HijackThis Log Paylaşımı ve Çözümleri

Logfile of HiJackThis+ (Plus) build 2024-03-24 Alpha v.3.4.0.8

Platform:  x64 Windows 11 (Pro), 10.0.22631.3374 (ReleaseId: 2009, 23H2), Service Pack: 0
Time:      07.04.2024 - 19:24 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Memory:    27603 MiB Free. Loading RAM (17 %), CPU (1 %)
Elevated:  Yes
Ran by:    ernes    (group: Administrators; type: Microsoft) on YAVINASPC1, FirstRun: yes

Chrome:  123.0.6312.106
Internet Explorer: 11.0.22621.1
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal (Secure Boot: On) (Code Integrity: On)

Running processes:
Number | Path
   1  C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avpui.exe
   6  C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.65\msedgewebview2.exe
   1  C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe
   1  C:\Program Files (x86)\MSI\MSI Center\Engine\CC_Engine_x64.exe
   1  C:\Program Files (x86)\MSI\MSI Center\Game Highlights\MSI_Companion_Service.exe
   1  C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe
   1  C:\Program Files (x86)\MSI\MSI Center\MSI.TerminalServer.exe
   1  C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe
   1  C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe
   1  C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LightKeeperService.exe
   1  C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Mystic_Light_Service.exe
   1  C:\Program Files (x86)\MSI\MSI Center\Speed Up\StorageMonitor.exe
   1  C:\Program Files (x86)\MSI\MSI Center\Super Charger\MSI_Super_Charger_Service.exe
   1  C:\Program Files (x86)\MSI\MSI Center\True Color\New\MSI.True Color.exe
   1  C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Engine.exe
   1  C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe
   1  C:\Program Files\AMD\CNext\CNext\amdow.exe
   1  C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
   1  C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
   1  C:\Program Files\AMD\CNext\CNext\cncmd.exe
   1  C:\Program Files\AMD\CNext\CNext\CPUMetricsServer.exe
   1  C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
   1  C:\Program Files\AMD\Performance Profile Client\AUEPDU.exe
   1  C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
   1  C:\Program Files\WindowsApps\Microsoft.GamingServices_19.87.13001.0_x64__8wekyb3d8bbwe\gamingservices.exe
   1  C:\Program Files\WindowsApps\Microsoft.GamingServices_19.87.13001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
   1  C:\Program Files\WindowsApps\Microsoft.YourPhone_1.24022.87.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
   1  C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.450.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
   1  C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.450.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe
   1  C:\Users\ernes\Desktop\HiJackThis.exe
   1  C:\Windows\explorer.exe
   1  C:\Windows\System32\AggregatorHost.exe
   1  C:\Windows\System32\amdfendrsr.exe
   1  C:\Windows\System32\audiodg.exe
   1  C:\Windows\System32\cmd.exe
   4  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dllhost.exe
   2  C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5349479f7c9fe8a6\RtkAudUService64.exe
   1  C:\Windows\System32\DriverStore\FileRepository\u0401413.inf_amd64_997830838cb299a9\B401180\atieclxx.exe
   1  C:\Windows\System32\DriverStore\FileRepository\u0401413.inf_amd64_997830838cb299a9\B401180\atiesrxx.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\LsaIso.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\oobe\UserOOBEBroker.exe
   3  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SearchProtocolHost.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SecurityHealthSystray.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  83  C:\Windows\System32\svchost.exe
   2  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\vmcompute.exe
   1  C:\Windows\System32\vmms.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\System32\wlanext.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe
   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
   2  C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
   1  vmmemCmZygote

O1 - Hosts.ICS: 172.29.160.1 yavinaspc1.mshome.net # 2029 4 5 6 16 20 15 936
O4 - ActiveSetup: HKLM\..\{8A69D345-D564-463c-AFF1-A69D9E530F96}: [StubPath] = C:\Program Files\Google\Chrome\Application\123.0.6312.106\Installer\chrmstp.exe --configure-user-settings --verbose-logging --system-level --channel=stable (sign: 'Google LLC')
O4 - HKCU\..\Run: [AMDNoiseSuppression] = C:\WINDOWS\system32\AMD\ANR\AMDNoiseSuppression.exe (sign: 'Advanced Micro Devices Inc.')
O4 - HKCU\..\StartupApproved\Run: [electron.app.BlueStacks Services] = C:\Users\ernes\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe --hidden (2023/10/15) (not signed - now.gg, Inc. - EE51CEB40195984D9227D40A3EA45AAB96E64910)
O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent -launchcontext=boot (2022/04/07) (sign: 'Epic Games Inc.')
O4 - HKCU\..\StartupApproved\Run: [GogGalaxy] = C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe /launchViaAutoStart (2022/10/26) (sign: 'GOG  sp. z o.o')
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_8282BAA6D0285A9F061B646F3EC026B0] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start (2022/04/06) (sign: 'Microsoft')
O4 - HKCU\..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2022/04/07) (sign: 'Valve Corp.')
O4 - HKCU\..\StartupApproved\Run: [ut] = C:\Users\ernes\AppData\Roaming\utorrent\uTorrent.exe /MINIMIZED (2023/07/31) (sign: 'BitTorrent Inc')
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\ernes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Peace.lnk    ->    C:\Program Files\EqualizerAPO\config\Peace.exe (2023/06/11) (sign: 'Petrus Verbeek')
O4 - HKLM\..\Run: [RtkAudUService] = C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5349479f7c9fe8a6\RtkAudUService64.exe -background (sign: 'Realtek Semiconductor Corp.')
O4 - HKU\S-1-5-19\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'Local service') (sign: 'Microsoft')
O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'Local service') (sign: 'Microsoft')
O4 - HKU\S-1-5-20\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'Network service') (sign: 'Microsoft')
O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'Network service') (sign: 'Microsoft')
O5 - Applet: C:\WINDOWS\SysWOW64\PhysX.cpl (sign: 'NVIDIA Corporation')
O17 - DHCP DNS 1: 192.168.1.1
O22 - Task (.job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\Windows\explorer.exe (sign: 'Microsoft')
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (user missing) (sign: 'Microsoft')
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (user missing) (sign: 'Microsoft')
O22 - Tasks: (disabled) \Agent Activation Runtime\S-1-5-21-3668908226-1467175477-1431687317-1001 - C:\Windows\System32\AgentActivationRuntimeStarter.exe (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\WINDOWS\system32\fclip.exe (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\MdmDiagnosticsCleanup - C:\WINDOWS\system32\MdmDiagnosticsTool.exe /clean (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Shell\ThemeAssetTask_SyncFODState - {3BC5DD7D-EA3B-428C-B9B6-0723DB6A1057} - C:\Windows\System32\Windows.UI.Immersive.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\WINDOWS\system32\MusNotification.exe /RunOnAC Reboot (file missing)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\WINDOWS\system32\MusNotification.exe /RunOnBattery Reboot (file missing)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\WaaSMedic\DeferredWork - {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32},DeferralWork - C:\WINDOWS\System32\WaaSMedicSvc.dll (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\WINDOWS\system32\sc.exe start InventorySvc (sign: '')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\SdbinstMergeDbTask - C:\WINDOWS\system32\sdbinst.exe -mm (sign: 'Microsoft')
O22 - Tasks: \GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem125.0.6386.0{AEE18BB8-5FC1-4E99-9348-3D2EEB5EF6C5} - C:\Program Files (x86)\Google\GoogleUpdater\125.0.6386.0\updater.exe --wake --system --enable-logging --vmodule=*/components/winhttp/*=1,*/components/update_client/*=2,*/chrome/updater/*=2 (sign: 'Google LLC')
O22 - Tasks: \HardDiskSentinel\Hard Disk Sentinel_ernes - C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe /AUTORUN (not signed - H.D.S. Hungary - FEE46DACDD5B79F9245148064F72572A5D0E4887)
O22 - Tasks: \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - C:\WINDOWS\System32\MbaeParserTask.exe (file missing)
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (file missing)
O22 - Tasks: AMDInstallLauncher - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe /InstallAUEP (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks: AMDLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -AMDLinkUpdate (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks: AMDRyzenMasterSDKTask - C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks: BlueStacksHelper_nxt - C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe -sr (sign: 'Now.gg, INC')
O22 - Tasks: Cloud - C:\Program Files\GIGABYTE\Control Center\GbtCloudMatrix.exe (file missing)
O22 - Tasks: Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} - C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe /waitUpgrade (sign: 'Kaspersky Lab JSC')
O22 - Tasks: ModifyLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -UpdateCurrentUser (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks: MSI Task Host - LEDKeeper2_Host - C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O22 - Tasks: StartAUEP - C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks: StartCN - C:\Program Files\AMD\CNext\CNext\cncmd.exe startwithdelay (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks: StartCNBM - C:\Program Files\AMD\CNext\CNext\cncmd.exe benchmark (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks: StartDVR - C:\Program Files\AMD\CNext\CNext\RSServCmd.exe (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks_Migrated: (disabled) \Agent Activation Runtime\S-1-5-21-3668908226-1467175477-1431687317-1001 - C:\Windows\System32\AgentActivationRuntimeStarter.exe (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\WINDOWS\system32\fclip.exe (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (sign: 'Microsoft')
O22 - Tasks_Migrated: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (sign: 'Microsoft')
O22 - Tasks_Migrated: \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - C:\WINDOWS\System32\MbaeParserTask.exe (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\SettingSync\BackgroundUploadTask - {59B9640B-3F70-4D1C-B159-F26EEB8A4C87} - (no file)
O22 - Tasks_Migrated: \Microsoft\Windows\SettingSync\NetworkStateChangeTask - {A4173A49-F373-4475-9A0F-2D615204DC20} - (no file)
O22 - Tasks_Migrated: \Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Windows Defender\Windows Defender Cleanup - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe -IdleTask -TaskName WdCleanup (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe Scan -ScheduleJob -ScanTrigger 55 -IdleScheduledJob (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Windows Defender\Windows Defender Verification - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe -IdleTask -TaskName WdVerification (file missing)
O22 - Tasks_Migrated: AMDInstallLauncher - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe /InstallAUEP (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks_Migrated: AMDLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -AMDLinkUpdate (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks_Migrated: AMDRyzenMasterSDKTask - C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks_Migrated: BlueStacksHelper_nxt - C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe -sr (sign: 'Now.gg, INC')
O22 - Tasks_Migrated: GoogleUpdateTaskMachineCore{6CEB26F2-88E0-4365-8487-67674A4A8B78} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c (sign: 'Google LLC')
O22 - Tasks_Migrated: GoogleUpdateTaskMachineUA{98A4CD2E-C1E7-48F7-8426-38400E4DE0EB} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler (sign: 'Google LLC')
O22 - Tasks_Migrated: MicrosoftEdgeShadowStackRollbackTask - C:\Program Files (x86)\Microsoft\Edge\Application\108.0.1462.54\Installer\setup.exe --handle-crash="$(ProcessPath)" (file missing)
O22 - Tasks_Migrated: ModifyLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -UpdateCurrentUser (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks_Migrated: OneDrive Reporting Task-S-1-5-21-3668908226-1467175477-1431687317-1001 - C:\Users\ernes\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (file missing)
O22 - Tasks_Migrated: OneDrive Standalone Update Task-S-1-5-21-3668908226-1467175477-1431687317-1001 - C:\Users\ernes\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (file missing)
O22 - Tasks_Migrated: StartCN - C:\Program Files\AMD\CNext\CNext\cncmd.exe startwithdelay (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks_Migrated: StartDVR - C:\Program Files\AMD\CNext\CNext\RSServCmd.exe (sign: 'Advanced Micro Devices Inc.')
O23 - Service R2: AMD Crash Defender Service - C:\WINDOWS\System32\amdfendrsr.exe (sign: 'Microsoft')
O23 - Service R2: AMD External Events Utility - C:\WINDOWS\System32\DriverStore\FileRepository\u0401413.inf_amd64_997830838cb299a9\B401180\atiesrxx.exe (sign: 'Advanced Micro Devices Inc.')
O23 - Service R2: AMD User Experience Program Data Uploader - (AUEPLauncher) - C:\Program Files\AMD\CIM\..\Performance Profile Client\AUEPDU.exe (sign: 'Advanced Micro Devices Inc.')
O23 - Service R2: Gaming Services - (GamingServices) - C:\Program Files\WindowsApps\Microsoft.GamingServices_19.87.13001.0_x64__8wekyb3d8bbwe\GamingServices.exe (sign: 'Microsoft')
O23 - Service R2: Gaming Services - (GamingServicesNet) - C:\Program Files\WindowsApps\Microsoft.GamingServices_19.87.13001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe (sign: 'Microsoft')
O23 - Service R2: Kaspersky Anti-Virus Hizmeti 21.3 - (AVP21.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe -r (sign: 'Kaspersky Lab JSC')
O23 - Service R2: LightKeeperService - C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LightKeeperService.exe (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O23 - Service R2: MSI Center Service - (MSI_Center_Service) - C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O23 - Service R2: MSI Voice Control Service - (MSI_VoiceControl_Service) - C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O23 - Service R2: MSI_Case_Service - C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O23 - Service R2: MSI_Companion_Service - C:\Program Files (x86)\MSI\MSI Center\Game Highlights\MSI_Companion_Service.exe (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O23 - Service R2: MSI_Super_Charger_Service - C:\Program Files (x86)\MSI\MSI Center\Super Charger\MSI_Super_Charger_Service.exe (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O23 - Service R2: Mystic_Light_Service - C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Mystic_Light_Service.exe (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5349479f7c9fe8a6\RtkAudUService64.exe (sign: 'Realtek Semiconductor Corp.')
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc (sign: 'Google LLC')
O23 - Service S2: GoogleUpdater InternalService 125.0.6386.0 (GoogleUpdaterInternalService125.0.6386.0) - (GoogleUpdaterInternalService125.0.6386.0) - C:\Program Files (x86)\Google\GoogleUpdater\125.0.6386.0\updater.exe --system --windows-service --service=update-internal --enable-logging --vmodule=*/components/winhttp/*=1,*/components/update_client/*=2,*/chrome/updater/*=2 (sign: 'Google LLC')
O23 - Service S2: GoogleUpdater Service 125.0.6386.0 (GoogleUpdaterService125.0.6386.0) - (GoogleUpdaterService125.0.6386.0) - C:\Program Files (x86)\Google\GoogleUpdater\125.0.6386.0\updater.exe --system --windows-service --service=update --enable-logging --vmodule=*/components/winhttp/*=1,*/components/update_client/*=2,*/chrome/updater/*=2 (sign: 'Google LLC')
O23 - Service S3: Easy Anti-Cheat (Epic Online Services) - (EasyAntiCheat_EOS) - C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe (sign: 'EasyAntiCheat Oy')
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe (sign: 'EasyAntiCheat Oy')
O23 - Service S3: Epic Online Services - (EpicOnlineServices) - C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe (sign: 'Epic Games Inc.')
O23 - Service S3: GalaxyClientService - C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe (sign: 'GOG  sp. z o.o')
O23 - Service S3: GalaxyCommunication - C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe (sign: 'GOG  sp. z o.o')
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe (sign: 'Google LLC')
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc (sign: 'Google LLC')
O23 - Service S3: Kaspersky Volume Shadow Copy Service Bridge 21.3 - (klvssbridge64_21.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\vssbridge64.exe (sign: 'Kaspersky Lab JSC')
O23 - Service S3: ProtonVPN Service - C:\Program Files\Proton\VPN\v3.2.10\ProtonVPNService.exe (sign: 'Proton AG')
O23 - Service S3: ProtonVPN WireGuard - C:\Program Files\Proton\VPN\v3.2.4\ProtonVPN.WireGuardService.exe "C:\ProgramData\ProtonVPN\WireGuard\ProtonVPN.conf" (file missing)
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService (sign: 'Valve Corp.')
O23 - Driver R0: AMD PCI Root Bus Lower Filter - (amdkmpfd) - C:\WINDOWS\System32\drivers\amdkmpfd.sys (+safe mode) (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R0: AMD PSP Service - (amdpsp) - C:\WINDOWS\System32\drivers\amdpsp.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R0: AO Kaspersky Lab Cryptographic Module x64 (56 bit) - (cm_km) - C:\WINDOWS\system32\DRIVERS\cm_km.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R0: klupd_klif_arkmon - C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R0: klupd_klif_klbg - C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: CTIIO - C:\WINDOWS\system32\drivers\CtiIo64.sys (sign: 'Microsoft' - Creative Technology Innovation Co., LTd.)
O23 - Driver R1: Kaspersky Anti-Virus NDIS 6 Filter - (klim6) - C:\WINDOWS\system32\DRIVERS\klim6.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab Driver - (KLIF) - C:\WINDOWS\system32\DRIVERS\klif.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab format recognizer driver - (klpd) - C:\WINDOWS\system32\DRIVERS\klpd.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab Kernel DLL - (klflt) - C:\WINDOWS\system32\DRIVERS\klflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab klbackupdisk - (klbackupdisk) - C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab klbackupflt - (klbackupflt) - C:\WINDOWS\system32\DRIVERS\klbackupflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab klpnpflt - (klpnpflt) - C:\WINDOWS\system32\DRIVERS\klpnpflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab Security Extender Driver - (klgse) - C:\WINDOWS\system32\DRIVERS\klgse.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab service driver - (klhk) - C:\WINDOWS\system32\DRIVERS\klhk.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: kldisk - C:\WINDOWS\system32\DRIVERS\kldisk.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: klwfp - C:\WINDOWS\system32\DRIVERS\klwfp.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: KLwtp - WFP callout traffic inspector - (klwtp) - C:\WINDOWS\system32\DRIVERS\klwtp.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: kneps - C:\WINDOWS\system32\DRIVERS\kneps.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: MSIO - C:\Windows\system32\drivers\MsIo64.sys (sign: 'Microsoft' - MICSYS Technology Co., LTd)
O23 - Driver R2: AMDRyzenMasterDriverV20 - C:\Program Files\AMD\RyzenMasterSDK\bin\AMDRyzenMasterDriver.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R2: AMDRyzenMasterDriverV22 - C:\WINDOWS\system32\AMDRyzenMasterDriver.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R2: BlueStacks Hypervisor_nxt - (BlueStacksDrv_nxt) - C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys (sign: 'Microsoft' - Bluestack System Inc.)
O23 - Driver R3: ___ Windows 10 64 Bit için Intel(R) Wireless Bağdaştırıcı Sürücüsü  - (Netwtw12) - C:\WINDOWS\System32\DriverStore\FileRepository\netwtw6e.inf_amd64_4d2bf8e0a2f591ce\Netwtw12.sys (+safe mode) (sign: 'Intel Corporation')
O23 - Driver R3: AMD Crash Defender Driver - (amdfendr) - C:\WINDOWS\System32\drivers\amdfendr.sys (sign: 'Microsoft' - Advanced Micro Devices, Inc.)
O23 - Driver R3: AMD Crash Defender Manager Driver - (amdfendrmgr) - C:\WINDOWS\System32\drivers\amdfendrmgr.sys (sign: 'Microsoft' - Advanced Micro Devices, Inc.)
O23 - Driver R3: AMD Function Driver for HD Audio Service - (AtiHDAudioService) - C:\WINDOWS\system32\drivers\AtihdWT6.sys (sign: 'Microsoft' - Advanced Micro Devices)
O23 - Driver R3: AMD GPIO Client Driver - (amdgpio2) - C:\WINDOWS\System32\drivers\amdgpio2.sys (sign: 'Advanced Micro Devices INC.')
O23 - Driver R3: AMD GPIO Client Driver - (amdgpio3) - C:\WINDOWS\System32\drivers\amdgpio3.sys (sign: 'ASMedia Technology Inc.')
O23 - Driver R3: AMD Link Controller Emulation - (AMDXE) - C:\WINDOWS\System32\drivers\amdxe.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R3: AMD PCI - (AMDPCIDev) - C:\WINDOWS\System32\drivers\AMDPCIDev.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R3: AMDSAFD - C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_54807f69fe156f14\amdsafd.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R3: amduw23g - C:\WINDOWS\System32\DriverStore\FileRepository\u0401413.inf_amd64_997830838cb299a9\B401180\amdkmdag.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R3: Intel(R) Wireless Bluetooth(R) - (ibtusb) - C:\WINDOWS\System32\DriverStore\FileRepository\ibtusb.inf_amd64_adbe1aba87fc1ba2\ibtusb.sys (+safe mode) (sign: 'Intel Corporation')
O23 - Driver R3: Kaspersky Lab KLKBDFLT - (klkbdflt) - C:\WINDOWS\system32\DRIVERS\klkbdflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R3: Kaspersky Lab KLMOUFLT - (klmouflt) - C:\WINDOWS\system32\DRIVERS\klmouflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R3: klids - C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R3: klupd_klif_klark - C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R3: klupd_klif_mark - C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R3: NTIOLib_CC_Clock - C:\Program Files (x86)\MSI\MSI Center\Lib\NTIOLib_X64.sys (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O23 - Driver R3: NTIOLib_CC_COMM - C:\Program Files (x86)\MSI\MSI Center\Lib\SYS\NTIOLib_X64.sys (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O23 - Driver R3: NTIOLib_CC_CPU - C:\Program Files (x86)\MSI\MSI Center\Super Charger\NTIOLib_X64.sys (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O23 - Driver R3: NTIOLib_MysticLight - C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Lib\NTIOLib_X64.sys (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O23 - Driver R3: Realtek NetAdapter Driver - (rt25cx21) - C:\WINDOWS\System32\DriverStore\FileRepository\rt25cx21x64.inf_amd64_9b52b3441bf62028\rt25cx21x64.sys (sign: 'Realtek Semiconductor Corp.')
O23 - Driver R3: Service for Realtek HD Audio (WDM) - (IntcAzAudAddService) - C:\WINDOWS\system32\drivers\RTKVHD64.sys (sign: 'Realtek Semiconductor Corp.')
O23 - Driver R3: TAP-ProtonVPN Windows Adapter V9 - (tapprotonvpn) - C:\WINDOWS\System32\drivers\tapprotonvpn.sys (+safe mode) (sign: 'Microsoft' - The OpenVPN Project)
O23 - Driver S1: WinSetupMon - C:\WINDOWS\system32\DRIVERS\WinSetupMon.sys (file missing)
O23 - Driver S3: ___ Intel(R) Wireless Adapter Driver for Windows 10 - 64 Bit - (Netwtw10) - C:\WINDOWS\System32\DriverStore\FileRepository\netwtw6e.inf_amd64_ed6cba5ffa9fc767\Netwtw10.sys (+safe mode) (sign: 'Intel Corporation')
O23 - Driver S3: amdwddmg - C:\WINDOWS\System32\DriverStore\FileRepository\u0395510.inf_amd64_266bc083bb7590df\B395348\amdkmdag.sys (file missing)
O23 - Driver S3: EasyAntiCheat_EOSSys - C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.sys (sign: 'EasyAntiCheat Oy')
O23 - Driver S3: gdrv3 - C:\WINDOWS\system32\drivers\gdrv3.sys (sign: 'GIGA-BYTE TECHNOLOGY CO., LTD.')
O23 - Driver S3: HWiNFO Kernel Driver (v153) - (HWiNFO_153) - C:\Users\ernes\AppData\Local\Temp\HWiNFO64A_153.SYS (file missing)
O23 - Driver S3: Intel(R) Serial IO GPIO Controller Driver - (iaLPSSi_GPIO) - C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys (sign: 'Intel Corporation - Client Components Group')
O23 - Driver S3: ProtonVPNCallout - C:\Program Files\Proton\VPN\v3.2.10\Resources\ProtonVPN.CalloutDriver.sys (+safe mode) (sign: 'Microsoft' - Proton Technologies AG)
O23 - Driver S3: Realtek RT640 NT Driver - (rt640x64) - C:\WINDOWS\System32\drivers\rt640x64.sys (+safe mode) (sign: 'Realtek Semiconductor Corp.')
O23 - Driver S3: WinRing0_1_2_0 - C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\MODAPI.sys (sign: 'Noriyuki MIYAZAKI')
O23 - Driver S3: Wintun - (wintun) - C:\WINDOWS\System32\drivers\wintun.sys (+safe mode) (sign: 'Microsoft' - WireGuard LLC)
O23 - Driver S3: WireGuard - C:\WINDOWS\System32\drivers\wireguard.sys (sign: 'Microsoft' - WireGuard LLC)
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'klim6'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'klwtp'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'Netwtw10'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'Netwtw12'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'ProtonVPN Service'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'ProtonVPNCallout'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'rt640x64'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'tapprotonvpn'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'wintun'


--
End of file - Time spent: 26,8 sec. - 65618 bytes, CRC32: FFFFFFFF. Sign: 褖镘

Logfile of HiJackThis+ (Plus) build 2024-03-24 Alpha v.3.4.0.8

Platform:  x64 Windows 10 (Pro), 10.0.19045.4170 (ReleaseId: 2009, 22H2), Service Pack: 0
Time:      15.04.2024 - 18:19 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Memory:    9492 MiB Free. Loading RAM (42 %), CPU (4 %)
Elevated:  Yes
Ran by:    sdr    (group: Administrators; type: Local) on SDR, FirstRun: yes

Chrome:  123.0.6312.122
Firefox: 121.0.0.8745
Internet Explorer: 11.0.19041.3636
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal (Secure Boot: On) (Code Integrity: On)

Running processes:
Number | Path
   1  C:\Program Files (x86)\Google\Update\1.3.36.363\GoogleCrashHandler.exe
   1  C:\Program Files (x86)\Google\Update\1.3.36.363\GoogleCrashHandler64.exe
   1  C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
   1  C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
   1  C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
   1  C:\Program Files\Acer\NitroSense Service\PSAgent.exe
   1  C:\Program Files\Acer\NitroSense Service\PSSvc.exe
   1  C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
  17  C:\Program Files\Google\Chrome\Application\chrome.exe
   1  C:\Program Files\Intel\Intel Arc Control\ArcControlService.exe
   3  C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
   3  C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
   1  C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
   1  C:\Program Files\Riot Vanguard\vgtray.exe
   1  C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2413.1.0_x64__cv1g1gvanyjgm\WhatsApp.exe
   1  C:\Program Files\WindowsApps\Microsoft.GamingServices_20.88.6001.0_x64__8wekyb3d8bbwe\gamingservices.exe
   1  C:\Program Files\WindowsApps\Microsoft.GamingServices_20.88.6001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
   1  C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21854.0_x64__8wekyb3d8bbwe\HxOutlook.exe
   1  C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21854.0_x64__8wekyb3d8bbwe\HxTsr.exe
   1  C:\Program Files\WindowsApps\Microsoft.YourPhone_1.24022.87.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
   1  C:\Program Files\WinRAR\WinRAR.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MsMpEng.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\NisSrv.exe
   1  C:\Riot Games\Riot Client\RiotClientCrashHandler.exe
   1  C:\Riot Games\Riot Client\RiotClientServices.exe
   1  C:\Users\sdr\AppData\Local\Temp\Rar$EXa3276.5821\HiJackThis.exe
   1  C:\Windows\explorer.exe
   1  C:\Windows\ImmersiveControlPanel\SystemSettings.exe
   1  C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
   1  C:\Windows\System32\AggregatorHost.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   1  C:\Windows\System32\audiodg.exe
   3  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\DataExchangeHost.exe
   1  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe
   1  C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
   1  C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWM.exe
   1  C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe
   1  C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b20183c0e1a9d643\igfxCUIServiceN.exe
   1  C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b20183c0e1a9d643\igfxEMN.exe
   1  C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
   1  C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4ce8bafd96682424\esif_uf.exe
   1  C:\Windows\System32\DriverStore\FileRepository\iastorvd.inf_amd64_a5ea1b1d8db1527e\RstMwService.exe
   1  C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_564a6f565b40bd5f\OneApp.IGCC.WinService.exe
   1  C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_f6ea1f36cd61d64f\IntelCpHDCPSvc.exe
   1  C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_0f43cda6a2474b5c\AS\IAS\IntelAudioService.exe
   1  C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
   2  C:\Windows\System32\DriverStore\FileRepository\nvaci.inf_amd64_52f3e1d0b5db2a3a\Display.NvContainer\NVDisplay.Container.exe
   1  C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_755bac9f4aed06d8\Intel_PIE_Service.exe
   3  C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_af528bf4464e0980\RtkAudUService64.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\GamePowerDeviceService.exe
   1  C:\Windows\System32\LsaIso.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\MoUsoCoreWorker.exe
   1  C:\Windows\System32\oobe\UserOOBEBroker.exe
   1  C:\Windows\System32\rundll32.exe
   9  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchFilterHost.exe
   1  C:\Windows\System32\SearchIndexer.exe
   2  C:\Windows\System32\SearchProtocolHost.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SecurityHealthSystray.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  83  C:\Windows\System32\svchost.exe
   2  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\Taskmgr.exe
   1  C:\Windows\System32\wbem\unsecapp.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\Windows.Media.BackgroundPlayback.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\System32\wlanext.exe
   2  C:\Windows\System32\WUDFHost.exe
   1  C:\Windows\System32\WWAHost.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   1  C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

O1 - Hosts: Reset contents to default
O1 - Hosts: 109.94.209.70 vvv.fitgirlrepacks.in # Fake FitGirl site
O1 - Hosts: 109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirlrepacks.in # Fake FitGirl site
O1 - Hosts: 127.0.0.1 checkhost.local
O1 - Hosts: 109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirl-repacks.to # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirl-repack.com # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirl-repacks.website # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirlrepack.games # Fake FitGirl site
O1 - Hosts: 109.94.209.70 vvv.fitgirlrepacks.co # Fake FitGirl site
O1 - Hosts: 109.94.209.70 vvv.fitgirl-repacks.cc # Fake FitGirl site
O1 - Hosts: 109.94.209.70 vvv.fitgirl-repacks.to # Fake FitGirl site
O1 - Hosts: 109.94.209.70 vvv.fitgirl-repack.com # Fake FitGirl site
O1 - Hosts: 109.94.209.70 vvv.fitgirl-repacks.website # Fake FitGirl site
O1 - Hosts: 109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site
O1 - Hosts: 109.94.209.70 vvv.fitgirlrepack.games # Fake FitGirl site
O1 - Hosts: 109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirl-repacks.xyz # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirl-repack.net # Fake FitGirl site
O1 - Hosts: 109.94.209.70 vvv.fitgirl-repack.net # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirlpack.site # Fake FitGirl site
O1 - Hosts: 109.94.209.70 vvv.fitgirlpack.site # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirl-repack.org # Fake FitGirl site
O1 - Hosts: 109.94.209.70 vvv.fitgirl-repack.org # Fake FitGirl site
O1 - Hosts: 127.0.0.1 lmlicenses.wip4.adobe.com
O1 - Hosts: 127.0.0.1 lm.licenses.adobe.com
O1 - Hosts: 127.0.0.1 na1r.services.adobe.com
O1 - Hosts: 127.0.0.1 hlrcv.stage.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 genuine.adobe.com
O1 - Hosts: 127.0.0.1 prod.adobegenuine.com
O1 - Hosts: 127.0.0.1 lm-prd-da1.licenses.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip4.adobe.com
O1 - Hosts: 127.0.0.1 practivate-da1.adobe.com
O1 - Hosts: 127.0.0.1 uds.licenses.adobe.com
O1 - Hosts: 127.0.0.1 license.adobe.com
O1 - Hosts: 127.0.0.1 helpexamples.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O2 - HKLM\..\BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll (sign: 'Adobe Inc.')
O2 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (sign: 'Tonec Inc.')
O2 - HKLM\..\BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll (sign: 'Adobe Inc.')
O2-32 - HKLM\..\BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll (sign: 'Adobe Inc.')
O2-32 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (sign: 'Tonec Inc.')
O2-32 - HKLM\..\BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll (sign: 'Adobe Inc.')
O3 - HKLM\..\Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll (sign: 'Adobe Inc.')
O3-32 - HKLM\..\Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll (sign: 'Adobe Inc.')
O4 - ActiveSetup: HKLM\..\{8A69D345-D564-463c-AFF1-A69D9E530F96}: [StubPath] = C:\Program Files\Google\Chrome\Application\123.0.6312.122\Installer\chrmstp.exe --configure-user-settings --verbose-logging --system-level --channel=stable (sign: 'Google LLC')
O4 - HKCU\..\StartupApproved\Run: [BingSvc] = C:\Users\kariz\AppData\Local\Microsoft\BingSvc\BingSvc.exe (file missing) (2024/01/25)
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_1C2530A867A57E54A284432F803834D2] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start /prefetch:5 (2024/01/25) (sign: 'Microsoft')
O4 - HKCU\..\StartupApproved\Run: [Opera GX Browser Assistant] = C:\Users\sdr\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe (2024/01/25) (sign: 'Opera Software AS')
O4 - HKCU\..\StartupApproved\Run: [utweb] = "C:\Users\kariz\AppData\Roaming\uTorrent Web\utweb.exe" /MINIMIZED (file missing) (2024/01/25)
O4 - HKLM\..\Run: [Riot Vanguard] = C:\Program Files\Riot Vanguard\vgtray.exe (sign: 'Riot Games, Inc.')
O4 - HKLM\..\Run: [RtkAudUService] = C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_af528bf4464e0980\RtkAudUService64.exe -background (sign: 'Realtek Semiconductor Corp.')
O4 - HKLM\..\Run: [SteelSeriesGG] = C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe -dataPath="C:\ProgramData\SteelSeries\GG" -dbEnv=production -auto=true (sign: 'SteelSeries ApS')
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations] = C:\Windows\Temp\020fe1e0-650f-41af-ae03-85d8023448de.tmp -> DELETE
O4 - HKLM\..\StartupApproved\Run32: [Intel® Arc™ Control] = C:\Program Files\Intel\Intel Arc Control\ArcControl.exe /s (2024/01/25) (sign: 'Intel Corporation')
O4 - HKLM\..\StartupApproved\Run32: [TeamsMachineInstaller] = "C:\Program Files\Teams Installer\Teams.exe" --checkInstall --source=PROPLUS (file missing) (2024/01/25)
O4-32 - HKLM\..\Run: [GAMEPOWERAudioApp_x32.exe] = C:\Program Files (x86)\GAMEPOWER Audio\GAMEPOWERAudioApp_x32.exe -boot (sign: 'Solid State System Co., Ltd')
O4-32 - HKLM\..\Run: [Lightshot] = C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe (sign: 'Kilonova LLC')
O7 - KnownFolder: C:\Users\sdr\Documents (folder missing)
O7 - KnownFolder: C:\Users\sdr\Links (folder missing)
O7 - KnownFolder: C:\Users\sdr\Searches (folder missing)
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders, {374DE290-123F-4565-9164-39C4925E467B} = C:\Users\kariz\Downloads
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders, {4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4} = C:\Users\kariz\Saved Games
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders, {56784854-C6CB-462B-8169-88E350ACB882} = C:\Users\kariz\Contacts
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders, Desktop = C:\Users\kariz\Desktop
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders, Favorites = C:\Users\kariz\Favorites
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders, My Music = C:\Users\kariz\Music
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders, My Video = C:\Users\kariz\Videos
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders, {374DE290-123F-4565-9164-39C4925E467B} = %SystemDrive%\Users\kariz\Downloads
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders, Desktop = %SystemDrive%\Users\kariz\Desktop
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders, Favorites = %SystemDrive%\Users\kariz\Favorites
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders, My Music = %SystemDrive%\Users\kariz\Music
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders, My Pictures = %SystemDrive%\Users\sdr\Pictures
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders, My Video = %SystemDrive%\Users\kariz\Videos
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders, Personal = %USERPROFILE%\sdr\Documents
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\IDM ile indir: (default) = C:\Program Files (x86)\Internet Download Manager\IEExt.htm (not signed - no company - 1A49C5F7A98580F8002AC1D6115AB39CB753975B)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Se&nd to OneNote: (default) = C:\Program Files\Microsoft Office\root\Office16\ONBttnIE.dll (file missing)
O15 - Trusted Zone: hxxps://istinye-files.sharepoint.com
O15 - Trusted Zone: hxxps://istinye-myfiles.sharepoint.com
O17 - DHCP DNS 1: 1.1.1.1 (Well-known DNS: Cloudflare / APNIC)
O17 - DHCP DNS 2: 1.0.0.1 (Well-known DNS: Cloudflare / APNIC)
O17 - HKLM\System\CCS\Services\Tcpip\..\{40139a1f-ab62-4b87-866f-8480a6fe0598}: [NameServer] = 1.0.0.1 (Well-known DNS: Cloudflare / APNIC)
O17 - HKLM\System\CCS\Services\Tcpip\..\{40139a1f-ab62-4b87-866f-8480a6fe0598}: [NameServer] = 1.1.1.1 (Well-known DNS: Cloudflare / APNIC)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll (sign: 'Tonec Inc.')
O22 - Task (.job): (Not scheduled) update-S-1-5-21-2537787356-1470784057-2014785980-1001.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe (sign: 'OOO Lightshot')
O22 - Task (.job): (Not scheduled) update-sys.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe (sign: 'OOO Lightshot')
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FxSound (empty)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Intel (empty)
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (user missing) (sign: 'Microsoft')
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (user missing) (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\Windows\system32\fclip.exe (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Office\Office Performance Monitor - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (sign: 'Microsoft')
O22 - Tasks: (telemetry) NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe (sign: 'NVIDIA Corporation')
O22 - Tasks: (telemetry) NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe (sign: 'NVIDIA Corporation')
O22 - Tasks: (telemetry) NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe (sign: 'NVIDIA Corporation')
O22 - Tasks: (telemetry) NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe (sign: 'NVIDIA Corporation')
O22 - Tasks: \Microsoft\Office\Office Serviceability Manager - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe /checkin (sign: 'Microsoft')
O22 - Tasks: \Mozilla\Firefox Background Update 308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate (sign: 'Mozilla Corporation')
O22 - Tasks: \Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" (sign: 'Mozilla Corporation')
O22 - Tasks: Adobe-Genuine-Software-Integrity-Scheduler-1.0 - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (sign: 'Adobe Inc.')
O22 - Tasks: GoogleUpdateTaskMachineCore{0390540C-2293-4009-82E6-E48DFB8E2F0A} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c (sign: 'Google LLC')
O22 - Tasks: GoogleUpdateTaskMachineUA{8828C6F3-1ADE-4F4B-B0FB-AAB39AF9D57D} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler (sign: 'Google LLC')
O22 - Tasks: IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe --automatic (sign: 'Intel Corporation')
O22 - Tasks: IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe --automatic (sign: 'Intel Corporation')
O22 - Tasks: IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (file missing)
O22 - Tasks: klcp_update - C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe /verysilent /update /freq=30 (not signed - no company - 745559FF74A560957B438DBD3287D1054A76B68B)
O22 - Tasks: NitroSense - C:\Program Files\Acer\NitroSense Service\PSLauncher.exe (sign: 'Acer Incorporated')
O22 - Tasks: NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log (sign: 'NVIDIA Corporation')
O22 - Tasks: NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (sign: 'NVIDIA Corporation')
O22 - Tasks: NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler (sign: 'NVIDIA Corporation')
O22 - Tasks: NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (sign: 'NVIDIA Corporation')
O22 - Tasks: NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (sign: 'NVIDIA Corporation')
O22 - Tasks: OneDrive Reporting Task-S-1-5-21-2537787356-1470784057-2014785980-1001 - C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe /reporting (sign: 'Microsoft')
O22 - Tasks: OneDrive Reporting Task-S-1-5-21-2537787356-1470784057-2014785980-1002 - C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe /reporting (sign: 'Microsoft')
O22 - Tasks: OneDrive Reporting Task-S-1-5-21-2537787356-1470784057-2014785980-1004 - C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe /reporting (sign: 'Microsoft')
O22 - Tasks: Opera GX scheduled assistant Autoupdate 1701797133 - C:\Users\sdr\AppData\Local\Programs\Opera GX\launcher.exe --scheduledautoupdate --component-name=assistant --component-path="C:\Users\sdr\AppData\Local\Programs\Opera GX\assistant" $(Arg0) (sign: 'Opera Norway AS')
O22 - Tasks: Opera GX scheduled Autoupdate 1701472847 - C:\Users\sdr\AppData\Local\Programs\Opera GX\launcher.exe --scheduledautoupdate $(Arg0) (sign: 'Opera Norway AS')
O22 - Tasks: RNIdle Task - C:\Windows\System32\drivers\RivetNetworks\Killer\RNIdleTask.exe (sign: 'Intel Corporation')
O22 - Tasks: Software Update Application - C:\ProgramData\OEM\UpgradeTool\ListCheck.exe (sign: 'Acer Incorporated')
O22 - Tasks: update-S-1-5-21-2537787356-1470784057-2014785980-1001 - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate (sign: 'OOO Lightshot')
O22 - Tasks: update-sys - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate (sign: 'OOO Lightshot')
O23 - Service R2: GamePowerDeviceService - C:\Windows\system32\GamePowerDeviceService.exe (sign: 'Solid State System Co., Ltd')
O23 - Service R2: Gaming Services - (GamingServices) - C:\Program Files\WindowsApps\Microsoft.GamingServices_20.88.6001.0_x64__8wekyb3d8bbwe\GamingServices.exe (sign: 'Microsoft')
O23 - Service R2: Gaming Services - (GamingServicesNet) - C:\Program Files\WindowsApps\Microsoft.GamingServices_20.88.6001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe (sign: 'Microsoft')
O23 - Service R2: Intel(R) Arc Control Service - (IntelArcControlService) - C:\Program Files\Intel\Intel Arc Control\ArcControlService.exe (sign: 'Intel Corporation')
O23 - Service R2: Intel(R) Audio Service - (IntelAudioService) - C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_0f43cda6a2474b5c\\AS\\IAS\\IntelAudioService.exe (sign: 'Intel Corporation')
O23 - Service R2: Intel(R) Content Protection HDCP Service - (cplspcon) - C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_f6ea1f36cd61d64f\IntelCpHDCPSvc.exe (sign: 'Intel Corporation')
O23 - Service R2: Intel(R) Driver & Support Assistant - (DSAService) - C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe (sign: 'Intel Corporation')
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe (sign: 'Intel(R) Embedded Subsystems and IP Blocks Group')
O23 - Service R2: Intel(R) Dynamic Tuning service - (esifsvc) - C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4ce8bafd96682424\esif_uf.exe (sign: 'Intel Corporation')
O23 - Service R2: Intel(R) Graphics Command Center Service - (igccservice) - C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_564a6f565b40bd5f\OneApp.IGCC.WinService.exe (sign: 'Intel Corporation')
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService2.0.0.0) - C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b20183c0e1a9d643\igfxCUIServiceN.exe (sign: 'Intel Corporation')
O23 - Service R2: Intel(R) Management and Security Application Local Management Service - (LMS) - C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe (sign: 'Intel Corporation')
O23 - Service R2: Intel(R) Storage Middleware Service - (RstMwService) - C:\Windows\System32\DriverStore\FileRepository\iastorvd.inf_amd64_a5ea1b1d8db1527e\RstMwService.exe (sign: 'Intel Corporation')
O23 - Service R2: Killer Analytics Service - C:\Windows\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe (sign: 'Intel Corporation')
O23 - Service R2: Killer Network Service - C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe (sign: 'Intel Corporation')
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Windows\System32\DriverStore\FileRepository\nvaci.inf_amd64_52f3e1d0b5db2a3a\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvaci.inf_amd64_52f3e1d0b5db2a3a\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem /ert (sign: 'NVIDIA Corporation')
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" (sign: 'NVIDIA Corporation')
O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_af528bf4464e0980\RtkAudUService64.exe (sign: 'Realtek Semiconductor Corp.')
O23 - Service R3: Intel(R) Driver & Support Assistant Updater - (DSAUpdateService) - C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe (sign: 'Intel Corporation')
O23 - Service R3: Intel® PROSet/Wireless Service - (PIEServiceNew) - C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_755bac9f4aed06d8\Intel_PIE_Service.exe (sign: 'Intel Corporation')
O23 - Service R3: Killer Dynamic Bandwidth Management - (KNDBWM) - C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe (sign: 'Intel Corporation')
O23 - Service R3: Predator Service - (PSSvc) - C:\Program Files\Acer\NitroSense Service\PSSvc.exe (sign: 'Acer Incorporated')
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc (sign: 'Google LLC')
O23 - Service S2: Intel(R) TPM Provisioning Service - C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\TPMProvisioningService.exe (sign: 'Intel Corporation')
O23 - Service S2: Killer Provider Data Helper Service - C:\Windows\System32\drivers\Intel\Killer\KillerProviderDataHelperService.exe (file missing)
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe (sign: 'BattlEye Innovations e.K.')
O23 - Service S3: Epic Online Services - (EpicOnlineServices) - C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe (sign: 'Epic Games Inc.')
O23 - Service S3: FileSyncHelper - C:\Program Files\Microsoft OneDrive\24.055.0317.0002\FileSyncHelper.exe (sign: 'Microsoft')
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\123.0.6312.122\elevation_service.exe (sign: 'Google LLC')
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc (sign: 'Google LLC')
O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\SocketHeciServer.exe (sign: 'Intel Corporation')
O23 - Service S3: Intel(R) Optane(TM) Memory Service - (iaStorAfsService) - C:\Windows\System32\iaStorAfsService.exe (sign: 'Intel Corporation')
O23 - Service S3: Intel(R) SUR QC Software Asset Manager - (Intel(R) SUR QC SAM) - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe (sign: 'Intel Corporation')
O23 - Service S3: Killer Smart AP Selection Service - (KAPSService) - C:\Windows\System32\drivers\RivetNetworks\Killer\KAPSService.exe (sign: 'Intel Corporation')
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (sign: 'Mozilla Corporation')
O23 - Service S3: NVIDIA FrameView SDK service - (FvSvc) - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe -service (sign: 'NVIDIA Corporation')
O23 - Service S3: OneDrive Updater Service - C:\Program Files\Microsoft OneDrive\24.055.0317.0002\OneDriveUpdaterService.exe (sign: 'Microsoft')
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService (sign: 'Valve Corp.')
O23 - Service S3: SteelSeries GG Update Service Proxy - (SteelSeriesGGUpdateServiceProxy) - C:\Program Files\SteelSeries\GG\SteelSeriesGGUpdateServiceProxy.exe (sign: 'SteelSeries ApS')
O23 - Service S3: vgc - C:\Program Files\Riot Vanguard\vgc.exe (sign: 'Riot Games, Inc.')
O23 - Driver R0: Intel(R) Chipset VMD RST Controller service - (iaStorVD) - C:\Windows\System32\drivers\iaStorVD.sys (sign: 'Intel Corporation')
O23 - Driver R1: vgk - C:\Program Files\Riot Vanguard\vgk.sys (sign: 'Riot Games, Inc.')
O23 - Driver R2: IDMWFP - C:\Windows\System32\drivers\idmwfp.sys (sign: 'Microsoft' - Tonec Inc.)
O23 - Driver R3: ___ Windows 10 64 Bit için Intel(R) Wireless Bağdaştırıcı Sürücüsü  - (Netwtw10) - C:\Windows\System32\drivers\Netwtw10.sys (+safe mode) (sign: 'Intel Corporation')
O23 - Driver R3: Acer Airplane Mode Controller - (AcerAirplaneModeController) - C:\Windows\System32\drivers\AcerAirplaneModeController.sys (sign: 'Acer Incorporated')
O23 - Driver R3: dptf_acpi - C:\Windows\System32\DriverStore\FileRepository\dptf_acpi.inf_amd64_58a6d4f6ac5608c6\dptf_acpi.sys (+safe mode) (sign: 'Intel Corporation')
O23 - Driver R3: dptf_cpu - C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4ce8bafd96682424\dptf_cpu.sys (+safe mode) (sign: 'Intel Corporation')
O23 - Driver R3: ELAN I2C Filter Driver - (ETDI2C) - C:\Windows\System32\drivers\ETDI2C.sys (sign: 'ELAN MICROELECTRONICS CORPORATION')
O23 - Driver R3: esif_lf - C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4ce8bafd96682424\esif_lf.sys (+safe mode) (sign: 'Intel Corporation')
O23 - Driver R3: igfxn - C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_f6ea1f36cd61d64f\igdkmdn64.sys (sign: 'Intel Corporation')
O23 - Driver R3: Intel(R) GNA Scoring Accelerator service - (IntelGNA) - C:\Windows\System32\DriverStore\FileRepository\gna.inf_amd64_689d3d5fefeef458\gna.sys (sign: 'Gaussian Mixture Models and Neural Networks Accelerator')
O23 - Driver R3: Intel(R) Management Engine Interface  - (MEIx64) - C:\Windows\System32\DriverStore\FileRepository\heci.inf_amd64_605dda426937489f\x64\TeeDriverW10x64.sys (sign: 'Intel(R) Embedded Subsystems and IP Blocks Group')
O23 - Driver R3: Intel(R) Serial IO GPIO Driver v2 - (iaLPSS2_GPIO2_TGL) - C:\Windows\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_42e0121b9785f90e\iaLPSS2_GPIO2_TGL.sys (sign: 'Intel Corporation')
O23 - Driver R3: Intel(R) Serial IO I2C Driver v2 - (iaLPSS2_I2C_TGL) - C:\Windows\System32\DriverStore\FileRepository\ialpss2_i2c_tgl.inf_amd64_70d4531ccdd0c3c2\iaLPSS2_I2C_TGL.sys (+safe mode) (sign: 'Intel Corporation')
O23 - Driver R3: Intel(R) Serial IO SPI Driver v2 - (iaLPSS2_SPI_TGL) - C:\Windows\System32\DriverStore\FileRepository\ialpss2_spi_tgl.inf_amd64_b9ae9f760b62c73a\iaLPSS2_SPI_TGL.sys (+safe mode) (sign: 'Intel Corporation')
O23 - Driver R3: Intel(R) Serial IO UART Driver v2 - (iaLPSS2_UART2_TGL) - C:\Windows\System32\DriverStore\FileRepository\ialpss2_uart2_tgl.inf_amd64_da87610cdf3862a4\iaLPSS2_UART2_TGL.sys (sign: 'Intel Corporation')
O23 - Driver R3: Intel(R) Wireless Bluetooth(R) - (ibtusb) - C:\Windows\System32\DriverStore\FileRepository\ibtusb.inf_amd64_5fa64f3c11d5607c\ibtusb.sys (+safe mode) (sign: 'Intel Corporation')
O23 - Driver R3: Intel® Smart Sound Technology BUS - (IntcAudioBus) - C:\Windows\System32\DriverStore\FileRepository\intcaudiobus.inf_amd64_a5bfc4a9cc7fdf5a\IntcAudioBus.sys (sign: 'Intel Corporation')
O23 - Driver R3: Intel® Smart Sound Technology for Bluetooth® Audio - (IntcBTAu) - C:\Windows\System32\DriverStore\FileRepository\intcbtau.inf_amd64_42d4c8c359e6d3fb\IntcBTAu.sys (sign: 'Intel Corporation')
O23 - Driver R3: Intel® Smart Sound Technology for USB Audio - (IntcUSB) - C:\Windows\System32\DriverStore\FileRepository\intcusb.inf_amd64_2cc98897d8dddf62\IntcUSB.sys (sign: 'Intel Corporation')
O23 - Driver R3: Intel® Smart Sound Technology OED - (IntcOED) - C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_0f43cda6a2474b5c\IntcOED.sys (sign: 'Intel Corporation')
O23 - Driver R3: KfeCoSvc - C:\Windows\System32\drivers\RivetNetworks\Killer\KfeCo10X64.sys (sign: 'Intel Corporation')
O23 - Driver R3: Killer RT640 NT Driver - (e2kw10x64) - C:\Windows\System32\drivers\e2kw10x64.sys (+safe mode) (sign: 'Realtek Semiconductor Corp.')
O23 - Driver R3: NVIDIA Virtual Audio Device (Wave Extensible) (WDM) - (nvvad_WaveExtensible) - C:\Windows\system32\drivers\nvvad64v.sys (sign: 'Nvidia Corporation')
O23 - Driver R3: nvlddmkm - C:\Windows\System32\DriverStore\FileRepository\nvaci.inf_amd64_52f3e1d0b5db2a3a\nvlddmkm.sys (sign: 'NVIDIA Corporation')
O23 - Driver R3: NvModuleTracker - C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys (sign: 'Nvidia Corporation')
O23 - Driver R3: NVPCF Service - (nvpcf) - C:\Windows\System32\drivers\nvpcf.sys (sign: 'NVIDIA Corporation')
O23 - Driver R3: NVVHCI Enumerator Service - (nvvhci) - C:\Windows\System32\drivers\nvvhci.sys (sign: 'Nvidia Corporation')
O23 - Driver R3: Service for NVIDIA High Definition Audio Driver - (NVHDA) - C:\Windows\system32\drivers\nvhda64v.sys (sign: 'Nvidia Corporation')
O23 - Driver R3: Service for Realtek HD Audio (WDM) - (IntcAzAudAddService) - C:\Windows\system32\drivers\RTKVHD64.sys (sign: 'Realtek Semiconductor Corp.')
O23 - Driver R3: SteelSeries Device Factory Service - (ssdevfactory) - C:\Windows\System32\drivers\ssdevfactory.sys (sign: 'Microsoft' - SteelSeries ApS)
O23 - Driver R3: SteelSeries HID Service - (sshid) - C:\Windows\System32\drivers\sshid.sys (sign: 'Microsoft' - SteelSeries ApS)
O23 - Driver R3: SteelSeries Sonar Driver - (SteelSeries_Sonar_VAD) - C:\Windows\System32\DriverStore\FileRepository\steelseries-sonar-vad.inf_amd64_da15ab44a6216a8e\SteelSeries-Sonar-VAD.sys (sign: 'SteelSeries ApS')
O23 - Driver R3: USB Audio Driver (GamePowerExt64) - (GamePowerExt) - C:\Windows\system32\drivers\GamePowerExt.sys (sign: 'Solid State System Co., Ltd')
O23 - Driver S1: GHAXM - (googlehaxm) - C:\Windows\system32\drivers\GoogleHaxm.sys (sign: 'Microsoft' - Intel  Corporation)
O23 - Driver S3: "Microsoft 1.1 UAA Function Driver for High Definition Audio Service" ; {PlaceHolder="UAA","High Definition Audio"} - (HdAudAddService) - C:\Windows\System32\drivers\HdAudio.sys (file missing)
O23 - Driver S3: BERT Reader Service - (bertreader) - C:\Windows\System32\drivers\bertreader.sys (sign: 'Intel Corporation')
O23 - Driver S3: Digital Power Station service - (digitalpower) - C:\Windows\system32\drivers\digitalpower.sys (file missing)
O23 - Driver S3: FxSound Audio Enhancer - (FXVAD) - C:\Windows\system32\drivers\fxvad.sys (sign: 'Microsoft' - Windows (R) Win 7 DDK provider)
O23 - Driver S3: iaStorAfs - C:\Windows\System32\drivers\iaStorAfs.sys (sign: 'Intel Corporation')
O23 - Driver S3: Intel(R) Serial IO GPIO Controller Driver - (iaLPSSi_GPIO) - C:\Windows\System32\drivers\iaLPSSi_GPIO.sys (sign: 'Intel Corporation - Client Components Group')
O23 - Driver S3: semav6msr64 - C:\Windows\system32\drivers\semav6msr64.sys (file missing)
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'e2kw10x64'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'Netwtw10'
O27 - Account: (Bad profile) Folder is not referenced by any of user SIDs: C:\Users\kariz


--
End of file - Time spent: 27,3 sec. - 78548 bytes, CRC32: FFFFFFFF. Sign: 鑎픬

O4 - ActiveSetup: HKLM\..\{8A69D345-D564-463c-AFF1-A69D9E530F96}: [StubPath] = C:\Program Files\Google\Chrome\Application\123.0.6312.122\Installer\chrmstp.exe --configure-user-settings --verbose-logging --system-level --channel=stable (sign: 'Google LLC')
O4 - HKCU\..\StartupApproved\Run: [BingSvc] = C:\Users\kariz\AppData\Local\Microsoft\BingSvc\BingSvc.exe (file missing) (2024/01/25)
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_1C2530A867A57E54A284432F803834D2] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start /prefetch:5 (2024/01/25) (sign: 'Microsoft')
O4 - HKCU\..\StartupApproved\Run: [Opera GX Browser Assistant] = C:\Users\sdr\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe (2024/01/25) (sign: 'Opera Software AS')
O4 - HKCU\..\StartupApproved\Run: [utweb] = "C:\Users\kariz\AppData\Roaming\uTorrent Web\utweb.exe" /MINIMIZED (file missing) (2024/01/25)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations] = C:\Windows\Temp\020fe1e0-650f-41af-ae03-85d8023448de.tmp -> DELETE
O7 - KnownFolder: C:\Users\sdr\Documents (folder missing)
O7 - KnownFolder: C:\Users\sdr\Links (folder missing)
O7 - KnownFolder: C:\Users\sdr\Searches (folder missing)
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders, {374DE290-123F-4565-9164-39C4925E467B} = C:\Users\kariz\Downloads
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders, {4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4} = C:\Users\kariz\Saved Games
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders, {56784854-C6CB-462B-8169-88E350ACB882} = C:\Users\kariz\Contacts
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders, Desktop = C:\Users\kariz\Desktop
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders, Favorites = C:\Users\kariz\Favorites
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders, My Music = C:\Users\kariz\Music
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders, My Video = C:\Users\kariz\Videos
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders, {374DE290-123F-4565-9164-39C4925E467B} = %SystemDrive%\Users\kariz\Downloads
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders, Desktop = %SystemDrive%\Users\kariz\Desktop
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders, Favorites = %SystemDrive%\Users\kariz\Favorites
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders, My Music = %SystemDrive%\Users\kariz\Music
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders, My Pictures = %SystemDrive%\Users\sdr\Pictures
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders, My Video = %SystemDrive%\Users\kariz\Videos
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders, Personal = %USERPROFILE%\sdr\Documents
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FxSound (empty)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Intel (empty)
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (user missing) (sign: 'Microsoft')
O22 - Tasks: IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe --automatic (sign: 'Intel Corporation')
O22 - Tasks: IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe --automatic (sign: 'Intel Corporation')

O4 - ActiveSetup: HKLM\..\{8A69D345-D564-463c-AFF1-A69D9E530F96}: [StubPath] = C:\Program Files\Google\Chrome\Application\123.0.6312.106\Installer\chrmstp.exe --configure-user-settings --verbose-logging --system-level --channel=stable (sign: 'Google LLC')
O4 - HKCU\..\StartupApproved\Run: [electron.app.BlueStacks Services] = C:\Users\ernes\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe --hidden (2023/10/15) (not signed - now.gg, Inc. - EE51CEB40195984D9227D40A3EA45AAB96E64910)
O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent -launchcontext=boot (2022/04/07) (sign: 'Epic Games Inc.')
O4 - HKCU\..\StartupApproved\Run: [GogGalaxy] = C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe /launchViaAutoStart (2022/10/26) (sign: 'GOG  sp. z o.o')
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_8282BAA6D0285A9F061B646F3EC026B0] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start (2022/04/06) (sign: 'Microsoft')
O4 - HKCU\..\StartupApproved\Run: [ut] = C:\Users\ernes\AppData\Roaming\utorrent\uTorrent.exe /MINIMIZED (2023/07/31) (sign: 'BitTorrent Inc')
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\ernes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Peace.lnk    ->    C:\Program Files\EqualizerAPO\config\Peace.exe (2023/06/11) (sign: 'Petrus Verbeek')
O4 - HKU\S-1-5-19\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'Local service') (sign: 'Microsoft')
O4 - HKU\S-1-5-20\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'Network service') (sign: 'Microsoft')
O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'Network service') (sign: 'Microsoft')
O5 - Applet: C:\WINDOWS\SysWOW64\PhysX.cpl (sign: 'NVIDIA Corporation')
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (user missing) (sign: 'Microsoft')
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (user missing) (sign: 'Microsoft')
O22 - Tasks: \GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem125.0.6386.0{AEE18BB8-5FC1-4E99-9348-3D2EEB5EF6C5} - C:\Program Files (x86)\Google\GoogleUpdater\125.0.6386.0\updater.exe --wake --system --enable-logging --vmodule=*/components/winhttp/*=1,*/components/update_client/*=2,*/chrome/updater/*=2 (sign: 'Google LLC')
O22 - Tasks: \HardDiskSentinel\Hard Disk Sentinel_ernes - C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe /AUTORUN (not signed - H.D.S. Hungary - FEE46DACDD5B79F9245148064F72572A5D0E4887)
O22 - Tasks: \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - C:\WINDOWS\System32\MbaeParserTask.exe (file missing)
O22 - Tasks: Cloud - C:\Program Files\GIGABYTE\Control Center\GbtCloudMatrix.exe (file missing)
O22 - Tasks: MSI Task Host - LEDKeeper2_Host - C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')

O4 - ActiveSetup: HKLM\..\{8A69D345-D564-463c-AFF1-A69D9E530F96}: [StubPath] = C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\chrmstp.exe --configure-user-settings --verbose-logging --system-level --channel=stable (sign: 'Google LLC')
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_D0DB933E593033450FC472BB12C1F569] = C:\Program Files\Google\Chrome\Application\chrome.exe --no-startup-window /prefetch:5 (sign: 'Google LLC')
O4 - HKCU\..\Run: [iVCam] = C:\Program Files\e2eSoft\iVCam\iVCam.exe /silent (sign: 'Shanghai Yitu Information Technology Co., Ltd.')
O4 - HKCU\..\StartupApproved\Run: [EADM] = "C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe" -silent (file missing) (2023/09/21)

O4 - HKCU\..\StartupApproved\Run: [Grammarly] = C:\Users\baris\AppData\Local\Grammarly\DesktopIntegrations\Grammarly.Desktop.exe (2024/03/06) (sign: 'Grammarly, Inc.')
O4 - HKCU\..\StartupApproved\Run: [Iriun webcam] = C:\Program Files (x86)\Iriun Webcam\IriunWebcam.exe --tray (file missing) (2023/09/21)
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_FD830F30C13845BAA7C817A33B95F6F1] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start (2023/04/29) (sign: 'Microsoft')
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Program Files\Microsoft OneDrive\OneDrive.exe /background (2023/04/29) (sign: 'Microsoft')
O4 - HKCU\..\StartupApproved\Run: [Opera GX Browser Assistant] = C:\Users\baris\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe (2023/09/21) (sign: 'Opera Software AS')
O4 - HKCU\..\StartupApproved\Run: [Opera GX Stable] = C:\Users\baris\AppData\Local\Programs\Opera GX\launcher.exe (2023/04/29) (sign: 'Opera Norway AS')
O4 - HKCU\..\StartupApproved\Run: [Opera Stable] = C:\Users\baris\AppData\Local\Programs\Opera\launcher.exe (2023/04/29) (sign: 'Opera Norway AS')
O4 - HKCU\..\StartupApproved\Run: [Snap Camera] = C:\Program Files\Snap Inc\Snap Camera\Snap Camera.exe --minimized-mode (2023/09/21) (invalid sign: TRUST_E_BAD_DIGEST - Snap Inc - A7109E2AB38BD69299E3F7E8C049C8085CD45618)
O4 - HKCU\..\StartupApproved\Run: [Windscribe] = C:\Program Files\Windscribe\Windscribe.exe -os_restart (2024/03/06) (sign: 'Windscribe Limited')
O4 - HKLM\..\RunOnce: [!BCILauncher] = C:\WINDOWS\Temp\MUBSTemp\BCILauncher.EXE bgaupmi=10A3982855E54DBC85C2604D9B843843 (sign: 'Microsoft')
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations] = C:\Users\baris\AppData\Local\Temp\CoreSync.dll_TEMP -> DELETE
O4 - HKLM\..\StartupApproved\Run32: [LogMeIn Hamachi Ui] = C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start (2024/03/06) (sign: 'LogMeIn, Inc.')
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2023/09/21) (sign: 'Oracle America, Inc.')
O4 - HKU\S-1-5-19\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'Local service') (sign: 'Microsoft')
O4 - HKU\S-1-5-20\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'Network service') (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - C:\WINDOWS\System32\MbaeParserTask.exe (file missing)
O22 - Tasks: OneDrive Reporting Task-S-1-5-21-729230903-1179647257-1835990525-1001 - C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe /reporting (sign: 'Microsoft')
O22 - Tasks_Migrated: \GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem124.0.6337.0{93D00B26-F6CF-4363-8FCC-FF9A3EA3AC1A} - C:\Program Files (x86)\Google\GoogleUpdater\124.0.6337.0\updater.exe --wake --system --enable-logging --vmodule=*/components/winhttp/*=1,*/components/update_client/*=2,*/chrome/updater/*=2 (file missing)
O22 - Tasks_Migrated: OneDrive Reporting Task-S-1-5-21-729230903-1179647257-1835990525-1001 - C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe /reporting (sign: 'Microsoft')