HijackThis Log Paylaşımı ve Çözümleri

Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.28

Platform:  x64 Windows 10 (Pro), 10.0.19045.2788 (ReleaseId: 2009, 22H2), Service Pack: 0
Time:      12.04.2023 - 23:31 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Memory:    11146 MiB Free (32 %). CPU Loading: (5 %)
Elevated:  Yes
Ran by:    isikm    (group: Administrators) on DESKTOP-63ONJBO, FirstRun: no

Internet Explorer: 11.0.19041.1566
Default: "C:\Users\isikm\AppData\Local\Programs\Opera GX\Launcher.exe" -noautoupdate -- "%1" (Opera GX Internet Browser)

Boot mode: Normal

Running processes:
Number | Path
   2  C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe
   1  C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
   1  C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
   1  C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
   1  C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
   1  C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.08\AsusFanControlService.exe
   1  C:\Program Files (x86)\ASUS\AXSP\4.02.15\atkexComSvc.exe
   1  C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
   1  C:\Program Files (x86)\LightingService\LightingService.exe
   2  C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe
   1  C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.7\Lightshot.exe
   1  C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe
   1  C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe
   1  C:\Program Files\AMD\CNext\CNext\amdow.exe
   1  C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
   1  C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
   1  C:\Program Files\AMD\CNext\CNext\cncmd.exe
   1  C:\Program Files\AMD\CNext\CNext\CPUMetricsServer.exe
   1  C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
   1  C:\Program Files\AMD\Performance Profile Client\AUEPDU.exe
   1  C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
   1  C:\Program Files\ASUS\AacExtCard\extensionCardHal_x86.exe
   1  C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe
   1  C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe
   1  C:\Program Files\ASUS\ASUS_Aac_DRAM\Aac3572DramHal_x86.exe
   1  C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x64.exe
   1  C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x86.exe
   1  C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
   1  C:\Program Files\Riot Vanguard\vgtray.exe
   1  C:\Program Files\WindowsApps\Microsoft.GamingServices_10.75.13001.0_x64__8wekyb3d8bbwe\gamingservices.exe
   1  C:\Program Files\WindowsApps\Microsoft.GamingServices_10.75.13001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
   1  C:\Users\isikm\AppData\Local\Programs\Opera GX\97.0.4719.61\opera_crashreporter.exe
  30  C:\Users\isikm\AppData\Local\Programs\Opera GX\opera.exe
   1  C:\Users\isikm\OneDrive\Masaüstü\HiJackThis.exe
   1  C:\Users\isikm\OneDrive\Masaüstü\Uygulamalar\TaskbarX_1.7.8.0_x64\TaskbarX.exe
   2  C:\Windows\explorer.exe
   1  C:\Windows\System32\AMD\ANR\AMDNoiseSuppression.exe
   1  C:\Windows\System32\amdfendrsr.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   1  C:\Windows\System32\AsusUpdateCheck.exe
   1  C:\Windows\System32\audiodg.exe
   1  C:\Windows\System32\cmd.exe
   1  C:\Windows\System32\CompPkgSrv.exe
   2  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dllhost.exe
   2  C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_31a20374e0a7b123\RtkAudUService64.exe
   1  C:\Windows\System32\DriverStore\FileRepository\u0390319.inf_amd64_32d8157dec983dab\B389920\atieclxx.exe
   1  C:\Windows\System32\DriverStore\FileRepository\u0390319.inf_amd64_32d8157dec983dab\B389920\atiesrxx.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\oobe\UserOOBEBroker.exe
   4  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchFilterHost.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SearchProtocolHost.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  72  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\SystemSettingsBroker.exe
   1  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\wbem\unsecapp.exe
   1  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe

O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_361\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_361\bin\ssv.dll
O4 - HKCU\..\Run: [AMDNoiseSuppression] = C:\WINDOWS\system32\AMD\ANR\AMDNoiseSuppression.exe
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\isikm\AppData\Local\Discord\Update.exe --processStart Discord.exe (2023/02/27)
O4 - HKCU\..\StartupApproved\Run: [EADM] = C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe -silent (2023/04/04)
O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent (2023/03/01)
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_1C07AB1A8A0E7C92F0E94660226671CF] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start /prefetch:5 (2023/02/27)
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\isikm\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2023/02/27)
O4 - HKCU\..\StartupApproved\Run: [Opera GX Browser Assistant] = C:\Users\isikm\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe (2023/03/01)
O4 - HKCU\..\StartupApproved\Run: [Opera GX Stable] = C:\Users\isikm\AppData\Local\Programs\Opera GX\launcher.exe (2023/02/27)
O4 - HKCU\..\StartupApproved\Run: [Opera Stable] = C:\Users\isikm\AppData\Local\Programs\Opera\launcher.exe (2023/03/30)
O4 - HKCU\..\StartupApproved\Run: [PreMiD] = C:\Users\isikm\AppData\Roaming\PreMiD\PreMiD.exe --hidden (file missing) (2023/04/01)
O4 - HKCU\..\StartupApproved\Run: [Spotify] = C:\Users\isikm\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized (2023/04/05)
O4 - HKCU\..\StartupApproved\Run: [Steam] = c:\program files (x86)\steam\steam.exe -silent (2023/02/27)
O4 - HKCU\..\StartupApproved\Run: [utweb] = C:\Users\isikm\AppData\Roaming\uTorrent Web\utweb.exe /MINIMIZED (2023/04/11)
O4 - HKLM\..\Run: [Riot Vanguard] = C:\Program Files\Riot Vanguard\vgtray.exe
O4 - HKLM\..\Run: [RtkAudUService] = C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_31a20374e0a7b123\RtkAudUService64.exe -background
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2023/04/01)
O4 - Startup: C:\Users\isikm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RadeonSoftware.exe.lnk    ->    C:\Program Files (x86)\AMD\CNext\CNext\RadeonSoftware.exe
O4-32 - HKLM\..\Run: [Lightshot] = C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
O7 - Policy: HKLM\Software\Microsoft\Windows Defender: [DisableAntiSpyware] = 1
O7 - Policy: HKLM\Software\Microsoft\Windows Defender: [DisableAntiVirus] = 1
O7 - Policy: HKLM\Software\Microsoft\Windows Defender\Features: [TamperProtection] = 4
O7 - Policy: HKLM\Software\Microsoft\Windows Defender\Real-Time Protection: [DisableRealtimeMonitoring] = 1
O7 - Policy: HKLM\Software\Policies\Microsoft\Windows Defender: [DisableAntiSpyware] = 1
O7 - Policy: HKLM\Software\Policies\Microsoft\Windows Defender: [DisableAntiVirus] = 1
O17 - DHCP DNS 1: 192.168.1.1
O22 - Task (.job): (Not scheduled) update-S-1-5-21-2863085062-2754702272-3108706290-1001.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
O22 - Task (.job): (Not scheduled) update-sys.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
O22 - Tasks: (damaged) OneDrive Standalone Update Task-S-1-5-21-2863085062-2754702272-3108706290-1004 - C:\Users\isikm\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Microsoft) (user missing)
O22 - Tasks: (disabled) \Agent Activation Runtime\S-1-5-21-2863085062-2754702272-3108706290-1001 - C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe
O22 - Tasks: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\WINDOWS\system32\fclip.exe (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Tasks: \ASUS\AcPowerNotification - C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
O22 - Tasks: \ASUS\ArmourySocketServer - C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
O22 - Tasks: \ASUS\ASUSUpdateTaskMachineCore1d964a1db6ace4e - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe /c
O22 - Tasks: \ASUS\ASUSUpdateTaskMachineUA - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe /ua /installsource scheduler
O22 - Tasks: \ASUS\Framework Service - C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe
O22 - Tasks: \ASUS\P508PowerAgent_sdk - C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (file missing)
O22 - Tasks: AMDAutoUpdate - C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe
O22 - Tasks: AMDInstallLauncher - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe /InstallAUEP
O22 - Tasks: AMDLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -AMDLinkUpdate
O22 - Tasks: AMDRyzenMasterSDKTask - C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe
O22 - Tasks: ModifyLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -UpdateCurrentUser
O22 - Tasks: MSIAfterburner - C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe /s
O22 - Tasks: OneDrive Reporting Task-S-1-5-21-2863085062-2754702272-3108706290-1001 - C:\Users\isikm\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting
O22 - Tasks: OneDrive Reporting Task-S-1-5-21-2863085062-2754702272-3108706290-1004 - C:\Users\isikm\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting
O22 - Tasks: Opera GX scheduled assistant Autoupdate 1677589127 - C:\Users\isikm\AppData\Local\Programs\Opera GX\launcher.exe --scheduledautoupdate --component-name=assistant --component-path="C:\Users\isikm\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
O22 - Tasks: Opera GX scheduled Autoupdate 1677483686 - C:\Users\isikm\AppData\Local\Programs\Opera GX\launcher.exe --scheduledautoupdate $(Arg0)
O22 - Tasks: Opera scheduled Autoupdate 1680109492 - C:\Users\isikm\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0)
O22 - Tasks: StartAUEP - C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
O22 - Tasks: StartCN - C:\Program Files\AMD\CNext\CNext\cncmd.exe startwithdelay
O22 - Tasks: StartDVR - C:\Program Files\AMD\CNext\CNext\RSServCmd.exe
O22 - Tasks: TaskbarX DESKTOP-63ONJBOisikm - C:\Users\isikm\OneDrive\Masaüstü\Uygulamalar\TaskbarX_1.7.8.0_x64\TaskbarX.exe -tbs=2 -color=0;0;0;50 -tpop=100 -tsop=100 -as=cubiceaseinout -obas=cubiceaseinout -tbr=0 -asp=300 -ptbo=0 -stbo=0 -lr=400 -oblr=400 -sr=0 -sr2=0 -sr3=0 -ftotc=1 -rzbt=1
O22 - Tasks: update-S-1-5-21-2863085062-2754702272-3108706290-1001 - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
O22 - Tasks: update-sys - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
O23 - Service R2: AMD Crash Defender Service - C:\WINDOWS\System32\amdfendrsr.exe
O23 - Service R2: AMD External Events Utility - C:\WINDOWS\System32\DriverStore\FileRepository\u0390319.inf_amd64_32d8157dec983dab\B389920\atiesrxx.exe
O23 - Service R2: AMD User Experience Program Data Uploader - (AUEPLauncher) - C:\Program Files\AMD\Performance Profile Client\AUEPDU.exe
O23 - Service R2: ARMOURY CRATE Service - (ArmouryCrateService) - C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe
O23 - Service R2: ASUS AURA SYNC lighting service - (LightingService) - C:\Program Files (x86)\LightingService\LightingService.exe
O23 - Service R2: ASUS Com Service - (asComSvc) - C:\Program Files (x86)\ASUS\AXSP\4.02.15\atkexComSvc.exe
O23 - Service R2: AsusCertService - C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
O23 - Service R2: AsusFanControlService - C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.08\AsusFanControlService.exe
O23 - Service R2: AsusUpdateCheck - C:\WINDOWS\System32\AsusUpdateCheck.exe
O23 - Service R2: GameInput Service - C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe
O23 - Service R2: GameSDK Service - C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
O23 - Service R2: Gaming Services - (GamingServices) - C:\Program Files\WindowsApps\Microsoft.GamingServices_10.75.13001.0_x64__8wekyb3d8bbwe\GamingServices.exe
O23 - Service R2: Gaming Services - (GamingServicesNet) - C:\Program Files\WindowsApps\Microsoft.GamingServices_10.75.13001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_31a20374e0a7b123\RtkAudUService64.exe
O23 - Service R2: ROG Live Service - C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
O23 - Service R2: Wallpaper Engine Service - C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe
O23 - Service S2: ASUS Güncelleme Hizmeti (asus) - (asus) - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe /svc
O23 - Service S2: AsusROGLSLService Download ROGLSLoader - (AsusROGLSLService) - C:\Program Files (x86)\ASUS\AsusROGLSLService\AsusROGLSLService.exe -runservice
O23 - Service S3: ASUS Güncelleme Hizmeti (asusm) - (asusm) - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe /medsvc
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService
O23 - Service S3: Uncheater for BattleGrounds_GL - (ucldr_battlegrounds_gl) - C:\Program Files\Common Files\Wellbia.com\ucldr_battlegrounds_gl.exe
O23 - Service S3: vgc - C:\Program Files\Riot Vanguard\vgc.exe
O26 - Debugger: HKLM\..\mpcmdrun.exe: [Debugger] = C:\WINDOWS\System32\systray.exe (Microsoft)


--
End of file - Time spent: 2,8 sec. - 33290 bytes, CRC32: FFFFFFFF. Sign: 툨漑

Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.18

Platform: x64 Windows 10 (Pro), 10.0.19045.2846 (ReleaseId: 2009, 22H2), Service Pack: 0
Time: 13.04.2023 - 08:31 (UTC+03:00)
Language: OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated: Yes.
Ran by: Administrator (group: Administrators) on WHOSHOTYA, FirstRun: yes.

Chrome: 112.0.5615.87
Internet Explorer: 11.0.19041.1566
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal.

Running processes:
Number | Path.
 1 C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(LenovoGamingSystemAddin).exe
 1 C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(LenovoServiceBridgeAddin).exe
 1 C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(VantageCoreAddin).exe
 1 C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe
 2 C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe
 1 C:\Program Files\LGHUB\lghub_updater.exe
 1 C:\Program Files\WindowsApps\Microsoft.GamingServices_10.75.13001.0_x64__8wekyb3d8bbwe\gamingservices.exe
 1 C:\Program Files\WindowsApps\Microsoft.GamingServices_10.75.13001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
 1 C:\ProgramData\Dolby\DAX3\RADARHOST\DSRHost.exe
 1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MsMpEng.exe
 1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\NisSrv.exe
 1 C:\Users\Administrator\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
 1 C:\Users\Administrator\Downloads\HiJackThis (1).exe
 1 C:\Windows\explorer.exe
 2 C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
 2 C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
 1 C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
 1 C:\Windows\RtkBtManServ.exe
 1 C:\Windows\System32\amdfendrsr.exe
 1 C:\Windows\System32\cmd.exe
 1 C:\Windows\System32\CompPkgSrv.exe
 1 C:\Windows\System32\conhost.exe
 2 C:\Windows\System32\csrss.exe
 2 C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_8183b45ddd94e6f9\DAX3API.exe
 2 C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_f82b8b1a0b601f77\RtkAudUService64.exe
 1 C:\Windows\System32\DriverStore\FileRepository\u0390319.inf_amd64_32d8157dec983dab\B389920\atieclxx.exe
 1 C:\Windows\System32\DriverStore\FileRepository\u0390319.inf_amd64_32d8157dec983dab\B389920\atiesrxx.exe
 1 C:\Windows\System32\dwm.exe
 2 C:\Windows\System32\fontdrvhost.exe
 1 C:\Windows\System32\Locator.exe
 1 C:\Windows\System32\lsass.exe
 3 C:\Windows\System32\RuntimeBroker.exe
 1 C:\Windows\System32\SearchIndexer.exe
 1 C:\Windows\System32\SecurityHealthService.exe
 1 C:\Windows\System32\SecurityHealthSystray.exe
 1 C:\Windows\System32\services.exe
 1 C:\Windows\System32\SgrmBroker.exe
 1 C:\Windows\System32\sihost.exe
 1 C:\Windows\System32\smartscreen.exe
 1 C:\Windows\System32\smss.exe
 1 C:\Windows\System32\sppsvc.exe
 73 C:\Windows\System32\svchost.exe
 2 C:\Windows\System32\taskhostw.exe
 1 C:\Windows\System32\wbem\unsecapp.exe
 1 C:\Windows\System32\wbem\WmiApSrv.exe
 3 C:\Windows\System32\wbem\WmiPrvSE.exe
 1 C:\Windows\System32\wininit.exe
 1 C:\Windows\System32\winlogon.exe
 2 C:\Windows\System32\WUDFHost.exe
 1 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
 1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
 1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
 1 D:\CNext\CNext\cncmd.exe
 1 D:\CNext\CNext\RadeonSoftware.exe

O4 - HKCU\..\Run: [AMDNoiseSuppression] = C:\Windows\system32\AMD\ANR\AMDNoiseSuppression.exe
O4 - HKCU\..\Run: [LenovoVantage] = C:\ProgramData\Lenovo\Vantage\Addins\LenovoCompanionAppAddin\1.0.0.20\LenovoVantage.exe
O4 - HKCU\..\StartupApproved\Run: [FACEIT] = C:\Users\Administrator\AppData\Local\FACEIT\update.exe --processStart "FACEIT.exe" (2023/03/21)
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_98769996E24836F99EC8617644423B4C] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start /prefetch:5 (2023/01/06)
O4 - HKLM\..\Run: [RtkAudUService] = C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_f82b8b1a0b601f77\RtkAudUService64.exe -background
O4 - HKLM\..\StartupApproved\Run: [Lenovo Fundamental USB Keyboard] = C:\Program Files (x86)\Lenovo\Lenovo Calliope USB Keyboard\SklFundKb.exe (2023/01/06)
O4 - HKLM\..\StartupApproved\Run: [Riot Vanguard] = C:\Program Files\Riot Vanguard\vgtray.exe (2023/02/13)
O17 - DHCP DNS 1: 1.1.1.1 (Well-known DNS: Cloudflare / APNIC)
O17 - DHCP DNS 2: 1.0.0.1 (Well-known DNS: Cloudflare / APNIC)
O17 - HKLM\System\CCS\Services\Tcpip\..\{5933b0ad-7707-404e-88ae-989344f28a9d}: [NameServer] = 1.0.0.1 (Well-known DNS: Cloudflare / APNIC)
O17 - HKLM\System\CCS\Services\Tcpip\..\{5933b0ad-7707-404e-88ae-989344f28a9d}: [NameServer] = 1.1.1.1 (Well-known DNS: Cloudflare / APNIC)
O22 - Task: (damaged) C:\Windows\System32\Tasks\Lenovo\DockManager (empty)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\BatteryGauge (empty)
O22 - Task: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\Windows\system32\fclip.exe (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\Windows\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (telemetry) \Lenovo\Vantage\Schedule\DailyTelemetryTransmission - C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe DailyTelemetryTransmission
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: \Lenovo\ImController\Lenovo iM Controller Monitor - C:\Windows\system32\ImController.InfInstaller.exe -checkremoval
O22 - Task: \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance - C:\Windows\system32\sc.exe START ImControllerService.
O22 - Task: \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask - C:\Windows\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
O22 - Task: \Lenovo\ImController\TimeBasedEvents\1ee97a04-4c9a-4cc9-b9d0-828b34bb705e - C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 1ee97a04-4c9a-4cc9-b9d0-828b34bb705e
O22 - Task: \Lenovo\ImController\TimeBasedEvents\3759c7ac-5e32-4038-bb06-8e9163f12eba - C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 3759c7ac-5e32-4038-bb06-8e9163f12eba
O22 - Task: \Lenovo\ImController\TimeBasedEvents\9d0d9567-9536-446a-92d4-94f737784153 - C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 9d0d9567-9536-446a-92d4-94f737784153
O22 - Task: \Lenovo\ImController\TimeBasedEvents\d8c6eb83-1cb6-495b-9ca2-feda42970dd1 - C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger d8c6eb83-1cb6-495b-9ca2-feda42970dd1
O22 - Task: \Lenovo\Lenovo MigrationAssistant start event task - C:\Program Files\Lenovo\Lenovo Migration Assistant\Lenovo Migration Assistant Srv.exe
O22 - Task: \Lenovo\Lenovo Service Bridge\S-1-5-21-2300878154-2912566524-3239477617-500 - C:\Users\Administrator\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe
O22 - Task: \Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance - C:\Windows\system32\sc.exe start LenovoVantageService.
O22 - Task: \Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask - C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe BatteryGaugeAddinDailyScheduleTask
O22 - Task: \Lenovo\Vantage\Schedule\GenericMessagingAddin - C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe GenericMessagingAddin
O22 - Task: \Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask - C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe HeartbeatAddinDailyScheduleTask
O22 - Task: \Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport - C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe Lenovo.Vantage.SmartPerformance.MonthlyReport
O22 - Task: \Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask - C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe LenovoCompanionAppAddinDailyScheduleTask
O22 - Task: \Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask - C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe LenovoSystemUpdateAddin_WeeklyTask
O22 - Task: \TVT\TVSUUpdateTask - C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe /CM -search R -action INSTALL -includerebootpackages 1,3,4,5 -noicon -noreboot -nolicense -defaultupdate -schtask
O22 - Task: \TVT\TVSUUpdateTask_UserLogOn - C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe PendingTask.
O22 - Task: AMDAutoUpdate - C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe
O22 - Task: AMDInstallLauncher - D:\CIM\Bin64\InstallManagerApp.exe /InstallAUEP
O22 - Task: AMDLinkUpdate - D:\CIM\Bin64\InstallManagerApp.exe -AMDLinkUpdate
O22 - Task: GoogleUpdateTaskMachineCore{9D3135C6-51C7-4589-A688-B2CA006D0DA1} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: GoogleUpdateTaskMachineUA{7EC9729A-0126-49F1-8280-D413E0DF5561} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler.
O22 - Task: ModifyLinkUpdate - D:\CIM\Bin64\InstallManagerApp.exe -UpdateCurrentUser
O22 - Task: OneDrive Reporting Task-S-1-5-21-1002688861-594337261-4110298506-500 - C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting
O22 - Task: OneDrive Reporting Task-S-1-5-21-2300878154-2912566524-3239477617-500 - C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting
O22 - Task: OneDrive Reporting Task-S-1-5-21-3163605768-2895624184-2914059402-500 - C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting
O22 - Task: StartAUEP - C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe (file missing)
O22 - Task: StartCN - D:\CNext\CNext\cncmd.exe startwithdelay.
O22 - Task: StartCNBM - D:\AMD\CNext\CNext\cncmd.exe benchmark.
O22 - Task: StartDVR - D:\CNext\CNext\RSServCmd.exe
O23 - Service R2: "Realtek Bluetooth Device Manager Service" ;RtkServ - (RtkBtManServ) - C:\Windows\RtkBtManServ.exe
O23 - Service R2: AMD Crash Defender Service - C:\Windows\System32\amdfendrsr.exe
O23 - Service R2: AMD External Events Utility - C:\Windows\System32\DriverStore\FileRepository\u0390319.inf_amd64_32d8157dec983dab\B389920\atiesrxx.exe
O23 - Service R2: Dolby DAX API Service - (DolbyDAXAPI) - C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_8183b45ddd94e6f9\DAX3API.exe
O23 - Service R2: GameInput Service - C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe
O23 - Service R2: Gaming Services - (GamingServices) - C:\Program Files\WindowsApps\Microsoft.GamingServices_10.75.13001.0_x64__8wekyb3d8bbwe\GamingServices.exe
O23 - Service R2: Gaming Services - (GamingServicesNet) - C:\Program Files\WindowsApps\Microsoft.GamingServices_10.75.13001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
O23 - Service R2: LenovoVantageService - C:\Program Files (x86)\Lenovo\VantageService\\3.13.43.0\LenovoVantageService.exe
O23 - Service R2: LGHUB Updater Service - (LGHUBUpdaterService) - C:\Program Files\LGHUB\lghub_updater.exe --run-as-service
O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_f82b8b1a0b601f77\RtkAudUService64.exe
O23 - Service R2: System Interface Foundation Service - (ImControllerService) - C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Easy Anti-Cheat (Epic Online Services) - (EasyAntiCheat_EOS) - C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe
O23 - Service S3: FACEITService - C:\Program Files\FACEIT AC\faceitservice.exe (file missing)
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\112.0.5615.87\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService
O23 - Service S3: System Update - (SUService) - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service S3: vgc - C:\Program Files\Riot Vanguard\vgc.exe
O23 - Service S3: Yazıcı Uzantıları ve Bildirimleri - (PrintNotify) - C:\Windows\system32\svchost.exe -k print; "ServiceDll" = C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll

--
End of file - Time spent: 7,3 sec. - 29154 bytes, CRC32: FFFFFFFF. Sign: ﮹

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 14:57:06, on 16.04.2023
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.22621.0001)


Boot mode: Normal

Running processes:
C:\Users\an_fb\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Users\an_fb\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe
C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.7\Lightshot.exe
C:\Users\an_fb\OneDrive\Masaüstü\HijackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=625119&clocalename=tr-TR
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\112.0.1722.48\BHO\ie_to_edge_bho.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [ADSKAppManager] "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [Lightshot] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
O4 - HKCU\..\Run: [MicrosoftEdgeAutoLaunch_3BDB52192CBC2FB9CB2A1816E000CDD5] "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
O4 - HKCU\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Opera Browser Assistant] C:\Users\an_fb\AppData\Local\Programs\Opera\assistant\browser_assistant.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [BingSvc] C:\Users\an_fb\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [BingWallpaperApp] C:\Users\an_fb\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'Local Service')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: FxSound.lnk = C:\Program Files\FxSound LLC\FxSound\FxSound.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlansp_c.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{48a101ee-9520-4165-98a7-ad5da6cd8886}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Autodesk Application Manager Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
O23 - Service: Autodesk Desktop Licensing Service (AdskLicensingService) - Autodesk - C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Unknown owner - C:\Windows\System32\drivers\AdminService.exe (file missing)
O23 - Service: Autodesk Access Service Host - Autodesk, Inc. - C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessServiceHost.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: AVG Antivirus - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Antivirus\AVGSvc.exe
O23 - Service: AVG Tools - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Antivirus\avgToolsSvc.exe
O23 - Service: avgbIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Antivirus\aswidsagent.exe
O23 - Service: AvgWscReporter - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Antivirus\wsc_proxy.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\Windows\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_355c9be - Unknown owner - C:\Windows\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @oem12.inf,%FnKeyDisplayName%;dynabook Function Key control service (DSDFunctionKeyCtlService) - Dynabook Inc. - C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_6c2a100d8d6221dc\DSDFunctionKeyCtlService.exe
O23 - Service: @oem12.inf,%DBDisplayName%;DSDTabletControlService (DSDTabletControlService) - Dynabook Inc. - C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_6c2a100d8d6221dc\DSDTabSysSvc.exe
O23 - Service: @oem12.inf,%RMDisplayName%;DSDWirelessLEDCtlService (DSDWirelessLEDCtlService) - Dynabook Inc. - C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_6c2a100d8d6221dc\RMService.exe
O23 - Service: @oem12.inf,%TSSDisplayName%;dynabookSettingService (dynabookSettingService) - Dynabook Inc. - C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_6c2a100d8d6221dc\dynabookSystemService.exe
O23 - Service: EasyAntiCheat - Epic Games, Inc - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Epic Online Services (EpicOnlineServices) - Epic Games, Inc. - C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe
O23 - Service: FlexNet Licensing Service - Flexera - C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
O23 - Service: FlexNet Licensing Service 64 - Flexera - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: GUBootService - Glarysoft Ltd - C:\Program Files (x86)\Common Files\Glarysoft\StartupManager\1.0\GUBootService.exe
O23 - Service: GUPMService - Glarysoft Ltd - C:\Program Files (x86)\Glary Utilities 5\GUPMService.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @oem25.inf,%SocketHECIServiceName%;Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) - Intel(R) Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe
O23 - Service: @oem25.inf,%TPMProvisioningServiceName%;Intel(R) TPM Provisioning Service (Intel(R) TPM Provisioning Service) - Intel(R) Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe
O23 - Service: IObit Uninstaller Service (IObitUnSvr) - IObit - C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot Security Center Integration Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\Windows\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\Sgrm\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\Windows\system32\Sgrm\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTrap) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Yazdırma Biriktiricisi (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10121 (STacSV) - Tempo Semiconductor Inc - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15233 bytes

O4 - HKCU\..\Run: [AMDNoiseSuppression] = C:\WINDOWS\system32\AMD\ANR\AMDNoiseSuppression.exe
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_1C07AB1A8A0E7C92F0E94660226671CF] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start /prefetch:5 (2023/02/27)
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\isikm\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2023/02/27)
O4 - HKCU\..\StartupApproved\Run: [Opera GX Browser Assistant] = C:\Users\isikm\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe (2023/03/01)
O4 - HKCU\..\StartupApproved\Run: [Opera GX Stable] = C:\Users\isikm\AppData\Local\Programs\Opera GX\launcher.exe (2023/02/27)
O4 - HKCU\..\StartupApproved\Run: [Opera Stable] = C:\Users\isikm\AppData\Local\Programs\Opera\launcher.exe (2023/03/30)
O4 - HKCU\..\StartupApproved\Run: [PreMiD] = C:\Users\isikm\AppData\Roaming\PreMiD\PreMiD.exe --hidden (file missing) (2023/04/01)
O4 - HKCU\..\StartupApproved\Run: [utweb] = C:\Users\isikm\AppData\Roaming\uTorrent Web\utweb.exe /MINIMIZED (2023/04/11)
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2023/04/01)
O7 - Policy: HKLM\Software\Microsoft\Windows Defender: [DisableAntiSpyware] = 1
O7 - Policy: HKLM\Software\Microsoft\Windows Defender: [DisableAntiVirus] = 1
O7 - Policy: HKLM\Software\Microsoft\Windows Defender\Features: [TamperProtection] = 4
O7 - Policy: HKLM\Software\Microsoft\Windows Defender\Real-Time Protection: [DisableRealtimeMonitoring] = 1
O7 - Policy: HKLM\Software\Policies\Microsoft\Windows Defender: [DisableAntiSpyware] = 1
O7 - Policy: HKLM\Software\Policies\Microsoft\Windows Defender: [DisableAntiVirus] = 1
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Tasks: \ASUS\AcPowerNotification - C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
O22 - Tasks: \ASUS\ArmourySocketServer - C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
O22 - Tasks: \ASUS\ASUSUpdateTaskMachineCore1d964a1db6ace4e - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe /c
O22 - Tasks: \ASUS\ASUSUpdateTaskMachineUA - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe /ua /installsource scheduler
O22 - Tasks: \ASUS\Framework Service - C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe
O22 - Tasks: \ASUS\P508PowerAgent_sdk - C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (file missing)
O22 - Tasks: AMDAutoUpdate - C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe
O22 - Tasks: AMDInstallLauncher - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe /InstallAUEP
O22 - Tasks: AMDLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -AMDLinkUpdate
O22 - Tasks: AMDRyzenMasterSDKTask - C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe
O22 - Tasks: ModifyLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -UpdateCurrentUser
O22 - Tasks: MSIAfterburner - C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe /s
O22 - Tasks: OneDrive Reporting Task-S-1-5-21-2863085062-2754702272-3108706290-1001 - C:\Users\isikm\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting
O22 - Tasks: OneDrive Reporting Task-S-1-5-21-2863085062-2754702272-3108706290-1004 - C:\Users\isikm\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting
O22 - Tasks: Opera GX scheduled assistant Autoupdate 1677589127 - C:\Users\isikm\AppData\Local\Programs\Opera GX\launcher.exe --scheduledautoupdate --component-name=assistant --component-path="C:\Users\isikm\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
O22 - Tasks: Opera GX scheduled Autoupdate 1677483686 - C:\Users\isikm\AppData\Local\Programs\Opera GX\launcher.exe --scheduledautoupdate $(Arg0)
O22 - Tasks: Opera scheduled Autoupdate 1680109492 - C:\Users\isikm\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0)
O22 - Tasks: StartAUEP - C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
O22 - Tasks: TaskbarX DESKTOP-63ONJBOisikm - C:\Users\isikm\OneDrive\Masaüstü\Uygulamalar\TaskbarX_1.7.8.0_x64\TaskbarX.exe -tbs=2 -color=0;0;0;50 -tpop=100 -tsop=100 -as=cubiceaseinout -obas=cubiceaseinout -tbr=0 -asp=300 -ptbo=0 -stbo=0 -lr=400 -oblr=400 -sr=0 -sr2=0 -sr3=0 -ftotc=1 -rzbt=1

O4 - HKCU\..\Run: [AMDNoiseSuppression] = C:\Windows\system32\AMD\ANR\AMDNoiseSuppression.exe
O4 - HKCU\..\Run: [LenovoVantage] = C:\ProgramData\Lenovo\Vantage\Addins\LenovoCompanionAppAddin\1.0.0.20\LenovoVantage.exe
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_98769996E24836F99EC8617644423B4C] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start /prefetch:5 (2023/01/06)
O4 - HKLM\..\StartupApproved\Run: [Lenovo Fundamental USB Keyboard] = C:\Program Files (x86)\Lenovo\Lenovo Calliope USB Keyboard\SklFundKb.exe (2023/01/06)
O22 - Task: (damaged) C:\Windows\System32\Tasks\Lenovo\DockManager (empty)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\BatteryGauge (empty)
O22 - Task: (telemetry) \Lenovo\Vantage\Schedule\DailyTelemetryTransmission - C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe DailyTelemetryTransmission
O22 - Task: \Lenovo\ImController\Lenovo iM Controller Monitor - C:\Windows\system32\ImController.InfInstaller.exe -checkremoval
O22 - Task: \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance - C:\Windows\system32\sc.exe START ImControllerService.
O22 - Task: \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask - C:\Windows\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
O22 - Task: \Lenovo\ImController\TimeBasedEvents\1ee97a04-4c9a-4cc9-b9d0-828b34bb705e - C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 1ee97a04-4c9a-4cc9-b9d0-828b34bb705e
O22 - Task: \Lenovo\ImController\TimeBasedEvents\3759c7ac-5e32-4038-bb06-8e9163f12eba - C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 3759c7ac-5e32-4038-bb06-8e9163f12eba
O22 - Task: \Lenovo\ImController\TimeBasedEvents\9d0d9567-9536-446a-92d4-94f737784153 - C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 9d0d9567-9536-446a-92d4-94f737784153
O22 - Task: \Lenovo\ImController\TimeBasedEvents\d8c6eb83-1cb6-495b-9ca2-feda42970dd1 - C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger d8c6eb83-1cb6-495b-9ca2-feda42970dd1
O22 - Task: \Lenovo\Lenovo MigrationAssistant start event task - C:\Program Files\Lenovo\Lenovo Migration Assistant\Lenovo Migration Assistant Srv.exe
O22 - Task: \Lenovo\Lenovo Service Bridge\S-1-5-21-2300878154-2912566524-3239477617-500 - C:\Users\Administrator\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe
O22 - Task: \Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance - C:\Windows\system32\sc.exe start LenovoVantageService.
O22 - Task: \Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask - C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe BatteryGaugeAddinDailyScheduleTask
O22 - Task: \Lenovo\Vantage\Schedule\GenericMessagingAddin - C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe GenericMessagingAddin
O22 - Task: \Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask - C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe HeartbeatAddinDailyScheduleTask
O22 - Task: \Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport - C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe Lenovo.Vantage.SmartPerformance.MonthlyReport
O22 - Task: \Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask - C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe LenovoCompanionAppAddinDailyScheduleTask
O22 - Task: \Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask - C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe LenovoSystemUpdateAddin_WeeklyTask
O22 - Task: \TVT\TVSUUpdateTask - C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe /CM -search R -action INSTALL -includerebootpackages 1,3,4,5 -noicon -noreboot -nolicense -defaultupdate -schtask
O22 - Task: \TVT\TVSUUpdateTask_UserLogOn - C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe PendingTask.
O22 - Task: AMDAutoUpdate - C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe
O22 - Task: AMDInstallLauncher - D:\CIM\Bin64\InstallManagerApp.exe /InstallAUEP
O22 - Task: AMDLinkUpdate - D:\CIM\Bin64\InstallManagerApp.exe -AMDLinkUpdate
O22 - Task: ModifyLinkUpdate - D:\CIM\Bin64\InstallManagerApp.exe -UpdateCurrentUser
O22 - Task: OneDrive Reporting Task-S-1-5-21-1002688861-594337261-4110298506-500 - C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting
O22 - Task: OneDrive Reporting Task-S-1-5-21-2300878154-2912566524-3239477617-500 - C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting
O22 - Task: OneDrive Reporting Task-S-1-5-21-3163605768-2895624184-2914059402-500 - C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting
O22 - Task: StartAUEP - C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe (file missing)
O22 - Task: StartCN - D:\CNext\CNext\cncmd.exe startwithdelay.
O22 - Task: StartCNBM - D:\AMD\CNext\CNext\cncmd.exe benchmark.
O22 - Task: StartDVR - D:\CNext\CNext\RSServCmd.exe

Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.29

Platform:  x64 Windows 10 (Pro), 10.0.19045.2846 (ReleaseId: 2009, 22H2), Service Pack: 0
Time:      19.04.2023 - 23:41 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Memory:    3563 MiB Free (56 %). CPU Loading: (12 %)
Elevated:  Yes
Ran by:    Plasma    (group: Administrators) on DESKTOP-4KRLPS5, FirstRun: no

Chrome:  112.0.5615.137
Internet Explorer: 11.789.19041.0
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\GamePower\Icarus\OemDrv.exe
   1  C:\Program Files (x86)\Google\Update\1.3.36.202\GoogleCrashHandler.exe
   1  C:\Program Files (x86)\Google\Update\1.3.36.202\GoogleCrashHandler64.exe
   1  C:\Program Files (x86)\Internet Download Manager\IDMan.exe
   1  C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
   1  C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
   1  C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
   1  C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
   1  C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
   1  C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.7\Lightshot.exe
  12  C:\Program Files\Google\Chrome\Application\chrome.exe
   2  C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
   1  C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2313.6.0_x64__cv1g1gvanyjgm\WhatsApp.exe
   1  C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.19.10173.0_x64__8wekyb3d8bbwe\WindowsPackageManagerServer.exe
   1  C:\Program Files\WindowsApps\Microsoft.WindowsStore_22301.1401.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe
   1  C:\Program Files\WindowsApps\Microsoft.WindowsStore_22301.1401.15.0_x64__8wekyb3d8bbwe\WinStore.DesktopExtension\StoreDesktopExtension.exe
   1  C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.1.137.0_x64__dt26b99r8h8gj\RtkUWP.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MsMpEng.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\NisSrv.exe
   6  C:\Users\Plasma\AppData\Local\Discord\app-1.0.9012\Discord.exe
   1  C:\Users\Plasma\Downloads\Compressed\HiJackThis\HiJackThis.exe
   3  C:\Windows\explorer.exe
   1  C:\Windows\ImmersiveControlPanel\SystemSettings.exe
   1  C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
   2  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   1  C:\Windows\System32\ASUSACCI\ACCIMonitor.exe
   1  C:\Windows\System32\ASUSACCI\ArmouryCrateControlInterface.exe
   1  C:\Windows\System32\ASUSACCI\ArmouryCrateKeyControl.exe
   1  C:\Windows\System32\audiodg.exe
   1  C:\Windows\System32\CompPkgSrv.exe
   2  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   2  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_bf969a2fcea35523\AsusAppService\AsusAppService.exe
   1  C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_bf969a2fcea35523\ASUSLinkNear\AsusLinkNear.exe
   1  C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_bf969a2fcea35523\ASUSLinkRemote\AsusLinkRemote.exe
   1  C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_bf969a2fcea35523\ASUSOptimization\AsusOptimization.exe
   1  C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_bf969a2fcea35523\ASUSOptimization\AsusOptimizationStartupTask.exe
   1  C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_bf969a2fcea35523\ASUSSoftwareManager\AsusSoftwareManager.exe
   1  C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_bf969a2fcea35523\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe
   1  C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_bf969a2fcea35523\ASUSSwitch\AsusSwitch.exe
   1  C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_bf969a2fcea35523\ASUSSystemAnalysis\AsusSystemAnalysis.exe
   1  C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_bf969a2fcea35523\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
   1  C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_d70b02a5a438df3c\igfxCUIService.exe
   1  C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_d70b02a5a438df3c\igfxEM.exe
   1  C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
   1  C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_82b77f8c4618e2d0\esif_uf.exe
   1  C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_c52b34f1b30918c5\RstMwService.exe
   1  C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_577475639d32bfed\OneApp.IGCC.WinService.exe
   1  C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_2ce3ffa204f4b311\IntelCpHDCPSvc.exe
   1  C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_2ce3ffa204f4b311\IntelCpHeciSvc.exe
   1  C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
   2  C:\Windows\System32\DriverStore\FileRepository\nvamig.inf_amd64_a5ef29d5e04efca5\Display.NvContainer\NVDisplay.Container.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\mqsvc.exe
   1  C:\Windows\System32\oobe\UserOOBEBroker.exe
   2  C:\Windows\System32\RtkAudUService64.exe
   2  C:\Windows\System32\rundll32.exe
   7  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SearchProtocolHost.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SecurityHealthSystray.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  72  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\SystemSettingsBroker.exe
   3  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\Taskmgr.exe
   1  C:\Windows\System32\wbem\unsecapp.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\System32\wlanext.exe
   1  C:\Windows\System32\WUDFHost.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe

O2 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
O2-32 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\Plasma\AppData\Local\Discord\Update.exe --processStart Discord.exe (2023/04/17)
O4 - HKCU\..\StartupApproved\Run: [electron.app.BlueStacks Services] = C:\Users\Plasma\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe --hidden (2023/04/17)
O4 - HKCU\..\StartupApproved\Run: [IDMan] = C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot (2023/04/17)
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_52F84E807AB7005E6F1D9BDDC961323E] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start /prefetch:5 (2023/04/17)
O4 - HKCU\..\StartupApproved\Run: [Spotify] = C:\Users\Plasma\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized (2023/04/17)
O4 - HKCU\..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2023/04/17)
O4-32 - HKLM\..\Run: [Lightshot] = C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
O7 - AutoLogon: HKLM\..\Winlogon: \Plasma (disabled)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\IDM ile indir: (default) = C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O17 - DHCP DNS 1: 192.168.2.1
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O22 - Task (.job): (Not scheduled) update-S-1-5-21-1582595092-2077770016-323660818-1001.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
O22 - Task (.job): (Not scheduled) update-sys.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
O22 - Tasks: (disabled) \Agent Activation Runtime\S-1-5-21-1582595092-2077770016-323660818-1001 - C:\Windows\System32\AgentActivationRuntimeStarter.exe
O22 - Tasks: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\Windows\system32\fclip.exe (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\Windows\system32\usoclient.exe StartWork (Microsoft)
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Tasks: (telemetry) NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Tasks: (telemetry) NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Tasks: (telemetry) NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Tasks: (telemetry) NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Tasks: ASUS Optimization 36D18D69AFC3 - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_bf969a2fcea35523\ASUSOptimization\AsusHotkey.exe -CancelShutdown
O22 - Tasks: ASUS Update Checker 2.0 - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_bf969a2fcea35523\ASUSSoftwareManager\AsusUpdateChecker.exe
O22 - Tasks: BlueStacksHelper_nxt - C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe -sr
O22 - Tasks: GHelperTR - C:\Users\Plasma\Downloads\GHelperTR\GHelperTR.exe (file missing)
O22 - Tasks: GoogleUpdateTaskMachineCore{CD98A5D6-69AC-4097-B70F-93CD2E72B1DB} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Tasks: GoogleUpdateTaskMachineUA{30E108C1-487F-4E6D-9B5C-A4F7E07C2E0D} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Tasks: NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
O22 - Tasks: NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe
O22 - Tasks: NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
O22 - Tasks: NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Tasks: NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Tasks: RtkAudUService64_BG - C:\Windows\System32\RtkAudUService64.exe -background
O22 - Tasks: update-S-1-5-21-1582595092-2077770016-323660818-1001 - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
O22 - Tasks: update-sys - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
O23 - Service R2: Armoury Crate Control Interface - (ArmouryCrateControlInterface) - C:\Windows\System32\ASUSACCI\ArmouryCrateControlInterface.exe
O23 - Service R2: ASUS App Service - (AsusAppService) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_bf969a2fcea35523\AsusAppService\AsusAppService.exe
O23 - Service R2: ASUS Link Near - (ASUSLinkNear) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_bf969a2fcea35523\ASUSLinkNear\AsusLinkNear.exe
O23 - Service R2: ASUS Link Remote - (ASUSLinkRemote) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_bf969a2fcea35523\ASUSLinkRemote\AsusLinkRemote.exe
O23 - Service R2: ASUS Optimization - (ASUSOptimization) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_bf969a2fcea35523\ASUSOptimization\AsusOptimization.exe
O23 - Service R2: ASUS Software Manager - (ASUSSoftwareManager) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_bf969a2fcea35523\ASUSSoftwareManager\AsusSoftwareManager.exe
O23 - Service R2: ASUS Switch - (ASUSSwitch) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_bf969a2fcea35523\ASUSSwitch\AsusSwitch.exe
O23 - Service R2: ASUS System Analysis - (ASUSSystemAnalysis) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_bf969a2fcea35523\ASUSSystemAnalysis\AsusSystemAnalysis.exe
O23 - Service R2: ASUS System Diagnosis - (ASUSSystemDiagnosis) - C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_bf969a2fcea35523\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
O23 - Service R2: Intel(R) Content Protection HDCP Service - (cplspcon) - C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_2ce3ffa204f4b311\IntelCpHDCPSvc.exe
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
O23 - Service R2: Intel(R) Dynamic Tuning service - (esifsvc) - C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_82b77f8c4618e2d0\esif_uf.exe
O23 - Service R2: Intel(R) Graphics Command Center Service - (igccservice) - C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_577475639d32bfed\OneApp.IGCC.WinService.exe
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService2.0.0.0) - C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_d70b02a5a438df3c\igfxCUIService.exe
O23 - Service R2: Intel(R) Management Engine WMI Provider Registration - (WMIRegistrationService) - C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
O23 - Service R2: Intel(R) Storage Middleware Service - (RstMwService) - C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_c52b34f1b30918c5\RstMwService.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Windows\System32\DriverStore\FileRepository\nvamig.inf_amd64_a5ef29d5e04efca5\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvamig.inf_amd64_a5ef29d5e04efca5\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\Windows\System32\RtkAudUService64.exe
O23 - Service R3: Intel(R) Content Protection HECI Service - (cphs) - C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_2ce3ffa204f4b311\IntelCpHeciSvc.exe
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: Intel(R) Audio Service - (IntelAudioService) - C:\Windows\system32\cAVS\IAS\IntelAudioService.exe
O23 - Service S2: Intel(R) TPM Provisioning Service - C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_183917c66152901d\lib\TPMProvisioningService.exe
O23 - Service S2: RefreshRateService - C:\Program Files (x86)\ASUSTeK COMPUTER INC\RefreshRateService\RefreshRateService.exe
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\112.0.5615.137\elevation_service.exe
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_183917c66152901d\lib\SocketHeciServer.exe
O23 - Service S3: NVIDIA FrameView SDK service - (FvSvc) - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe -service
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService


--
End of file - Time spent: 3,2 sec. - 40504 bytes, CRC32: FFFFFFFF. Sign: 胆冤

O1 - Hosts.ICS: 8
O4 - HKCU\..\Run: [GlassWire] = C:\Program Files (x86)\GlassWire\glasswire.exe -hide
O4 - HKCU\..\Run: [OneDrive] = C:\Users\Suat\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (Microsoft)
O4 - HKCU\..\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent
O4 - HKCU\..\RunOnce: [Delete Cached Standalone Update Binary] = C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Suat\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
O4 - HKCU\..\RunOnce: [Delete Cached Update Binary] = C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Suat\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
O4 - HKCU\..\RunOnce: [Uninstall 23.081.0416.0001] = C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Suat\AppData\Local\Microsoft\OneDrive\23.081.0416.0001"
O4 - HKCU\..\StartupApproved\Run: [electron.app.NVIDIA Omniverse Launcher] = C:\Users\Suat\AppData\Local\Programs\omniverse-launcher\NVIDIA Omniverse Launcher.exe "--hidden" (2023/04/09)
O4 - HKCU\..\StartupApproved\Run: [LogiBolt] = C:\Program Files\Logi\LogiBolt\LogiBolt.exe --startup (2022/11/29)
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_42C14D83DAECF683BC5F7B60A5E97238] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start /prefetch:5 (2022/11/29)
O4 - HKCU\..\StartupApproved\Run: [Opera Browser Assistant] = C:\Users\Suat\AppData\Local\Programs\Opera\assistant\browser_assistant.exe (2021/12/04)
O4 - HKCU\..\StartupApproved\Run: [Opera GX Browser Assistant] = C:\Users\Suat\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe (2023/02/12)
O4 - HKCU\..\StartupApproved\Run: [Opera VPN Pro UI] = C:\Program Files (x86)\Opera Norway AS\VPNPro\Opera.VPNPro.UI.exe (2022/11/29)
O4 - HKCU\..\StartupApproved\Run: [SandboxieControl] = C:\Program Files\Sandboxie\SbieCtrl.exe (2022/12/14)
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\Suat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Reallusion Hub.lnk    ->    C:\Program Files (x86)\Common Files\Reallusion\LiveUpdate\Reallusion Hub.exe /STARTUP (2022/04/04)
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
O4 - HKLM\..\StartupApproved\Run: [LogiBolt] = C:\Program Files\Logi\LogiBolt\LogiBolt.exe --startup (2022/11/29)
O4 - Startup: C:\Users\Suat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DeepL auto-start.lnk    ->    C:\Users\Suat\AppData\Roaming\0install.net\desktop-integration\stubs\1eae01f3cdb5ff0ecf683b15a60a1489573c1188cb34abc205fcf7a924b4e54d\auto-start.exe
O4-32 - HKLM\..\Run: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders, Desktop = C:\Users\Suat\Desktop
O10 - Broken Internet access because of LSP provider 'C:\WINDOWS\system32\vsocklib.dll' missing
O22 - Task: AIDA64 AutoStart - C:\Program Files (x86)\FinalWire\AIDA64 Extreme\aida64.exe
O22 - Task: Cloud - C:\Program Files\GIGABYTE\Control Center\GbtCloudMatrix.exe (file missing)
O22 - Task: EOSv3 Scheduler onLogOn - C:\Users\Suat\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe LOGON
O22 - Task: EOSv3 Scheduler onTime - C:\Users\Suat\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe SCHED
O22 - Task: G2MUpdateTask-S-1-5-21-2378374329-1097822078-735590408-1001 - C:\Users\Suat\AppData\Local\GoToMeeting\19950\g2mupdate.exe
O22 - Task: G2MUploadTask-S-1-5-21-2378374329-1097822078-735590408-1001 - C:\Users\Suat\AppData\Local\GoToMeeting\19950\g2mupload.exe
O22 - Task: RLHub_SkipUac_Suat - C:\Program Files (x86)\Common Files\Reallusion\LiveUpdate\Reallusion Hub.exe /elevated (file missing)
O22 - Task: SamsungMagician - C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe /AUTOHIDE
O22 - Task: Tweaking.com - Windows Repair Tray Icon - C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
O23 - Service R2: cFosSpeed System Service - (cFosSpeedS) - C:\Program Files\cFosSpeed\spd.exe -service

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.26

Platform:  x64 Windows 10 (Pro), 10.0.19045.2846 (ReleaseId: 2009), Service Pack: 0
Time:      14.05.2023 - 22:25 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Elevated:  Yes
Ran by:    Tahir    (group: Administrator) on DESKTOP-5QS2RJF, FirstRun: yes

Chrome:  113.0.5672.93
Internet Explorer: 11.0.19041.1566
Default: "C:\Users\Tahir\AppData\Local\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
   2  C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.9\avp.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.9\avpui.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.3\kpm_service.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.9\ksde.exe
   1  C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.9\ksdeui.exe
   1  C:\Program Files (x86)\MSI\MSI NBFoundation Service\MSIAPService.exe
   1  C:\Program Files (x86)\MSI\MSI NBFoundation Service\OmApSvcBroker.exe
   1  C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\MSI_Companion_Service.exe
   1  C:\Program Files (x86)\MSI\One Dragon Center\MSI.CentralServer.exe
   1  C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe
   1  C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe
   1  C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe
   1  C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControlEngine.exe
   1  C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe
   1  C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
   1  C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncherService.exe
   1  C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
   1  C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
   1  C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
   1  C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
   1  C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
   1  C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
   1  C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
   1  C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
   3  C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
   3  C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
   1  C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
   1  C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\dispatcher.exe
   1  C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe
   1  C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\SWVisualize.BoostService.exe
   1  C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe
   1  C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.121.0_x64__kzh8wxbdkxb8p\DCv2\DCv2.exe
   1  C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23032.186.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
   1  C:\Users\Tahir\Desktop\HiJackThis.exe
   1  C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
   1  C:\Windows\SysWOW64\MSIService.exe
   1  C:\Windows\SysWOW64\muachost.exe
   2  C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe
   1  C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxEM.exe
   1  C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
   1  C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_48973fc6c96c696a\RstMwService.exe
   1  C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_c2ac023763d5d3ad\OneApp.IGCC.WinService.exe
   1  C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHDCPSvc.exe
   1  C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHeciSvc.exe
   1  C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
   2  C:\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_4f1add6660ad83a6\Display.NvContainer\NVDisplay.Container.exe
   2  C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a4555e9b35287491\RtkAudUService64.exe
   1  C:\Windows\System32\LsaIso.exe
   1  C:\Windows\System32\NahimicService.exe
   1  C:\Windows\System32\NhNotifSys.exe
   7  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SecurityHealthSystray.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\audiodg.exe
   4  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   2  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\rundll32.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
   1  C:\Windows\System32\sppsvc.exe
  84  C:\Windows\System32\svchost.exe
   2  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\wbem\WMIADAP.exe
   3  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\System32\wlanext.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   1  C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.2905_none_7dd39c4c7cb9dfa0\TiWorker.exe
   1  C:\Windows\explorer.exe
   1  C:\Windows\servicing\TrustedInstaller.exe

R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = https://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = https://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O2 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\113.0.1774.42\BHO\ie_to_edge_bho_64.dll
O2-32 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\113.0.1774.42\BHO\ie_to_edge_bho.dll
O4 - HKCU\..\Run: [Google Update] = C:\Users\Tahir\AppData\Local\Google\Update\1.3.36.212\GoogleUpdateCore.exe
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\Tahir\AppData\Local\Discord\Update.exe --processStart Discord.exe (2022/06/17)
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_5F8EC2612FBB964B0F51D30A44E223AD] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start /prefetch:5 (2022/06/16)
O4 - HKCU\..\StartupApproved\Run: [Overwolf] = C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe -overwolfsilent (2022/02/03)
O4 - HKCU\..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2021/10/01)
O4 - HKCU\..\StartupApproved\Run: [Synapse3] = C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe /StartMinimized (2021/11/14)
O4 - HKCU\..\StartupApproved\Run: [com.squirrel.Teams.Teams] = C:\Users\Tahir\AppData\Local\Microsoft\Teams\Update.exe --processStart "Teams.exe" --process-start-args "--system-initiated" (2023/02/26)
O4 - HKCU\..\StartupApproved\Run: [kpm.exe] = C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.3\kpm.exe autoStart (2023/04/05)
O4 - HKLM\..\Run: [IAStorIcon] = C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [RtkAudUService] = C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a4555e9b35287491\RtkAudUService64.exe -background
O4 - HKLM\..\StartupApproved\Run32: [BCSSync] = C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices (2021/11/14)
O4 - HKLM\..\StartupApproved\Run32: [RazerCortex] = C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe -autorun (2023/03/27)
O4 - HKLM\..\StartupApproved\Run: [SteelSeriesGG] = C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe -dataPath="C:\ProgramData\SteelSeries\GG" -dbEnv=production -auto=true (2021/10/28)
O4 - HKLM\..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2023 Fast Start.lnk    ->    C:\WINDOWS\Installer\{F24FAABB-0C72-4F06-9B55-DB08C884730C}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (2023/02/10)
O4 - HKLM\..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS Background Downloader.lnk    ->    C:\Program Files (x86)\Common Files\SOLIDWORKS Installation Manager\BackgroundDownloading\sldBgDwld.exe /launch_from 0 (2023/02/10)
O4 - HKU\.DEFAULT\..\Run: [GlassWire] = C:\Program Files (x86)\GlassWire\glasswire.exe -hide (file missing)
O4 - HKU\.DEFAULT\..\Run: [Synapse3] = C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe /StartMinimized
O17 - DHCP DNS 1: 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{16573a8d-32d5-4564-8925-2b3561bc2930}: [NameServer] = 198.51.100.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{16573a8d-32d5-4564-8925-2b3561bc2930}: [NameServer] = 198.51.100.2
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O22 - Task (.job): (Not scheduled) SOLIDWORKS Electrical Archiver.job - C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\bin\EwEnvironmentArchiver\ewenvironmentarchiver.exe runwithlastoption
O22 - Task (.job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\WINDOWS\explorer.exe /NoUACCheck
O22 - Task: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\WINDOWS\system32\fclip.exe (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\WINDOWS\System32\Autopilot.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\WINDOWS\System32\Autopilot.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (telemetry) NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\WINDOWS\system32\MusNotification.exe /RunOnAC RebootDialog (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\WINDOWS\system32\MusNotification.exe /RunOnBattery RebootDialog (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (Microsoft)
O22 - Task: GoogleUpdateTaskUserS-1-5-21-338223786-1828003068-1065378978-1001Core - C:\Users\Tahir\AppData\Local\Google\Update\GoogleUpdate.exe /c
O22 - Task: GoogleUpdateTaskUserS-1-5-21-338223786-1828003068-1065378978-1001UA - C:\Users\Tahir\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} - C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe /waitUpgrade
O22 - Task: MSI Task Host - Detect_Monitor - C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe Detect_Monitor
O22 - Task: MSI Task Host - DisplayID - C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe Detect_DisplayID
O22 - Task: MSI Task Host - LEDKeeper2_Host - C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe
O22 - Task: MSISCMTsk - C:\Program Files (x86)\MSI\MSI Remind Manager\MSISCMTsk.exe
O22 - Task: MSISW_Host - C:\Windows\SysWOW64\muachost.exe
O22 - Task: NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe
O22 - Task: NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
O22 - Task: NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
O22 - Task: NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Task: NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Task: OmApSvcBroker - C:\Program Files (x86)\MSI\MSI NBFoundation Service\OmApSvcBroker.exe
O22 - Task: OneDC_Updater - C:\Users\Tahir\Documents\temp\OneDC_Updater\OneDC_Updater.exe OneDragonCenter
O22 - Task: Overwolf Updater Task - C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe /RunningFrom Schedule
O22 - Task: RazerCortexScheduleClean - C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe -schtask-1
O22 - Task: SOLIDWORKS Electrical Archiver - C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\bin\EwEnvironmentArchiver\ewenvironmentarchiver.exe runwithlastoption
O22 - Task: \Microsoft\Windows\AppListBackup\Backup - {E0DCC2CC-3354-45F2-8914-519E07809082} - C:\WINDOWS\system32\AppListBackupLauncher.dll (Microsoft)
O22 - Task: \Microsoft\Windows\Printing\PrinterCleanupTask - {C56F065E-DE49-4E42-BE7C-305C45609D25} - C:\WINDOWS\System32\PrinterCleanupTask.dll (Microsoft)
O22 - Task: \Microsoft\Windows\Shell\ThemesSyncedImageDownload - {79F8E185-4E45-4B74-8182-02AA430661E4} - C:\WINDOWS\System32\Themes.SsfDownload.ScheduledTask.dll (Microsoft)
O22 - Task: \Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMDisplay - C:\Program Files\ruxim\ruximics.exe /nonetwork (Microsoft)
O22 - Task: \Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMSync - C:\Program Files\ruxim\ruximics.exe /onlyloadcampaigns (Microsoft)
O23 - Service R2: CortexLauncherService - C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncherService.exe
O23 - Service R2: FlexNet Licensing Service - C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
O23 - Service R2: FlexNet Licensing Service 64 - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service R2: Intel(R) Content Protection HDCP Service - (cplspcon) - C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHDCPSvc.exe
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
O23 - Service R2: Intel(R) Graphics Command Center Service - (igccservice) - C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_c2ac023763d5d3ad\OneApp.IGCC.WinService.exe
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService2.0.0.0) - C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe
O23 - Service R2: Intel(R) Management and Security Application Local Management Service - (LMS) - C:\WINDOWS\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
O23 - Service R2: Intel(R) Rapid Storage Technology - (IAStorDataMgrSvc) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service R2: Intel(R) Storage Middleware Service - (RstMwService) - C:\WINDOWS\System32\DriverStore\FileRepository\iaahcic.inf_amd64_48973fc6c96c696a\RstMwService.exe
O23 - Service R2: Kaspersky Hizmeti 21.9 - (AVP21.9) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.9\avp.exe -r
O23 - Service R2: Kaspersky Password Manager 10.3 Service - (kpm_service_10.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.3\kpm_service.exe
O23 - Service R2: Kaspersky VPN Secure Connection Hizmeti 5.9 - (KSDE5.9) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.9\ksde.exe -r
O23 - Service R2: LightKeeperService - C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe
O23 - Service R2: MSI Central Service - (MSI_Central_Service) - C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe
O23 - Service R2: MSI Foundation Service - C:\Program Files (x86)\MSI\MSI NBFoundation Service\MSIAPService.exe
O23 - Service R2: MSI Voice Control Service - (MSI_VoiceControl_Service) - C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe
O23 - Service R2: MSI_Companion_Service - C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\MSI_Companion_Service.exe
O23 - Service R2: Micro Star SCM - C:\WINDOWS\SysWOW64\MSIService.exe
O23 - Service R2: Mystic_Light_Service - C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_4f1add6660ad83a6\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_4f1add6660ad83a6\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service R2: Nahimic service - (NahimicService) - C:\WINDOWS\system32\NahimicService.exe
O23 - Service R2: Razer Central Service - (RzActionSvc) - C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
O23 - Service R2: Razer Synapse Service - C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a4555e9b35287491\RtkAudUService64.exe
O23 - Service R2: Remote Solver for Flow Simulation 2020 - (RemoteSolverDispatcher) - C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe "SOFTWARE\SRAC\COSMOS_FloWorks 2023"
O23 - Service R2: SWVisualize2023.BoostService - C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\SWVisualize.BoostService.exe
O23 - Service R2: SWVisualize2023.Queue.Server - C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe
O23 - Service R3: Intel(R) Content Protection HECI Service - (cphs) - C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHeciSvc.exe
O23 - Service R3: Razer Game Manager - (Razer Game Manager Service) - C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
O23 - Service S2: Intel(R) TPM Provisioning Service - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\TPMProvisioningService.exe
O23 - Service S2: KMService - C:\Windows\system32\srvany.exe  (file missing)
O23 - Service S3: DTSInterops - (CoordinatorServiceHost) - C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\SocketHeciServer.exe
O23 - Service S3: Kaspersky Volume Shadow Copy Service Bridge 21.9 - (klvssbridge64_21.9) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.9\x64\vssbridge64.exe
O23 - Service S3: NVIDIA FrameView SDK service - (FvSvc) - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe -service
O23 - Service S3: Overwolf Updater Windows SCM - (OverwolfUpdater) - C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe /RunningFrom SCM
O23 - Service S3: Razer Chroma SDK Server - C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
O23 - Service S3: Razer Chroma SDK Service - C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
O23 - Service S3: Razer Chroma Stream Server - C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe
O23 - Service S3: Razer Game Manager Service 3 - C:\Program Files (x86)\Razer\Razer Services\GMS3\GameManagerService3.exe
O23 - Service S3: SOLIDWORKS Electrical Collaborative Server - (ewserver) - C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\server\EwServer.exe
O23 - Service S3: SolidWorks Flexnet Server - C:\SolidWorks_Flexnet_Server\lmgrd.exe
O23 - Service S3: SolidWorks Licensing Service - C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService
O23 - Service S3: SteelSeries Update Service - (SteelSeriesUpdateService) - C:\Program Files\SteelSeries\GG\SteelSeriesUpdateService.exe
O23 - Service S3: VirtualBox system service - (VBoxSDS) - C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe


--
End of file - Time spent: 7.8 sec. - 51242 bytes, CRC32: FFFFFFFF. Sign: Ἇ�