AppleLowerFilter) - C:\Windows\System32\drivers\AppleLowerFilter.sys (sign: 'Microsoft' - Apple Inc.)
O23 - Driver S3: cpuz149 - C:\Windows\temp\cpuz149\cpuz149_x64.sys (file missing)
O23 - Driver S3: Intel(R) Serial IO GPIO Controller Driver - (iaLPSSi_GPIO) - C:\Windows\System32\drivers\iaLPSSi_GPIO.sys (sign: 'Intel Corporation - Client Components Group')
O23 - Driver S3: rsDwf - C:\Windows\system32\DRIVERS\rsDwf.sys (file missing)
O23 - Driver S3: xhunter1 - C:\Windows\xhunter1.sys (sign: 'Wellbia.com Co., Ltd.')

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = hxxp://vvv.joygame.com/games.aspx?g=2001
O2 - HKLM\..\BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll (sign: 'IObit Information Technology')
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_B47356396DDD0FAAE76D0ED141F5CEA2] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --win-session-start (2022/04/28) (sign: 'Microsoft')
O4-32 - HKLM\..\Run: [phBot Manager] = C:\Users\PC\AppData\Local\Programs\Manager\Manager.exe --delay 0 (invalid sign: CERT_E_CHAINING - ProjectHax LLC - E3F440D60838C1BDEF90A8D3B27C608BD560415F)
O22 - Tasks: (disabled) Uninstaller_SkipUac_PC - C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe /UninstallExplorer (file missing)

Logfile of HiJackThis+ (Plus) build 2024-02-27 Alpha v.3.4.0.6

Platform: x64 Windows 11 (Pro), 10.0.22631.3235 (ReleaseId: 2009, 23H2), Service Pack: 0
Time: 06.03.2024 - 16:29 (UTC+03:00)
Language: OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Memory: 6085 MiB Free. Loading RAM (26 %), CPU (2 %)
Elevated: Yes
Ran by: Cem (group: Administrators; type: Local) on CEM, FirstRun: yes

Chrome: 122.0.6261.95
Internet Explorer: 11.0.22621.1
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal (Secure Boot: Off)

Running processes:
Number | Path
 2 C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
 1 C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2407.10.0_x64__cv1g1gvanyjgm\WhatsApp.exe
 1 C:\Users\Administrator\Desktop\a\HiJackThis.exe
 1 C:\Users\Administrator\Desktop\Tweaks\Programlar\ISLC v1.0.3.1\Intelligent standby list cleaner ISLC.exe
 1 C:\Windows\explorer.exe
 1 C:\Windows\ImmersiveControlPanel\SystemSettings.exe
 1 C:\Windows\System32\ApplicationFrameHost.exe
 1 C:\Windows\System32\audiodg.exe
 1 C:\Windows\System32\conhost.exe
 2 C:\Windows\System32\csrss.exe
 1 C:\Windows\System32\ctfmon.exe
 2 C:\Windows\System32\dllhost.exe
 1 C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_bee333b3fb02dacb\OneApp.IGCC.WinService.exe
 2 C:\Windows\System32\DriverStore\FileRepository\nvquig.inf_amd64_33d2d722e69d7e30\Display.NvContainer\NVDisplay.Container.exe
 1 C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_cd3d6bbb4022d961\RtkAudUService64.exe
 1 C:\Windows\System32\dwm.exe
 2 C:\Windows\System32\fontdrvhost.exe
 1 C:\Windows\System32\lsass.exe
 1 C:\Windows\System32\oobe\UserOOBEBroker.exe
 3 C:\Windows\System32\RuntimeBroker.exe
 1 C:\Windows\System32\services.exe
 1 C:\Windows\System32\sihost.exe
 1 C:\Windows\System32\smss.exe
 71 C:\Windows\System32\svchost.exe
 2 C:\Windows\System32\taskhostw.exe
 2 C:\Windows\System32\wbem\WmiPrvSE.exe
 1 C:\Windows\System32\wininit.exe
 1 C:\Windows\System32\winlogon.exe
 1 C:\Windows\System32\wlanext.exe
 1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
 1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe

O2 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (sign: 'Tonec Inc.')
O2-32 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (sign: 'Tonec Inc.')
O4 - ActiveSetup: HKLM\..\{8A69D345-D564-463c-AFF1-A69D9E530F96}: [StubPath] = C:\Program Files\Google\Chrome\Application\122.0.6261.95\Installer\chrmstp.exe --configure-user-settings --verbose-logging --system-level (sign: 'Google LLC')
O4 - HKCU\..\StartupApproved\Run: [EADM] = C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe -silent (2024/03/06) (sign: 'Electronic Arts, Inc.')
O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent (2024/03/06) (sign: 'Epic Games Inc.')
O4 - HKCU\..\StartupApproved\Run: [IDMan] = C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot (2024/03/06) (not signed - Tonec Inc. - D374CFE3D5F78DCE341CA7644284C1995CC3014B)
O4 - HKCU\..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2024/03/06) (sign: 'Valve Corp.')
O4 - HKLM\..\StartupApproved\Run: [RtkAudUService] = C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_cd3d6bbb4022d961\RtkAudUService64.exe -background (2024/03/05) (sign: 'Realtek Semiconductor Corp.')
O7 - Policy: (UAC) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System: [ConsentPromptBehaviorAdmin] = 0
O7 - Policy: HKLM\Software\Microsoft\Windows Defender\Features: [TamperProtection] = 0
O7 - Policy: HKLM\Software\Policies\Microsoft\Windows Defender: [DisableAntiSpyware] = 1
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\IDM ile indir: (default) = C:\Program Files (x86)\Internet Download Manager\IEExt.htm (not signed - no company - 1A49C5F7A98580F8002AC1D6115AB39CB753975B)
O17 - DHCP DNS 1: 45.90.28.125
O17 - DHCP DNS 2: 45.90.30.125
O17 - HKLM\System\CCS\Services\Tcpip\..\{d4428804-04f4-44e2-8d76-5ee81f1725a2}: [NameServer] = 45.90.28.125
O17 - HKLM\System\CCS\Services\Tcpip\..\{d4428804-04f4-44e2-8d76-5ee81f1725a2}: [NameServer] = 45.90.30.125
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll (sign: 'Tonec Inc.')
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4228A9B5-7D1B-4DE3-BF0F-5BAA8846079E} - (no key)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B7BD864C-0725-4FFA-9287-ADFEC8C8B366} - (no key)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D734AFF9-3E13-45E3-AAFA-3FF9C320755E} - (no key)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0D0D563-5972-40FD-8E40-95175CCF5A94} - (no key)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EA9161C6-60A5-483F-9173-DD6D5873EF92} - (no key)
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (user missing) (sign: 'Microsoft')
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (user missing) (sign: 'Microsoft')
O22 - Tasks: (disabled) (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\sc.exe start InventorySvc (sign: '')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\MdmDiagnosticsCleanup - C:\Windows\system32\MdmDiagnosticsTool.exe /clean (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Shell\ThemeAssetTask_SyncFODState - {3BC5DD7D-EA3B-428C-B9B6-0723DB6A1057} - C:\Windows\System32\Windows.UI.Immersive.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\SdbinstMergeDbTask - C:\Windows\system32\sdbinst.exe -mm (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Reduce Memory 15min.xml - C:\Windows\system32\EcMenu_x64.exe /Admin /ReduceMemory (not signed - vvv.sordum.org - 721E03A68539A11C72A0BE3849DBB34A4989E3FA)
O22 - Tasks: \Microsoft\Reduce Memory 1min.xml - C:\Windows\system32\EcMenu_x64.exe /Admin /ReduceMemory (not signed - vvv.sordum.org - 721E03A68539A11C72A0BE3849DBB34A4989E3FA)
O22 - Tasks: \Microsoft\Reduce Memory 30min.xml - C:\Windows\system32\EcMenu_x64.exe /Admin /ReduceMemory (not signed - vvv.sordum.org - 721E03A68539A11C72A0BE3849DBB34A4989E3FA)
O22 - Tasks: \Microsoft\Reduce Memory 5min.xml - C:\Windows\system32\EcMenu_x64.exe /Admin /ReduceMemory (not signed - vvv.sordum.org - 721E03A68539A11C72A0BE3849DBB34A4989E3FA)
O22 - Tasks: \Microsoft\Reduce Memory 60min.xml - C:\Windows\system32\EcMenu_x64.exe /Admin /ReduceMemory (not signed - vvv.sordum.org - 721E03A68539A11C72A0BE3849DBB34A4989E3FA)
O22 - Tasks: \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\Windows\system32\fclip.exe (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\StartOobeAppsScan_OobeAppReady - C:\Windows\system32\usoclient.exe StartOobeAppsScan (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\Windows\system32\MusNotification.exe (file missing)
O22 - Tasks: \Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - C:\Program Files\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance (file missing)
O22 - Tasks: \Microsoft\Windows\Windows Defender\Windows Defender Cleanup - C:\Program Files\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCleanup (file missing)
O22 - Tasks: \Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - C:\Program Files\Windows Defender\MpCmdRun.exe Scan -ScheduleJob (file missing)
O22 - Tasks: \Microsoft\Windows\Windows Defender\Windows Defender Verification - C:\Program Files\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdVerification (file missing)
O22 - Tasks: GoogleUpdateTaskMachineCore{FDFA25F2-8502-4D51-934C-E35091910FBD} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c (sign: 'Google LLC')
O22 - Tasks: GoogleUpdateTaskMachineUA{6BCFA1D9-0AE4-47E1-BF06-E262109A77E9} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler (sign: 'Google LLC')
O22 - Tasks: Intelligent StandbyList Cleaner - C:\Users\Administrator\Desktop\Tweaks\Programlar\ISLC v1.0.3.1\Intelligent standby list cleaner ISLC.exe (sign: 'Wagnardsoft')
O22 - Tasks: NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA App.exe (sign: 'NVIDIA Corporation')
O22 - Tasks: StartAllBack Update - C:\Program Files\StartAllBack\UpdateCheck.exe elevated (not signed - Microsoft Corporation - 81B5B130741D5DF2FECCD67BB6EDB1A9D08D48AA)
O23 - Service R2: Intel(R) Graphics Command Center Service - (igccservice) - C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_bee333b3fb02dacb\OneApp.IGCC.WinService.exe (sign: 'Intel Corporation')
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Windows\System32\DriverStore\FileRepository\nvquig.inf_amd64_33d2d722e69d7e30\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvquig.inf_amd64_33d2d722e69d7e30\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem /ert (sign: 'NVIDIA Corporation')
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA Corporation\NVIDIA App\NvContainer\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -ert (sign: 'NVIDIA Corporation')
O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_cd3d6bbb4022d961\RtkAudUService64.exe (sign: 'Realtek Semiconductor Corp.')
O23 - Service S2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService2.0.0.0) - C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f47cef52ac4d1535\igfxCUIService.exe (sign: 'Intel Corporation')
O23 - Service S3: EABackgroundService - C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe -start (sign: 'Electronic Arts, Inc.')
O23 - Service S3: NVIDIA FrameView SDK service - (FvSvc) - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe -service (sign: 'NVIDIA Corporation')
O23 - Driver R2: IDMWFP - C:\Windows\System32\drivers\idmwfp.sys (sign: 'Microsoft' - Tonec Inc.)
O23 - Driver R3: ___ Windows 10 64 Bit için Intel(R) Wireless Bağdaştırıcı Sürücüsü - (Netwtw10) - C:\Windows\System32\drivers\Netwtw10.sys (+safe mode) (sign: 'Intel Corporation')
O23 - Driver R3: dptf_acpi - C:\Windows\System32\DriverStore\FileRepository\dptf_acpi.inf_amd64_5989fd2721678bab\dptf_acpi.sys (+safe mode) (sign: 'Intel Corporation')
O23 - Driver R3: igfx - C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_d0e181bba89305c6\igdkmd64.sys (sign: 'Intel Corporation')
O23 - Driver R3: Intel(R) Display Audio - (IntcDAud) - C:\Windows\System32\DriverStore\FileRepository\intcdaud.inf_amd64_718877413f6508de\IntcDAud.sys (sign: 'Intel Corporation')
O23 - Driver R3: Intel(R) Management Engine Interface - (MEIx64) - C:\Windows\System32\DriverStore\FileRepository\heci.inf_amd64_84dfa9390100e6bc\x64\TeeDriverW8x64.sys (sign: 'Intel(R) Embedded Subsystems and IP Blocks Group')
O23 - Driver R3: Intel(R) Wireless Bluetooth(R) - (ibtusb) - C:\Windows\System32\DriverStore\FileRepository\ibtusb.inf_amd64_9668d272428b3212\ibtusb.sys (+safe mode) (sign: 'Intel Corporation')
O23 - Driver R3: NVIDIA Virtual Audio Device (Wave Extensible) (WDM) - (nvvad_WaveExtensible) - C:\Windows\system32\drivers\nvvad64v.sys (sign: 'NVIDIA Corporation')
O23 - Driver R3: nvlddmkm - C:\Windows\System32\DriverStore\FileRepository\nvquig.inf_amd64_33d2d722e69d7e30\nvlddmkm.sys (sign: 'NVIDIA Corporation')
O23 - Driver R3: Realtek USB Card Reader - UER - (RTSUER) - C:\Windows\system32\Drivers\RtsUer.sys (sign: 'Realtek Semiconductor Corp.')
O23 - Driver R3: Service for Realtek HD Audio (WDM) - (IntcAzAudAddService) - C:\Windows\system32\drivers\RTKVHD64.sys (sign: 'Realtek Semiconductor Corp.')
O23 - Driver S3: Bluetooth Modem Communications Driver - (BTHMODEM) - C:\Windows\System32\drivers\bthmodem.sys (not signed - Microsoft Corporation - 4F9AFC33289DADF4FC78FC744B3B163810C7ECD1)
O23 - Driver S3: dptf_cpu - C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4a3ae74cfa6c37d6\dptf_cpu.sys (+safe mode) (sign: 'Intel Corporation')
O23 - Driver S3: esif_lf - C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4a3ae74cfa6c37d6\esif_lf.sys (+safe mode) (sign: 'Intel Corporation')
O23 - Driver S3: Intel(R) Serial IO GPIO Controller Driver - (iaLPSSi_GPIO) - C:\Windows\System32\drivers\iaLPSSi_GPIO.sys (sign: 'Intel Corporation - Client Components Group')
O23 - Driver S3: Revoflt - C:\Windows\system32\DRIVERS\revoflt.sys (sign: 'Microsoft' - VS Revo Group)
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'Netwtw10'

--
End of file - Time spent: 20,7 sec. - 35074 bytes, CRC32: FFFFFFFF. Sign: 浢朱

O4 - HKCU\..\StartupApproved\Run: [IDMan] = C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot (2024/03/06) (not signed - Tonec Inc. - D374CFE3D5F78DCE341CA7644284C1995CC3014B)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4228A9B5-7D1B-4DE3-BF0F-5BAA8846079E} - (no key)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B7BD864C-0725-4FFA-9287-ADFEC8C8B366} - (no key)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D734AFF9-3E13-45E3-AAFA-3FF9C320755E} - (no key)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0D0D563-5972-40FD-8E40-95175CCF5A94} - (no key)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EA9161C6-60A5-483F-9173-DD6D5873EF92} - (no key)
O22 - Tasks: \Microsoft\Reduce Memory 15min.xml - C:\Windows\system32\EcMenu_x64.exe /Admin /ReduceMemory (not signed - vvv.sordum.org - 721E03A68539A11C72A0BE3849DBB34A4989E3FA)
O22 - Tasks: \Microsoft\Reduce Memory 1min.xml - C:\Windows\system32\EcMenu_x64.exe /Admin /ReduceMemory (not signed - vvv.sordum.org - 721E03A68539A11C72A0BE3849DBB34A4989E3FA)
O22 - Tasks: \Microsoft\Reduce Memory 30min.xml - C:\Windows\system32\EcMenu_x64.exe /Admin /ReduceMemory (not signed - vvv.sordum.org - 721E03A68539A11C72A0BE3849DBB34A4989E3FA)
O22 - Tasks: \Microsoft\Reduce Memory 5min.xml - C:\Windows\system32\EcMenu_x64.exe /Admin /ReduceMemory (not signed - vvv.sordum.org - 721E03A68539A11C72A0BE3849DBB34A4989E3FA)
O22 - Tasks: \Microsoft\Reduce Memory 60min.xml - C:\Windows\system32\EcMenu_x64.exe /Admin /ReduceMemory (not signed - vvv.sordum.org - 721E03A68539A11C72A0BE3849DBB34A4989E3FA)
O22 - Tasks: Intelligent StandbyList Cleaner - C:\Users\Administrator\Desktop\Tweaks\Programlar\ISLC v1.0.3.1\Intelligent standby list cleaner ISLC.exe (sign: 'Wagnardsoft')
O22 - Tasks: StartAllBack Update - C:\Program Files\StartAllBack\UpdateCheck.exe elevated (not signed - Microsoft Corporation - 81B5B130741D5DF2FECCD67BB6EDB1A9D08D48AA)