Rehber HijackThis Log Paylaşımı ve Çözümleri

Logfile of HiJackThis+ (Plus) build 2024-03-24 Alpha v.3.4.0.8

Platform:  x64 Windows 11 (Pro), 10.0.26120.1843 (ReleaseId: 2009, 24H2), Service Pack: 0
Time:      22.09.2024 - 17:22 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Memory:    26055 MiB Free. Loading RAM (22 %), CPU (3 %)
Elevated:  Yes
Ran by:    ernes    (group: Administrators; type: Microsoft) on YAVINASPC1, FirstRun: no

Chrome:  128.0.6613.138
Internet Explorer: 11.0.26100.1
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal (Secure Boot: On) (Code Integrity: On)

Running processes:
Number | Path
   1  C:\Program Files (x86)\Ant Download Manager\antCH\antCH.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avpui.exe
  14  C:\Program Files (x86)\Microsoft\EdgeWebView\Application\128.0.2739.79\msedgewebview2.exe
   1  C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe
   1  C:\Program Files (x86)\MSI\MSI Center\Engine\CC_Engine_x64.exe
   1  C:\Program Files (x86)\MSI\MSI Center\Game Highlights\MSI_Companion_Service.exe
   1  C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe
   1  C:\Program Files (x86)\MSI\MSI Center\MSI.TerminalServer.exe
   1  C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe
   1  C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LightKeeperService.exe
   1  C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Mystic_Light_Service.exe
   1  C:\Program Files (x86)\MSI\MSI Center\Speed Up\StorageMonitor.exe
   1  C:\Program Files (x86)\MSI\MSI Center\Super Charger\MSI_Super_Charger_Service.exe
   1  C:\Program Files (x86)\MSI\MSI Center\True Color\New\MSI.True Color.exe
   1  C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Engine.exe
   1  C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe
   1  C:\Program Files\AMD\CNext\CNext\amdow.exe
   1  C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
   1  C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
   1  C:\Program Files\AMD\CNext\CNext\cncmd.exe
   1  C:\Program Files\AMD\CNext\CNext\CPUMetricsServer.exe
   1  C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
   1  C:\Program Files\AMD\Performance Profile Client\AUEPDU.exe
   1  C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
  10  C:\Program Files\Google\Chrome\Application\chrome.exe
   1  C:\Program Files\WindowsApps\Microsoft.GamingServices_23.92.22001.0_x64__8wekyb3d8bbwe\gamingservices.exe
   1  C:\Program Files\WindowsApps\Microsoft.GamingServices_23.92.22001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
   1  C:\Program Files\WindowsApps\Microsoft.WidgetsPlatformRuntime_1.5.0.0_x64__8wekyb3d8bbwe\WidgetService\WidgetService.exe
   1  C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.26100.0.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
   1  C:\Users\ernes\Desktop\HIJACKTHIS\HiJackThis.exe
   1  C:\Windows\explorer.exe
   1  C:\Windows\ImmersiveControlPanel\SystemSettings.exe
   1  C:\Windows\System32\AggregatorHost.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   1  C:\Windows\System32\audiodg.exe
   2  C:\Windows\System32\cmd.exe
   4  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   4  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_987f8cede005f427\amdfendrsr.exe
   2  C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_35de80a96fb96d11\RtkAudUService64.exe
   1  C:\Windows\System32\DriverStore\FileRepository\u0407412.inf_amd64_101d3d4e34955a9f\B407018\atieclxx.exe
   1  C:\Windows\System32\DriverStore\FileRepository\u0407412.inf_amd64_101d3d4e34955a9f\B407018\atiesrxx.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\LsaIso.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\NgcIso.exe
   1  C:\Windows\System32\oobe\UserOOBEBroker.exe
   4  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SecurityHealthSystray.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\ShellHost.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  87  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\vmcompute.exe
   1  C:\Windows\System32\vmms.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\System32\wlanext.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe
   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   3  C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
   1  C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe
   1  vmmemCmZygote

O1 - Hosts.ICS: 172.23.128.1 yavinaspc1.mshome.net # 2029 9 5 21 14 7 20 41
O4 - ActiveSetup: HKLM\..\{8A69D345-D564-463c-AFF1-A69D9E530F96}: [StubPath] = C:\Program Files\Google\Chrome\Application\128.0.6613.138\Installer\chrmstp.exe --configure-user-settings --verbose-logging --system-level --channel=stable (sign: 'Google LLC')
O4 - ActiveSetup: HKLM\..\{9459C573-B17A-45AE-9F64-1857B5D58CEE}: [StubPath] = C:\Program Files (x86)\Microsoft\Edge\Application\129.0.2792.52\Installer\setup.exe --configure-user-settings --verbose-logging --system-level --msedge --channel=beta (sign: 'Microsoft')
O4 - HKCU\..\StartupApproved\Run: [AMDNoiseSuppression] = C:\WINDOWS\system32\AMD\ANR\AMDNoiseSuppression.exe (2024/07/05) (sign: 'Advanced Micro Devices Inc.')
O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent -launchcontext=boot (2024/04/20) (sign: 'Epic Games Inc.')
O4 - HKCU\..\StartupApproved\Run: [GogGalaxy] = C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe /launchViaAutoStart (2024/06/13) (sign: 'GOG  sp. z o.o')
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_8282BAA6D0285A9F061B646F3EC026B0] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --win-session-start (2024/04/20) (sign: 'Microsoft')
O4 - HKCU\..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2022/04/07) (sign: 'Valve Corp.')
O4 - HKLM\..\Run: [RtkAudUService] = C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_35de80a96fb96d11\RtkAudUService64.exe -background (sign: 'Realtek Semiconductor Corp.')
O4 - HKLM\..\StartupApproved\Run: [Nearby Share] = C:\Program Files\Google\NearbyShare\nearby_share_launcher.exe --delayed_start --mode=system-tray (2024/09/21) (sign: 'Google LLC')
O4 - HKU\S-1-5-19\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'Local service') (sign: 'Microsoft')
O4 - HKU\S-1-5-20\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'Network service') (sign: 'Microsoft')
O7 - Policy: HKLM\Software\Microsoft\Windows Defender: [DisableAntiSpyware] = 1
O7 - Policy: HKLM\Software\Microsoft\Windows Defender: [DisableAntiVirus] = 1
O17 - DHCP DNS 1: 192.168.1.1
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O22 - Task (.job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\Windows\explorer.exe (sign: 'Microsoft')
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (user missing) (sign: 'Microsoft')
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (user missing) (sign: 'Microsoft')
O22 - Tasks: (disabled) \Agent Activation Runtime\S-1-5-21-3668908226-1467175477-1431687317-1001 - C:\Windows\System32\AgentActivationRuntimeStarter.exe (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\WINDOWS\system32\fclip.exe (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Flighting\FeatureConfig\BootstrapUsageDataReporting - {D759C938-B375-41CB-A2A2-E6D866A767F4} - C:\Windows\System32\fcon.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\MdmDiagnosticsCleanup - C:\WINDOWS\system32\MdmDiagnosticsTool.exe /clean (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Servicing\OOBEFodSetup - C:\WINDOWS\system32\OOBEFodSetup.exe (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\SharedPC\Account Cleanup - {7750564D-D61C-4557-8A9D-7DF56BDCFF96} - C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Shell\ThemeAssetTask_SyncFODState - {3BC5DD7D-EA3B-428C-B9B6-0723DB6A1057} - C:\Windows\System32\Windows.UI.Immersive.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\WINDOWS\system32\MusNotification.exe /RunOnAC Reboot (file missing)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\WINDOWS\system32\MusNotification.exe /RunOnBattery Reboot (file missing)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\WaaSMedic\DeferredWork - {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32},DeferralWork - C:\WINDOWS\System32\WaaSMedicSvc.dll (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\WINDOWS\system32\sc.exe start InventorySvc (sign: '')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser Exp - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun express (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\SdbinstMergeDbTask - C:\WINDOWS\system32\sdbinst.exe -mm (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Sustainability\SustainabilityTelemetry - {6EE41D75-D091-4FB7-9AD5-018760DD25D4} - C:\WINDOWS\system32\EcoScoreTask.dll (sign: 'Microsoft')
O22 - Tasks: \Google\Quick Share Relaunch - C:\Program Files\Google\NearbyShare\nearby_share_launcher.exe --mode=system-tray --relaunch_if_crashed (sign: 'Google LLC')
O22 - Tasks: \Google\Quick Share Update Shortcuts - C:\Program Files\Google\NearbyShare\nearby_config.exe --update_shortcut (sign: 'Google LLC')
O22 - Tasks: \GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{B3778E46-B4E7-40F0-9D93-8968ADB40360} - C:\Program Files (x86)\Google\GoogleUpdater\130.0.6679.0\updater.exe --wake --system (sign: 'Google LLC')
O22 - Tasks: \HardDiskSentinel\Hard Disk Sentinel_ernes - C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe /AUTORUN (file missing)
O22 - Tasks: \Microsoft\Windows\Containers\CmCleanup - {F50E9363-6BC8-4DC5-8CAB-7D9F8C1B81B4} - C:\WINDOWS\System32\cmcleanup.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Diagnosis\UnexpectedCodepath - C:\WINDOWS\system32\UCConfigTask.exe (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Flighting\FeatureConfig\UsageDataReceiver - {D4C0420F-76BD-4F66-A91F-918A93ABEBEB} - C:\Windows\System32\fcon.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Location\Notifications - C:\WINDOWS\System32\LocationNotificationWindows.exe (file missing)
O22 - Tasks: \Microsoft\Windows\Network Connectivity Status Indicator\NcsiIdentifyUserProxies - {706B965A-8308-4CD4-9900-87C2D79C121B} - C:\Windows\System32\netprofm.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\PerformanceTrace\RequestTrace - {9EFEB182-2EE3-4AF9-AFFA-521410D110D1} - C:\WINDOWS\system32\PerformanceTraceHandler.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\ReFsDedupSvc\Initialization - {DCFF735B-64F7-45F3-B39C-6C66BBE2120F} - C:\WINDOWS\System32\ReFsDedupSvc.exe (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Setup\SnapshotCleanupTask - C:\Windows\System32\OOBE\SetupPlatform\SetupPlatform.exe -removesnapshot (file missing)
O22 - Tasks: \Microsoft\Windows\Sustainability\PowerGridForecastTask - {251E5B1F-E370-4E12-B5BD-B7AD2A8EE810} - C:\WINDOWS\system32\PowerGridForecastTask.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\TPM\Tpm-PreAttestationHealthCheck - {5014B7C8-934E-4262-9816-887FA745A6C4},TpmPreAttestationHealthCheck - C:\WINDOWS\system32\TpmTasks.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (file missing)
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\UUS Failover Task - C:\WINDOWS\System32\MLEngineStub.exe HandleUusFailoverEvaluationSignalFromWnf (sign: 'Microsoft')
O22 - Tasks: \Mozilla\Floorp Default Browser Agent 22EB8429C9C8096C - C:\Program Files\Ablaze Floorp\default-browser-agent.exe do-task "22EB8429C9C8096C" (not signed - Mozilla Foundation - 2377E69F8AB266A889FF8130C39ABF79714BAAA1)
O22 - Tasks: AMDInstallLauncher - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe /InstallAUEP (sign: 'Advanced Micro Devices')
O22 - Tasks: AMDLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -AMDLinkUpdate (sign: 'Advanced Micro Devices')
O22 - Tasks: AMDRyzenMasterSDKTask - C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe (sign: 'Advanced Micro Devices')
O22 - Tasks: BlueStacksHelper_nxt - C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe -sr (sign: 'Now.gg, INC')
O22 - Tasks: Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} - C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe /waitUpgrade (sign: 'Kaspersky Lab JSC')
O22 - Tasks: ModifyLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -UpdateCurrentUser (sign: 'Advanced Micro Devices')
O22 - Tasks: MSI Task Host - LEDKeeper2_Host - C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe (file missing)
O22 - Tasks: StartAUEP - C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe (sign: 'Advanced Micro Devices')
O22 - Tasks: StartCN - C:\Program Files\AMD\CNext\CNext\cncmd.exe startwithdelay (sign: 'Advanced Micro Devices')
O22 - Tasks: StartCNBM - C:\Program Files\AMD\CNext\CNext\cncmd.exe benchmark (sign: 'Advanced Micro Devices')
O22 - Tasks: StartDVR - C:\Program Files\AMD\CNext\CNext\RSServCmd.exe (sign: 'Advanced Micro Devices')
O22 - Tasks_Migrated: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (user missing) (sign: 'Microsoft')
O22 - Tasks_Migrated: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (user missing) (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Agent Activation Runtime\S-1-5-21-3668908226-1467175477-1431687317-1001 - C:\Windows\System32\AgentActivationRuntimeStarter.exe (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\WINDOWS\system32\fclip.exe (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Flighting\FeatureConfig\BootstrapUsageDataReporting - {D759C938-B375-41CB-A2A2-E6D866A767F4} - C:\Windows\System32\fcon.dll (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Provisioning\MdmDiagnosticsCleanup - C:\WINDOWS\system32\MdmDiagnosticsTool.exe /clean (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Shell\ThemeAssetTask_SyncFODState - {3BC5DD7D-EA3B-428C-B9B6-0723DB6A1057} - C:\Windows\System32\Windows.UI.Immersive.dll (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\WaaSMedic\DeferredWork - {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32},DeferralWork - C:\WINDOWS\System32\WaaSMedicSvc.dll (sign: 'Microsoft')
O22 - Tasks_Migrated: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (sign: 'Microsoft')
O22 - Tasks_Migrated: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (sign: 'Microsoft')
O22 - Tasks_Migrated: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (sign: 'Microsoft')
O22 - Tasks_Migrated: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (sign: 'Microsoft')
O22 - Tasks_Migrated: (telemetry) \Microsoft\Windows\Application Experience\PcaWallpaperAppDetect - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaWallpaperAppDetect (sign: 'Microsoft')
O22 - Tasks_Migrated: (telemetry) \Microsoft\Windows\Application Experience\SdbinstMergeDbTask - C:\WINDOWS\system32\sdbinst.exe -mm (sign: 'Microsoft')
O22 - Tasks_Migrated: \GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem129.0.6651.0{0D9DF195-AC8B-4CC8-BC1F-B2455D7F76D3} - C:\Program Files (x86)\Google\GoogleUpdater\129.0.6651.0\updater.exe --wake --system (file missing)
O22 - Tasks_Migrated: \HardDiskSentinel\Hard Disk Sentinel_ernes - C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe /AUTORUN (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Location\Notifications - C:\WINDOWS\System32\LocationNotificationWindows.exe (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\NetTrace\GatherNetworkInfo - C:\WINDOWS\system32\gatherNetworkInfo.vbs (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Setup\SnapshotCleanupTask - C:\Windows\System32\OOBE\SetupPlatform\SetupPlatform.exe -removesnapshot (file missing)
O22 - Tasks_Migrated: \Mozilla\Floorp Default Browser Agent 22EB8429C9C8096C - C:\Program Files\Ablaze Floorp\default-browser-agent.exe do-task "22EB8429C9C8096C" (not signed - Mozilla Foundation - 2377E69F8AB266A889FF8130C39ABF79714BAAA1)
O22 - Tasks_Migrated: AMDInstallLauncher - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe /InstallAUEP (sign: 'Advanced Micro Devices')
O22 - Tasks_Migrated: AMDLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -AMDLinkUpdate (sign: 'Advanced Micro Devices')
O22 - Tasks_Migrated: AMDRyzenMasterSDKTask - C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe (sign: 'Advanced Micro Devices')
O22 - Tasks_Migrated: BlueStacksHelper_nxt - C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe -sr (sign: 'Now.gg, INC')
O22 - Tasks_Migrated: Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} - C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe /waitUpgrade (sign: 'Kaspersky Lab JSC')
O22 - Tasks_Migrated: ModifyLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -UpdateCurrentUser (sign: 'Advanced Micro Devices')
O22 - Tasks_Migrated: MSI Task Host - LEDKeeper2_Host - C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe (file missing)
O22 - Tasks_Migrated: StartAUEP - C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe (sign: 'Advanced Micro Devices')
O22 - Tasks_Migrated: StartCN - C:\Program Files\AMD\CNext\CNext\cncmd.exe startwithdelay (sign: 'Advanced Micro Devices')
O22 - Tasks_Migrated: StartCNBM - C:\Program Files\AMD\CNext\CNext\cncmd.exe benchmark (sign: 'Advanced Micro Devices')
O22 - Tasks_Migrated: StartDVR - C:\Program Files\AMD\CNext\CNext\RSServCmd.exe (sign: 'Advanced Micro Devices')
O23 - Service R2: AMD Crash Defender Service - C:\WINDOWS\System32\DriverStore\FileRepository\amdfendr.inf_amd64_987f8cede005f427\amdfendrsr.exe (sign: 'Microsoft')
O23 - Service R2: AMD External Events Utility - C:\WINDOWS\System32\DriverStore\FileRepository\u0407412.inf_amd64_101d3d4e34955a9f\B407018\atiesrxx.exe (sign: 'Advanced Micro Devices')
O23 - Service R2: AMD User Experience Program Data Uploader - (AUEPLauncher) - C:\Program Files\AMD\CIM\..\Performance Profile Client\AUEPDU.exe (sign: 'Advanced Micro Devices')
O23 - Service R2: Gaming Services - (GamingServices) - C:\Program Files\WindowsApps\Microsoft.GamingServices_23.92.22001.0_x64__8wekyb3d8bbwe\GamingServices.exe (sign: 'Microsoft')
O23 - Service R2: Gaming Services - (GamingServicesNet) - C:\Program Files\WindowsApps\Microsoft.GamingServices_23.92.22001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe (sign: 'Microsoft')
O23 - Service R2: Kaspersky Anti-Virus Hizmeti 21.3 - (AVP21.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe -r (sign: 'Kaspersky Lab JSC')
O23 - Service R2: LightKeeperService - C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LightKeeperService.exe (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O23 - Service R2: MSI Center Service - (MSI_Center_Service) - C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O23 - Service R2: MSI Voice Control Service - (MSI_VoiceControl_Service) - C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O23 - Service R2: MSI_Case_Service - C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O23 - Service R2: MSI_Companion_Service - C:\Program Files (x86)\MSI\MSI Center\Game Highlights\MSI_Companion_Service.exe (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O23 - Service R2: MSI_Super_Charger_Service - C:\Program Files (x86)\MSI\MSI Center\Super Charger\MSI_Super_Charger_Service.exe (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O23 - Service R2: Mystic_Light_Service - C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Mystic_Light_Service.exe (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_35de80a96fb96d11\RtkAudUService64.exe (sign: 'Realtek Semiconductor Corp.')
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc (sign: 'Google LLC')
O23 - Service S2: GoogleUpdater InternalService 130.0.6679.0 (GoogleUpdaterInternalService130.0.6679.0) - (GoogleUpdaterInternalService130.0.6679.0) - C:\Program Files (x86)\Google\GoogleUpdater\130.0.6679.0\updater.exe --system --windows-service --service=update-internal (sign: 'Google LLC')
O23 - Service S2: GoogleUpdater Service 130.0.6679.0 (GoogleUpdaterService130.0.6679.0) - (GoogleUpdaterService130.0.6679.0) - C:\Program Files (x86)\Google\GoogleUpdater\130.0.6679.0\updater.exe --system --windows-service --service=update (sign: 'Google LLC')
O23 - Service S3: Easy Anti-Cheat (Epic Online Services) - (EasyAntiCheat_EOS) - C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe (sign: 'EasyAntiCheat Oy')
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe (sign: 'EasyAntiCheat Oy')
O23 - Service S3: Epic Online Services - (EpicOnlineServices) - C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe (sign: 'Epic Games Inc.')
O23 - Service S3: GalaxyClientService - C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe (sign: 'GOG  sp. z o.o')
O23 - Service S3: GalaxyCommunication - C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe (sign: 'GOG  sp. z o.o')
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\128.0.6613.138\elevation_service.exe (sign: 'Google LLC')
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc (sign: 'Google LLC')
O23 - Service S3: Kaspersky Volume Shadow Copy Service Bridge 21.3 - (klvssbridge64_21.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\vssbridge64.exe (sign: 'Kaspersky Lab JSC')
O23 - Service S3: ProtonVPN Service - C:\Program Files\Proton\VPN\v3.3.0\ProtonVPNService.exe (sign: 'Proton AG')
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService (sign: 'Valve Corp.')
O23 - Driver R0: AMD PCI Root Bus Lower Filter - (amdkmpfd) - C:\WINDOWS\System32\drivers\amdkmpfd.sys (+safe mode) (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R0: AMD PSP Service - (amdpsp) - C:\WINDOWS\System32\drivers\amdpsp.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R0: AO Kaspersky Lab Cryptographic Module x64 (56 bit) - (cm_km) - C:\WINDOWS\system32\DRIVERS\cm_km.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R0: klupd_klif_arkmon - C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R0: klupd_klif_klbg - C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: CTIIO - C:\WINDOWS\system32\drivers\CtiIo64.sys (sign: 'Microsoft' - Creative Technology Innovation Co., LTd.)
O23 - Driver R1: Kaspersky Anti-Virus NDIS 6 Filter - (klim6) - C:\WINDOWS\system32\DRIVERS\klim6.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab Driver - (KLIF) - C:\WINDOWS\system32\DRIVERS\klif.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab format recognizer driver - (klpd) - C:\WINDOWS\system32\DRIVERS\klpd.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab Kernel DLL - (klflt) - C:\WINDOWS\system32\DRIVERS\klflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab klbackupdisk - (klbackupdisk) - C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab klbackupflt - (klbackupflt) - C:\WINDOWS\system32\DRIVERS\klbackupflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab klpnpflt - (klpnpflt) - C:\WINDOWS\system32\DRIVERS\klpnpflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab Security Extender Driver - (klgse) - C:\WINDOWS\system32\DRIVERS\klgse.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab service driver - (klhk) - C:\WINDOWS\system32\DRIVERS\klhk.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: kldisk - C:\WINDOWS\system32\DRIVERS\kldisk.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: klwfp - C:\WINDOWS\system32\DRIVERS\klwfp.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: KLwtp - WFP callout traffic inspector - (klwtp) - C:\WINDOWS\system32\DRIVERS\klwtp.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: kneps - C:\WINDOWS\system32\DRIVERS\kneps.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: MSIO - C:\Windows\system32\drivers\MsIo64.sys (sign: 'Microsoft' - MICSYS Technology Co., LTd)
O23 - Driver R2: AMDRyzenMasterDriverV20 - C:\Program Files\AMD\RyzenMasterSDK\bin\AMDRyzenMasterDriver.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R2: AMDRyzenMasterDriverV22 - C:\WINDOWS\system32\AMDRyzenMasterDriver.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R2: BlueStacks Hypervisor_nxt - (BlueStacksDrv_nxt) - C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys (sign: 'Microsoft' - Bluestack System Inc.)
O23 - Driver R3: ___ Windows 10 64 Bit için Intel(R) Wireless Bağdaştırıcı Sürücüsü  - (Netwtw14) - C:\WINDOWS\System32\DriverStore\FileRepository\netwtw6e.inf_amd64_5433b0cac0a04d0e\Netwtw14.sys (+safe mode) (sign: 'Intel Corporation')
O23 - Driver R3: AMD Controller Emulation - (AMDXE) - C:\WINDOWS\System32\drivers\amdxe.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R3: AMD Crash Defender Driver - (amdfendr) - C:\WINDOWS\System32\DriverStore\FileRepository\amdfendr.inf_amd64_987f8cede005f427\amdfendr.sys (sign: 'Microsoft' - Advanced Micro Devices, Inc.)
O23 - Driver R3: AMD Crash Defender Manager Driver - (amdfendrmgr) - C:\WINDOWS\System32\DriverStore\FileRepository\amdfendr.inf_amd64_987f8cede005f427\amdfendrmgr.sys (sign: 'Microsoft' - Advanced Micro Devices, Inc.)
O23 - Driver R3: AMD Function Driver for HD Audio Service - (AtiHDAudioService) - C:\WINDOWS\System32\DriverStore\FileRepository\atihdwt6.inf_amd64_4ad1437aef138551\AtihdWT6.sys (sign: 'Microsoft' - Advanced Micro Devices)
O23 - Driver R3: AMD GPIO Client Driver - (amdgpio2) - C:\WINDOWS\System32\drivers\amdgpio2.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R3: AMD GPIO Client Driver - (amdgpio3) - C:\WINDOWS\System32\drivers\amdgpio3.sys (sign: 'ASMedia Technology Inc.')
O23 - Driver R3: AMD PCI - (AMDPCIDev) - C:\WINDOWS\System32\drivers\AMDPCIDev.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R3: AMDSAFD - C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_d4de13a10f2586d0\amdsafd.sys (sign: 'Microsoft' - Advanced Micro Devices)
O23 - Driver R3: amduw23g - C:\WINDOWS\System32\DriverStore\FileRepository\u0407412.inf_amd64_101d3d4e34955a9f\B407018\amdkmdag.sys (sign: 'Advanced Micro Devices')
O23 - Driver R3: Intel(R) Wireless Bluetooth(R) - (ibtusb) - C:\WINDOWS\System32\DriverStore\FileRepository\ibtusb.inf_amd64_902088c6f0a6df9a\ibtusb.sys (+safe mode) (sign: 'Intel Corporation')
O23 - Driver R3: Kaspersky Lab KLKBDFLT - (klkbdflt) - C:\WINDOWS\system32\DRIVERS\klkbdflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R3: Kaspersky Lab KLMOUFLT - (klmouflt) - C:\WINDOWS\system32\DRIVERS\klmouflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R3: klids - C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R3: klupd_klif_klark - C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R3: klupd_klif_mark - C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R3: NTIOLib_CC_Clock - C:\Program Files (x86)\MSI\MSI Center\Lib\NTIOLib_X64.sys (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O23 - Driver R3: NTIOLib_CC_COMM - C:\Program Files (x86)\MSI\MSI Center\Lib\SYS\NTIOLib_X64.sys (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O23 - Driver R3: NTIOLib_CC_CPU - C:\Program Files (x86)\MSI\MSI Center\Super Charger\NTIOLib_X64.sys (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O23 - Driver R3: Realtek RT640 NT Driver - (rt640x64) - C:\WINDOWS\System32\drivers\rt640x64.sys (+safe mode) (sign: 'Realtek Semiconductor Corp.')
O23 - Driver R3: Service for Realtek HD Audio (WDM) - (IntcAzAudAddService) - C:\WINDOWS\system32\drivers\RTKVHD64.sys (sign: 'Realtek Semiconductor Corp.')
O23 - Driver R3: TAP-ProtonVPN Windows Adapter V9 - (tapprotonvpn) - C:\WINDOWS\System32\drivers\tapprotonvpn.sys (+safe mode) (sign: 'Microsoft' - The OpenVPN Project)
O23 - Driver S2: AMDRyzenMasterDriverV26 - C:\Program Files\AMD\Performance Profile Client\AMDRyzenMasterDriver.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver S3: gdrv3 - C:\WINDOWS\system32\drivers\gdrv3.sys (sign: 'GIGA-BYTE TECHNOLOGY CO., LTD.')
O23 - Driver S3: Intel(R) Serial IO GPIO Controller Driver - (iaLPSSi_GPIO) - C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys (sign: 'Intel Corporation - Client Components Group')
O23 - Driver S3: ProtonVPNCallout - C:\Program Files\Proton\VPN\v3.3.0\Resources\ProtonVPN.CalloutDriver.sys (+safe mode) (sign: 'Proton AG')
O23 - Driver S3: R0FanControl - C:\Users\ernes\Desktop\FanControl_1\FanControl.sys (sign: 'Noriyuki MIYAZAKI')
O23 - Driver S3: WinRing0_1_2_0 - C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\MODAPI.sys (sign: 'Noriyuki MIYAZAKI')
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'klim6'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'klwtp'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'Netwtw14'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'ProtonVPN Service'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'ProtonVPNCallout'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'rt640x64'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'tapprotonvpn'


--
End of file - Time spent: 6 sec. - 74160 bytes, CRC32: FFFFFFFF. Sign: 쵎欔

O22 - Tasks_Migrated: \Microsoft\Windows\NetTrace\GatherNetworkInfo - C:\WINDOWS\system32\gatherNetworkInfo.vbs (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Setup\SnapshotCleanupTask - C:\Windows\System32\OOBE\SetupPlatform\SetupPlatform.exe -removesnapshot (file missing)
O22 - Tasks_Migrated: \Mozilla\Floorp Default Browser Agent 22EB8429C9C8096C - C:\Program Files\Ablaze Floorp\default-browser-agent.exe do-task "22EB8429C9C8096C" (not signed - Mozilla Foundation - 2377E69F8AB266A889FF8130C39ABF79714BAAA1)

Logfile of HiJackThis+ (Plus) build 2024-10-15 Alpha v.3.4.0.11

Platform: x64 Windows 10 (Home), 10.0.19045.4894 (ReleaseId: 2009, 22H2), Service Pack: 0
Time: 24.10.2024 - 00:23 (UTC+03:00)
Language: OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Memory: 10871 MiB Free. Loading RAM (34 %), CPU (92 %)
Elevated: Yes.
Ran by: gener (group: Administrators; type: Microsoft) on DESKTOP-5MMH4LA, FirstRun: yes.

Chrome: 130.0.6723.59
Internet Explorer: 11.0.19041.4355
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal (Secure Boot: Off)

Running processes:
Number | Path.
 3 C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe
 1 C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
 1 C:\Program Files\Epic Games\Borderlands3\Borderlands3.exe
 1 C:\Program Files\Epic Games\Borderlands3\OakGame\Binaries\Win64\Borderlands3.exe
 32 C:\Program Files\Google\Chrome\Application\chrome.exe
 1 C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
 1 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
 3 C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
 1 C:\Users\gener.DESKTOP-5MMH4LA\Downloads\HiJackThis.exe
 1 C:\Windows\explorer.exe
 1 C:\Windows\System32\ApplicationFrameHost.exe
 1 C:\Windows\System32\audiodg.exe
 1 C:\Windows\System32\CompPkgSrv.exe
 2 C:\Windows\System32\csrss.exe
 1 C:\Windows\System32\ctfmon.exe
 1 C:\Windows\System32\dasHost.exe
 1 C:\Windows\System32\dllhost.exe
 2 C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_145b4bd9a54f8690\Display.NvContainer\NVDisplay.Container.exe
 1 C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_b55ed36a9a78cc75\RtkAudUService64.exe
 1 C:\Windows\System32\dwm.exe
 2 C:\Windows\System32\fontdrvhost.exe
 1 C:\Windows\System32\lsass.exe
 1 C:\Windows\System32\MoUsoCoreWorker.exe
 1 C:\Windows\System32\oobe\UserOOBEBroker.exe
 4 C:\Windows\System32\RuntimeBroker.exe
 1 C:\Windows\System32\SecurityHealthService.exe
 1 C:\Windows\System32\services.exe
 1 C:\Windows\System32\SgrmBroker.exe
 1 C:\Windows\System32\sihost.exe
 1 C:\Windows\System32\smartscreen.exe
 1 C:\Windows\System32\smss.exe
 73 C:\Windows\System32\svchost.exe
 1 C:\Windows\System32\taskhostw.exe
 1 C:\Windows\System32\Taskmgr.exe
 1 C:\Windows\System32\wbem\WmiPrvSE.exe
 1 C:\Windows\System32\wininit.exe
 1 C:\Windows\System32\winlogon.exe
 1 C:\Windows\System32\WUDFHost.exe
 1 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
 1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
 1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
 1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe

O4 - ActiveSetup: HKLM\..\{8A69D345-D564-463c-AFF1-A69D9E530F96}: [StubPath] = C:\Program Files\Google\Chrome\Application\130.0.6723.59\Installer\chrmstp.exe --configure-user-settings --verbose-logging --system-level --channel=stable (sign: 'Google LLC')
O4 - HKCU\..\StartupApproved\Run: [Discord] = D:\Discord\Update.exe --processStart Discord.exe (2024/10/23) (sign: 'Discord Inc.')
O4 - HKCU\..\StartupApproved\Run: [EADM] = C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe -silent (2024/02/18) (sign: 'Electronic Arts, Inc.')
O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent -launchcontext=boot (2024/02/18) (sign: 'Epic Games Inc.')
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_078848C872E0FDB87E5E545FF74B8F47] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start (2024/02/14) (sign: 'Microsoft')
O4 - HKCU\..\StartupApproved\Run: [RiotClient] = D:\Riot Games\Riot Client\RiotClientServices.exe --launch-background-mode (2024/02/11) (sign: 'Riot Games, Inc.')
O4 - HKCU\..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2024/02/11) (sign: 'Valve Corp.')
O4 - HKLM\..\Run: [Riot Vanguard] = C:\Program Files\Riot Vanguard\vgtray.exe (sign: 'Riot Games, Inc.')
O4 - HKLM\..\Run: [RtkAudUService] = C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_b55ed36a9a78cc75\RtkAudUService64.exe -background (sign: 'Realtek Semiconductor Corp.')
O4 - HKLM\..\RunOnce: [msedge_cleanup_{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}] = C:\Program Files (x86)\Microsoft\Edge\Application\130.0.2849.46\Installer\setup.exe --msedge --channel=stable --delete-old-versions --system-level --verbose-logging --on-logon (sign: 'Microsoft')
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations] = C:\Users\gener.DESKTOP-5MMH4LA\AppData\Local\Temp\_iu14D2R.tmp -> DELETE.
O4 - HKLM\..\StartupApproved\Run32: [Adobe CCXProcess] = C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (2024/03/15) (sign: 'Adobe Inc.')
O4 - HKLM\..\StartupApproved\Run32: [Discord] = C:\ProgramData\SquirrelMachineInstalls\Discord.exe --checkInstall (2024/04/26) (sign: 'Discord Inc.')
O4 - HKLM\..\StartupApproved\Run32: [MicrosoftEdgeAutoLaunch_078848C872E0FDB87E5E545FF74B8F47] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start (2024/09/10) (sign: 'Microsoft')
O4 - HKLM\..\StartupApproved\Run32: [Opera GX Browser Assistant] = C:\Users\gener.DESKTOP-5MMH4LA\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe (2024/09/10) (sign: 'Opera Software AS')
O4-32 - HKLM\..\Run: [GammingApp] = C:\Program Files (x86)\MSI\Gaming APP\SGamingApp.exe --min (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O4-32 - HKLM\..\Run: [Lightshot] = C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe (sign: 'Kilonova LLC')
O5 - HKCU\Control Panel\don't load: [RTSnMg64.cpl] (file missing)
O7 - Policy: (UAC) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System: [PromptOnSecureDesktop] = 0
O7 - Policy: HKCU\..\Windows\Explorer: [DisableSearchBoxSuggestions] = 1
O7 - Policy: HKLM\..\Windows\Explorer: [DisableSearchBoxSuggestions] = 1
O7 - Policy: HKLM\Software\Microsoft\Windows Defender: [DisableAntiSpyware] = 1
O7 - Policy: HKLM\Software\Microsoft\Windows Defender: [DisableAntiVirus] = 1
O7 - Policy: HKLM\Software\Microsoft\Windows Defender\Features: [TamperProtection] = 4
O7 - Policy: HKLM\Software\Microsoft\Windows Defender\Real-Time Protection: [DisableRealtimeMonitoring] = 1
O7 - Policy: HKLM\Software\Policies\Microsoft\Windows Defender: [DisableAntiSpyware] = 1
O7 - Policy: HKLM\Software\Policies\Microsoft\Windows Defender: [DisableAntiVirus] = 1
O17 - DHCP DNS 1: 1.1.1.1 (Well-known DNS: Cloudflare / APNIC)
O17 - DHCP DNS 2: 1.0.0.1 (Well-known DNS: Cloudflare / APNIC)
O17 - HKLM\System\CCS\Services\Tcpip\..\{28c25cd4-1f9d-40d4-bd95-c2b7ee558ac9}: [NameServer] = 1.0.0.1 (Well-known DNS: Cloudflare / APNIC)
O17 - HKLM\System\CCS\Services\Tcpip\..\{28c25cd4-1f9d-40d4-bd95-c2b7ee558ac9}: [NameServer] = 1.1.1.1 (Well-known DNS: Cloudflare / APNIC)
O17 - HKLM\System\CCS\Services\Tcpip\..\{f0723f0f-4176-4cda-851b-45c9dd074180}: [NameServer] = 1.0.0.1 (Well-known DNS: Cloudflare / APNIC)
O17 - HKLM\System\CCS\Services\Tcpip\..\{f0723f0f-4176-4cda-851b-45c9dd074180}: [NameServer] = 1.1.1.1 (Well-known DNS: Cloudflare / APNIC)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll (sign: 'Adobe Inc.')
O22 - Task (.job): (Not scheduled) update-S-1-5-21-3075894536-1912265950-2290956415-1001.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe (sign: 'OOO Lightshot')
O22 - Task (.job): (Not scheduled) update-sys.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe (sign: 'OOO Lightshot')
O22 - Tasks: (disabled) (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (sign: 'Microsoft')
O22 - Tasks: (disabled) OneDrive Reporting Task-S-1-5-21-3075894536-1912265950-2290956415-1001 - C:\Users\gener.DESKTOP-5MMH4LA\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (sign: 'Microsoft')
O22 - Tasks: \GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem131.0.6776.0{894BDA14-855D-4D58-8D2E-2434A3D3ADFA} - C:\Program Files (x86)\Google\GoogleUpdater\131.0.6776.0\updater.exe --wake --system (sign: 'Google LLC')
O22 - Tasks: CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe (file missing)
O22 - Tasks: console_zero - C:\Windows\System32\console_zero.exe (not signed - no company - EFE9D7916F373237D09F22B9988B925C0B79D4B5)
O22 - Tasks: Driver Booster SkipUAC (gener) - C:\Program Files (x86)\IObit\Driver Booster\11.6.0\DriverBooster.exe /skipuac (file missing)
O22 - Tasks: Driver Booster Update - C:\Program Files (x86)\IObit\Driver Booster\11.6.0\AutoUpdate.exe /auto (file missing)
O22 - Tasks: MSIAfterburner - C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe /s (file missing)
O22 - Tasks: MSIGH_Host - C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe --normal (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O22 - Tasks: MSISW_Host - C:\WINDOWS\SysWOW64\muachost.exe (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O22 - Tasks: NVIDIA app SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\NVIDIA app.exe (sign: 'NVIDIA Corporation')
O22 - Tasks: NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (sign: 'NVIDIA Corporation')
O22 - Tasks: NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (sign: 'NVIDIA Corporation')
O22 - Tasks: Opera GX scheduled assistant Autoupdate 1708616421 - C:\Users\gener.DESKTOP-5MMH4LA\AppData\Local\Programs\Opera GX\launcher.exe --scheduledautoupdate --component-name=assistant --component-path="C:\Users\gener.DESKTOP-5MMH4LA\AppData\Local\Programs\Opera GX\assistant" $(Arg0) (sign: 'Opera Norway AS')
O22 - Tasks: Opera GX scheduled Autoupdate 1707672608 - C:\Users\gener.DESKTOP-5MMH4LA\AppData\Local\Programs\Opera GX\autoupdate\opera_autoupdate.exe --scheduledtask --bypasslauncher $(Arg0) (sign: 'Opera Norway AS')
O22 - Tasks: update-S-1-5-21-3075894536-1912265950-2290956415-1001 - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate (sign: 'OOO Lightshot')
O22 - Tasks: update-sys - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate (sign: 'OOO Lightshot')
O23 - Service R2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (sign: 'Malwarebytes Inc.') (+safe mode)
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_145b4bd9a54f8690\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_145b4bd9a54f8690\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem /ert (sign: 'NVIDIA Corporation')
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA Corporation\NVIDIA app\NvContainer\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -ert (sign: 'NVIDIA Corporation')
O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_b55ed36a9a78cc75\RtkAudUService64.exe (sign: 'Realtek Semiconductor Corp.')
O23 - Service R2: x887827 - C:\Windows\System32\svchost.exe -k DcomLaunch; "ServiceDll" = C:\Windows\System32\x887827.dat (not signed - no company - C5C01B60F4B8B7B37A91CFE0C413D05AE22AC945)
O23 - Service R2: x922515 - C:\Windows\System32\svchost.exe -k DcomLaunch; "ServiceDll" = C:\Windows\System32\x922515.dat (not signed - no company - C5C01B60F4B8B7B37A91CFE0C413D05AE22AC945)
O23 - Service S2: GamingApp_Service - C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc (sign: 'Google LLC')
O23 - Service S2: Google Güncelleyici Dahili Hizmeti (GoogleUpdaterInternalService131.0.6776.0) - (GoogleUpdaterInternalService131.0.6776.0) - C:\Program Files (x86)\Google\GoogleUpdater\131.0.6776.0\updater.exe --system --windows-service --service=update-internal (sign: 'Google LLC')
O23 - Service S2: Google Güncelleyici Hizmeti (GoogleUpdaterService131.0.6776.0) - (GoogleUpdaterService131.0.6776.0) - C:\Program Files (x86)\Google\GoogleUpdater\131.0.6776.0\updater.exe --system --windows-service --service=update (sign: 'Google LLC')
O23 - Service S2: MSI Gaming Hotkey Service - (GamingHotkey_Service) - C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O23 - Service S2: MSI_ActiveX_Service - C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O23 - Service S2: SecuROM User Access Service (V7) - (UserAccess7) - C:\WINDOWS\system32\UAService7.exe (file missing)
O23 - Service S3: AntiCheatExpert Protection - C:\Program Files\AntiCheatExpert\ACE-Service64.exe -autorun (sign: 'ACEVILLE PTE LTD')
O23 - Service S3: AntiCheatExpert Service - C:\Program Files\AntiCheatExpert\SGuard\x64\SGuardSvc64.exe -autorun (sign: 'ACEVILLE PTE LTD')
O23 - Service S3: EABackgroundService - C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (sign: 'Electronic Arts, Inc.')
O23 - Service S3: Easy Anti-Cheat (Epic Online Services) - (EasyAntiCheat_EOS) - C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe (sign: 'EasyAntiCheat Oy')
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe (sign: 'EasyAntiCheat Oy')
O23 - Service S3: Epic Online Services - (EpicOnlineServices) - C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe (sign: 'Epic Games Inc.')
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\130.0.6723.59\elevation_service.exe (sign: 'Google LLC')
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc (sign: 'Google LLC')
O23 - Service S3: MBVpnTunnelService - C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe (sign: 'Malwarebytes Inc.')
O23 - Service S3: NVIDIA FrameView SDK service - (FvSvc) - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe -service (sign: 'NVIDIA Corporation')
O23 - Service S3: Rockstar Game Library Service - (Rockstar Service) - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe (file missing)
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService (sign: 'Valve Corp.')
O23 - Service S3: vgc - C:\Program Files\Riot Vanguard\vgc.exe (sign: 'Riot Games, Inc.')
O23 - Driver R0: AMD PSP Service - (amdpsp) - C:\WINDOWS\System32\drivers\amdpsp.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R1: NNSDNS - C:\WINDOWS\system32\DRIVERS\NNSDNS.sys (sign: 'WatchGuard Technologies, Inc.')
O23 - Driver R1: NNSHTTP - C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys (sign: 'WatchGuard Technologies, Inc.')
O23 - Driver R1: NNSHTTPS - C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys (sign: 'WatchGuard Technologies, Inc.')
O23 - Driver R1: NNSIDS - C:\WINDOWS\system32\DRIVERS\NNSIDS.sys (sign: 'WatchGuard Technologies, Inc.')
O23 - Driver R1: NNSNHWFP - C:\WINDOWS\system32\DRIVERS\NNSNHWFP.sys (sign: 'WatchGuard Technologies, Inc.')
O23 - Driver R1: NNSPICC - C:\WINDOWS\system32\DRIVERS\NNSPICC.sys (sign: 'WatchGuard Technologies, Inc.')
O23 - Driver R1: NNSPOP3 - C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys (sign: 'WatchGuard Technologies, Inc.')
O23 - Driver R1: NNSPROT - C:\WINDOWS\system32\DRIVERS\NNSPROT.sys (sign: 'WatchGuard Technologies, Inc.')
O23 - Driver R1: NNSPRV - C:\WINDOWS\system32\DRIVERS\NNSPRV.sys (sign: 'WatchGuard Technologies, Inc.')
O23 - Driver R1: NNSSMTP - C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys (sign: 'WatchGuard Technologies, Inc.')
O23 - Driver R1: NNSSTRM - C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys (sign: 'WatchGuard Technologies, Inc.')
O23 - Driver R1: PSINKNC - C:\WINDOWS\system32\DRIVERS\PSINKNC.sys (sign: 'WatchGuard Technologies, Inc.')
O23 - Driver R1: vgk - C:\Program Files\Riot Vanguard\vgk.sys (sign: 'Riot Games, Inc.')
O23 - Driver R2: AMDRyzenMasterDriverV26 - C:\Program Files\AMD\RyzenMasterSDK\bin\AMDRyzenMasterDriver.sys (file missing)
O23 - Driver R2: MBAMChameleon - (mbamchameleon) - C:\WINDOWS\System32\Drivers\MbamChameleon.sys (sign: 'Microsoft' - Malwarebytes)
O23 - Driver R2: PSINAflt - C:\WINDOWS\system32\DRIVERS\PSINAflt.sys (sign: 'WatchGuard Technologies, Inc.')
O23 - Driver R2: PSINFile - C:\WINDOWS\system32\DRIVERS\PSINFile.sys (sign: 'WatchGuard Technologies, Inc.')
O23 - Driver R2: PSINProc - C:\WINDOWS\system32\DRIVERS\PSINProc.sys (sign: 'WatchGuard Technologies, Inc.')
O23 - Driver R2: PSINProt - C:\WINDOWS\system32\DRIVERS\PSINProt.sys (sign: 'WatchGuard Technologies, Inc.')
O23 - Driver R2: PSINReg - C:\WINDOWS\system32\DRIVERS\PSINReg.sys (sign: 'WatchGuard Technologies, Inc.')
O23 - Driver R3: AMD GPIO Client Driver - (amdgpio2) - C:\WINDOWS\System32\drivers\amdgpio2.sys (sign: 'Advanced Micro Devices INC.')
O23 - Driver R3: AMD GPIO Client Driver - (amdgpio3) - C:\WINDOWS\System32\drivers\amdgpio3.sys (sign: 'ASMedia Technology Inc.')
O23 - Driver R3: AMD PCI - (AMDPCIDev) - C:\WINDOWS\System32\drivers\AMDPCIDev.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R3: AnchorFree TAP-Windows Adapter V9 - (aftap0901) - C:\WINDOWS\System32\drivers\aftap0901.sys (+safe mode) (sign: 'AnchorFree Inc')
O23 - Driver R3: I2cHkBurn - C:\WINDOWS\system32\drivers\I2cHkBurn.sys (sign: 'Feature Integration Technology')
O23 - Driver R3: MBAMSwissArmy - C:\WINDOWS\System32\Drivers\mbamswissarmy.sys (sign: 'Microsoft' - Malwarebytes)
O23 - Driver R3: MSI Gaming Mouse - (MSI_MOUSE) - C:\WINDOWS\system32\drivers\MSI_MOUSE.sys (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O23 - Driver R3: NVIDIA Virtual Audio Device (Wave Extensible) (WDM) - (nvvad_WaveExtensible) - C:\WINDOWS\system32\drivers\nvvad64v.sys (sign: 'NVIDIA Corporation')
O23 - Driver R3: nvlddmkm - C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_145b4bd9a54f8690\nvlddmkm.sys (sign: 'NVIDIA Corporation')
O23 - Driver R3: Realtek RT640 NT Driver - (rt640x64) - C:\WINDOWS\System32\drivers\rt640x64.sys (+safe mode) (sign: 'Realtek Semiconductor Corp.')
O23 - Driver R3: Service for NVIDIA High Definition Audio Driver - (NVHDA) - C:\WINDOWS\system32\drivers\nvhda64v.sys (sign: 'NVIDIA Corporation')
O23 - Driver R3: Service for Realtek HD Audio (WDM) - (IntcAzAudAddService) - C:\WINDOWS\system32\drivers\RTKVHD64.sys (sign: 'Realtek Semiconductor Corp.')
O23 - Driver S3: @oem25.inf,%IntcAudioBus.SVCDESC%;Intel(R) Smart Sound Technology Veri Yolu - (IntcAudioBus) - C:\WINDOWS\System32\drivers\IntcAudioBus.sys (sign: 'Smart Sound Technology')
O23 - Driver S3: @oem44.inf,%IntcOED.SVCDESC%;Intel(R) Smart Sound Technology OED - (IntcOED) - C:\WINDOWS\System32\drivers\IntcOED.sys (sign: 'Smart Sound Technology')
O23 - Driver S3: ACE-BASE - C:\WINDOWS\system32\drivers\ACE-BASE.sys (sign: 'Microsoft' - ANTICHEATEXPERT.COM)
O23 - Driver S3: ACE-SSC-DRV64 - C:\Program Files\AntiCheatExpert\SGuard\x64\plugins\ACE-SSC-DRV64.sys (sign: 'Microsoft' - ANTICHEATEXPERT.COM)
O23 - Driver S3: cpuz154 - C:\WINDOWS\temp\cpuz154\cpuz154_x64.sys (file missing)
O23 - Driver S3: EasyAntiCheatSys - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.sys (sign: 'EasyAntiCheat Oy')
O23 - Driver S3: gdrv3 - C:\WINDOWS\System32\drivers\gdrv3.sys (sign: 'GIGA-BYTE Technology Co., Ltd.')
O23 - Driver S3: NEProtect - C:\Program Files (x86)\Steam\steamapps\common\Once Human\NEProtect.sys (file missing)
O23 - Driver S3: NVIDIA USB Type-C PPC Service - (UcmCxUcsiNvppc) - C:\WINDOWS\System32\DriverStore\FileRepository\nvppc.inf_amd64_dff9c5601205b03c\UcmCxUcsiNvppc.sys (sign: 'NVIDIA Corporation')
O23 - Driver S3: PSKMAD - C:\WINDOWS\System32\DRIVERS\PSKMAD.sys (sign: 'Microsoft' - Panda Security, S.L.U.)
O23 - Driver S3: RevoProcessDetector - C:\WINDOWS\system32\DRIVERS\RevoProcessDetector.sys (sign: 'Microsoft' - VS Revo Group)
O23 - Driver S3: SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.) - (ssudmdm) - C:\WINDOWS\system32\DRIVERS\ssudmdm.sys (sign: 'Samsung Electronics CO., LTD.')
O23 - Driver S3: SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.) - (dg_ssudbus) - C:\WINDOWS\System32\drivers\ssudbus2.sys (+safe mode) (sign: 'Samsung Electronics CO., LTD.')
O23 - Driver S3: SAMSUNG Mobile USB QCRMNET Filter Driver - (ssudqcfilter) - C:\WINDOWS\System32\drivers\ssudqcfilter.sys (sign: 'Samsung Electronics CO., LTD.')
O23 - Driver S3: VB-Audio Voicemeeter VAIO (WDM) - (VBVoicemeeterVAIOMME) - C:\WINDOWS\System32\DriverStore\FileRepository\vbvoicemeetervaio64_win10.inf_amd64_c2bd37de84fa6e4f\vbvoicemeetervaio64_win10.sys (file missing)
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'aftap0901'.
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'rt640x64'.

--
End of file - Time spent: 153,2 sec. - 45020 bytes, CRC32: FFFFFFFF. Sign: ᰍ⹇

Logfile of HiJackThis+ (Plus) build 2024-10-15 Alpha v.3.4.0.11

Platform:  x64 Windows 11 (Pro), 10.0.22631.4391 (ReleaseId: 2009, 23H2), Service Pack: 0
Time:      26.10.2024 - 21:52 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Memory:    11535 MiB Free. Loading RAM (30 %), CPU (2 %)
Elevated:  Yes
Ran by:    nihat    (group: Administrators; type: Microsoft) on NIHAT-DESKTOP, FirstRun: no

Chrome:  130.0.6723.70
Internet Explorer: 11.0.22621.3527
Default: "C:\Users\nihat\AppData\Local\Programs\Opera GX\opera.exe" -noautoupdate -- "%1" (Opera GX Internet Browser)

Boot mode: Normal (Secure Boot: On)

Running processes:
Number | Path
   1  C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
   1  C:\Program Files (x86)\ASUS\AXSP\4.02.32\atkexComSvc.exe
   1  C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AntiTrackSvc.exe
   1  C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe
   3  C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\CefSharp.BrowserSubprocess.exe
   1  C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\Ekag20nt.exe
   1  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
   7  C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe
   1  C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
   1  C:\Program Files (x86)\Razer Chroma SDK\bin\RzAppManager
   1  C:\Program Files (x86)\Razer Chroma SDK\bin\RzBTLEManager
   1  C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaConnectServer
   1  C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe
   1  C:\Program Files (x86)\Razer Chroma SDK\bin\RzDeviceManager
   1  C:\Program Files (x86)\Razer Chroma SDK\bin\RzDiagnostic
   1  C:\Program Files (x86)\Razer Chroma SDK\bin\RzIoTDeviceManager
   1  C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
   1  C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
   1  C:\Program Files (x86)\Razer Chroma SDK\bin\RzSmartlightingDeviceManager
   1  C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncherService.exe
   1  C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
   1  C:\Program Files (x86)\Razer\Razer Services\GMS3\GameManagerService3.exe
   1  C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
   1  C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
   1  C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
   2  C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
   1  C:\Program Files\Avast Software\Avast\afwServ.exe
   1  C:\Program Files\Avast Software\Avast\aswEngSrv.exe
   1  C:\Program Files\Avast Software\Avast\aswidsagent.exe
   1  C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
   1  C:\Program Files\Avast Software\Avast\AvastSvc.exe
   4  C:\Program Files\Avast Software\Avast\AvastUI.exe
   1  C:\Program Files\Avast Software\Avast\wsc_proxy.exe
   3  C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
   3  C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
   1  C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
   1  C:\Program Files\WindowsApps\Microsoft.GamingServices_24.93.16001.0_x64__8wekyb3d8bbwe\gamingservices.exe
   1  C:\Program Files\WindowsApps\Microsoft.GamingServices_24.93.16001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
   1  C:\Program Files\WindowsApps\Microsoft.WidgetsPlatformRuntime_1.4.0.0_x64__8wekyb3d8bbwe\WidgetService\WidgetService.exe
   1  C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.24900.130.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
   1  C:\Users\nihat\Downloads\HiJackThis\HiJackThis.exe
   1  C:\Windows\explorer.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   1  C:\Windows\System32\audiodg.exe
   9  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   2  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dasHost.exe
   1  C:\Windows\System32\DataExchangeHost.exe
   2  C:\Windows\System32\dllhost.exe
   2  C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ab3196e1830c9b6c\Display.NvContainer\NVDisplay.Container.exe
   1  C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_0570478011758f12\Intel_PIE_Service.exe
   1  C:\Windows\System32\DTS\HP\APO4x\DtsHPXV2Apo4Service.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   2  C:\Windows\System32\GameInputSvc.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\rundll32.exe
   3  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SearchProtocolHost.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SecurityHealthSystray.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  87  C:\Windows\System32\svchost.exe
   2  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\wbem\unsecapp.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\System32\wlanext.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe
   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe

O4 - ActiveSetup: HKLM\..\{8A69D345-D564-463c-AFF1-A69D9E530F96}: [StubPath] = C:\Program Files\Google\Chrome\Application\130.0.6723.70\Installer\chrmstp.exe --configure-user-settings --verbose-logging --system-level --channel=stable (sign: 'Google LLC')
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\nihat\AppData\Local\Discord\Update.exe --processStart Discord.exe (2023/06/16) (sign: 'Discord Inc.')
O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent -launchcontext=boot (2023/06/19) (sign: 'Epic Games Inc.')
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_9CFB52F5A045619DE496E56C9A0EEA90] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start (2023/06/26) (sign: 'Microsoft')
O4 - HKCU\..\StartupApproved\Run: [Opera GX Browser Assistant] = C:\Users\nihat\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe (2023/06/30) (sign: 'Opera Software AS')
O4 - HKCU\..\StartupApproved\Run: [Opera GX Stable] = C:\Users\nihat\AppData\Local\Programs\Opera GX\opera.exe (2023/06/16) (sign: 'Opera Norway AS')
O4 - HKCU\..\StartupApproved\Run: [org.whispersystems.signal-desktop] = C:\Users\nihat\AppData\Local\Programs\signal-desktop\Signal.exe --start-in-tray (file missing) (2024/10/26)
O4 - HKCU\..\StartupApproved\Run: [Overwolf] = C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe -overwolfsilent (2024/10/26) (sign: 'Overwolf Ltd')
O4 - HKCU\..\StartupApproved\Run: [RiotClient] = C:\Riot Games\Riot Client\RiotClientServices.exe --launch-background-mode (2023/06/16) (sign: 'Riot Games, Inc.')
O4 - HKCU\..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2023/06/16) (sign: 'Valve Corp.')
O4 - HKCU\..\StartupApproved\Run: [Synapse3] = C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe /StartMinimized (2023/06/19) (sign: 'Razer USA Ltd.')
O4 - HKLM\..\Run: [AvastUI.exe] = C:\Program Files\Avast Software\Avast\AvLaunch.exe /gui (sign: 'Avast Software s.r.o.')
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations] = C:\Users\nihat\AppData\Local\Temp\~nsu.tmp -> DELETE (file missing)
O4 - HKLM\..\StartupApproved\Run: [Riot Vanguard] = C:\Program Files\Riot Vanguard\vgtray.exe (2024/10/26) (sign: 'Riot Games, Inc.')
O4 - HKLM\..\StartupApproved\Run: [RZSurroundHelper] = C:\Windows\system32\RZSurroundHelper.exe (file missing) (2023/06/16)
O4 - HKLM\..\StartupApproved\Run32: [RazerCortex] = C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe -autorun (2024/10/26) (sign: 'Razer USA Ltd.')
O4 - HKU\S-1-5-18\..\Run: [Synapse3] = C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe /StartMinimized (User 'LocalSystem') (sign: 'Razer USA Ltd.')
O4 - HKU\S-1-5-19\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'Local service') (sign: 'Microsoft')
O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'Local service') (sign: 'Microsoft')
O4 - HKU\S-1-5-20\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'Network service') (sign: 'Microsoft')
O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'Network service') (sign: 'Microsoft')
O4-32 - HKLM\..\Run: [amd_dc_opt] = C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (not signed - AMD - CA50EA8E8CD7D666939D2C229920E2E967797E02)
O7 - Policy: HKLM\Software\Microsoft\Windows Defender: [DisableAntiSpyware] = 1
O7 - Policy: HKLM\Software\Microsoft\Windows Defender: [DisableAntiVirus] = 1
O17 - DHCP DNS 1: 192.168.1.1
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files\Avast Software\Avast\ashShell.dll (sign: 'Avast Software s.r.o.')
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files\Avast Software\Avast\x86\ashShell.dll (sign: 'Avast Software s.r.o.')
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O22 - BITS Job: (download) {4ABED0B9-F2F3-41E3-9ED3-5BB336BAB048} - hxxp://edgedl.me.gvt1.com/edgedl/diffgen-puffin/hfnkpimlhhgieaddgfemjhofmfblmnib/ae1724ca32cba45f7b26e74abfaf4bb6c096f0fa4a363d5bac5c1f5ecc9c655f -> C:\Users\nihat\AppData\Local\Temp\chrome_BITS_23928_203338541\ae1724ca32cba45f7b26e74abfaf4bb6c096f0fa4a363d5bac5c1f5ecc9c655f
O22 - BITS Job: (download) {4F974082-F562-4401-BB36-9F1169701644} - hxxp://edgedl.me.gvt1.com/edgedl/diffgen-puffin/niikhdgajlphfehepabhhblakbdgeefj/fd918746aa9e479575b7925149ca4f6bd6f09150692dc44ccfdb735abb902f5b -> C:\Users\nihat\AppData\Local\Temp\chrome_BITS_22736_616835537\fd918746aa9e479575b7925149ca4f6bd6f09150692dc44ccfdb735abb902f5b
O22 - BITS Job: (download) {709BD94A-115F-4134-8F2F-EAD5C4A1E286} - hxxp://edgedl.me.gvt1.com/edgedl/diffgen-puffin/lmelglejhemejginpboagddgdfbepgmp/df5098c839213f59973456e74f78595a954dd79c4a66904023fa62200f260eae -> C:\Users\nihat\AppData\Local\Temp\chrome_BITS_16896_541566767\df5098c839213f59973456e74f78595a954dd79c4a66904023fa62200f260eae
O22 - BITS Job: (download) {DABAFECE-419B-4147-854C-0DDDEF02AE99} - hxxp://edgedl.me.gvt1.com/edgedl/diffgen-puffin/gcmjkmgdlgnkkcocmoeiminaijmmjnii/1.b48b30af5ce18c96128bfff9d2755c7932a1f32adc66f68322f7dd505db9626f/1.3651711652892acf34795b2c7e4d401ed2274c20e952f65cf52deeeef5bbf9b5/44878846f0fa5b38add937ea388209ca7d5ccbbe383a1f0b84eff28544bec391 -> C:\Users\nihat\AppData\Local\Temp\chrome_BITS_17456_982966841\44878846f0fa5b38add937ea388209ca7d5ccbbe383a1f0b84eff28544bec391
O22 - BITS Job: Fix all (including legit)
O22 - Tasks: (disabled) (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\WINDOWS\system32\sc.exe start InventorySvc (sign: '')
O22 - Tasks: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\WINDOWS\system32\fclip.exe (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Flighting\FeatureConfig\BootstrapUsageDataReporting - {D759C938-B375-41CB-A2A2-E6D866A767F4} - C:\WINDOWS\System32\fcon.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\MdmDiagnosticsCleanup - C:\WINDOWS\system32\MdmDiagnosticsTool.exe /clean (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Shell\ThemeAssetTask_SyncFODState - {3BC5DD7D-EA3B-428C-B9B6-0723DB6A1057} - C:\Windows\System32\Windows.UI.Immersive.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\WINDOWS\system32\MusNotification.exe /RunOnAC RebootDialog (file missing)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\WINDOWS\system32\MusNotification.exe /RunOnBattery RebootDialog (file missing)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaWallpaperAppDetect - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaWallpaperAppDetect (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\SdbinstMergeDbTask - C:\WINDOWS\system32\sdbinst.exe -mm (sign: 'Microsoft')
O22 - Tasks: (telemetry) NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe (sign: 'NVIDIA Corporation')
O22 - Tasks: (telemetry) NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe (sign: 'NVIDIA Corporation')
O22 - Tasks: (telemetry) NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe (sign: 'NVIDIA Corporation')
O22 - Tasks: (telemetry) NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe (sign: 'NVIDIA Corporation')
O22 - Tasks: \ASUS\Armoury Crate Service Task_CountDown - C:\ProgramData\ASUS\FestsEffect\data\CountDown\CountDown.exe (file missing)
O22 - Tasks: \ASUS\NoiseCancelingEngine - C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe (file missing)
O22 - Tasks: \ASUS\P508PowerAgent_sdk - C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (file missing)
O22 - Tasks: \Avast Software\Avast Emergency Update - C:\Program Files\Avast Software\Avast\AvEmUpdate.exe (sign: 'Avast Software s.r.o.')
O22 - Tasks: \Avast Software\AvastAntiTrackPremiumStart - C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe -minimizedBoot (sign: 'Avast Software s.r.o.')
O22 - Tasks: \Avast Software\Overseer - C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe /from_scheduler:1 (sign: 'Avast Software s.r.o.')
O22 - Tasks: \GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem131.0.6776.0{3B91E372-314B-42D3-98FE-B52207E0D166} - C:\Program Files (x86)\Google\GoogleUpdater\131.0.6776.0\updater.exe --wake --system (sign: 'Google LLC')
O22 - Tasks: \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - C:\WINDOWS\System32\MbaeParserTask.exe (file missing)
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (file missing)
O22 - Tasks: Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (sign: 'Adobe Inc.')
O22 - Tasks: AMDAutoUpdate - C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks: NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log (sign: 'NVIDIA Corporation')
O22 - Tasks: NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (sign: 'NVIDIA Corporation')
O22 - Tasks: NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler (sign: 'NVIDIA Corporation')
O22 - Tasks: NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (sign: 'NVIDIA Corporation')
O22 - Tasks: NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (sign: 'NVIDIA Corporation')
O22 - Tasks: Opera GX scheduled assistant Autoupdate 1703078104 - C:\Users\nihat\AppData\Local\Programs\Opera GX\launcher.exe --scheduledautoupdate --component-name=assistant --component-path="C:\Users\nihat\AppData\Local\Programs\Opera GX\assistant" $(Arg0) (sign: 'Opera Norway AS')
O22 - Tasks: Opera GX scheduled Autoupdate 1701971429 - C:\Users\nihat\AppData\Local\Programs\Opera GX\autoupdate\opera_autoupdate.exe --scheduledtask --bypasslauncher $(Arg0) (sign: 'Opera Norway AS')
O22 - Tasks: Overwolf Updater Task - C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe /RunningFrom Schedule (sign: 'Overwolf Ltd')
O22 - Tasks: RazerCortexScheduleClean - C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe -schtask-1 (sign: 'Razer USA Ltd.')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\WINDOWS\system32\fclip.exe (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (sign: 'Microsoft')
O22 - Tasks_Migrated: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (sign: 'Microsoft')
O22 - Tasks_Migrated: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (sign: 'Microsoft')
O22 - Tasks_Migrated: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (sign: 'Microsoft')
O22 - Tasks_Migrated: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (sign: 'Microsoft')
O22 - Tasks_Migrated: (telemetry) NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe (sign: 'NVIDIA Corporation')
O22 - Tasks_Migrated: (telemetry) NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe (sign: 'NVIDIA Corporation')
O22 - Tasks_Migrated: (telemetry) NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe (sign: 'NVIDIA Corporation')
O22 - Tasks_Migrated: (telemetry) NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe (sign: 'NVIDIA Corporation')
O22 - Tasks_Migrated: \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - C:\WINDOWS\System32\MbaeParserTask.exe (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\SettingSync\BackgroundUploadTask - {59B9640B-3F70-4D1C-B159-F26EEB8A4C87} - (no file)
O22 - Tasks_Migrated: \Microsoft\Windows\SettingSync\NetworkStateChangeTask - {A4173A49-F373-4475-9A0F-2D615204DC20} - (no file)
O22 - Tasks_Migrated: \Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Windows Defender\Windows Defender Cleanup - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe -IdleTask -TaskName WdCleanup (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe Scan -ScheduleJob -ScanTrigger 55 -IdleScheduledJob (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Windows Defender\Windows Defender Verification - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe -IdleTask -TaskName WdVerification (file missing)
O22 - Tasks_Migrated: Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (sign: 'Adobe Inc.')
O22 - Tasks_Migrated: AMDAutoUpdate - C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks_Migrated: GoogleUpdateTaskMachineCore{D8F06B29-13F4-4E5B-985D-5B1B5A929DBD} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c (sign: 'Google LLC')
O22 - Tasks_Migrated: GoogleUpdateTaskMachineUA{E97E7B57-F3C8-4928-8621-ACFC1FE3D5E4} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler (sign: 'Google LLC')
O22 - Tasks_Migrated: McUpdaterModuleTask - C:\Program Files (x86)\McAfee Security Scan\4.1.471\McUpdaterModule.exe (file missing)
O22 - Tasks_Migrated: NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log (sign: 'NVIDIA Corporation')
O22 - Tasks_Migrated: NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (sign: 'NVIDIA Corporation')
O22 - Tasks_Migrated: NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler (sign: 'NVIDIA Corporation')
O22 - Tasks_Migrated: NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (sign: 'NVIDIA Corporation')
O22 - Tasks_Migrated: NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (sign: 'NVIDIA Corporation')
O22 - Tasks_Migrated: Opera GX scheduled assistant Autoupdate 1703078104 - C:\Users\nihat\AppData\Local\Programs\Opera GX\launcher.exe --scheduledautoupdate --component-name=assistant --component-path="C:\Users\nihat\AppData\Local\Programs\Opera GX\assistant" $(Arg0) (sign: 'Opera Norway AS')
O22 - Tasks_Migrated: Opera GX scheduled Autoupdate 1701971429 - C:\Users\nihat\AppData\Local\Programs\Opera GX\launcher.exe --scheduledautoupdate $(Arg0) (sign: 'Opera Norway AS')
O22 - Tasks_Migrated: SecurityScannerScheduler - C:\Program Files (x86)\McAfee Security Scan\4.1.471\SSScheduler.exe (file missing)
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (sign: 'Adobe Inc.')
O23 - Service R2: Asus Certificate Service - (AsusCertService) - C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service R2: ASUS Com Service - (asComSvc) - C:\Program Files (x86)\ASUS\AXSP\4.02.32\atkexComSvc.exe (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service R2: Avast AntiTrack Service - (AvastAntiTrackSvc) - C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AntiTrackSvc.exe (sign: 'Avast Software s.r.o.')
O23 - Service R2: Avast Antivirus - (avast! Antivirus) - C:\Program Files\Avast Software\Avast\AvastSvc.exe /runassvc (sign: 'Avast Software s.r.o.')
O23 - Service R2: Avast Firewall Service - (avast! Firewall) - C:\Program Files\Avast Software\Avast\afwServ.exe (sign: 'Avast Software s.r.o.')
O23 - Service R2: Avast Tools - (avast! Tools) - C:\Program Files\Avast Software\Avast\aswToolsSvc.exe /runassvc (sign: 'Avast Software s.r.o.')
O23 - Service R2: AvastWscReporter - C:\Program Files\Avast Software\Avast\wsc_proxy.exe /runassvc /rpcserver (sign: 'Avast Software s.r.o.')
O23 - Service R2: CortexLauncherService - C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncherService.exe (sign: 'Razer USA Ltd.')
O23 - Service R2: DtsHPXV2Apo4Service - C:\WINDOWS\System32\DTS\HP\APO4x\DtsHPXV2Apo4Service.exe (sign: 'HP Inc.')
O23 - Service R2: Gaming Services - (GamingServices) - C:\Program Files\WindowsApps\Microsoft.GamingServices_24.93.16001.0_x64__8wekyb3d8bbwe\GamingServices.exe (sign: 'Microsoft')
O23 - Service R2: Gaming Services - (GamingServicesNet) - C:\Program Files\WindowsApps\Microsoft.GamingServices_24.93.16001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe (sign: 'Microsoft')
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ab3196e1830c9b6c\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ab3196e1830c9b6c\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem /ert (sign: 'NVIDIA Corporation')
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -ert (sign: 'NVIDIA Corporation')
O23 - Service R2: Razer Central Service - (RzActionSvc) - C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe (sign: 'Razer USA Ltd.')
O23 - Service R2: Razer Chroma SDK Server - C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe (sign: 'Razer USA Ltd.')
O23 - Service R2: Razer Chroma SDK Service - C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe (sign: 'Razer USA Ltd.')
O23 - Service R2: Razer Chroma Stream Server - C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe (sign: 'Razer USA Ltd.')
O23 - Service R2: Razer Game Manager - (Razer Game Manager Service) - C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe (sign: 'Razer USA Ltd.')
O23 - Service R2: Razer Game Manager Service 3 - C:\Program Files (x86)\Razer\Razer Services\GMS3\GameManagerService3.exe (sign: 'Razer USA Ltd.')
O23 - Service R2: Razer Synapse Service - C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe (sign: 'Razer USA Ltd.')
O23 - Service R3: aswbIDSAgent - C:\Program Files\Avast Software\Avast\aswidsagent.exe (sign: 'Avast Software s.r.o.')
O23 - Service R3: Intel® PROSet/Wireless Service - (PIEServiceNew) - C:\WINDOWS\System32\DriverStore\FileRepository\piecomponent.inf_amd64_0570478011758f12\Intel_PIE_Service.exe (sign: 'Intel Corporation')
O23 - Service S2: AsusUpdateCheck - C:\WINDOWS\System32\AsusUpdateCheck.exe (sign: 'ASUSTeK Computer Inc.')
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc (sign: 'Google LLC')
O23 - Service S2: Google Güncelleyici Dahili Hizmeti (GoogleUpdaterInternalService131.0.6776.0) - (GoogleUpdaterInternalService131.0.6776.0) - C:\Program Files (x86)\Google\GoogleUpdater\131.0.6776.0\updater.exe --system --windows-service --service=update-internal (sign: 'Google LLC')
O23 - Service S2: Google Güncelleyici Hizmeti (GoogleUpdaterService131.0.6776.0) - (GoogleUpdaterService131.0.6776.0) - C:\Program Files (x86)\Google\GoogleUpdater\131.0.6776.0\updater.exe --system --windows-service --service=update (sign: 'Google LLC')
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe (sign: 'BattlEye Innovations e.K.')
O23 - Service S3: Denuvo Anti-Cheat Update Service - C:\Program Files\Denuvo Anti-Cheat\denuvo-anti-cheat-update-service.exe (invalid sign: CERT_E_CHAINING - Denuvo GmbH - 2388E96064AC83577E07C707727137DEE81F216F)
O23 - Service S3: EAAntiCheatService - C:\Program Files\EA\AC\eaanticheat.gameservice.exe (sign: 'Electronic Arts, Inc.')
O23 - Service S3: EABackgroundService - C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (sign: 'Electronic Arts, Inc.')
O23 - Service S3: Easy Anti-Cheat (Epic Online Services) - (EasyAntiCheat_EOS) - C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe (sign: 'EasyAntiCheat Oy')
O23 - Service S3: Epic Online Services - (EpicOnlineServices) - C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe (sign: 'Epic Games Inc.')
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\130.0.6723.70\elevation_service.exe (sign: 'Google LLC')
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc (sign: 'Google LLC')
O23 - Service S3: Microsoft Defender Çekirdek Hizmeti - (MDCoreSvc) - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpDefenderCoreService.exe (sign: 'Microsoft')
O23 - Service S3: NVIDIA FrameView SDK service - (FvSvc) - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe -service (sign: 'NVIDIA Corporation')
O23 - Service S3: Overwolf Updater Windows SCM - (OverwolfUpdater) - C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe /RunningFrom SCM (sign: 'Overwolf Ltd')
O23 - Service S3: Rockstar Game Library Service - (Rockstar Service) - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe (sign: 'Rockstar Games, Inc.')
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService (sign: 'Valve Corp.')
O23 - Service S3: Uncheater for BattleGrounds_GL - (ucldr_battlegrounds_gl) - C:\Program Files\Common Files\Wellbia.com\ucldr_battlegrounds_gl.exe (sign: 'Wellbia.com Co., Ltd.')
O23 - Service S3: vgc - C:\Program Files\Riot Vanguard\vgc.exe (sign: 'Riot Games, Inc.')
O23 - Service S3: Zakynthos Service - (zksvc) - C:\Program Files\Common Files\PUBG\zksvc.exe (sign: 'KRAFTON, Inc.')
O23 - Driver R0: AMD PSP Service - (amdpsp) - C:\WINDOWS\System32\drivers\amdpsp.sys (sign: 'Advanced Micro Devices, Inc.')
O23 - Driver R0: aswbidsh - C:\WINDOWS\system32\drivers\aswbidsh.sys (sign: 'Microsoft' - Gen Digital Inc.)
O23 - Driver R0: aswbuniv - C:\WINDOWS\system32\drivers\aswbuniv.sys (sign: 'Microsoft' - Gen Digital Inc.)
O23 - Driver R0: aswRvrt - C:\WINDOWS\system32\drivers\aswRvrt.sys (sign: 'Microsoft' - Gen Digital Inc.)
O23 - Driver R0: aswVmm - C:\WINDOWS\system32\drivers\aswVmm.sys (sign: 'Microsoft' - Gen Digital Inc.)
O23 - Driver R1: Asusgio3 - C:\WINDOWS\system32\drivers\AsIO3.sys (sign: 'ASUSTeK COMPUTER INC.')
O23 - Driver R1: aswArPot - C:\WINDOWS\system32\drivers\aswArPot.sys (sign: 'Microsoft' - Gen Digital Inc.)
O23 - Driver R1: aswbidsdriver - C:\WINDOWS\system32\drivers\aswbidsdriver.sys (sign: 'Microsoft' - Gen Digital Inc.)
O23 - Driver R1: aswKbd - C:\WINDOWS\system32\drivers\aswKbd.sys (sign: 'Microsoft' - Gen Digital Inc.)
O23 - Driver R1: aswMonFlt - C:\WINDOWS\system32\drivers\aswMonFlt.sys (sign: 'Microsoft' - Gen Digital Inc.)
O23 - Driver R1: aswNetHub - C:\WINDOWS\system32\drivers\aswNetHub.sys (+safe mode) (sign: 'Microsoft' - Gen Digital Inc.)
O23 - Driver R1: aswRdr - C:\WINDOWS\system32\drivers\aswRdr2.sys (+safe mode) (sign: 'Microsoft' - Gen Digital Inc.)
O23 - Driver R1: aswSnx - C:\WINDOWS\system32\drivers\aswSnx.sys (sign: 'Microsoft' - Gen Digital Inc.)
O23 - Driver R1: aswSP - C:\WINDOWS\system32\drivers\aswSP.sys (sign: 'Microsoft' - Gen Digital Inc.)
O23 - Driver R1: MSIO - C:\WINDOWS\system32\drivers\MsIo64.sys (sign: 'Microsoft' - MICSYS Technology Co., LTd)
O23 - Driver R1: netfilter2 - C:\WINDOWS\system32\drivers\netfilter2.sys (+safe mode) (sign: 'Avast Software s.r.o.')
O23 - Driver R1: vgk - C:\Program Files\Riot Vanguard\vgk.sys (sign: 'Riot Games, Inc.')
O23 - Driver R2: AMDRyzenMasterDriverV20 - C:\Program Files\AMD\RyzenMaster\bin\AMDRyzenMasterDriver.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R2: aswStm - C:\WINDOWS\system32\drivers\aswStm.sys (+safe mode) (sign: 'Microsoft' - Gen Digital Inc.)
O23 - Driver R3: ___ Windows 10 64 Bit için Intel(R) Wireless Bağdaştırıcı Sürücüsü  - (Netwtw10) - C:\WINDOWS\System32\drivers\Netwtw10.sys (+safe mode) (sign: 'Intel Corporation')
O23 - Driver R3: AMD GPIO Client Driver - (amdgpio2) - C:\WINDOWS\System32\drivers\amdgpio2.sys (sign: 'Advanced Micro Devices INC.')
O23 - Driver R3: AMD GPIO Client Driver - (amdgpio3) - C:\WINDOWS\System32\drivers\amdgpio3.sys (invalid sign: CERT_E_CHAINING - Advanced Micro Devices, Inc - 6C33D9E8ED5C745C079CC9CCE37EF9449E428A91)
O23 - Driver R3: AMD PCI - (AMDPCIDev) - C:\WINDOWS\System32\drivers\AMDPCIDev.sys (sign: 'Advanced Micro Devices INC.')
O23 - Driver R3: Intel(R) Wireless Bluetooth(R) - (ibtusb) - C:\WINDOWS\System32\DriverStore\FileRepository\ibtusb.inf_amd64_61347c5cb0cff547\ibtusb.sys (+safe mode) (sign: 'Intel Corporation')
O23 - Driver R3: NVIDIA Virtual Audio Device (Wave Extensible) (WDM) - (nvvad_WaveExtensible) - C:\WINDOWS\system32\drivers\nvvad64v.sys (sign: 'NVIDIA Corporation')
O23 - Driver R3: nvlddmkm - C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ab3196e1830c9b6c\nvlddmkm.sys (sign: 'NVIDIA Corporation')
O23 - Driver R3: NvModuleTracker - C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys (sign: 'NVIDIA Corporation')
O23 - Driver R3: NVVHCI Enumerator Service - (nvvhci) - C:\WINDOWS\System32\drivers\nvvhci.sys (sign: 'Nvidia Corporation')
O23 - Driver R3: Razer 008a Service - (RzDev_008a) - C:\WINDOWS\System32\drivers\RzDev_008a.sys (sign: 'Razer USA Ltd.')
O23 - Driver R3: Razer Control Service - (RzCommon) - C:\WINDOWS\System32\drivers\RzCommon.sys (sign: 'Razer USA Ltd.')
O23 - Driver R3: Realtek RT640 NT Driver - (rt640x64) - C:\WINDOWS\System32\drivers\rt640x64.sys (+safe mode) (sign: 'Realtek Semiconductor Corp.')
O23 - Driver R3: Service for NVIDIA High Definition Audio Driver - (NVHDA) - C:\WINDOWS\system32\drivers\nvhda64v.sys (sign: 'NVIDIA Corporation')
O23 - Driver R3: Service for Realtek HD Audio (WDM) - (IntcAzAudAddService) - C:\WINDOWS\system32\drivers\RTKVHD64.sys (sign: 'Realtek Semiconductor Corp.')
O23 - Driver S1: WinSetupMon - C:\WINDOWS\system32\DRIVERS\WinSetupMon.sys (file missing)
O23 - Driver S3: Bluetooth Modem Communications Driver - (BTHMODEM) - C:\WINDOWS\System32\drivers\bthmodem.sys (not signed - Microsoft Corporation - 4F9AFC33289DADF4FC78FC744B3B163810C7ECD1)
O23 - Driver S3: cpuz158 - C:\WINDOWS\temp\cpuz158\cpuz158_x64.sys (sign: 'Microsoft' - CPUID)
O23 - Driver S3: Denuvo Anti-Cheat - C:\Program Files\Denuvo Anti-Cheat\denuvo-anti-cheat.sys (sign: 'Microsoft' - Denuvo GmbH)
O23 - Driver S3: EAAntiCheat - C:\WINDOWS\system32\drivers\eaanticheat.sys (file missing)
O23 - Driver S3: Intel(R) Serial IO GPIO Controller Driver - (iaLPSSi_GPIO) - C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys (sign: 'Intel Corporation - Client Components Group')
O23 - Driver S3: SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.) - (ssudmdm) - C:\WINDOWS\system32\DRIVERS\ssudmdm.sys (sign: 'Samsung Electronics CO., LTD.')
O23 - Driver S3: SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.) - (dg_ssudbus) - C:\WINDOWS\system32\DRIVERS\ssudbus2.sys (+safe mode) (sign: 'Samsung Electronics CO., LTD.')
O23 - Driver S3: UniFairy_x64 - C:\Windows\system32\drivers\UniFairy_x64.sys (sign: 'Tencent Technology(Shenzhen) Company Limited')
O23 - Driver S3: unirsdt - C:\Windows\system32\drivers\unirsdt.sys (+safe mode) (sign: 'Tencent Technology(Shenzhen) Company Limited')
O23 - Driver S3: xhunter1 - C:\WINDOWS\xhunter1.sys (sign: 'Wellbia.com Co., Ltd.')
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'aswNetHub'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'aswStm'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'netfilter2'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'Netwtw10'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'rt640x64'


--
End of file - Time spent: 18 sec. - 80970 bytes, CRC32: FFFFFFFF. Sign: ᢨ᪝

Logfile of HiJackThis+ (Plus) build 2024-10-15 Alpha v.3.4.0.11

Platform:  x64 Windows 10 (Home), 10.0.19045.4780 (ReleaseId: 2009, 22H2), Service Pack: 0
Time:      27.10.2024 - 12:15 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Memory:    10066 MiB Free. Loading RAM (25 %), CPU (14 %)
Elevated:  Yes
Ran by:    Berkan    (group: Administrators; type: Local) on BERKAN, FirstRun: yes

Chrome:  126.0.6478.127
Firefox: 131.0.3.223
Internet Explorer: 11.0.19041.4355
Default: "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Firefox)

Boot mode: Normal (Secure Boot: Off)

Running processes:
Number | Path
   1  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
   4  C:\Program Files (x86)\Glorious CORE\Glorious Core.exe
   2  C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.18\avp.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.18\avpui.exe
   1  C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
   1  C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
   1  C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
   1  C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
   1  C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe
   1  C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe
   1  C:\Program Files\AMD\CNext\CNext\amdow.exe
   1  C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
   1  C:\Program Files\AMD\CNext\CNext\cncmd.exe
   1  C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
   1  C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
   1  C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
   1  C:\Program Files\Process Lasso\bitsumsessionagent.exe
   1  C:\Program Files\Process Lasso\ProcessGovernor.exe
   1  C:\Program Files\Process Lasso\ProcessLasso.exe
   1  C:\Program Files\Process Lasso\srvstub.exe
   1  C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
   1  C:\Program Files\reWASD\reWASDService.exe
   1  C:\Program Files\WindowsApps\Microsoft.GamingServices_24.93.16001.0_x64__8wekyb3d8bbwe\gamingservices.exe
   1  C:\Program Files\WindowsApps\Microsoft.GamingServices_24.93.16001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
   1  C:\Users\Nazlı\Desktop\ThrottleStop\ThrottleStop.exe
   1  C:\Users\Nazlı\Desktop\Wallpaper.Engine.v2.0.48\wallpaper_engine\bin\wallpaperservice32_c.exe
   1  C:\Users\Nazlı\Desktop\Wallpaper.Engine.v2.0.48\wallpaper_engine\wallpaper64.exe
   1  C:\Users\Nazlı\Desktop\Yeni klasör (2)\HiJackThis.exe
   1  C:\Windows\explorer.exe
   1  C:\Windows\servicing\TrustedInstaller.exe
   1  C:\Windows\System32\AggregatorHost.exe
   1  C:\Windows\System32\audiodg.exe
   1  C:\Windows\System32\backgroundTaskHost.exe
   1  C:\Windows\System32\cmd.exe
   1  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dasHost.exe
   1  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_5f2cd636dbc40dd2\amdfendrsr.exe
   1  C:\Windows\System32\DriverStore\FileRepository\u0403852.inf_amd64_63c1d613d771eff0\B400781\atieclxx.exe
   1  C:\Windows\System32\DriverStore\FileRepository\u0403852.inf_amd64_63c1d613d771eff0\B400781\atiesrxx.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\MoUsoCoreWorker.exe
   4  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
   1  C:\Windows\System32\SppExtComObj.Exe
   1  C:\Windows\System32\sppsvc.exe
  76  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\wbem\WMIADAP.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.4950_none_7dd913727cb4d87c\TiWorker.exe

O1 - Hosts: Reset contents to default
O1 - Hosts: 127.0.0.1 license.piriform.com
O1 - Hosts: 127.0.0.1 vvv.license.piriform.com
O1 - Hosts: 127.0.0.1 speccy.piriform.com
O1 - Hosts: 127.0.0.1 vvv.speccy.piriform.com
O1 - Hosts: 127.0.0.1 recuva.piriform.com
O1 - Hosts: 127.0.0.1 vvv.recuva.piriform.com
O1 - Hosts: 127.0.0.1 defraggler.piriform.com
O1 - Hosts: 127.0.0.1 vvv.defraggler.piriform.com
O1 - Hosts: 127.0.0.1 ccleaner.piriform.com
O1 - Hosts: 127.0.0.1 vvv.ccleaner.piriform.com
O1 - Hosts: 127.0.0.1 license-api.ccleaner.com
O2 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (sign: 'Tonec Inc.')
O2-32 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (sign: 'Tonec Inc.')
O4 - ActiveSetup: HKLM\..\{8A69D345-D564-463c-AFF1-A69D9E530F96}: [StubPath] = C:\Program Files\Google\Chrome\Application\126.0.6478.127\Installer\chrmstp.exe --configure-user-settings --verbose-logging --system-level --channel=stable (sign: 'Google LLC')
O4 - HKCU\..\Run: [com.electron] = C:\Program Files (x86)\Glorious CORE\Glorious Core.exe (not signed - Glorious, LLC - 364C3E3F0D5A2E7A0EBE59EE42165B556E48B57A)
O4 - HKCU\..\StartupApproved\Run: [CCleaner Smart Cleaning] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR (2023/12/23) (sign: 'Gen Digital Inc.')
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\Nazlı\AppData\Local\Discord\Update.exe --processStart Discord.exe (2024/01/08) (sign: 'Discord Inc.')
O4 - HKCU\..\StartupApproved\Run: [electron.app.BlueStacks Services] = C:\Users\Nazlı\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe --hidden (2024/01/13) (not signed - now.gg, Inc. - 7BC1B82EB0A959CB5C15E10814CFE8FF19C114EA)
O4 - HKCU\..\StartupApproved\Run: [IDMan] = C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot (2023/12/23) (not signed - Tonec Inc. - 55C1B10F2994789CE7831152BB13C8EEF60E10DB)
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_B9FCE506868B4FC1020900A99C36340A] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start (2023/12/25) (sign: 'Microsoft')
O4 - HKCU\..\StartupApproved\Run: [movavi_suiteplatform_2.2.0_suiteplatform] = C:\Users\Nazlı\AppData\Roaming\Movavi Suite\MovaviSuite.exe --silent-platform-mode-enabled (2024/05/21) (sign: 'Movavi Software Limited')
O4 - HKCU\..\StartupApproved\Run: [movavi_suiteplatform_agent] = C:\Users\Nazlı\AppData\Roaming\Movavi Suite\AgentInformer.exe (2024/05/21) (sign: 'Movavi Software Limited')
O4 - HKCU\..\StartupApproved\Run: [reWASD Tray Agent] = C:\Program Files\reWASD\reWASDTray.exe -autoremap (2023/12/25) (sign: 'AVB Disc Soft, SIA')
O4 - HKLM\..\Run: [IAStorIcon] = C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 (not signed - Intel Corporation - 7C57849F8B714AF9A4DCAA6227F862C5364C9942)
O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s (sign: 'Realtek Semiconductor Corp.')
O4 - HKLM\..\StartupApproved\Run: [AdobeGCInvoker-1.0] = C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (2024/01/02) (sign: 'Adobe Systems Incorporated')
O4 - HKLM\..\StartupApproved\Run: [Riot Vanguard] = C:\Program Files\Riot Vanguard\vgtray.exe (2024/05/19) (sign: 'Riot Games, Inc.')
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\Windows\system32\SecurityHealthSystray.exe (sign: 'Microsoft')
O4 - HKLM\..\StartupApproved\Run32: [AdobeCS6ServiceManager] = C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin (2024/01/02) (sign: 'Adobe Systems Incorporated')
O4 - HKLM\..\StartupApproved\Run32: [Lightshot] = C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe (2024/06/06) (sign: 'Kilonova LLC')
O4 - HKLM\..\StartupApproved\Run32: [SwitchBoard] = C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (2024/01/02) (invalid sign: CERT_E_CHAINING - Adobe Systems Incorporated - 679F13F7B14613F3AD93E7CBC04D1B5241741723)
O4 - HKLM\..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Cloudflare WARP.lnk    ->    C:\Program Files (x86)\Cloudflare\Cloudflare WARP\Cloudflare WARP.exe (file missing) (2024/07/06)
O4-32 - HKLM\..\Run: [Glorious Core] = C:\Program Files (x86)\Glorious CORE\Glorious Core.exe --hide (not signed - Glorious, LLC - 364C3E3F0D5A2E7A0EBE59EE42165B556E48B57A)
O5 - Applet: C:\Windows\System32\RTSnMg64.cpl (sign: 'Realtek Semiconductor Corp.')
O7 - Policy: HKLM\Software\Microsoft\Windows Defender: [DisableAntiSpyware] = 1
O7 - Policy: HKLM\Software\Microsoft\Windows Defender: [DisableAntiVirus] = 1
O7 - Policy: HKLM\Software\Microsoft\Windows Defender\Features: [TamperProtection] = 0
O7 - Policy: HKLM\Software\Microsoft\Windows Defender\Real-Time Protection: [DisableRealtimeMonitoring] = 1
O7 - Policy: HKLM\Software\Policies\Microsoft\Windows Defender: [DisableAntiVirus] = 1
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\IDM ile indir: (default) = C:\Program Files (x86)\Internet Download Manager\IEExt.htm (not signed - no company - 1A49C5F7A98580F8002AC1D6115AB39CB753975B)
O17 - DHCP DNS 1: 1.1.1.1 (Well-known DNS: Cloudflare / APNIC)
O17 - DHCP DNS 2: 1.0.0.1 (Well-known DNS: Cloudflare / APNIC)
O17 - HKLM\System\CCS\Services\Tcpip\..\{2a308ee4-48c0-4c33-921e-89ea975e84a7}: [NameServer] = 1.0.0.1 (Well-known DNS: Cloudflare / APNIC)
O17 - HKLM\System\CCS\Services\Tcpip\..\{2a308ee4-48c0-4c33-921e-89ea975e84a7}: [NameServer] = 1.1.1.1 (Well-known DNS: Cloudflare / APNIC)
O17 - HKLM\System\CCS\Services\Tcpip\..\{5d3b7f50-669b-4949-bc94-3b85f53571bd}: [NameServer] = 1.0.0.1 (Well-known DNS: Cloudflare / APNIC)
O17 - HKLM\System\CCS\Services\Tcpip\..\{5d3b7f50-669b-4949-bc94-3b85f53571bd}: [NameServer] = 1.1.1.1 (Well-known DNS: Cloudflare / APNIC)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll (sign: 'Adobe Systems Incorporated')
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll (sign: 'Tonec Inc.')
O22 - Task (.job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\Windows\explorer.exe (sign: 'Microsoft')
O22 - Task (.job): (Not scheduled) CCleanerCrashReporting.job - C:\Program Files\CCleaner\CCleanerBugReport.exe (sign: 'Gen Digital Inc.')
O22 - Task (.job): (Not scheduled) update-sys.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe (sign: 'OOO Lightshot')
O22 - Task (.job): update-S-1-5-21-953083317-1159043885-881073205-1000.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe (sign: 'OOO Lightshot')
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HardDiskSentinel (empty)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Office\Office 15 Subscription Heartbeat - C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Office\OfficeTelemetryAgentFallBack2016 - C:\Program Files\Microsoft Office\Office16\msoia.exe scan upload mininterval:2880 (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Office\OfficeTelemetryAgentLogOn2016 - C:\Program Files\Microsoft Office\Office16\msoia.exe scan upload (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaWallpaperAppDetect - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaWallpaperAppDetect (sign: 'Microsoft')
O22 - Tasks: \GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem127.0.6490.0{79CDB564-5C83-436D-B8B8-A67420F214AB} - C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe --wake --system (sign: 'Google LLC')
O22 - Tasks: \GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem128.0.6537.0{1F8CA1AF-E1BD-4175-A797-AEA1530D5954} - C:\Program Files (x86)\Google\GoogleUpdater\128.0.6537.0\updater.exe --wake --system (sign: 'Google LLC')
O22 - Tasks: \Microsoft\Windows\Registry\OOBE-Maintenance - C:\Windows\system32\OOBE-Maintenance.exe 1 (sign: 'Microsoft')
O22 - Tasks: \Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" (sign: 'Mozilla Corporation')
O22 - Tasks: Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (sign: 'Adobe Inc.')
O22 - Tasks: AdobeGCInvoker-1.0-DESKTOP-TTDAPOT-Berkan - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (sign: 'Adobe Systems Incorporated')
O22 - Tasks: AMDInstallLauncher - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe /InstallAUEP (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks: AMDLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -AMDLinkUpdate (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks: CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe (sign: 'Gen Digital Inc.')
O22 - Tasks: CCleanerCrashReporting - C:\Program Files\CCleaner\CCleanerBugReport.exe --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "aa824269-afbd-4d97-a59b-d951b20b2b4e" --version "6.29.11342" --silent (sign: 'Gen Digital Inc.')
O22 - Tasks: CCleanerSkipUAC - Berkan - C:\Program Files\CCleaner\CCleaner.exe $(Arg0) (sign: 'Gen Digital Inc.')
O22 - Tasks: Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} - C:\Program Files\Common Files\AV\Kaspersky\upgrade_launcher.exe /waitUpgrade (sign: 'AO Kaspersky Lab')
O22 - Tasks: klcp_update - C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe /verysilent /update /freq=30 (not signed - no company - 745559FF74A560957B438DBD3287D1054A76B68B)
O22 - Tasks: Microsoft_Hardware_Launch_ipoint_exe - c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (file missing)
O22 - Tasks: Microsoft_Hardware_Launch_itype_exe - c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (file missing)
O22 - Tasks: Microsoft_Hardware_Launch_mousekeyboardcenter_exe - c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe (file missing)
O22 - Tasks: Microsoft_MKC_Logon_Task_ceip.exe - c:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe (file missing)
O22 - Tasks: Microsoft_MKC_Logon_Task_ipoint.exe - c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (file missing)
O22 - Tasks: Microsoft_MKC_Logon_Task_itype.exe - c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (file missing)
O22 - Tasks: ModifyLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -UpdateCurrentUser (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks: MSIAfterburner - C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe /s (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O22 - Tasks: OneDrive Reporting Task-S-1-5-21-953083317-1159043885-881073205-1000 - C:\Users\Nazlı\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (file missing)
O22 - Tasks: Process Lasso Management Console (GUI) - C:\Program Files\Process Lasso\processlasso.exe (sign: 'Bitsum LLC')
O22 - Tasks: SamsungMagician - C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe /AUTOHIDE (sign: 'Samsung Electronics Co., Ltd.')
O22 - Tasks: Session agent for Process Lasso - C:\Program Files\Process Lasso\bitsumsessionagent.exe ---------------------------------------------------------------- (sign: 'Bitsum LLC')
O22 - Tasks: StartCN - C:\Program Files\AMD\CNext\CNext\cncmd.exe startwithdelay (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks: StartDVR - C:\Program Files\AMD\CNext\CNext\RSServCmd.exe (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks: update-sys - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate (sign: 'OOO Lightshot')
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (sign: 'Adobe Inc.')
O23 - Service R2: AMD Crash Defender Service - C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_5f2cd636dbc40dd2\amdfendrsr.exe (sign: 'Microsoft')
O23 - Service R2: AMD External Events Utility - C:\Windows\System32\DriverStore\FileRepository\u0403852.inf_amd64_63c1d613d771eff0\B400781\atiesrxx.exe (sign: 'Advanced Micro Devices Inc.')
O23 - Service R2: CMigrationService - C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe (sign: 'Samsung Electronics Co., Ltd.')
O23 - Service R2: Game Controller Mapping Service - (reWASDService) - C:\Program Files\reWASD\reWASDService.exe (sign: 'AVB Disc Soft, SIA')
O23 - Service R2: Gaming Services - (GamingServices) - C:\Program Files\WindowsApps\Microsoft.GamingServices_24.93.16001.0_x64__8wekyb3d8bbwe\GamingServices.exe (sign: 'Microsoft')
O23 - Service R2: Gaming Services - (GamingServicesNet) - C:\Program Files\WindowsApps\Microsoft.GamingServices_24.93.16001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe (sign: 'Microsoft')
O23 - Service R2: Intel(R) Rapid Storage Technology - (IAStorDataMgrSvc) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (sign: 'Intel Corporation - Rapid Storage Technology')
O23 - Service R2: Kaspersky Hizmeti 21.18 - (AVP21.18) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.18\avp.exe -r (sign: 'Kaspersky Lab JSC')
O23 - Service R2: Process Lasso Core (Process Governor) - (ProcessGovernor) - C:\Program Files\Process Lasso\srvstub.exe "C:\Program Files\Process Lasso\processgovernor.exe" "ProcessGovernor" /exitevent:Global\ProcessGovernorExitEvent (sign: 'Bitsum LLC')
O23 - Service R2: SamsungMagicianSVC - C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe (sign: 'Samsung Electronics Co., Ltd.')
O23 - Service R2: Wallpaper Engine Service - C:\Users\Nazlı\Desktop\Wallpaper.Engine.v2.0.48\wallpaper_engine\bin\wallpaperservice32_c.exe -x64 (sign: 'Skutta, Kristjan')
O23 - Service S3: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS - (ICCS) - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (sign: 'Intel Corporation')
O23 - Service S3: Kaspersky Volume Shadow Copy Service Bridge 21.18 - (klvssbridge64_21.18) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.18\x64\vssbridge64.exe (sign: 'AO Kaspersky Lab')
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (sign: 'Mozilla Corporation')
O23 - Service S3: vgc - C:\Program Files\Riot Vanguard\vgc.exe (sign: 'Riot Games, Inc.')
O23 - Service S3: Visual Studio Installer Elevation Service - (VSInstallerElevationService) - C:\Program Files (x86)\Microsoft Visual Studio\Installer\VSInstallerElevationService.exe (sign: 'Microsoft')
O23 - Driver R0: @oem28.inf,%DisplayName%;Game Controller Mapper - (hidgamemap) - C:\Windows\System32\drivers\hidgamemap.sys (sign: 'AVB Disc Soft, SIA')
O23 - Driver R0: AMD PCI Root Bus Lower Filter - (amdkmpfd) - C:\Windows\System32\drivers\amdkmpfd.sys (+safe mode) (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R0: AO Kaspersky Lab Cryptographic Module x64 (56 bit) - (cm_km) - C:\Windows\system32\DRIVERS\cm_km.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R0: iaStorA - C:\Windows\System32\drivers\iaStorA.sys (sign: 'Intel Corporation - Rapid Storage Technology')
O23 - Driver R0: klupd_K4W-21-18_arkmon - C:\Windows\System32\Drivers\klupd_K4W-21-18_arkmon.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R0: klupd_K4W-21-18_klbg - C:\Windows\System32\Drivers\klupd_K4W-21-18_klbg.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R0: pwdrvio - C:\Windows\system32\pwdrvio.sys (sign: 'MiniTool Solution Ltd')
O23 - Driver R0: UnlockerDriver5 - C:\Program Files\Unlocker\UnlockerDriver5.sys (sign: 'Empty Loop')
O23 - Driver R1: @oem6.inf,%KLIM6_Desc%;Kaspersky Anti-Virus NDIS 6 Filter - (klim6) - C:\Windows\system32\DRIVERS\klim6.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab Driver.K4W-21-18 - (klif.K4W-21-18) - C:\Windows\system32\DRIVERS\K4W-21-18\klif.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab format recognizer driver.K4W-21-18 - (klpd.K4W-21-18) - C:\Windows\system32\DRIVERS\K4W-21-18\klpd.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab Kernel DLL.K4W-21-18 - (KLFLT.K4W-21-18) - C:\Windows\system32\DRIVERS\K4W-21-18\klflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab klbackupdisk.K4W-21-18 - (klbackupdisk.K4W-21-18) - C:\Windows\system32\DRIVERS\K4W-21-18\klbackupdisk.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab klbackupflt.K4W-21-18 - (klbackupflt.K4W-21-18) - C:\Windows\system32\DRIVERS\K4W-21-18\klbackupflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab KLKBDFLT.K4W-21-18 - (klkbdflt.K4W-21-18) - C:\Windows\system32\DRIVERS\K4W-21-18\klkbdflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab klpnpflt.K4W-21-18 - (klpnpflt.K4W-21-18) - C:\Windows\system32\DRIVERS\K4W-21-18\klpnpflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab Security Extender Driver.K4W-21-18 - (klgse.K4W-21-18) - C:\Windows\system32\DRIVERS\K4W-21-18\klgse.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab service driver.K4W-21-18 - (KLHK.K4W-21-18) - C:\Windows\system32\DRIVERS\K4W-21-18\klhk.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: kldisk.K4W-21-18 - C:\Windows\system32\DRIVERS\K4W-21-18\kldisk.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: klwtp.K4W-21-18 - C:\Windows\system32\DRIVERS\K4W-21-18\klwtp.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: kneps.K4W-21-18 - C:\Windows\system32\DRIVERS\K4W-21-18\kneps.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: vgk - C:\Program Files\Riot Vanguard\vgk.sys (sign: 'Riot Games, Inc.')
O23 - Driver R2: @oem17.inf,%ServiceName%;IDMWFP - (IDMWFP) - C:\Windows\System32\drivers\idmwfp.sys (sign: 'Microsoft' - Tonec Inc.)
O23 - Driver R2: speedfan - C:\Windows\SysWOW64\speedfan.sys (sign: 'SOKNO S.R.L.')
O23 - Driver R3: @oem5.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface  - (MEIx64) - C:\Windows\System32\drivers\TeeDriverW8x64.sys (sign: 'Intel(R) Embedded Subsystems and IP Blocks Group')
O23 - Driver R3: AMD Crash Defender Driver - (amdfendr) - C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_5f2cd636dbc40dd2\amdfendr.sys (sign: 'Microsoft' - Advanced Micro Devices, Inc.)
O23 - Driver R3: AMD Crash Defender Manager Driver - (amdfendrmgr) - C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_5f2cd636dbc40dd2\amdfendrmgr.sys (sign: 'Microsoft' - Advanced Micro Devices, Inc.)
O23 - Driver R3: AMD Function Driver for HD Audio Service - (AtiHDAudioService) - C:\Windows\System32\DriverStore\FileRepository\atihdwt6.inf_amd64_5bf3de4243c61001\AtihdWT6.sys (sign: 'Advanced Micro Devices')
O23 - Driver R3: AMDSAFD - C:\Windows\System32\DriverStore\FileRepository\amdsafd.inf_amd64_960126269e89c62e\amdsafd.sys (sign: 'Advanced Micro Devices')
O23 - Driver R3: amdwddmg - C:\Windows\System32\DriverStore\FileRepository\u0403852.inf_amd64_63c1d613d771eff0\B400781\amdkmdag.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R3: Kaspersky Lab KLMOUFLT.K4W-21-18 - (klmouflt.K4W-21-18) - C:\Windows\system32\DRIVERS\K4W-21-18\klmouflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R3: klids.K4W-21-18 - C:\ProgramData\Kaspersky Lab\AVP21.18\Bases\klids.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R3: klupd_K4W-21-18_klark - C:\Windows\System32\Drivers\klupd_K4W-21-18_klark.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R3: klupd_K4W-21-18_mark - C:\Windows\System32\Drivers\klupd_K4W-21-18_mark.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R3: Realtek RT640 NT Driver - (rt640x64) - C:\Windows\System32\drivers\rt640x64.sys (+safe mode) (sign: 'Realtek Semiconductor Corp.')
O23 - Driver R3: RTCore64 - C:\Program Files (x86)\MSI Afterburner\RTCore64.sys (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O23 - Driver R3: Service for Realtek HD Audio (WDM) - (IntcAzAudAddService) - C:\Windows\system32\drivers\RTKVHD64.sys (sign: 'Realtek Semiconductor Corp.')
O23 - Driver R3: ThrottleStop - C:\Users\Nazlı\AppData\Local\Temp\ThrottleStop.sys (sign: 'TechPowerUp LLC')
O23 - Driver S3: @oem19.inf,%pneteth.Service.DispName%;PdaNet Broadband - (pneteth) - C:\Windows\System32\drivers\pneteth.sys (sign: 'June Fabrics Technology Inc.')
O23 - Driver S3: @oem27.inf,%WireGuard.Name%;WireGuard - (WireGuard) - C:\Windows\System32\drivers\wireguard.sys (sign: 'Microsoft' - WireGuard LLC)
O23 - Driver S3: @oem30.inf,%vjoy%;vJoy Device - (vjoy) - C:\Windows\System32\drivers\vjoy.sys (sign: 'Shaul Eizikovich')
O23 - Driver S3: @oem34.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.) - (dg_ssudbus) - C:\Windows\system32\DRIVERS\ssudbus2.sys (+safe mode) (sign: 'Samsung Electronics CO., LTD.')
O23 - Driver S3: HoYoProtect - C:\Windows\system32\HoYoKProtect.sys (sign: 'Microsoft' - miHoYo)
O23 - Driver S3: HWiNFO Kernel Driver (v191) - (HWiNFO_191) - C:\Users\Nazlı\AppData\Local\Temp\HWiNFO64A_191.SYS (file missing)
O23 - Driver S3: Intel(R) Serial IO GPIO Controller Driver - (iaLPSSi_GPIO) - C:\Windows\System32\drivers\iaLPSSi_GPIO.sys (sign: 'Intel Corporation - Client Components Group')
O23 - Driver S3: pwdspio - C:\Windows\system32\pwdspio.sys (sign: 'MiniTool Solution Ltd')
O23 - Driver S3: SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.) - (ssudmdm) - C:\Windows\system32\DRIVERS\ssudmdm.sys (sign: 'Samsung Electronics CO., LTD.')
O23 - Driver S3: Wintun - (wintun) - C:\Windows\System32\drivers\wintun.sys (sign: 'Microsoft' - WireGuard LLC)
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'klim6'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'klwtp.K4W-21-18'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'rt640x64'
O27 - Account: (Bad profile) Folder is not referenced by any of user SIDs: C:\Users\Nazlı


--
End of file - Time spent: 36,8 sec. - 57794 bytes, CRC32: FFFFFFFF. Sign: 怪ዄ

Logfile of HiJackThis+ (Plus) build 2024-10-15 Alpha v.3.4.0.11

Platform: x64 Windows 10 (Home), 10.0.19045.5073 (ReleaseId: 2009, 22H2), Service Pack: 0
Time: 27.10.2024 - 17:58 (UTC+03:00)
Language: OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Memory: 25541 MiB Free. Loading RAM (22 %), CPU (16 %)
Elevated: Yes
Ran by: xecti (group: Administrators; type: Microsoft) on DESKTOP-DA2QCO4, FirstRun: no

Chrome: 130.0.6723.70
Internet Explorer: 11.0.19041.4355
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal (Secure Boot: On)

Running processes:
Number | Path
 1 C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
 1 C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
 1 C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
 1 C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
 1 C:\Program Files (x86)\Common Files\Steam\steamservice.exe
 6 C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe
 1 C:\Program Files (x86)\Razer Chroma SDK\bin\RzAppManager
 1 C:\Program Files (x86)\Razer Chroma SDK\bin\RzBTLEManager
 1 C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaConnectServer
 1 C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe
 1 C:\Program Files (x86)\Razer Chroma SDK\bin\RzDeviceManager
 1 C:\Program Files (x86)\Razer Chroma SDK\bin\RzDiagnostic
 1 C:\Program Files (x86)\Razer Chroma SDK\bin\RzIoTDeviceManager
 1 C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
 1 C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
 1 C:\Program Files (x86)\Razer Chroma SDK\bin\RzSmartlightingDeviceManager
 1 C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
 1 C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
 1 C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
 1 C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
 1 C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.7\Lightshot.exe
 8 C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
 1 C:\Program Files (x86)\Steam\steam.exe
 1 C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
 1 C:\Program Files\Adobe\Adobe Creative Cloud Experience\js\node_modules\adobe-cr\build\Release\Adobe Crash Processor.exe
 1 C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
 1 C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe
 1 C:\Program Files\AMD\CNext\CNext\amdow.exe
 1 C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
 1 C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
 1 C:\Program Files\AMD\CNext\CNext\cncmd.exe
 1 C:\Program Files\AMD\CNext\CNext\CPUMetricsServer.exe
 1 C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
 1 C:\Program Files\AMD\Performance Profile Client\AUEPDU.exe
 1 C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
 14 C:\Program Files\Google\Chrome\Application\chrome.exe
 1 C:\Program Files\Google\Drive File Stream\98.0.0.0\crashpad_handler.exe
 7 C:\Program Files\Google\Drive File Stream\98.0.0.0\GoogleDriveFS.exe
 1 C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
 1 C:\Program Files\WindowsApps\12030rocksdanister.LivelyWallpaper_1.0.144.0_x64__97hta09mmv6hy\Build\Lively.exe
 2 C:\Program Files\WindowsApps\12030rocksdanister.LivelyWallpaper_1.0.144.0_x64__97hta09mmv6hy\Build\Plugins\Mpv\mpv.exe
 1 C:\Program Files\WindowsApps\12030rocksdanister.LivelyWallpaper_1.0.144.0_x64__97hta09mmv6hy\Build\Plugins\Watchdog\Lively.Watchdog.exe
 1 C:\Program Files\WindowsApps\28017CharlesMilette.TranslucentTB_2024.1.0.0_x64__v826wp6bftszj\TranslucentTB.exe
 1 C:\Program Files\WindowsApps\AdobeNotificationClient_6.0.0.1_x86__enpm4xejd91yc\AdobeNotificationClient.exe
 1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpDefenderCoreService.exe
 1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MsMpEng.exe
 1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\NisSrv.exe
 1 C:\Users\xecti\Desktop\HiJackThis.exe
 1 C:\Windows\explorer.exe
 1 C:\Windows\System32\AggregatorHost.exe
 1 C:\Windows\System32\ApplicationFrameHost.exe
 1 C:\Windows\System32\audiodg.exe
 1 C:\Windows\System32\cmd.exe
 1 C:\Windows\System32\CompPkgSrv.exe
 10 C:\Windows\System32\conhost.exe
 2 C:\Windows\System32\csrss.exe
 1 C:\Windows\System32\ctfmon.exe
 1 C:\Windows\System32\DataExchangeHost.exe
 3 C:\Windows\System32\dllhost.exe
 1 C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_05bfde18331c4d58\amdfendrsr.exe
 1 C:\Windows\System32\DriverStore\FileRepository\u0408380.inf_amd64_a2a50bd2d2429936\B408421\atieclxx.exe
 1 C:\Windows\System32\DriverStore\FileRepository\u0408380.inf_amd64_a2a50bd2d2429936\B408421\atiesrxx.exe
 1 C:\Windows\System32\dwm.exe
 2 C:\Windows\System32\fontdrvhost.exe
 1 C:\Windows\System32\lsass.exe
 1 C:\Windows\System32\MoUsoCoreWorker.exe
 1 C:\Windows\System32\oobe\UserOOBEBroker.exe
 1 C:\Windows\System32\rundll32.exe
 9 C:\Windows\System32\RuntimeBroker.exe
 1 C:\Windows\System32\SearchFilterHost.exe
 1 C:\Windows\System32\SearchIndexer.exe
 1 C:\Windows\System32\SearchProtocolHost.exe
 1 C:\Windows\System32\SecurityHealthService.exe
 1 C:\Windows\System32\SecurityHealthSystray.exe
 1 C:\Windows\System32\services.exe
 1 C:\Windows\System32\SgrmBroker.exe
 1 C:\Windows\System32\sihost.exe
 1 C:\Windows\System32\smartscreen.exe
 1 C:\Windows\System32\smss.exe
 1 C:\Windows\System32\spoolsv.exe
 81 C:\Windows\System32\svchost.exe
 1 C:\Windows\System32\taskhostw.exe
 2 C:\Windows\System32\wbem\WmiPrvSE.exe
 1 C:\Windows\System32\wininit.exe
 1 C:\Windows\System32\winlogon.exe
 2 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
 1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
 1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
 1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe

O1 - Hosts: 109.94.209.70 fitgirlrepacks.in # Fake FitGirl site
O1 - Hosts: 109.94.209.70 vvv.fitgirlrepacks.in # Fake FitGirl site
O4 - ActiveSetup: HKLM\..\{8A69D345-D564-463c-AFF1-A69D9E530F96}: [StubPath] = C:\Program Files\Google\Chrome\Application\130.0.6723.70\Installer\chrmstp.exe --configure-user-settings --verbose-logging --system-level --channel=stable (sign: 'Google LLC')
O4 - HKCU\..\Run: [GoogleDriveFS] = C:\Program Files\Google\Drive File Stream\98.0.0.0\GoogleDriveFS.exe --startup_mode (sign: 'Google LLC')
O4 - HKCU\..\StartupApproved\Run: [AMDNoiseSuppression] = C:\Windows\system32\AMD\ANR\AMDNoiseSuppression.exe (2024/10/19) (sign: 'Advanced Micro Devices Inc.')
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\xecti\AppData\Local\Discord\Update.exe --processStart Discord.exe (2024/08/11) (sign: 'Discord Inc.')
O4 - HKCU\..\StartupApproved\Run: [EADM] = C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe -silent (2024/08/11) (sign: 'Electronic Arts, Inc.')
O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent -launchcontext=boot (2024/08/11) (sign: 'Epic Games Inc.')
O4 - HKCU\..\StartupApproved\Run: [LosslessScaling] = "D:\SteamLibrary\steamapps\common\Lossless Scaling\LosslessScaling.exe" -StartMinimized (file missing) (2024/08/17)
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_101FB2493CEBED039D5412F470A78B81] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start (2024/08/11) (sign: 'Microsoft')
O4 - HKCU\..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2024/08/17) (sign: 'Valve Corp.')
O4 - HKCU\..\StartupApproved\Run: [Synapse3] = C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe /StartMinimized (2024/09/29) (sign: 'Razer USA Ltd.')
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations] = C:\Users\xecti\AppData\Local\Temp\_iu14D2N.tmp -> DELETE
O4 - HKLM\..\StartupApproved\Run: [SteelSeriesGG] = C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe -dataPath="C:\ProgramData\SteelSeries\GG" -dbEnv=production -auto=true (2024/08/17) (sign: 'SteelSeries ApS')
O4 - HKLM\..\StartupApproved\Run: [XPG-Prime] = C:\Program Files\XPG\XPG-Prime\XPG-Prime.exe --hide (2024/09/29) (not signed - GitHub, Inc. - B4FE3FF7F9E2198313C4CD5717587D92A0AA14E4)
O4 - HKLM\..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FxSound.lnk -> C:\Program Files (x86)\FxSound LLC\FxSound\FxSound.exe (file missing) (2024/08/11)
O4 - HKU\S-1-5-18\..\Run: [GoogleDriveFS] = C:\Program Files\Google\Drive File Stream\98.0.0.0\GoogleDriveFS.exe --startup_mode (User 'LocalSystem') (sign: 'Google LLC')
O4 - HKU\S-1-5-19\..\Run: [GoogleDriveFS] = C:\Program Files\Google\Drive File Stream\98.0.0.0\GoogleDriveFS.exe --startup_mode (User 'Local service') (sign: 'Google LLC')
O4 - HKU\S-1-5-20\..\Run: [GoogleDriveFS] = C:\Program Files\Google\Drive File Stream\98.0.0.0\GoogleDriveFS.exe --startup_mode (User 'Network service') (sign: 'Google LLC')
O4-32 - HKLM\..\Run: [Lightshot] = C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe (sign: 'Kilonova LLC')
O17 - DHCP DNS 1: 1.1.1.1 (Well-known DNS: Cloudflare / APNIC)
O17 - DHCP DNS 2: 1.0.0.1 (Well-known DNS: Cloudflare / APNIC)
O17 - HKLM\System\CCS\Services\Tcpip\..\{c059126d-6d5b-494a-9f3d-7d7617e7f354}: [NameServer] = 1.0.0.1 (Well-known DNS: Cloudflare / APNIC)
O17 - HKLM\System\CCS\Services\Tcpip\..\{c059126d-6d5b-494a-9f3d-7d7617e7f354}: [NameServer] = 1.1.1.1 (Well-known DNS: Cloudflare / APNIC)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll (sign: 'Adobe Inc.')
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files\Google\Drive File Stream\98.0.0.0\drivefsext.dll (sign: 'Google LLC')
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files\Google\Drive File Stream\98.0.0.0\x86\drivefsext.dll (sign: 'Google LLC')
O22 - Task (.job): (Not scheduled) update-S-1-5-21-3355115261-3143145442-3590420026-1001.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe (sign: 'OOO Lightshot')
O22 - Task (.job): (Not scheduled) update-sys.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe (sign: 'OOO Lightshot')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaWallpaperAppDetect - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaWallpaperAppDetect (sign: 'Microsoft')
O22 - Tasks: \FxSound\Update - C:\Program Files\FxSound LLC\FxSound\updater.exe /silent (file missing)
O22 - Tasks: \GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem131.0.6776.0{0676B5BA-5C69-426A-BB10-BABAD6AE9110} - C:\Program Files (x86)\Google\GoogleUpdater\131.0.6776.0\updater.exe --wake --system (sign: 'Google LLC')
O22 - Tasks: \Microsoft\Windows\Clip\ClipESU - C:\Windows\system32\clipesu.exe (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\SMB\UninstallSMB1ClientTask - C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\Windows\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client" (sign: '')
O22 - Tasks: \Microsoft\Windows\SMB\UninstallSMB1ServerTask - C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\Windows\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server" (sign: '')
O22 - Tasks: AMDInstallLauncher - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe /InstallAUEP (sign: 'Advanced Micro Devices')
O22 - Tasks: AMDRyzenMasterSDKTask - C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe (sign: 'Advanced Micro Devices')
O22 - Tasks: CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe (file missing)
O22 - Tasks: Launch Adobe CCXProcess - C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (sign: 'Adobe Inc.')
O22 - Tasks: ModifyLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -UpdateCurrentUser (sign: 'Advanced Micro Devices')
O22 - Tasks: MSIAfterburner - C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe /s (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O22 - Tasks: RTSS - C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe /s (file missing)
O22 - Tasks: StartAUEP - C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe (sign: 'Advanced Micro Devices')
O22 - Tasks: StartCN - C:\Program Files\AMD\CNext\CNext\cncmd.exe startwithdelay (sign: 'Advanced Micro Devices')
O22 - Tasks: StartCNBM - C:\Program Files\AMD\CNext\CNext\cncmd.exe benchmark (sign: 'Advanced Micro Devices')
O22 - Tasks: StartDVR - C:\Program Files\AMD\CNext\CNext\RSServCmd.exe (sign: 'Advanced Micro Devices')
O22 - Tasks: update-S-1-5-21-3355115261-3143145442-3590420026-1001 - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate (sign: 'OOO Lightshot')
O22 - Tasks: update-sys - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate (sign: 'OOO Lightshot')
O23 - Service R2: AdobeUpdateService - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (sign: 'Adobe Inc.')
O23 - Service R2: AMD Crash Defender Service - C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_05bfde18331c4d58\amdfendrsr.exe (sign: 'Microsoft')
O23 - Service R2: AMD External Events Utility - C:\Windows\System32\DriverStore\FileRepository\u0408380.inf_amd64_a2a50bd2d2429936\B408421\atiesrxx.exe (sign: 'Advanced Micro Devices')
O23 - Service R2: AMD User Experience Program Data Uploader - (AUEPLauncher) - C:\Program Files\AMD\CIM\..\Performance Profile Client\AUEPDU.exe (sign: 'Advanced Micro Devices')
O23 - Service R2: Microsoft Defender Çekirdek Hizmeti - (MDCoreSvc) - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpDefenderCoreService.exe (sign: 'Microsoft')
O23 - Service R2: Razer Central Service - (RzActionSvc) - C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe (sign: 'Razer USA Ltd.')
O23 - Service R2: Razer Chroma SDK Server - C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe (sign: 'Razer USA Ltd.')
O23 - Service R2: Razer Chroma SDK Service - C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe (sign: 'Razer USA Ltd.')
O23 - Service R2: Razer Chroma Stream Server - C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe (sign: 'Razer USA Ltd.')
O23 - Service R2: Razer Game Manager - (Razer Game Manager Service) - C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe (sign: 'Razer USA Ltd.')
O23 - Service R2: Razer Synapse Service - C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe (sign: 'Razer USA Ltd.')
O23 - Service R3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService (sign: 'Valve Corp.')
O23 - Service S2: "Realtek Bluetooth Device Manager Service" ;RtkServ - (RtkBtManServ) - C:\Windows\RtkBtManServ.exe (sign: 'Realtek Semiconductor Corp.')
O23 - Service S2: Google Güncelleyici Dahili Hizmeti (GoogleUpdaterInternalService131.0.6776.0) - (GoogleUpdaterInternalService131.0.6776.0) - C:\Program Files (x86)\Google\GoogleUpdater\131.0.6776.0\updater.exe --system --windows-service --service=update-internal (sign: 'Google LLC')
O23 - Service S2: Google Güncelleyici Hizmeti (GoogleUpdaterService131.0.6776.0) - (GoogleUpdaterService131.0.6776.0) - C:\Program Files (x86)\Google\GoogleUpdater\131.0.6776.0\updater.exe --system --windows-service --service=update (sign: 'Google LLC')
O23 - Service S3: EAAntiCheatService - C:\Program Files\EA\AC\eaanticheat.gameservice.exe (sign: 'Electronic Arts, Inc.')
O23 - Service S3: EABackgroundService - C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (sign: 'Electronic Arts, Inc.')
O23 - Service S3: Easy Anti-Cheat (Epic Online Services) - (EasyAntiCheat_EOS) - C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe (sign: 'EasyAntiCheat Oy')
O23 - Service S3: Epic Online Services - (EpicOnlineServices) - C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe (sign: 'Epic Games Inc.')
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\130.0.6723.70\elevation_service.exe (sign: 'Google LLC')
O23 - Service S3: SteelSeries GG Update Service Proxy - (SteelSeriesGGUpdateServiceProxy) - C:\Program Files\SteelSeries\GG\SteelSeriesGGUpdateServiceProxy.exe (sign: 'SteelSeries ApS')
O23 - Driver R0: AMD PCI Root Bus Lower Filter - (amdkmpfd) - C:\Windows\System32\drivers\amdkmpfd.sys (+safe mode) (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R0: pwdrvio - C:\Windows\system32\pwdrvio.sys (sign: 'MiniTool Solution Ltd')
O23 - Driver R1: CTIIO - C:\Windows\system32\drivers\CtiIo64.sys (sign: 'Microsoft' - Creative Technology Innovation Co., LTd.)
O23 - Driver R2: AMDRyzenMasterDriverV27 - C:\Program Files\AMD\Performance Profile Client\AMDRyzenMasterDriver.sys (sign: 'Advanced Micro Devices')
O23 - Driver R2: googledrivefs31626 - C:\Program Files\Google\Drive File Stream\Drivers\31626\googledrivefs31626.sys (sign: 'Microsoft' - Google, Inc.)
O23 - Driver R3: AMD Controller Emulation - (AMDXE) - C:\Windows\System32\drivers\amdxe.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R3: AMD Crash Defender Driver - (amdfendr) - C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_05bfde18331c4d58\amdfendr.sys (sign: 'Microsoft' - Advanced Micro Devices, Inc.)
O23 - Driver R3: AMD Crash Defender Manager Driver - (amdfendrmgr) - C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_05bfde18331c4d58\amdfendrmgr.sys (sign: 'Microsoft' - Advanced Micro Devices, Inc.)
O23 - Driver R3: AMD Function Driver for HD Audio Service - (AtiHDAudioService) - C:\Windows\System32\DriverStore\FileRepository\atihdwt6.inf_amd64_4ad1437aef138551\AtihdWT6.sys (sign: 'Microsoft' - Advanced Micro Devices)
O23 - Driver R3: AMD GPIO Client Driver - (amdgpio2) - C:\Windows\System32\drivers\amdgpio2.sys (sign: 'Advanced Micro Devices INC.')
O23 - Driver R3: AMDSAFD - C:\Windows\System32\DriverStore\FileRepository\amdsafd.inf_amd64_d4de13a10f2586d0\amdsafd.sys (sign: 'Microsoft' - Advanced Micro Devices)
O23 - Driver R3: amduw23g - C:\Windows\System32\DriverStore\FileRepository\u0408380.inf_amd64_a2a50bd2d2429936\B408421\amdkmdag.sys (sign: 'Advanced Micro Devices')
O23 - Driver R3: FxSound Audio Enhancer - (FXVAD) - C:\Windows\system32\drivers\fxvad.sys (sign: 'Microsoft' - Windows (R) Win 7 DDK provider)
O23 - Driver R3: Razer 02a2 Service - (RzDev_02a2) - C:\Windows\System32\drivers\RzDev_02a2.sys (sign: 'Razer USA Ltd.')
O23 - Driver R3: Razer Control Service - (RzCommon) - C:\Windows\System32\drivers\RzCommon.sys (sign: 'Razer USA Ltd.')
O23 - Driver R3: Realtek RT640 NT Driver - (rt640x64) - C:\Windows\System32\drivers\rt640x64.sys (+safe mode) (sign: 'Realtek Semiconductor Corp.')
O23 - Driver R3: RTCore64 - C:\Program Files (x86)\MSI Afterburner\RTCore64.sys (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O23 - Driver R3: SteelSeries Device Factory Service - (ssdevfactory) - C:\Windows\System32\drivers\ssdevfactory.sys (sign: 'Microsoft' - SteelSeries ApS)
O23 - Driver R3: SteelSeries HID Service - (sshid) - C:\Windows\System32\drivers\sshid.sys (sign: 'Microsoft' - SteelSeries ApS)
O23 - Driver R3: SteelSeries Sonar Driver - (SteelSeries_Sonar_VAD) - C:\Windows\System32\DriverStore\FileRepository\steelseries-sonar-vad.inf_amd64_da15ab44a6216a8e\SteelSeries-Sonar-VAD.sys (sign: 'SteelSeries ApS')
O23 - Driver S3: ACE-SSC-DRV64 - C:\Program Files\AntiCheatExpert\SGuard\x64\plugins\ACE-SSC-DRV64.sys (file missing)
O23 - Driver S3: cpuz155 - C:\Windows\temp\cpuz155\cpuz155_x64.sys (file missing)
O23 - Driver S3: EAAntiCheat - C:\Windows\system32\drivers\eaanticheat.sys (file missing)
O23 - Driver S3: Intel(R) Serial IO GPIO Controller Driver - (iaLPSSi_GPIO) - C:\Windows\System32\drivers\iaLPSSi_GPIO.sys (sign: 'Intel Corporation - Client Components Group')
O23 - Driver S3: libusb-win32 - Kernel Driver 08/02/2012 1.2.6.0 - (libusb0) - C:\Windows\system32\DRIVERS\libusb0.sys (sign: 'Travis Lee Robinson')
O23 - Driver S3: pwdspio - C:\Windows\system32\pwdspio.sys (sign: 'MiniTool Solution Ltd')
O23 - Driver S3: Realtek Bluetooth Filter Driver - (RtkBtFilter) - C:\Windows\System32\drivers\RtkBtfilter.sys (+safe mode) (sign: 'Realtek Semiconductor Corp.')
O23 - Driver S3: SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.) - (ssudmdm) - C:\Windows\system32\DRIVERS\ssudmdm.sys (sign: 'Samsung Electronics CO., LTD.')
O23 - Driver S3: SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.) - (dg_ssudbus) - C:\Windows\system32\DRIVERS\ssudbus2.sys (+safe mode) (sign: 'Samsung Electronics CO., LTD.')
O23 - Driver S3: SAMSUNG Mobile USB Connectivity Device Driver V2 - (ss_conn_usb_driver2) - C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys (+safe mode) (sign: 'Samsung Electronics CO., LTD.')
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'rt640x64'

--
End of file - Time spent: 12,2 sec. - 47804 bytes, CRC32: FFFFFFFF. Sign: 驆践

O4 - HKLM\..\RunOnce: [msedge_cleanup_{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}] = C:\Program Files (x86)\Microsoft\Edge\Application\130.0.2849.46\Installer\setup.exe --msedge --channel=stable --delete-old-versions --system-level --verbose-logging --on-logon (sign: 'Microsoft')
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations] = C:\Users\gener.DESKTOP-5MMH4LA\AppData\Local\Temp\_iu14D2R.tmp -> DELETE.
O4 - HKLM\..\StartupApproved\Run32: [MicrosoftEdgeAutoLaunch_078848C872E0FDB87E5E545FF74B8F47] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start (2024/09/10) (sign: 'Microsoft')
O22 - Tasks: Driver Booster SkipUAC (gener) - C:\Program Files (x86)\IObit\Driver Booster\11.6.0\DriverBooster.exe /skipuac (file missing)
O22 - Tasks: Driver Booster Update - C:\Program Files (x86)\IObit\Driver Booster\11.6.0\AutoUpdate.exe /auto (file missing)
O23 - Service R2: x887827 - C:\Windows\System32\svchost.exe -k DcomLaunch; "ServiceDll" = C:\Windows\System32\x887827.dat (not signed - no company - C5C01B60F4B8B7B37A91CFE0C413D05AE22AC945)
O23 - Service R2: x922515 - C:\Windows\System32\svchost.exe -k DcomLaunch; "ServiceDll" = C:\Windows\System32\x922515.dat (not signed - no company - C5C01B60F4B8B7B37A91CFE0C413D05AE22AC945)

O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_101FB2493CEBED039D5412F470A78B81] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start (2024/08/11) (sign: 'Microsoft')
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations] = C:\Users\xecti\AppData\Local\Temp\_iu14D2N.tmp -> DELETE

Logfile of HiJackThis+ (Plus) build 2024-11-10 Alpha v.3.4.0.12


Boot mode: Normal (Secure Boot: On)



Running processes:


Number | Path


   4  C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe


   1  C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe


   1  C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe


   1  C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe


   1  C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe


   1  C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe


   1  C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe


   1  C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe


   1  C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe


   1  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe


   1  C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\14.4.0.11537\AdskLicensingService\AdskLicensingService.exe


   1  C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe


   1  C:\Program Files (x86)\Internet Download Manager\IDMan.exe


   2  C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.18\avp.exe


   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.18\avpui.exe


   1  C:\Program Files (x86)\Lenovo\LenovoDisplayControlCenterService\DCCPIPCtrlWnd.exe


   1  C:\Program Files (x86)\Lenovo\LenovoDisplayControlCenterService\DesktopParts.exe


   1  C:\Program Files (x86)\Lenovo\LenovoDisplayControlCenterService\FloatingMenu.exe


   1  C:\Program Files (x86)\Lenovo\LenovoDisplayControlCenterService\LenovoDCCBackGroundService.exe


   1  C:\Program Files (x86)\Lenovo\LenovoDisplayControlCenterService\LenovoDisplayControlCenterService.exe


   1  C:\Program Files (x86)\Lenovo\LenovoDisplayControlCenterService\MousePositioningWnd.exe


   1  C:\Program Files (x86)\Lenovo\LenovoDisplayControlCenterService\PrintAssitWnd.exe


   1  C:\Program Files (x86)\Lenovo\LenovoDisplayControlCenterService\WndMsgHelper.exe


   1  C:\Program Files (x86)\Lenovo\LenovoDisplayControlCenterService\x64\DCCDataHelper.exe


   1  C:\Program Files (x86)\LightingService\LightingService.exe


   6  C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe


   1  C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe


   5  C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe


   1  C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe


   1  C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe


   1  C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe


   1  C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe


   1  C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe


   1  C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe


   1  C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe


   1  C:\Program Files\AMD\CNext\CNext\amdow.exe


   1  C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe


   1  C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe


   1  C:\Program Files\AMD\CNext\CNext\cncmd.exe


   1  C:\Program Files\AMD\CNext\CNext\CPUMetricsServer.exe


   1  C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe


   1  C:\Program Files\ASUS\AacAmbientHal\AacAmbientLighting.exe


   1  C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe


   1  C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.UserSessionHelper.exe


   1  C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe


   1  C:\Program Files\ASUS\ASUS Hotplug Controller\AsHotplugCtrl.exe


   1  C:\Program Files\ASUS\ASUS Monitor Control\AsMonitorControl.exe


   1  C:\Program Files\ASUS\GlideX\GlideXNear\GlideXNearService.exe


   1  C:\Program Files\ASUS\GlideX\GlideXRemote\GlideXRemoteService.exe


   1  C:\Program Files\ASUS\GlideX\GlideXService.exe


   1  C:\Program Files\ASUS\GlideX\GlideXServiceExt.exe


   1  C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe


   1  C:\Program Files\Bonjour\mDNSResponder.exe


   1  C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe


   1  C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe


   1  C:\Program Files\Lenovo\Lenovo Accessories and Display Manager\DCCPIPCtrlWnd1.exe


   1  C:\Program Files\Lenovo\Lenovo Accessories and Display Manager\DesktopParts1.exe


   1  C:\Program Files\Lenovo\Lenovo Accessories and Display Manager\FloatingMenu1.exe


   1  C:\Program Files\Lenovo\Lenovo Accessories and Display Manager\LenovoAccessoriesAndDisplayControlCenterService.exe


   1  C:\Program Files\Lenovo\Lenovo Accessories and Display Manager\LenovoGoCentral1.exe


   1  C:\Program Files\Lenovo\Lenovo Accessories and Display Manager\MousePositioningWnd1.exe


   1  C:\Program Files\Lenovo\Lenovo Accessories and Display Manager\PrintAssitWnd1.exe


   1  C:\Program Files\Lenovo\Lenovo Accessories and Display Manager\UDCCBackGroundService.exe


   1  C:\Program Files\Lenovo\Lenovo Accessories and Display Manager\UDCCDataHelper.exe


   1  C:\Program Files\Lenovo\Lenovo Accessories and Display Manager\WndMsgHelper1.exe


   1  C:\Program Files\Lenovo\UDCCLauncherService\AutoBootInstallService.exe


   1  C:\Program Files\Logitech\LogiOptions\LogiOptions.exe


   1  C:\Program Files\Maxon\Tools\mxredirect.exe


   2  C:\Program Files\NVIDIA Corporation\NvBroadcast.NvContainer\NvBroadcast.Container.exe


   3  C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe


   1  C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2443.7.0_x64__cv1g1gvanyjgm\WhatsApp.exe


   1  C:\Program Files\WindowsApps\AdobeNotificationClient_6.0.0.1_x86__enpm4xejd91yc\AdobeNotificationClient.exe


   1  C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_5.9.9.0_x64__qmba6cd70vzyy\ArmouryCrate.exe


   1  C:\Program Files\WindowsApps\Microsoft.GamingServices_25.95.1001.0_x64__8wekyb3d8bbwe\gamingservices.exe


   1  C:\Program Files\WindowsApps\Microsoft.GamingServices_25.95.1001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe


   1  C:\Program Files\WindowsApps\Microsoft.WidgetsPlatformRuntime_1.6.1.0_x64__8wekyb3d8bbwe\WidgetService\WidgetService.exe


   1  C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.28801.70.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe


   1  C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe


   1  C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe


   1  C:\Windows\explorer.exe


   1  C:\Windows\ImmersiveControlPanel\SystemSettings.exe


   1  C:\Windows\System32\ApplicationFrameHost.exe


   1  C:\Windows\System32\ASUSACCI\ACCIMonitor.exe


   1  C:\Windows\System32\ASUSACCI\ArmouryCrateControlInterface.exe


   1  C:\Windows\System32\audiodg.exe


   1  C:\Windows\System32\backgroundTaskHost.exe


   1  C:\Windows\System32\cmd.exe


   6  C:\Windows\System32\conhost.exe


   2  C:\Windows\System32\csrss.exe


   1  C:\Windows\System32\ctfmon.exe


   3  C:\Windows\System32\dllhost.exe


   1  C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_05bfde18331c4d58\amdfendrsr.exe


   1  C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_a61e5ab0aed04d3c\AsusAppService\AsusAppService.exe


   1  C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_a61e5ab0aed04d3c\ASUSOptimization\AsusOptimization.exe


   1  C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_a61e5ab0aed04d3c\ASUSOptimization\AsusOptimizationStartupTask.exe


   1  C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_a61e5ab0aed04d3c\ASUSOptimization\AsusOSD.exe


   1  C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_a61e5ab0aed04d3c\ASUSSoftwareManager\AsusSoftwareManager.exe


   1  C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_a61e5ab0aed04d3c\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe


   1  C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_a61e5ab0aed04d3c\ASUSSoftwareManager\AsusSupportService.exe


   1  C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_a61e5ab0aed04d3c\ASUSSwitch\AsusSwitch.exe


   2  C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_a61e5ab0aed04d3c\ASUSSystemAnalysis\AsusSystemAnalysis.exe


   1  C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_a61e5ab0aed04d3c\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe


   1  C:\Windows\System32\DriverStore\FileRepository\DACCBF~1.INF\DAX3API.exe


   1  C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_8e54c1bc7d581ad1\DAX3API.exe


   2  C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_8b7b93520ab179a6\Display.NvContainer\NVDisplay.Container.exe


   3  C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_8b8f1bcdf16553b6\RtkAudUService64.exe


   1  C:\Windows\System32\DriverStore\FileRepository\u0409016.inf_amd64_2b8774c9217183cc\B408421\atieclxx.exe


   1  C:\Windows\System32\DriverStore\FileRepository\u0409016.inf_amd64_2b8774c9217183cc\B408421\atiesrxx.exe


   1  C:\Windows\System32\dwm.exe


   2  C:\Windows\System32\fontdrvhost.exe


   1  C:\Windows\System32\lsass.exe


   1  C:\Windows\System32\oobe\UserOOBEBroker.exe


   7  C:\Windows\System32\RuntimeBroker.exe


   1  C:\Windows\System32\SearchIndexer.exe


   1  C:\Windows\System32\SecurityHealthService.exe


   1  C:\Windows\System32\SecurityHealthSystray.exe


   1  C:\Windows\System32\services.exe


   1  C:\Windows\System32\sihost.exe


   1  C:\Windows\System32\smartscreen.exe


   1  C:\Windows\System32\smss.exe


   1  C:\Windows\System32\spoolsv.exe


  36  C:\Windows\System32\svchost.exe


   1  C:\Windows\System32\SystemSettingsBroker.exe


   2  C:\Windows\System32\taskhostw.exe


   1  C:\Windows\System32\wbem\unsecapp.exe


   1  C:\Windows\System32\wbem\WMIADAP.exe


   2  C:\Windows\System32\wbem\WmiPrvSE.exe


   1  C:\Windows\System32\wininit.exe


   1  C:\Windows\System32\winlogon.exe


   1  C:\Windows\System32\wlanext.exe


   3  C:\Windows\System32\WUDFHost.exe


   1  C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe


   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe


   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe


   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe


   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe


   1  C:\Windows\SysWOW64\dllhost.exe


   1  D:\Masaüstüm\İndirilenler\HiJackThis.exe


   1  D:\Sandboxie-Plus\SbieSvc.exe



R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyOverride] = *.local


O1 - Hosts: 192.168.195.25 host.docker.internal


O1 - Hosts: 192.168.195.25 gateway.docker.internal


O1 - Hosts: 127.0.0.1 kubernetes.docker.internal


O1 - Hosts.ICS: 172.27.192.1 Bilgosh.mshome.net # 2029 4 5 20 8 23 48 675


O2 - HKLM\..\BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll (sign: 'Adobe Inc.')


O2 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (sign: 'Tonec Inc.')


O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_431\bin\jp2ssv.dll (sign: 'Oracle America, Inc.')


O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_431\bin\ssv.dll (sign: 'Oracle America, Inc.')


O2 - HKLM\..\BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll (sign: 'Adobe Inc.')


O2-32 - HKLM\..\BHO: (no name) - AutorunsDisabled - (no file)


O2-32 - HKLM\..\BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll (sign: 'Adobe Inc.')


O2-32 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (sign: 'Tonec Inc.')


O2-32 - HKLM\..\BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll (sign: 'Adobe Inc.')


O3 - HKLM\..\Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll (sign: 'Adobe Inc.')


O3-32 - HKLM\..\Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll (sign: 'Adobe Inc.')


O4 - HKCU\..\Run: [AMDNoiseSuppression] = C:\Windows\system32\AMD\ANR\AMDNoiseSuppression.exe (sign: 'Advanced Micro Devices Inc.')


O4 - HKCU\..\Run: [IDMan] = C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot (sign: 'Tonec Inc.')


O4 - HKCU\..\Run: [Synapse3] = C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe /StartMinimized (sign: 'Razer USA Ltd.')


O4 - HKCU\..\StartupApproved\Run: [Adobe Acrobat Synchronizer] = C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe (2023/06/08) (sign: 'Adobe Inc.')


O4 - HKCU\..\StartupApproved\Run: [LGHUB] = C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe --minimized (2023/05/06) (sign: 'Logitech Inc')


O4 - HKCU\..\StartupApproved\Run: [SandboxiePlus_AutoRun] = D:\Sandboxie-Plus\SandMan.exe -autorun (2023/07/24) (sign: 'Tonalio GmbH')


O4 - HKCU\..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2023/05/07) (sign: 'Valve Corp.')


O4 - HKCU\..\StartupApproved\Run: [VoicemodV3] = C:\Program Files\Voicemod V3\Voicemod.exe (2024/10/20) (sign: 'VOICEMOD, INC. SUCURSAL EN ESPAÑA')


O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\bilge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ActivityWatch.lnk    ->    D:\ActivityWatch\aw-qt.exe (1601/01/01) (not signed - no company - EC67EF495E2E6ECA794FBCE2770CF0A67B9B4655)


O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\bilge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote'a Gönder.lnk    ->    C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (file missing) /tsr (1601/01/01)


O4 - HKLM\..\Run: [LogiOptions] = C:\Program Files\Logitech\LogiOptions\LogiOptions.exe /noui (sign: 'Logitech Inc')


O4 - HKLM\..\StartupApproved\Run: [AdobeAAMUpdater-1.0] = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (2023/05/07) (sign: 'Adobe Systems Incorporated')


O4 - HKLM\..\StartupApproved\Run: [AdobeGCInvoker-1.0] = C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (2024/02/25) (sign: 'Adobe Inc.')


O4 - HKLM\..\StartupApproved\Run32: [Adobe CCXProcess] = C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (2023/05/07) (sign: 'Adobe Inc.')


O4 - HKLM\..\StartupApproved\Run32: [Adobe Creative Cloud] = C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --showwindow=false --onOSstartup=true (2023/05/07) (sign: 'Adobe Inc.')


O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2023/05/08) (sign: 'Oracle America, Inc.')


O4 - HKU\S-1-5-18\..\Run: [GoogleDriveFS] = C:\Program Files\Google\Drive File Stream\94.0.1.0\GoogleDriveFS.exe --startup_mode (file missing) (User 'LocalSystem')


O4 - HKU\S-1-5-18\..\Run: [Synapse3] = C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe /StartMinimized (User 'LocalSystem') (sign: 'Razer USA Ltd.')


O4 - HKU\S-1-5-19\..\Run: [GoogleDriveFS] = C:\Program Files\Google\Drive File Stream\94.0.1.0\GoogleDriveFS.exe --startup_mode (file missing) (User 'Local service')


O4 - HKU\S-1-5-19\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'Local service') (sign: 'Microsoft')


O4 - HKU\S-1-5-20\..\Run: [GoogleDriveFS] = C:\Program Files\Google\Drive File Stream\94.0.1.0\GoogleDriveFS.exe --startup_mode (file missing) (User 'Network service')


O4 - HKU\S-1-5-20\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'Network service') (sign: 'Microsoft')


O4 - MountPoints2: HKCU\..\{0b81f0be-257f-11ef-90e0-1068381771e0}\shell\AutoRun\command: (default) = "E:\SanDisk Drive Unlock.exe" autoplay=true (file missing)


O4 - Startup Global: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled (folder)


O4-32 - HKLM\..\Run: [ASUS Smart Display Control] = C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe (sign: 'ASUSTeK COMPUTER INC.')


O5 - Applet: C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl (sign: 'Adobe Inc.')


O7 - Policy: HKLM\Software\Microsoft\Windows Defender: [DisableAntiSpyware] = 1


O7 - Policy: HKLM\Software\Microsoft\Windows Defender: [DisableAntiVirus] = 1


O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\IDM ile indir: (default) = C:\Program Files (x86)\Internet Download Manager\IEExt.htm (not signed - no company - 1A49C5F7A98580F8002AC1D6115AB39CB753975B)


O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Se&nd to OneNote: (default) = C:\Program Files\Microsoft Office\root\Office16\ONBttnIE.dll (file missing)


O9-32 - Button: HKLM\..\AutorunsDisabled: (no name) - (no file)


O10 - Unknown file in Winsock LSP: C:\Program Files (x86)\Bonjour\mdnsNSP.dll (sign: 'Apple Inc.')


O17 - DHCP DNS 1: 9.9.9.9 (Well-known DNS: Quad9)


O17 - DHCP DNS 2: 149.112.112.112 (Well-known DNS: Quad9)


O17 - DHCP DNS 3: 45.90.28.0


O17 - DHCP DNS 4: 45.90.30.0


O17 - HKLM\System\CCS\Services\Tcpip\..\{06e9c6d3-eb82-41aa-85d8-62a544f0db15}: [NameServer] = 45.90.28.0


O17 - HKLM\System\CCS\Services\Tcpip\..\{06e9c6d3-eb82-41aa-85d8-62a544f0db15}: [NameServer] = 45.90.30.0


O17 - HKLM\System\CCS\Services\Tcpip\..\{528bcae9-f873-47d0-9efb-a5f3185a4739}: [NameServer] = 149.112.112.112 (Well-known DNS: Quad9)


O17 - HKLM\System\CCS\Services\Tcpip\..\{528bcae9-f873-47d0-9efb-a5f3185a4739}: [NameServer] = 9.9.9.9 (Well-known DNS: Quad9)


O17 - HKLM\System\CCS\Services\Tcpip\..\{7cee2d3a-cb0c-498d-af66-d2a2d2f48d92}: [NameServer] = 149.112.112.112 (Well-known DNS: Quad9)


O17 - HKLM\System\CCS\Services\Tcpip\..\{7cee2d3a-cb0c-498d-af66-d2a2d2f48d92}: [NameServer] = 9.9.9.9 (Well-known DNS: Quad9)


O17 - HKLM\System\CCS\Services\Tcpip\..\{a5ac9000-c1d7-418b-8b73-b977fba27453}: [NameServer] = 198.51.100.1


O17 - HKLM\System\CCS\Services\Tcpip\..\{a5ac9000-c1d7-418b-8b73-b977fba27453}: [NameServer] = 198.51.100.2


O17 - HKLM\System\CCS\Services\Tcpip\..\{c774084c-19bc-4ffd-8c57-7327039a7cca}: [NameServer] = 45.90.28.0


O17 - HKLM\System\CCS\Services\Tcpip\..\{c774084c-19bc-4ffd-8c57-7327039a7cca}: [NameServer] = 45.90.30.0


O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll (sign: 'Adobe Inc.')


O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll (sign: 'Tonec Inc.')


O22 - Task (.job): update-S-1-5-21-1207519633-2380708945-2958166483-1001.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe (sign: 'OOO Lightshot')


O22 - Task (.job): update-sys.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe (sign: 'OOO Lightshot')


O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PowerToys (empty)


O22 - Tasks: (damaged) AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_a61e5ab0aed04d3c\ASUSSystemAnalysis\AsusSystemAnalysis.exe -j0 (user missing) (sign: 'ASUSTeK COMPUTER INC.')


O22 - Tasks: (disabled) (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (sign: 'Microsoft')


O22 - Tasks: (disabled) (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (sign: 'Microsoft')


O22 - Tasks: (disabled) (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:appraiser.dll -foScheduledTelemetryRun (sign: 'Microsoft')


O22 - Tasks: (disabled) (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\sc.exe start InventorySvc (sign: '')


O22 - Tasks: (disabled) \ASUS\P508PowerAgent_sdk - C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (file missing)


O22 - Tasks: (disabled) \Lenovo\Lenovo Display Control Center\LDCCServiceInstall - C:\Users\bilge\AppData\Local\Temp\D215BAC7-5414-4c69-A3C2-296441410A9C\LDCCService.exe /StartByTask (file missing)


O22 - Tasks: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\Windows\system32\fclip.exe (sign: 'Microsoft')


O22 - Tasks: (disabled) \Microsoft\Windows\Flighting\FeatureConfig\BootstrapUsageDataReporting - {D759C938-B375-41CB-A2A2-E6D866A767F4} - C:\Windows\System32\fcon.dll (sign: 'Microsoft')


O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')


O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')


O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\MdmDiagnosticsCleanup - C:\Windows\system32\MdmDiagnosticsTool.exe /clean (sign: 'Microsoft')


O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (sign: 'Microsoft')


O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (sign: 'Microsoft')


O22 - Tasks: (disabled) \Microsoft\Windows\Shell\ThemeAssetTask_SyncFODState - {3BC5DD7D-EA3B-428C-B9B6-0723DB6A1057} - C:\Windows\System32\Windows.UI.Immersive.dll (sign: 'Microsoft')


O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (sign: 'Microsoft')


O22 - Tasks: (disabled) \Microsoft\Windows\WaaSMedic\DeferredWork - {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32},DeferralWork - C:\Windows\System32\WaaSMedicSvc.dll (sign: 'Microsoft')


O22 - Tasks: (disabled) BraveSoftwareUpdateTaskMachineCore{79252E29-CD0E-45FB-A3AE-441C7839AB5E} - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /c (sign: 'Brave Software, Inc.')


O22 - Tasks: (disabled) BraveSoftwareUpdateTaskMachineUA{C1ABAE15-ED8C-4036-ABBA-11F7BFE2E859} - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /ua /installsource scheduler (sign: 'Brave Software, Inc.')


O22 - Tasks: (disabled) DashboardNotificationManager Task - C:\Program Files (x86)\Western Digital\SSD Dashboard\DashboardNotificationManager\DashboardNotificationManager.exe (not signed - no company - 742C7B93DE7F70FE3B12BEA9DBF7629631C77E60)


O22 - Tasks: (disabled) NvBroadcast_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA Broadcast\NVIDIA Broadcast UI.exe -minimized (sign: 'NVIDIA Corporation')


O22 - Tasks: (disabled) Overwolf Updater Task - C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe /RunningFrom Schedule (sign: 'Overwolf Ltd')


O22 - Tasks: (disabled) SamsungMagician - C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe --disable-gpu-sandbox /AUTOHIDE (sign: 'Samsung Electronics Co., Ltd.')


O22 - Tasks: (disabled) update-S-1-5-21-1207519633-2380708945-2958166483-1001 - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate (sign: 'OOO Lightshot')


O22 - Tasks: (disabled) update-sys - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate (sign: 'OOO Lightshot')


O22 - Tasks: (telemetry) \Microsoft\Office\Office Performance Monitor - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe (sign: 'Microsoft')


O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (sign: 'Microsoft')


O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaWallpaperAppDetect - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaWallpaperAppDetect (sign: 'Microsoft')


O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\SdbinstMergeDbTask - C:\Windows\system32\sdbinst.exe -mm (sign: 'Microsoft')


O22 - Tasks: \ASUS\AcPowerNotification - C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe (sign: 'ASUSTeK COMPUTER INC.')


O22 - Tasks: \ASUS\Armoury Crate Service Task_CountDown - C:\ProgramData\ASUS\FestsEffect\data\CountDown\CountDown.exe (sign: 'ASUSTeK COMPUTER INC.')


O22 - Tasks: \ASUS\ArmourySocketServer - C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (sign: 'ASUSTeK COMPUTER INC.')


O22 - Tasks: \ASUS\ASUSUpdateTaskMachineCore1d97f9ac045d7d5 - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe /c (sign: 'ASUSTeK COMPUTER INC.')


O22 - Tasks: \ASUS\ASUSUpdateTaskMachineUA - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe /ua /installsource scheduler (sign: 'ASUSTeK COMPUTER INC.')


O22 - Tasks: \ASUS\Framework Service - C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe --delay (sign: 'ASUSTeK COMPUTER INC.')


O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\Windows\system32\MusNotification.exe (file missing)


O22 - Tasks: \Mozilla\Firefox Background Update S-1-5-21-1207519633-2380708945-2958166483-1001 308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate (sign: 'Mozilla Corporation')


O22 - Tasks: \Mozilla\Firefox Background Update S-1-5-21-1207519633-2380708945-2958166483-1020 308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate (sign: 'Mozilla Corporation')


O22 - Tasks: \Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" (sign: 'Mozilla Corporation')


O22 - Tasks: Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (sign: 'Adobe Inc.')


O22 - Tasks: AdobeGCInvoker-1.0 - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe -mode=scheduled (sign: 'Adobe Inc.')


O22 - Tasks: Adobe-Genuine-Software-Integrity-Scheduler-1.0 - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (sign: 'Adobe Inc.')


O22 - Tasks: AMDInstallLauncher - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe /InstallAUEP (sign: 'Advanced Micro Devices')


O22 - Tasks: AMDRyzenMasterSDKTask - C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe (sign: 'Advanced Micro Devices')


O22 - Tasks: AMDScoSupportTypeUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe /UpdateScoSupportType (sign: 'Advanced Micro Devices')


O22 - Tasks: ASUS Hotplug Controller - C:\Program Files\ASUS\ASUS Hotplug Controller\AsHotplugCtrl.exe (sign: 'ASUSTEK COMPUTER INCORPORATION')


O22 - Tasks: ASUS Monitor Control - C:\Program Files\ASUS\ASUS Monitor Control\AsMonitorControl.exe (sign: 'ASUSTeK COMPUTER INC.')


O22 - Tasks: ASUS Optimization 36D18D69AFC3 - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_a61e5ab0aed04d3c\ASUSOptimization\AsusHotkey.exe -CancelShutdown (sign: 'ASUSTeK COMPUTER INC.')


O22 - Tasks: ASUS Update Checker 2.0 - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_a61e5ab0aed04d3c\ASUSSoftwareManager\AsusUpdateChecker.exe (sign: 'ASUSTeK COMPUTER INC.')


O22 - Tasks: ASUSSmartDisplayControl - C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe (sign: 'ASUSTeK COMPUTER INC.')


O22 - Tasks: AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_a61e5ab0aed04d3c\ASUSSystemAnalysis\AsusSystemAnalysis.exe -j0 (sign: 'ASUSTeK COMPUTER INC.')


O22 - Tasks: Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} - C:\Program Files\Common Files\AV\Kaspersky\upgrade_launcher.exe /waitUpgrade (sign: 'AO Kaspersky Lab')


O22 - Tasks: Launch Adobe CCXProcess - C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (sign: 'Adobe Inc.')


O22 - Tasks: ModifyLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -UpdateCurrentUser (sign: 'Advanced Micro Devices')


O22 - Tasks: NVIDIA app SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\NVIDIA app.exe (sign: 'NVIDIA Corporation')


O22 - Tasks: OneDrive Reporting Task-S-1-5-21-1207519633-2380708945-2958166483-1001 - C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe /reporting (sign: 'Microsoft')


O22 - Tasks: OneDrive Reporting Task-S-1-5-21-1207519633-2380708945-2958166483-1020 - C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe /reporting (sign: 'Microsoft')


O22 - Tasks: RtkAudUService64_BG - C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_8b8f1bcdf16553b6\RtkAudUService64.exe -background (sign: 'Realtek Semiconductor Corp.')


O22 - Tasks: StartCN - C:\Program Files\AMD\CNext\CNext\cncmd.exe startwithdelay (sign: 'Advanced Micro Devices')


O22 - Tasks: StartDVR - C:\Program Files\AMD\CNext\CNext\RSServCmd.exe (sign: 'Advanced Micro Devices')


O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (sign: 'Adobe Inc.')


O23 - Service R2: AdobeUpdateService - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (sign: 'Adobe Inc.')


O23 - Service R2: AMD Crash Defender Service - C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_05bfde18331c4d58\amdfendrsr.exe (sign: 'Microsoft')


O23 - Service R2: AMD External Events Utility - C:\Windows\System32\DriverStore\FileRepository\u0409016.inf_amd64_2b8774c9217183cc\B408421\atiesrxx.exe (sign: 'Advanced Micro Devices')


O23 - Service R2: Armoury Crate Control Interface - (ArmouryCrateControlInterface) - C:\Windows\System32\ASUSACCI\ArmouryCrateControlInterface.exe (sign: 'ASUSTeK COMPUTER INC.')


O23 - Service R2: ARMOURY CRATE Service - (ArmouryCrateService) - C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe (sign: 'ASUSTeK COMPUTER INC.')


O23 - Service R2: ASUS App Service - (AsusAppService) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_a61e5ab0aed04d3c\AsusAppService\AsusAppService.exe (sign: 'ASUSTeK COMPUTER INC.')


O23 - Service R2: ASUS AURA SYNC lighting service - (LightingService) - C:\Program Files (x86)\LightingService\LightingService.exe (sign: 'ASUSTeK COMPUTER INC.')


O23 - Service R2: ASUS Optimization - (ASUSOptimization) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_a61e5ab0aed04d3c\ASUSOptimization\AsusOptimization.exe (sign: 'ASUSTeK COMPUTER INC.')


O23 - Service R2: ASUS Software Manager - (ASUSSoftwareManager) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_a61e5ab0aed04d3c\ASUSSoftwareManager\AsusSoftwareManager.exe (sign: 'ASUSTeK COMPUTER INC.')


O23 - Service R2: ASUS Switch - (ASUSSwitch) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_a61e5ab0aed04d3c\ASUSSwitch\AsusSwitch.exe (sign: 'ASUSTeK COMPUTER INC.')


O23 - Service R2: ASUS System Analysis - (ASUSSystemAnalysis) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_a61e5ab0aed04d3c\ASUSSystemAnalysis\AsusSystemAnalysis.exe (sign: 'ASUSTeK COMPUTER INC.')


O23 - Service R2: ASUS System Diagnosis - (ASUSSystemDiagnosis) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_a61e5ab0aed04d3c\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe (sign: 'ASUSTeK COMPUTER INC.')


O23 - Service R2: AsusCertService - C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe (sign: 'ASUSTeK COMPUTER INC.')


O23 - Service R2: Autodesk Desktop Licensing Service - (AdskLicensingService) - C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe (sign: 'Autodesk, Inc.')


O23 - Service R2: Bonjour Service - C:\Program Files\Bonjour\mDNSResponder.exe (sign: 'Apple Inc.')


O23 - Service R2: CMigrationService - C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe (sign: 'Samsung Electronics Co., Ltd.')


O23 - Service R2: Dolby DAX API Service - (DolbyDAXAPI) - C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_8e54c1bc7d581ad1\DAX3API.exe (sign: 'Dolby Laboratories, Inc.')


O23 - Service R2: FlexNet Licensing Service 64 - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe (sign: 'Flexera Software LLC')


O23 - Service R2: GameSDK Service - C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe (sign: 'ASUSTeK COMPUTER INC.')


O23 - Service R2: Gaming Services - (GamingServices) - C:\Program Files\WindowsApps\Microsoft.GamingServices_25.95.1001.0_x64__8wekyb3d8bbwe\GamingServices.exe (sign: 'Microsoft')


O23 - Service R2: Gaming Services - (GamingServicesNet) - C:\Program Files\WindowsApps\Microsoft.GamingServices_25.95.1001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe (sign: 'Microsoft')


O23 - Service R2: GlideX Near Service - (GlideXNearService) - C:\Program Files\ASUS\GlideX\GlideXNear\GlideXNearService.exe (sign: 'ASUSTeK COMPUTER INC.')


O23 - Service R2: GlideX Remote Service - (GlideXRemoteService) - C:\Program Files\ASUS\GlideX\GlideXRemote\GlideXRemoteService.exe (sign: 'ASUSTeK COMPUTER INC.')


O23 - Service R2: GlideX Service - (GlideXService) - C:\Program Files\ASUS\GlideX\GlideXService.exe (sign: 'ASUSTeK COMPUTER INC.')


O23 - Service R2: GlideX Service Extension - (GlideXServiceExt) - C:\Program Files\ASUS\GlideX\GlideXServiceExt.exe (sign: 'ASUSTeK COMPUTER INC.')


O23 - Service R2: Kaspersky Hizmeti 21.18 - (AVP21.18) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.18\avp.exe -r (sign: 'Kaspersky Lab JSC')


O23 - Service R2: Lenovo Accessories and Display Manager Service - (LenovoAccessoriesandDisplayManagerService) - C:\Program Files\Lenovo\Lenovo Accessories and Display Manager\UDCCBackGroundService.exe (sign: 'Lenovo')


O23 - Service R2: Lenovo Display Control Center Service - (LenovoDisplayControlCenterService) - C:\Program Files (x86)\Lenovo\LenovoDisplayControlCenterService\LenovoDCCBackGroundService.exe (sign: 'Lenovo (Beijing) Limited')


O23 - Service R2: mxredirect - C:\Program Files\Maxon\Tools\mxredirect.exe (sign: 'Maxon Computer GmbH')


O23 - Service R2: NVIDIA Broadcast LocalSystem Container - (NvBroadcast.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvBroadcast.NvContainer\NvBroadcast.Container.exe -s NvBroadcast.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvBroadcast.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvBroadcast.NvContainer\plugins\LocalSystem" -r -p 30000  (sign: 'Nvidia Corporation')


O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_8b7b93520ab179a6\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_8b7b93520ab179a6\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem /ert (sign: 'NVIDIA Corporation')


O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA Corporation\NVIDIA app\NvContainer\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000  -ert (sign: 'NVIDIA Corporation')


O23 - Service R2: PACE License Services - (PaceLicenseDServices) - C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe -u hxxps://activation.paceap.com/InitiateActivation (sign: 'PACE Anti-Piracy, Inc.')


O23 - Service R2: Razer Central Service - (RzActionSvc) - C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe (sign: 'Razer USA Ltd.')


O23 - Service R2: Razer Game Manager - (Razer Game Manager Service) - C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe (sign: 'Razer USA Ltd.')


O23 - Service R2: Razer Synapse Service - C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe (sign: 'Razer USA Ltd.')


O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_8b8f1bcdf16553b6\RtkAudUService64.exe (sign: 'Realtek Semiconductor Corp.')


O23 - Service R2: ROG Live Service - C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (sign: 'ASUSTeK COMPUTER INC.')


O23 - Service R2: Sandboxie Service - (SbieSvc) - D:\Sandboxie-Plus\SbieSvc.exe (sign: 'Tonalio GmbH')


O23 - Service R2: UDCC Launcher Service - (UDCCLauncherService) - C:\Program Files\Lenovo\UDCCLauncherService\AutoBootInstallService.exe (sign: 'Lenovo')


O23 - Service R2: WD Drive Manager - (WDDriveService) - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe (sign: 'Western Digital Technologies, Inc.')


O23 - Service S2: ASUS Güncelleme Hizmeti (asus) - (asus) - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe /svc (sign: 'ASUSTeK COMPUTER INC.')


O23 - Service S2: AsusROGLSLService Download ROGLSLoader - (AsusROGLSLService) - C:\Program Files (x86)\ASUS\AsusROGLSLService\AsusROGLSLService.exe -runservice (sign: 'ASUSTeK COMPUTER INC.')


O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc (file missing)


O23 - Service S3: ASUS Güncelleme Hizmeti (asusm) - (asusm) - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe /medsvc (sign: 'ASUSTeK COMPUTER INC.')


O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe (sign: 'BattlEye Innovations e.K.')


O23 - Service S3: FileSyncHelper - C:\Program Files\Microsoft OneDrive\24.206.1013.0004\FileSyncHelper.exe (sign: 'Microsoft')


O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc (file missing)


O23 - Service S3: Kaspersky Volume Shadow Copy Service Bridge 21.18 - (klvssbridge64_21.18) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.18\x64\vssbridge64.exe (sign: 'AO Kaspersky Lab')


O23 - Service S3: Kaspersky VPN Secure Connection Hizmeti 5.18 - (KSDE5.18) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.18\ksde.exe -r (sign: 'Kaspersky Lab JSC')


O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (sign: 'Mozilla Corporation')


O23 - Service S3: NVIDIA FrameView SDK service - (FvSvc) - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe -service (sign: 'NVIDIA Corporation')


O23 - Service S3: OneDrive Updater Service - C:\Program Files\Microsoft OneDrive\24.206.1013.0004\OneDriveUpdaterService.exe (sign: 'Microsoft')


O23 - Service S3: Rockstar Game Library Service - (Rockstar Service) - D:\Launcher\RockstarService.exe (sign: 'Rockstar Games, Inc.')


O23 - Driver R: Sandboxie Kernel Mode Driver - D:\Sandboxie-Plus\SbieDrv.sys (sign: 'Microsoft' - Sandboxie-Plus.com)


O23 - Driver R0: AMD Micro PEP Device - (AmdMicroPEP) - C:\Windows\System32\drivers\AmdMicroPEP.sys (+safe mode) (sign: 'Advanced Micro Devices Inc.')


O23 - Driver R0: AMD PSP Service - (amdpsp) - C:\Windows\System32\drivers\amdpsp.sys (sign: 'Advanced Micro Devices Inc.')


O23 - Driver R0: AO Kaspersky Lab Cryptographic Module x64 (56 bit) - (cm_km) - C:\Windows\system32\DRIVERS\cm_km.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)


O23 - Driver R0: klupd_K4W-21-18_arkmon - C:\Windows\System32\Drivers\klupd_K4W-21-18_arkmon.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)


O23 - Driver R0: klupd_K4W-21-18_klbg - C:\Windows\System32\Drivers\klupd_K4W-21-18_klbg.sys (sign: 'Microsoft' - AO Kaspersky Lab)


O23 - Driver R1: Asusgio3 - C:\Windows\system32\drivers\AsIO3.sys (sign: 'ASUSTeK COMPUTER INC.')


O23 - Driver R1: ATKWMIACPI Driver - (ATKWMIACPIIO) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_a61e5ab0aed04d3c\ASUSOptimization\AsusWmiAcpi.sys (sign: 'ASUSTeK COMPUTER INC.')


O23 - Driver R1: Kaspersky Anti-Virus NDIS 6 Filter - (klim6) - C:\Windows\system32\DRIVERS\klim6.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)


O23 - Driver R1: Kaspersky Lab Driver.K4W-21-18 - (klif.K4W-21-18) - C:\Windows\system32\DRIVERS\K4W-21-18\klif.sys (sign: 'Microsoft' - AO Kaspersky Lab)


O23 - Driver R1: Kaspersky Lab format recognizer driver.K4W-21-18 - (klpd.K4W-21-18) - C:\Windows\system32\DRIVERS\K4W-21-18\klpd.sys (sign: 'Microsoft' - AO Kaspersky Lab)


O23 - Driver R1: Kaspersky Lab Kernel DLL.K4W-21-18 - (KLFLT.K4W-21-18) - C:\Windows\system32\DRIVERS\K4W-21-18\klflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)


O23 - Driver R1: Kaspersky Lab klbackupdisk.K4W-21-18 - (klbackupdisk.K4W-21-18) - C:\Windows\system32\DRIVERS\K4W-21-18\klbackupdisk.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)


O23 - Driver R1: Kaspersky Lab klbackupflt.K4W-21-18 - (klbackupflt.K4W-21-18) - C:\Windows\system32\DRIVERS\K4W-21-18\klbackupflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)


O23 - Driver R1: Kaspersky Lab KLKBDFLT.K4W-21-18 - (klkbdflt.K4W-21-18) - C:\Windows\system32\DRIVERS\K4W-21-18\klkbdflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)


O23 - Driver R1: Kaspersky Lab klpnpflt.K4W-21-18 - (klpnpflt.K4W-21-18) - C:\Windows\system32\DRIVERS\K4W-21-18\klpnpflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)


O23 - Driver R1: Kaspersky Lab Security Extender Driver.K4W-21-18 - (klgse.K4W-21-18) - C:\Windows\system32\DRIVERS\K4W-21-18\klgse.sys (sign: 'Microsoft' - AO Kaspersky Lab)


O23 - Driver R1: Kaspersky Lab service driver.K4W-21-18 - (KLHK.K4W-21-18) - C:\Windows\system32\DRIVERS\K4W-21-18\klhk.sys (sign: 'Microsoft' - AO Kaspersky Lab)


O23 - Driver R1: kldisk.K4W-21-18 - C:\Windows\system32\DRIVERS\K4W-21-18\kldisk.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)


O23 - Driver R1: klwtp.K4W-21-18 - C:\Windows\system32\DRIVERS\K4W-21-18\klwtp.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)


O23 - Driver R1: kneps.K4W-21-18 - C:\Windows\system32\DRIVERS\K4W-21-18\kneps.sys (sign: 'Microsoft' - AO Kaspersky Lab)


O23 - Driver R1: veracrypt - C:\Windows\System32\drivers\veracrypt.sys (sign: 'Microsoft' - IDRIX)


O23 - Driver R1: VirtualBox NDIS6 Bridged Networking Service - (VBoxNetLwf) - C:\Windows\system32\DRIVERS\VBoxNetLwf.sys (+safe mode) (sign: 'Oracle Corporation')


O23 - Driver R1: VirtualBox Service - (VBoxSup) - C:\Windows\system32\DRIVERS\VBoxSup.sys (sign: 'Oracle Corporation')


O23 - Driver R1: VirtualBox USB Monitor Service - (VBoxUSBMon) - C:\Windows\system32\DRIVERS\VBoxUSBMon.sys (sign: 'Oracle Corporation')


O23 - Driver R2: AMD_DPFC Service - (amd_dpfc) - C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_8b7b93520ab179a6\amd_dpfc.sys (sign: 'Advanced Micro Devices')


O23 - Driver R2: AMDRyzenMasterDriverV26 - C:\Windows\system32\AMDRyzenMasterDriver.sys (sign: 'Advanced Micro Devices')


O23 - Driver R2: BlueStacks Hypervisor_nxt - (BlueStacksDrv_nxt) - C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys (sign: 'Microsoft' - Bluestack System Inc.)


O23 - Driver R2: IDMWFP - C:\Windows\System32\drivers\idmwfp.sys (sign: 'Microsoft' - Tonec Inc.)


O23 - Driver R3: AMD Controller Emulation - (AMDXE) - C:\Windows\System32\drivers\amdxe.sys (sign: 'Advanced Micro Devices Inc.')


O23 - Driver R3: AMD Crash Defender Driver - (amdfendr) - C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_05bfde18331c4d58\amdfendr.sys (sign: 'Microsoft' - Advanced Micro Devices, Inc.)


O23 - Driver R3: AMD Crash Defender Manager Driver - (amdfendrmgr) - C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_05bfde18331c4d58\amdfendrmgr.sys (sign: 'Microsoft' - Advanced Micro Devices, Inc.)


O23 - Driver R3: AMD Function Driver for HD Audio Service - (AtiHDAudioService) - C:\Windows\System32\DriverStore\FileRepository\atihdwt6.inf_amd64_4ad1437aef138551\AtihdWT6.sys (sign: 'Microsoft' - Advanced Micro Devices)


O23 - Driver R3: AMD GPIO Client Driver - (amdgpio2) - C:\Windows\System32\drivers\amdgpio2.sys (sign: 'Advanced Micro Devices INC.')


O23 - Driver R3: AMD I2C Controller Service - (amdi2c) - C:\Windows\System32\drivers\amdi2c.sys (+safe mode) (sign: 'Advanced Micro Devices Inc.')


O23 - Driver R3: AMDSAFD - C:\Windows\System32\DriverStore\FileRepository\amdsafd.inf_amd64_d4de13a10f2586d0\amdsafd.sys (sign: 'Microsoft' - Advanced Micro Devices)


O23 - Driver R3: amduw23g - C:\Windows\System32\DriverStore\FileRepository\u0409016.inf_amd64_2b8774c9217183cc\B408421\amdkmdag.sys (sign: 'Advanced Micro Devices')


O23 - Driver R3: ASUS Precision Touch Service - (AsusPTPDrv) - C:\Windows\System32\DriverStore\FileRepository\asusptpfilter.inf_amd64_ebab82ab1cf6be11\AsusPTPFilter.sys (sign: 'ASUSTeK COMPUTER INC.')


O23 - Driver R3: AsusSAIO - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_a61e5ab0aed04d3c\ASUSSystemAnalysis\AsusSAIO.sys (sign: 'ASUSTeK COMPUTER INC.')


O23 - Driver R3: Audio Coprocessr Driver for DSP - (amdacpbus) - C:\Windows\System32\DriverStore\FileRepository\amdacpbus.inf_amd64_3e4eb1c770789ad1\amdacpbus.sys (sign: 'Advanced Micro Devices')


O23 - Driver R3: Famatech Radmin VPN Miniport - (RvNetMP60) - C:\Windows\System32\drivers\RvNetMP60.sys (+safe mode) (sign: 'Microsoft' - Famatech Corp.)


O23 - Driver R3: HID-Compliant Mouse - (hanvonugeemfilter) - C:\Windows\System32\drivers\hanvonugeemfilter.sys (not signed - Windows (R) Win 7 DDK provider - 56D0B1F479A1E9A00D49A2283150456424ACFC14)


O23 - Driver R3: Kaspersky Lab KLMOUFLT.K4W-21-18 - (klmouflt.K4W-21-18) - C:\Windows\system32\DRIVERS\K4W-21-18\klmouflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)


O23 - Driver R3: Kaspersky VPN - (kltun) - C:\Windows\system32\DRIVERS\kltun.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)


O23 - Driver R3: klids.K4W-21-18 - C:\ProgramData\Kaspersky Lab\AVP21.18\Bases\klids.sys (sign: 'Microsoft' - AO Kaspersky Lab)


O23 - Driver R3: klupd_K4W-21-18_klark - C:\Windows\System32\Drivers\klupd_K4W-21-18_klark.sys (sign: 'Microsoft' - AO Kaspersky Lab)


O23 - Driver R3: klupd_K4W-21-18_mark - C:\Windows\System32\Drivers\klupd_K4W-21-18_mark.sys (sign: 'Microsoft' - AO Kaspersky Lab)


O23 - Driver R3: Logitech G HUB Translation Layer Driver - (logi_joy_xlcore) - C:\Windows\system32\drivers\logi_joy_xlcore.sys (sign: 'Logitech Inc')


O23 - Driver R3: Logitech G HUB Virtual Bus Enumerator Driver - (logi_joy_bus_enum) - C:\Windows\system32\drivers\logi_joy_bus_enum.sys (sign: 'Logitech Inc')


O23 - Driver R3: Mediatek PCI LE Extensible Wireless LAN Card Driver - (mtkwlex) - C:\Windows\System32\DriverStore\FileRepository\mtkwl6ex.inf_amd64_f698a1260525f27b\mtkwl6ex.sys (+safe mode) (sign: 'MEDIATEK INC.')


O23 - Driver R3: MTK BT Filter Driver - (MTKBTFilterx64) - C:\Windows\System32\DriverStore\FileRepository\mtkbtfilter.inf_amd64_4e18fe2e122d5d00\mtkbtfilterx.sys (sign: 'Microsoft' - MediaTek Inc.)


O23 - Driver R3: NVIDIA Broadcast - (nvrtxvad_WaveExtensible) - C:\Windows\system32\drivers\nvrtxvad64v.sys (sign: 'Nvidia Corporation')


O23 - Driver R3: NVIDIA Virtual Audio Device (Wave Extensible) (WDM) - (nvvad_WaveExtensible) - C:\Windows\system32\drivers\nvvad64v.sys (sign: 'NVIDIA Corporation')


O23 - Driver R3: nvlddmkm - C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_8b7b93520ab179a6\nvlddmkm.sys (sign: 'NVIDIA Corporation')


O23 - Driver R3: NVPCF Service - (nvpcf) - C:\Windows\System32\drivers\nvpcf.sys (sign: 'NVIDIA Corporation')


O23 - Driver R3: Parade HID Device - (PRHidDrv) - C:\Windows\System32\DriverStore\FileRepository\prhiddrv.inf_amd64_029df2e6729198b4\PRHidDrv.sys (sign: 'Microsoft' - Parade Technologies, Ltd.)


O23 - Driver R3: Parade SPB Peripheral Device - (PRSpbDrv) - C:\Windows\System32\drivers\PRSpbDrv.sys (sign: 'Microsoft' - Parade Technologies, Ltd.)


O23 - Driver R3: Razer 009c Service - (RzDev_009c) - C:\Windows\System32\drivers\RzDev_009c.sys (sign: 'Razer USA Ltd.')


O23 - Driver R3: Razer Control Service - (RzCommon) - C:\Windows\System32\drivers\RzCommon.sys (sign: 'Razer USA Ltd.')


O23 - Driver R3: Realtek NetAdapter Driver - (rt68cx21) - C:\Windows\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_dbd9b908616006c6\rt68cx21x64.sys (sign: 'Realtek Semiconductor Corp.')


O23 - Driver R3: Service for NVIDIA High Definition Audio Driver - (NVHDA) - C:\Windows\system32\drivers\nvhda64v.sys (sign: 'NVIDIA Corporation')


O23 - Driver R3: Service for Realtek HD Audio (WDM) - (IntcAzAudAddService) - C:\Windows\system32\drivers\RTKVHD64.sys (sign: 'Realtek Semiconductor Corp.')


O23 - Driver R3: VB-Audio Virtual Cable (WDM) - (VBAudioVACMME) - C:\Windows\System32\drivers\vbaudio_cable64_win7.sys (sign: 'Vincent Burel')


O23 - Driver R3: VB-Audio VoiceMeeter VAIO (WDM) - (VBAudioVMVAIOMME) - C:\Windows\System32\drivers\vbaudio_vmvaio64_win10.sys (sign: 'Vincent Burel')


O23 - Driver R3: VirtualBox NDIS 6.0 Miniport Service - (VBoxNetAdp) - C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys (+safe mode) (sign: 'Oracle Corporation')


O23 - Driver R3: Voicemod Virtual Audio Device (WDM) - (VOICEMOD_Driver) - C:\Windows\system32\drivers\mvvad.sys (sign: 'Voicemod Sociedad Limitada')


O23 - Driver R3: XP-Pen Tablet - (XPPenTablet) - C:\Windows\System32\drivers\XPPenTablet.sys (not signed - Windows (R) Win 7 DDK provider - 7ABADAA5A94CB9CE03BECC1F5217F33B6B8BE786)


O23 - Driver S2: AMDRyzenMasterDriverV27 - C:\Windows\system32\AMDRyzenMasterDriver.sys (sign: 'Advanced Micro Devices')


O23 - Driver S3: Intel(R) Serial IO GPIO Controller Driver - (iaLPSSi_GPIO) - C:\Windows\System32\drivers\iaLPSSi_GPIO.sys (sign: 'Intel Corporation - Client Components Group')


O23 - Driver S3: Logitech G HUB Virtual HID Device Driver - (logi_joy_vir_hid) - C:\Windows\system32\drivers\logi_joy_vir_hid.sys (sign: 'Logitech Inc')


O23 - Driver S3: LogMeIn Hamachi Virtual Miniport) - (Hamachi) - C:\Windows\system32\DRIVERS\Hamdrv.sys (+safe mode) (sign: 'Microsoft' - LogMeIn Inc.)


O23 - Driver S3: Razer 008c Service - (RzDev_008c) - C:\Windows\System32\drivers\RzDev_008c.sys (sign: 'Razer USA Ltd.')


O23 - Driver S3: Realtek Bluetooth Filter Driver - (RtkBtFilter) - C:\Windows\System32\drivers\RtkBtfilter.sys (+safe mode) (sign: 'Realtek Semiconductor Corp.')


O23 - Driver S3: SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.) - (dg_ssudbus) - C:\Windows\system32\DRIVERS\ssudbus2.sys (+safe mode) (sign: 'Samsung Electronics CO., LTD.')


O23 - Driver S3: xhunter1 - C:\Windows\xhunter1.sys (sign: 'Wellbia.com Co., Ltd.')


O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'Hamachi'


O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'klim6'


O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'kltun'


O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'klwtp.K4W-21-18'


O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'mtkwlex'


O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'RvNetMP60'


O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'VBoxNetAdp'


O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'VBoxNetLwf'




--


End of file - Time spent: 29,1 sec. - 107768 bytes, CRC32: FFFFFFFF.