Logfile of HiJackThis+ build 2025-01-16 Beta v.3.4.0.17
Platform: x64 Windows 11 (Home), 10.0.26100.4061 (ReleaseId: 2009, 24H2), Service Pack: 0
Time: 29.05.2025 - 12:55 (UTC+03:00)
Language: OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Memory: 10,84 GiB Free / 16. Loading RAM (31 %), CPU (8 %)
Disk C: 123,83 GiB Free / 232 (SSD, GPT)
Elevated: Yes.
Ran by: ibrahim42 (group: Administrators; type: Microsoft) on IBRAHIM, FirstRun: yes.
Internet Explorer: 11.0.26100.1882
Default: "C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe" --single-argument %1 (Brave)
Boot mode: Normal (Secure Boot: On) (Code Integrity: On)
Running processes:
Number | Path.
1 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
6 C:\Program Files (x86)\Microsoft\EdgeWebView\Application\136.0.3240.92\msedgewebview2.exe
1 C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe
4 C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
1 C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe
1 C:\Program Files\AMD\CNext\CNext\amdow.exe
1 C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
1 C:\Program Files\AMD\CNext\CNext\cncmd.exe
1 C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
1 C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
1 C:\Program Files\LGHUB\lghub_agent.exe
1 C:\Program Files\LGHUB\lghub_updater.exe
1 C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
1 C:\Program Files\Norton\Suite\afwServ.exe
1 C:\Program Files\Norton\Suite\aswEngSrv.exe
1 C:\Program Files\Norton\Suite\aswidsagent.exe
1 C:\Program Files\Norton\Suite\AvDump.exe
1 C:\Program Files\Norton\Suite\nllToolsSvc.exe
1 C:\Program Files\Norton\Suite\NortonSvc.exe
1 C:\Program Files\Norton\Suite\NortonUI.exe
1 C:\Program Files\Norton\Suite\wsc_proxy.exe
1 C:\Program Files\Softdeluxe\Free Download Manager\helperservice.exe
1 C:\Program Files\WindowsApps\Microsoft.GamingServices_28.100.8001.0_x64__8wekyb3d8bbwe\gamingservices.exe
1 C:\Program Files\WindowsApps\Microsoft.GamingServices_28.100.8001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
1 C:\Program Files\WindowsApps\Microsoft.WidgetsPlatformRuntime_1.6.9.0_x64__8wekyb3d8bbwe\WidgetService\WidgetService.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.25042.85.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
1 C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_525.10401.30.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
1 C:\SCP-DS-Driver-Package-1.2.0.160\ScpServer\bin\ScpService.exe
1 C:\TrafficMonitor_V1.85.1_x64\TrafficMonitor\TrafficMonitor.exe
6 C:\Users\ibrahim42\AppData\Local\Discord\app-1.0.9192\Discord.exe
1 C:\Users\ibrahim42\Desktop\HiJackThis\HiJackThis.exe
1 C:\Windows\explorer.exe
1 C:\Windows\servicing\TrustedInstaller.exe
1 C:\Windows\System32\AggregatorHost.exe
1 C:\Windows\System32\AudioDeviceService.exe
1 C:\Windows\System32\audiodg.exe
9 C:\Windows\System32\backgroundTaskHost.exe
1 C:\Windows\System32\cmd.exe
3 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_5f2cd636dbc40dd2\amdfendrsr.exe
1 C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
1 C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe
1 C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_2c6939fa3ca49312\RtkAudUService64.exe
1 C:\Windows\System32\DriverStore\FileRepository\u0407052.inf_amd64_84d15514ad17ffa0\B406619\atieclxx.exe
1 C:\Windows\System32\DriverStore\FileRepository\u0407052.inf_amd64_84d15514ad17ffa0\B406619\atiesrxx.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\LsaIso.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\NgcIso.exe
6 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\ShellHost.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
76 C:\Windows\System32\svchost.exe
2 C:\Windows\System32\taskhostw.exe
2 C:\Windows\System32\wbem\unsecapp.exe
2 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
1 C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.26100.4060_none_a55287a7772b57c2\TiWorker.exe
1 F:\TxGameAssistant\AppMarket\AppMarket.exe
3 F:\TxGameAssistant\AppMarket\cef_frame_render.exe
1 F:\TxGameAssistant\AppMarket\DL\syzs_dl_svr.exe
1 F:\TxGameAssistant\AppMarket\PcyybAssistant.exe
1 F:\TxGameAssistant\AppMarket\QMEmulatorService.exe
1 F:\TxGameAssistant\AppMarket\wmpf_installer.exe
O1 - Hosts.ICS: 172.20.80.1 ibrahim.mshome.net # 2030 4 2 16 16 23 6 953.
O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_251\bin\jp2ssv.dll (sign: 'Oracle America, Inc.')
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_251\bin\ssv.dll (sign: 'Oracle America, Inc.')
O2-32 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_441\bin\jp2ssv.dll (sign: 'Oracle America, Inc.')
O2-32 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_441\bin\ssv.dll (sign: 'Oracle America, Inc.')
O4 - ActiveSetup: HKLM\..\{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}: [StubPath] = C:\Program Files\BraveSoftware\Brave-Browser\Application\136.1.78.102\Installer\chrmstp.exe --configure-user-settings --verbose-logging --system-level (sign: 'Brave Software, Inc.')
O4 - HKCU\..\Run: [Discord] = C:\Users\ibrahim42\AppData\Local\Discord\Update.exe --processStart Discord.exe (sign: 'Discord Inc.')
O4 - HKCU\..\Run: [LGHUB] = C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe --minimized (sign: 'Logitech Inc')
O4 - HKCU\..\Run: [Steam] = F:\Steam\steam.exe -silent (sign: 'Valve Corp.')
O4 - HKCU\..\StartupApproved\Run: [AMDNoiseSuppression] = C:\WINDOWS\system32\AMD\ANR\AMDNoiseSuppression.exe (file missing) (2025/03/02)
O4 - HKCU\..\StartupApproved\Run: [EADM] = C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe -silent (2025/03/03) (sign: 'Electronic Arts, Inc.')
O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = F:\Epic Games\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent -launchcontext=boot (2025/03/06) (sign: 'Epic Games Inc.')
O4 - HKCU\..\StartupApproved\Run: [Free Download Manager] = C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe --hidden (2025/05/28) (not signed - Softdeluxe - E59780B4F65D0B00D637B88C2362119A0FA499EE)
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_F910AA0677ACBD9CC54F656E2635C116] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start (2025/03/02) (sign: 'Microsoft')
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Program Files\Microsoft OneDrive\OneDrive.exe /background (2025/03/02) (sign: 'Microsoft')
O4 - HKCU\..\StartupApproved\Run: [PlanetVPN] = C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe (2025/05/29) (sign: 'FREE VPN PLANET S.R.L.')
O4 - HKCU\..\StartupApproved\Run: [RiotClient] = F:\Riot Games\Riot Client\RiotClientServices.exe --launch-background-mode (2025/05/28) (sign: 'Riot Games, Inc.')
O4 - HKLM\..\Run: [NortonUI.exe] = C:\Program Files\Norton\Suite\AvLaunch.exe /gui (sign: 'NortonLifeLock Inc.')
O4 - HKLM\..\StartupApproved\Run: [Riot Vanguard] = C:\Program Files\Riot Vanguard\vgtray.exe (2025/05/28) (sign: 'Riot Games, Inc.')
O4 - HKLM\..\StartupApproved\Run: [RtkAudUService] = C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_2c6939fa3ca49312\RtkAudUService64.exe -background (2025/03/03) (sign: 'Realtek Semiconductor Corp.')
O4 - HKLM\..\StartupApproved\Run32: [PWRISOVM.EXE] = C:\Program Files\PowerISO\PWRISOVM.EXE -startup (2025/03/24) (sign: 'Power Software Limited')
O4 - HKLM\..\StartupApproved\Run32: [Rampage Gaming Headset] = C:\Program Files (x86)\Rampage Gaming Headset\Rampage Gaming Headset.exe -boot (2025/05/28) (invalid sign - Solid State System - EFBA30679C6DA53381945959F052759605576614)
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2025/03/09) (sign: 'Oracle America, Inc.')
O4 - HKU\S-1-5-19\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'Local service') (sign: 'Microsoft')
O4 - HKU\S-1-5-20\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'Network service') (sign: 'Microsoft')
O4 - MountPoints2: HKCU\..\G\shell\AutoRun\command: (default) = G:\Setup.exe (file missing)
O7 - Policy: HKLM\Software\Microsoft\Windows Defender: [DisableAntiSpyware] = 1
O7 - Policy: HKLM\Software\Microsoft\Windows Defender: [DisableAntiVirus] = 1
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\E&xport to Microsoft Excel: (default) = C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE (file missing)
O17 - DHCP DNS 1: 192.168.1.1
O18 - HKLM\Software\Classes\Protocols\Filter\application/octet-stream: [CLSID] = {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - (no file)
O18 - HKLM\Software\Classes\Protocols\Filter\application/x-complus: [CLSID] = {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - (no file)
O18 - HKLM\Software\Classes\Protocols\Filter\application/x-msdownload: [CLSID] = {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - (no file)
O18 - HKLM\Software\Classes\Protocols\Handler\mso-minsb.16: [CLSID] = {42089D2D-912D-4018-9087-2B87803E93FB} - (no file)
O18 - HKLM\Software\Classes\Protocols\Handler\mso-minsb-roaming.16: [CLSID] = {83C25742-A9F7-49FB-9138-434302C88D07} - (no file)
O18 - HKLM\Software\Classes\Protocols\Handler\osf.16: [CLSID] = {5504BE45-A83B-4808-900A-3A5C36E7F77A} - (no file)
O18 - HKLM\Software\Classes\Protocols\Handler\osf-roaming.16: [CLSID] = {42089D2D-912D-4018-9087-2B87803E93FB} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:/Program Files/Norton/Suite/ashShell.dll (sign: 'NortonLifeLock Inc.')
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files\Norton\Suite\ashShell.dll (sign: 'NortonLifeLock Inc.')
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files\Norton\Suite\x86\ashShell.dll (sign: 'NortonLifeLock Inc.')
O22 - Tasks: (disabled) \Microsoft\Office\Office Apps Prewarm - C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe /prewarm (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Office\Office Apps Prewarm Recurring - C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe /prewarm (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical - {613FBA38-A3DF-4AB8-9674-5604984A299A},/RuntimeWide - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical - {DE434264-8FE9-4C0B-A83B-89EBEEBFF78E},/RuntimeWide - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Flighting\FeatureConfig\BootstrapUsageDataReporting - {D759C938-B375-41CB-A2A2-E6D866A767F4} - C:\Windows\System32\fcon.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\MdmDiagnosticsCleanup - C:\WINDOWS\system32\MdmDiagnosticsTool.exe /clean (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Servicing\OOBEFodSetup - C:\WINDOWS\system32\OOBEFodSetup.exe (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\SharedPC\Account Cleanup - {7750564D-D61C-4557-8A9D-7DF56BDCFF96} - C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Shell\ThemeAssetTask_SyncFODState - {3BC5DD7D-EA3B-428C-B9B6-0723DB6A1057} - C:\Windows\System32\Windows.UI.Immersive.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\WindowsAI\Recall\InitialConfiguration - {709FD5EF-7296-4154-BD3A-E9830FCFA60A} - C:\WINDOWS\system32\ShellConfigTask.dll (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\WINDOWS\system32\sc.exe start InventorySvc (sign: '')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser Exp - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun express (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\SdbinstMergeDbTask - C:\WINDOWS\system32\sdbinst.exe -mm (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Sustainability\SustainabilityTelemetry - {6EE41D75-D091-4FB7-9AD5-018760DD25D4} - C:\WINDOWS\system32\EcoScoreTask.dll (sign: 'Microsoft')
O22 - Tasks: \GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem138.0.7156.0{AE8F768A-0219-4908-A971-FC047E1CDC5D} - C:\Program Files (x86)\Google\GoogleUpdater\138.0.7156.0\updater.exe --wake --system (file missing)
O22 - Tasks: \Microsoft\Office\Office Background Push Maintenance - C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\opushutil.exe /pushregistration (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 - {84F0FAE1-C27B-4F6F-807B-28CF6F96287D},/RuntimeWide - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 - {429BC048-379E-45E0-80E4-EB1977941B5C},/RuntimeWide - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\AccountHealth\RecoverabilityToastTask - {B7F5B442-EBF8-46CD-9F0B-D8E45ED43492},-flow showtoast -checkup recoverability - C:\WINDOWS\system32\AccountHealth.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Diagnosis\UnexpectedCodepath - C:\WINDOWS\system32\UCConfigTask.exe (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Flighting\FeatureConfig\ReconcileConfigs - {15F5ECE1-4550-4A92-8E26-984FD1DA54FA} - C:\WINDOWS\System32\fcon.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Flighting\FeatureConfig\UsageDataReceiver - {D4C0420F-76BD-4F66-A91F-918A93ABEBEB} - C:\Windows\System32\fcon.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Input\RemoteMouseSyncDataAvailable - {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA},RemoteMouseSyncDataAvailable - C:\Windows\System32\InputCloudStore.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Input\RemotePenSyncDataAvailable - {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA},RemotePenSyncDataAvailable - C:\Windows\System32\InputCloudStore.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Input\RemoteTouchpadSyncDataAvailable - {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA},RemoteTouchpadSyncDataAvailable - C:\Windows\System32\InputCloudStore.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Network Connectivity Status Indicator\NcsiIdentifyUserProxies - {706B965A-8308-4CD4-9900-87C2D79C121B} - C:\Windows\System32\netprofm.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\PerformanceTrace\RequestTrace - {9EFEB182-2EE3-4AF9-AFFA-521410D110D1} - C:\WINDOWS\system32\PerformanceTraceHandler.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\ReFsDedupSvc\Initialization - {DCFF735B-64F7-45F3-B39C-6C66BBE2120F} - C:\WINDOWS\System32\ReFsDedupSvc.exe (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Sustainability\PowerGridForecastTask - {251E5B1F-E370-4E12-B5BD-B7AD2A8EE810} - C:\WINDOWS\system32\PowerGridForecastTask.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\TPM\Tpm-PreAttestationHealthCheck - {5014B7C8-934E-4262-9816-887FA745A6C4},TpmPreAttestationHealthCheck - C:\WINDOWS\system32\TpmTasks.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\UIEOrchestrator - C:\WINDOWS\system32\UIEOrchestrator.exe /SendHeartbeat (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (file missing)
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\UUS Failover Task - C:\WINDOWS\System32\MLEngineStub.exe HandleUusFailoverEvaluationSignalFromWnf (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\WindowsAI\Recall\PolicyConfiguration - {0BE6820D-B667-4CB6-931B-C153A77DA895} - C:\WINDOWS\system32\ShellConfigTask.dll (sign: 'Microsoft')
O22 - Tasks: \Norton\Norton 360 Patcher - C:\Program Files\Common Files\Norton\Icarus\norton-suite\icarus.exe /update:norton-suite /silent /only_patch (sign: 'NortonLifeLock Inc.')
O22 - Tasks: \Norton\Overseer - C:\Program Files\Common Files\Norton\Overseer\overseer.exe /from_scheduler:1 (sign: 'NortonLifeLock Inc.')
O22 - Tasks: \Norton\Suite Emergency Update - C:\Program Files\Norton\Suite\AvEmUpdate.exe (sign: 'NortonLifeLock Inc.')
O22 - Tasks: \TrafficMonitor\Autorun for ibrahim42 - C:\TrafficMonitor_V1.85.1_x64\TrafficMonitor\TrafficMonitor.exe (not signed - By ZhongYang - A70599DA65C98EB45C5C6B0B501A8A4ECA2A6973)
O22 - Tasks: AMDInstallLauncher - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe /InstallAUEP (sign: 'Advanced Micro Devices')
O22 - Tasks: AMDLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -AMDLinkUpdate (sign: 'Advanced Micro Devices')
O22 - Tasks: BraveSoftwareUpdateTaskMachineCore{D3583C12-0EAF-403D-9BE1-B7F686F16739} - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /c (sign: 'Brave Software, Inc.')
O22 - Tasks: BraveSoftwareUpdateTaskMachineUA{90301695-F50D-42AC-A646-099501656D3E} - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /ua /installsource scheduler (sign: 'Brave Software, Inc.')
O22 - Tasks: EOSv3 Scheduler onLogOn - C:\Users\ibrahim42\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe LOGON (file missing)
O22 - Tasks: EOSv3 Scheduler onTime - C:\Users\ibrahim42\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe SCHED (file missing)
O22 - Tasks: FreeDownloadManagerHelperService - C:\Program Files\Softdeluxe\Free Download Manager\helperservice.exe (not signed - Softdeluxe - 760691A51B651457E62586711008F9823B5AB125)
O22 - Tasks: ModifyLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -UpdateCurrentUser (sign: 'Advanced Micro Devices')
O22 - Tasks: npcapwatchdog - C:\Program Files\Npcap\CheckStatus.bat (not signed - no company - 40E20B9CDDE036E5078ABC2467E8783DFFFEC199)
O22 - Tasks: OneDrive Reporting Task-S-1-5-21-3484971039-3397963769-1461463754-1001 - C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe /reporting (sign: 'Microsoft')
O22 - Tasks: OneDrive Reporting Task-S-1-5-21-3484971039-3397963769-1461463754-1002 - C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe /reporting (sign: 'Microsoft')
O22 - Tasks: OneDrive Startup Task-S-1-5-21-3484971039-3397963769-1461463754-1001 - C:\Program Files\Microsoft OneDrive\25.080.0427.0003\OneDriveLauncher.exe /startInstances (sign: 'Microsoft')
O22 - Tasks: OneDrive Startup Task-S-1-5-21-3484971039-3397963769-1461463754-1002 - C:\Program Files\Microsoft OneDrive\25.080.0427.0003\OneDriveLauncher.exe /startInstances (sign: 'Microsoft')
O22 - Tasks: SamsungMagician - C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe --disable-gpu-sandbox /AUTOHIDE (sign: 'Samsung Electronics Co., Ltd.')
O22 - Tasks: StartCN - C:\Program Files\AMD\CNext\CNext\cncmd.exe startwithdelay (sign: 'Advanced Micro Devices')
O22 - Tasks: StartDVR - C:\Program Files\AMD\CNext\CNext\RSServCmd.exe (sign: 'Advanced Micro Devices')
O22 - Tasks: updater - C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpUpdater.exe (file missing)
O23 - Service R2: AMD Crash Defender Service - C:\WINDOWS\System32\DriverStore\FileRepository\amdfendr.inf_amd64_5f2cd636dbc40dd2\amdfendrsr.exe (sign: 'Microsoft')
O23 - Service R2: AMD External Events Utility - C:\WINDOWS\System32\DriverStore\FileRepository\u0407052.inf_amd64_84d15514ad17ffa0\B406619\atiesrxx.exe (sign: 'Advanced Micro Devices')
O23 - Service R2: AudioDeviceService - C:\WINDOWS\system32\AudioDeviceService.exe (sign: 'Solid State System Co., Ltd.')
O23 - Service R2: CMigrationService - C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe (sign: 'Samsung Electronics Co., Ltd.')
O23 - Service R2: Gaming Services - (GamingServices) - C:\Program Files\WindowsApps\Microsoft.GamingServices_28.100.8001.0_x64__8wekyb3d8bbwe\GamingServices.exe (sign: 'Microsoft')
O23 - Service R2: Gaming Services - (GamingServicesNet) - C:\Program Files\WindowsApps\Microsoft.GamingServices_28.100.8001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe (sign: 'Microsoft')
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe (sign: 'Intel Corporation')
O23 - Service R2: Intel(R) Management Engine WMI Provider Registration - (WMIRegistrationService) - C:\WINDOWS\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe (sign: 'Intel Corporation')
O23 - Service R2: LGHUB Updater Service - (LGHUBUpdaterService) - C:\Program Files\LGHUB\lghub_updater.exe --run-as-service (sign: 'Logitech Inc')
O23 - Service R2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (sign: 'Malwarebytes Inc') (+safe mode)
O23 - Service R2: Norton Antivirus - C:\Program Files\Norton\Suite\NortonSvc.exe /runassvc (sign: 'NortonLifeLock Inc.')
O23 - Service R2: Norton Firewall Service - (Norton Firewall) - C:\Program Files\Norton\Suite\afwServ.exe (sign: 'NortonLifeLock Inc.')
O23 - Service R2: Norton Tools - C:\Program Files\Norton\Suite\nllToolsSvc.exe /runassvc (sign: 'NortonLifeLock Inc.')
O23 - Service R2: nortonAvDumper64 - C:\Program Files\Norton\Suite\AvDump.exe /runassvc (sign: 'NortonLifeLock Inc.')
O23 - Service R2: NortonWscReporter - C:\Program Files\Norton\Suite\wsc_proxy.exe /runassvc /rpcserver (sign: 'NortonLifeLock Inc.')
O23 - Service R2: QMEmulatorService - F:\TxGameAssistant\AppMarket\QMEmulatorService.exe (sign: 'Tencent Technology(Shenzhen) Company Limited')
O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_2c6939fa3ca49312\RtkAudUService64.exe (sign: 'Realtek Semiconductor Corp.')
O23 - Service R2: SamsungMagicianSVC - C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe (sign: 'Samsung Electronics Co., Ltd.')
O23 - Service R2: SCP DS3 Service - (Ds3Service) - C:\SCP-DS-Driver-Package-1.2.0.160\ScpServer\bin\ScpService.exe (not signed - Scarlet.Crush Productions - 0C7C83206BB8249B23C9D68088F41B234A5DC4B1)
O23 - Service R3: nllbIDSAgent - C:\Program Files\Norton\Suite\aswidsagent.exe (sign: 'NortonLifeLock Inc.')
O23 - Service S2: AsusUpdateCheck - C:\WINDOWS\System32\AsusUpdateCheck.exe (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service S2: Brave Güncelleme Hizmeti (brave) - (brave) - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /svc (sign: 'Brave Software, Inc.')
O23 - Service S2: GlassWire Control Service - (GlassWire) - C:\Program Files (x86)\GlassWire\GWCtlSrv.exe (file missing)
O23 - Service S2: Google Güncelleyici Dahili Hizmeti (GoogleUpdaterInternalService138.0.7156.0) - (GoogleUpdaterInternalService138.0.7156.0) - C:\Program Files (x86)\Google\GoogleUpdater\138.0.7156.0\updater.exe --system --windows-service --service=update-internal (file missing)
O23 - Service S2: Intel(R) Platform License Manager Service - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_fc84dfa25a6a7727\lib\PlatformLicenseManagerService.exe (sign: 'Intel Corporation')
O23 - Service S2: RAV VPN Service - (rsVPNSvc) - C:\Program Files\ReasonLabs\VPN\rsVPNSvc.exe (file missing)
O23 - Service S2: Reason Security DNS Client Service - (rsDNSClientSvc) - C:\Program Files\ReasonLabs\DNS\rsDNSClientSvc.exe Files\ReasonLabs\DNS\rsDNSClientSvc.exe (file missing)
O23 - Service S2: Reason Security VPN Client Service - (rsVPNClientSvc) - C:\Program Files\ReasonLabs\VPN\rsVPNClientSvc.exe Files\ReasonLabs\VPN\rsVPNClientSvc.exe (file missing)
O23 - Service S2: Safer Web DNS Resolver - (rsDNSResolver) - C:\Program Files\ReasonLabs\DNS\rsDNSResolver.exe (file missing)
O23 - Service S2: Safer Web Service - (rsDNSSvc) - C:\Program Files\ReasonLabs\DNS\rsDNSSvc.exe (file missing)
O23 - Service S3: AppShell Elevation Service (AppShellElevationService) - (AppShellElevationService) - C:\Program Files\TikTok LIVE Studio\0.84.4\elevation_service.exe (sign: 'TikTok Pte. Ltd.')
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe (sign: 'BattlEye Innovations e.K.')
O23 - Service S3: Brave Elevation Service (BraveElevationService) - (BraveElevationService) - C:\Program Files\BraveSoftware\Brave-Browser\Application\136.1.78.102\elevation_service.exe (sign: 'Brave Software, Inc.')
O23 - Service S3: Brave Güncelleme Hizmeti (bravem) - (bravem) - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /medsvc (sign: 'Brave Software, Inc.')
O23 - Service S3: EAAntiCheatService - C:\Program Files\EA\AC\eaanticheat.gameservice.exe (sign: 'Electronic Arts, Inc.')
O23 - Service S3: EABackgroundService - C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (sign: 'Electronic Arts, Inc.')
O23 - Service S3: Epic Games Updater - (EpicGamesUpdater) - F:\Epic Games\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesUpdater.exe (sign: 'Epic Games Inc.')
O23 - Service S3: FileSyncHelper - C:\Program Files\Microsoft OneDrive\25.080.0427.0003\FileSyncHelper.exe (sign: 'Microsoft')
O23 - Service S3: MBVpnTunnelService - C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe (sign: 'Malwarebytes Inc.')
O23 - Service S3: Microsoft Defender Çekirdek Hizmeti - (MDCoreSvc) - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25040.2-0\MpDefenderCoreService.exe (sign: 'Microsoft')
O23 - Service S3: OneDrive Updater Service - C:\Program Files\Microsoft OneDrive\25.080.0427.0003\OneDriveUpdaterService.exe (sign: 'Microsoft')
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService (sign: 'Valve Corp.')
O23 - Service S3: updater - C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpUpdater.exe /runservice (file missing)
O23 - Service S3: vgc - C:\Program Files\Riot Vanguard\vgc.exe (sign: 'Riot Games, Inc.')
O23 - Service S3: Zakynthos Service - (zksvc) - C:\Program Files\Common Files\PUBG\zksvc.exe (sign: 'KRAFTON, Inc.')
O23 - Driver R: PowerISO Virtual Drive - C:\WINDOWS\System32\Drivers\SCDEmu.SYS (sign: 'Power Software Limited')
O23 - Driver R0: AMD PCI Root Bus Lower Filter - (amdkmpfd) - C:\WINDOWS\System32\drivers\amdkmpfd.sys (+safe mode) (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R0: nllArDisk - C:\WINDOWS\system32\drivers\nllArDisk.sys (+safe mode) (sign: 'Microsoft' - Gen Digital Inc.)
O23 - Driver R0: nllbidsh - C:\WINDOWS\system32\drivers\nllbidsh.sys (sign: 'Microsoft' - Gen Digital Inc.)
O23 - Driver R0: nllbuniv - C:\WINDOWS\system32\drivers\nllbuniv.sys (sign: 'Microsoft' - Gen Digital Inc.)
O23 - Driver R0: nllRvrt - C:\WINDOWS\system32\drivers\nllRvrt.sys (sign: 'Microsoft' - Gen Digital Inc.)
O23 - Driver R0: nllVmm - C:\WINDOWS\system32\drivers\nllVmm.sys (sign: 'Microsoft' - Gen Digital Inc.)
O23 - Driver R1: GlassWire Generic Driver - (gwdrv) - C:\WINDOWS\System32\drivers\gwdrv.sys (+safe mode) (sign: 'Microsoft' - Domotz Inc)
O23 - Driver R1: Malwarebytes Anti-Exploit - (ESProtectionDriver) - C:\WINDOWS\system32\drivers\mbae64.sys (sign: 'Microsoft' - Malwarebytes)
O23 - Driver R1: nllArPot - C:\WINDOWS\system32\drivers\nllArPot.sys (sign: 'Microsoft' - Gen Digital Inc.)
O23 - Driver R1: nllbidsdriver - C:\WINDOWS\system32\drivers\nllbidsdriver.sys (sign: 'Microsoft' - Gen Digital Inc.)
O23 - Driver R1: nllKbd - C:\WINDOWS\system32\drivers\nllKbd.sys (sign: 'Microsoft' - Gen Digital Inc.)
O23 - Driver R1: nllMonFlt - C:\WINDOWS\system32\drivers\nllMonFlt.sys (sign: 'Microsoft' - Gen Digital Inc.)
O23 - Driver R1: nllNetHub - C:\WINDOWS\system32\drivers\nllNetHub.sys (+safe mode) (sign: 'Microsoft' - Gen Digital Inc.)
O23 - Driver R1: nllRdr - C:\WINDOWS\system32\drivers\nllRdr2.sys (+safe mode) (sign: 'Microsoft' - Gen Digital Inc.)
O23 - Driver R1: nllSnx - C:\WINDOWS\system32\drivers\nllSnx.sys (sign: 'Microsoft' - Gen Digital Inc.)
O23 - Driver R1: nllSP - C:\WINDOWS\system32\drivers\nllSP.sys (sign: 'Microsoft' - Gen Digital Inc.)
O23 - Driver R1: Nox Limited Service - (YSDrv) - C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys (sign: 'Microsoft' - Nox Limited Corporation)
O23 - Driver R1: Npcap Packet Driver (NPCAP) - (npcap) - C:\WINDOWS\system32\DRIVERS\npcap.sys (+safe mode) (sign: 'Microsoft' - Insecure.Com LLC.)
O23 - Driver R1: TBox Support Driver - (TBoxDrv) - C:\Program Files\AndroidTbox\TBoxDrv.sys (sign: 'Tencent Technology(Shenzhen) Company Limited')
O23 - Driver R2: aow_drv - F:\TxGameAssistant\UI\3.21.5341.80\aow_drv_x64_ev.sys (sign: 'Tencent Technology (Shenzhen) Company Limited')
O23 - Driver R2: Ld9BoxSup - C:\Program Files\ldplayer9box\Ld9BoxSup.sys (sign: 'Shanghai Chang Zhi Network Technology Co,. Ltd.')
O23 - Driver R2: MBAMChameleon - (mbamchameleon) - C:\WINDOWS\System32\Drivers\MbamChameleon.sys (sign: 'Microsoft' - Malwarebytes)
O23 - Driver R3: AMD Crash Defender Driver - (amdfendr) - C:\WINDOWS\System32\DriverStore\FileRepository\amdfendr.inf_amd64_5f2cd636dbc40dd2\amdfendr.sys (sign: 'Microsoft' - Advanced Micro Devices, Inc.)
O23 - Driver R3: AMD Crash Defender Manager Driver - (amdfendrmgr) - C:\WINDOWS\System32\DriverStore\FileRepository\amdfendr.inf_amd64_5f2cd636dbc40dd2\amdfendrmgr.sys (sign: 'Microsoft' - Advanced Micro Devices, Inc.)
O23 - Driver R3: AMD Function Driver for HD Audio Service - (AtiHDAudioService) - C:\WINDOWS\System32\DriverStore\FileRepository\atihdwt6.inf_amd64_5bf3de4243c61001\AtihdWT6.sys (sign: 'Advanced Micro Devices')
O23 - Driver R3: AMD Link Controller Emulation - (AMDXE) - C:\WINDOWS\System32\drivers\amdxe.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R3: AMDSAFD - C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_960126269e89c62e\amdsafd.sys (sign: 'Advanced Micro Devices')
O23 - Driver R3: amdwddmg - C:\WINDOWS\System32\DriverStore\FileRepository\u0407052.inf_amd64_84d15514ad17ffa0\B406619\amdkmdag.sys (sign: 'Advanced Micro Devices')
O23 - Driver R3: Intel(R) Management Engine Interface - (MEIx64) - C:\WINDOWS\System32\DriverStore\FileRepository\heci.inf_amd64_6b6e8cc42a3d1f09\x64\TeeDriverW10x64.sys (sign: 'Intel Corporation')
O23 - Driver R3: Intel(R) Serial IO GPIO Driver v2 - (iaLPSS2_GPIO2_ADL) - C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_6f8ae740d22247ce\iaLPSS2_GPIO2_ADL.sys (sign: 'Intel Corporation')
O23 - Driver R3: Intel(R) Serial IO I2C Driver v2 - (iaLPSS2_I2C_ADL) - C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_adl.inf_amd64_563fbcd35feb69a6\iaLPSS2_I2C_ADL.sys (+safe mode) (sign: 'Intel Corporation')
O23 - Driver R3: Logitech G HUB Translation Layer Driver - (logi_joy_xlcore) - C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys (sign: 'Logitech Inc')
O23 - Driver R3: Logitech G HUB Virtual Bus Enumerator Driver - (logi_joy_bus_enum) - C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys (sign: 'Logitech Inc')
O23 - Driver R3: Logitech G HUB Virtual HID Device Driver - (logi_joy_vir_hid) - C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys (sign: 'Logitech Inc')
O23 - Driver R3: MBAMFarflt - C:\WINDOWS\System32\Drivers\farflt11.sys (sign: 'Malwarebytes Inc')
O23 - Driver R3: MBAMProtection - C:\WINDOWS\System32\Drivers\mbam.sys (sign: 'Microsoft' - Malwarebytes)
O23 - Driver R3: MBAMSwissArmy - C:\WINDOWS\System32\Drivers\mbamswissarmy.sys (sign: 'Microsoft' - Malwarebytes)
O23 - Driver R3: MBAMWebProtection - C:\WINDOWS\system32\DRIVERS\mwac.sys (sign: 'Malwarebytes Inc')
O23 - Driver R3: nllStm - C:\WINDOWS\system32\drivers\nllStm.sys (+safe mode) (sign: 'Microsoft' - Gen Digital Inc.)
O23 - Driver R3: Realtek NetAdapter Driver - (rt68cx21) - C:\WINDOWS\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_2708e69601f40462\rt68cx21x64.sys (sign: 'Realtek Semiconductor Corp.')
O23 - Driver R3: Scp Virtual Bus Driver - (ScpVBus) - C:\WINDOWS\System32\drivers\ScpVBus.sys (sign: 'Bruce James')
O23 - Driver R3: Service for Realtek HD Audio (WDM) - (IntcAzAudAddService) - C:\WINDOWS\system32\drivers\RTKVHD64.sys (sign: 'Realtek Semiconductor Corp.')
O23 - Driver R3: TAP-Windows Adapter V9 - (tap0901) - C:\WINDOWS\System32\drivers\tap0901.sys (+safe mode) (not signed - The OpenVPN Project - DAEBE266073616E5FC931C319470FCF42A06867A)
O23 - Driver R3: UAExt - C:\WINDOWS\System32\DRIVERS\UAExt.sys (sign: 'Solid State System Co., Ltd.')
O23 - Driver S3: "Microsoft Bluetooth A2dp driver" ; {Placeholder="Microsoft Bluetooth"} - (BthA2dp) - C:\WINDOWS\System32\drivers\BthA2dp.sys (not signed - Microsoft Corporation - CF741BA3AF83110B20AB03AB65A668E2E2D15D6F)
O23 - Driver S3: "Microsoft Bluetooth Hands-Free Profile driver" ; {Placeholder="Microsoft Bluetooth"} - (BthHFEnum) - C:\WINDOWS\System32\drivers\bthhfenum.sys (not signed - Microsoft Corporation - E8EE10F8D8904DA747E71CADF9A414196896F488)
O23 - Driver S3: EAAntiCheat - C:\WINDOWS\system32\drivers\eaanticheat.sys (file missing)
O23 - Driver S3: Intel(R) Serial IO GPIO Controller Driver - (iaLPSSi_GPIO) - C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys (sign: 'Intel Corporation - Client Components Group')
O23 - Driver S3: Revoflt - C:\WINDOWS\system32\DRIVERS\revoflt.sys (sign: 'Microsoft' - VS Revo Group)
O23 - Driver S3: rsDwf - C:\WINDOWS\system32\DRIVERS\rsDwf.sys (sign: 'Reason CyberSecurity Inc.')
O23 - Driver S3: SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.) - (ssudmdm) - C:\WINDOWS\system32\DRIVERS\ssudmdm.sys (sign: 'Samsung Electronics CO., LTD.')
O23 - Driver S3: SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.) - (dg_ssudbus) - C:\WINDOWS\system32\DRIVERS\ssudbus2.sys (+safe mode) (sign: 'Samsung Electronics CO., LTD.')
O23 - Driver S3: UniFairy_x64 - C:\WINDOWS\system32\drivers\UniFairy_x64.sys (sign: 'Tencent Technology (Shenzhen) Company Limited')
O23 - Driver S3: unirsdt - C:\WINDOWS\system32\drivers\unirsdt.sys (sign: 'Tencent Technology (Shenzhen) Company Limited')
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'gwdrv'.
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'nllNetHub'.
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'nllStm'.
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'npcap'.
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'tap0901'.
O26 - Office Addin: HKLM\..\MicrosoftDataStreamerforExcel - (regfile) -> C:\Program Files (x86)\Microsoft Office\root\Office16\ADDINS\EduWorks Data Streamer Add-In\MicrosoftDataStreamerforExcel.vsto (not signed - no company - A9DA61511D2073E5B80ED742394B35C61D96DE3A)
O26-32 - Office Addin: HKLM\..\UCAddin.UCAddin.1 - (regfile) -> (no file)
--
End of file - Time spent: 19,7 sec. - 77430 bytes, CRC32: FFFFFFFF. Sign: 啥羚
