Logfile of HiJackThis+ (Plus) build 2024-03-24 Alpha v.3.4.0.8
Platform: x64 Windows 11 (Pro), 10.0.22631.3374 (ReleaseId: 2009, 23H2), Service Pack: 0
Time: 07.04.2024 - 19:24 (UTC+03:00)
Language: OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Memory: 27603 MiB Free. Loading RAM (17 %), CPU (1 %)
Elevated: Yes
Ran by: ernes (group: Administrators; type: Microsoft) on YAVINASPC1, FirstRun: yes
Chrome: 123.0.6312.106
Internet Explorer: 11.0.22621.1
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)
Boot mode: Normal (Secure Boot: On) (Code Integrity: On)
Running processes:
Number | Path
1 C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe
1 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe
1 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avpui.exe
6 C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.65\msedgewebview2.exe
1 C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe
1 C:\Program Files (x86)\MSI\MSI Center\Engine\CC_Engine_x64.exe
1 C:\Program Files (x86)\MSI\MSI Center\Game Highlights\MSI_Companion_Service.exe
1 C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe
1 C:\Program Files (x86)\MSI\MSI Center\MSI.TerminalServer.exe
1 C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe
1 C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe
1 C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LightKeeperService.exe
1 C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Mystic_Light_Service.exe
1 C:\Program Files (x86)\MSI\MSI Center\Speed Up\StorageMonitor.exe
1 C:\Program Files (x86)\MSI\MSI Center\Super Charger\MSI_Super_Charger_Service.exe
1 C:\Program Files (x86)\MSI\MSI Center\True Color\New\MSI.True Color.exe
1 C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Engine.exe
1 C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe
1 C:\Program Files\AMD\CNext\CNext\amdow.exe
1 C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
1 C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
1 C:\Program Files\AMD\CNext\CNext\cncmd.exe
1 C:\Program Files\AMD\CNext\CNext\CPUMetricsServer.exe
1 C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
1 C:\Program Files\AMD\Performance Profile Client\AUEPDU.exe
1 C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
1 C:\Program Files\WindowsApps\Microsoft.GamingServices_19.87.13001.0_x64__8wekyb3d8bbwe\gamingservices.exe
1 C:\Program Files\WindowsApps\Microsoft.GamingServices_19.87.13001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.24022.87.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
1 C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.450.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
1 C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.450.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe
1 C:\Users\ernes\Desktop\HiJackThis.exe
1 C:\Windows\explorer.exe
1 C:\Windows\System32\AggregatorHost.exe
1 C:\Windows\System32\amdfendrsr.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\cmd.exe
4 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dllhost.exe
2 C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5349479f7c9fe8a6\RtkAudUService64.exe
1 C:\Windows\System32\DriverStore\FileRepository\u0401413.inf_amd64_997830838cb299a9\B401180\atieclxx.exe
1 C:\Windows\System32\DriverStore\FileRepository\u0401413.inf_amd64_997830838cb299a9\B401180\atiesrxx.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\LsaIso.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\oobe\UserOOBEBroker.exe
3 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
83 C:\Windows\System32\svchost.exe
2 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\vmcompute.exe
1 C:\Windows\System32\vmms.exe
2 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\System32\wlanext.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
2 C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
1 vmmemCmZygote
O1 - Hosts.ICS: 172.29.160.1 yavinaspc1.mshome.net # 2029 4 5 6 16 20 15 936
O4 - ActiveSetup: HKLM\..\{8A69D345-D564-463c-AFF1-A69D9E530F96}: [StubPath] = C:\Program Files\Google\Chrome\Application\123.0.6312.106\Installer\chrmstp.exe --configure-user-settings --verbose-logging --system-level --channel=stable (sign: 'Google LLC')
O4 - HKCU\..\Run: [AMDNoiseSuppression] = C:\WINDOWS\system32\AMD\ANR\AMDNoiseSuppression.exe (sign: 'Advanced Micro Devices Inc.')
O4 - HKCU\..\StartupApproved\Run: [electron.app.BlueStacks Services] = C:\Users\ernes\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe --hidden (2023/10/15) (not signed - now.gg, Inc. - EE51CEB40195984D9227D40A3EA45AAB96E64910)
O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent -launchcontext=boot (2022/04/07) (sign: 'Epic Games Inc.')
O4 - HKCU\..\StartupApproved\Run: [GogGalaxy] = C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe /launchViaAutoStart (2022/10/26) (sign: 'GOG sp. z o.o')
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_8282BAA6D0285A9F061B646F3EC026B0] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start (2022/04/06) (sign: 'Microsoft')
O4 - HKCU\..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2022/04/07) (sign: 'Valve Corp.')
O4 - HKCU\..\StartupApproved\Run: [ut] = C:\Users\ernes\AppData\Roaming\utorrent\uTorrent.exe /MINIMIZED (2023/07/31) (sign: 'BitTorrent Inc')
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\ernes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Peace.lnk -> C:\Program Files\EqualizerAPO\config\Peace.exe (2023/06/11) (sign: 'Petrus Verbeek')
O4 - HKLM\..\Run: [RtkAudUService] = C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5349479f7c9fe8a6\RtkAudUService64.exe -background (sign: 'Realtek Semiconductor Corp.')
O4 - HKU\S-1-5-19\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'Local service') (sign: 'Microsoft')
O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'Local service') (sign: 'Microsoft')
O4 - HKU\S-1-5-20\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'Network service') (sign: 'Microsoft')
O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'Network service') (sign: 'Microsoft')
O5 - Applet: C:\WINDOWS\SysWOW64\PhysX.cpl (sign: 'NVIDIA Corporation')
O17 - DHCP DNS 1: 192.168.1.1
O22 - Task (.job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\Windows\explorer.exe (sign: 'Microsoft')
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (user missing) (sign: 'Microsoft')
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (user missing) (sign: 'Microsoft')
O22 - Tasks: (disabled) \Agent Activation Runtime\S-1-5-21-3668908226-1467175477-1431687317-1001 - C:\Windows\System32\AgentActivationRuntimeStarter.exe (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\WINDOWS\system32\fclip.exe (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\MdmDiagnosticsCleanup - C:\WINDOWS\system32\MdmDiagnosticsTool.exe /clean (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Shell\ThemeAssetTask_SyncFODState - {3BC5DD7D-EA3B-428C-B9B6-0723DB6A1057} - C:\Windows\System32\Windows.UI.Immersive.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\WINDOWS\system32\MusNotification.exe /RunOnAC Reboot (file missing)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\WINDOWS\system32\MusNotification.exe /RunOnBattery Reboot (file missing)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\WaaSMedic\DeferredWork - {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32},DeferralWork - C:\WINDOWS\System32\WaaSMedicSvc.dll (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\WINDOWS\system32\sc.exe start InventorySvc (sign: '')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\SdbinstMergeDbTask - C:\WINDOWS\system32\sdbinst.exe -mm (sign: 'Microsoft')
O22 - Tasks: \GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem125.0.6386.0{AEE18BB8-5FC1-4E99-9348-3D2EEB5EF6C5} - C:\Program Files (x86)\Google\GoogleUpdater\125.0.6386.0\updater.exe --wake --system --enable-logging --vmodule=*/components/winhttp/*=1,*/components/update_client/*=2,*/chrome/updater/*=2 (sign: 'Google LLC')
O22 - Tasks: \HardDiskSentinel\Hard Disk Sentinel_ernes - C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe /AUTORUN (not signed - H.D.S. Hungary - FEE46DACDD5B79F9245148064F72572A5D0E4887)
O22 - Tasks: \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - C:\WINDOWS\System32\MbaeParserTask.exe (file missing)
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (file missing)
O22 - Tasks: AMDInstallLauncher - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe /InstallAUEP (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks: AMDLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -AMDLinkUpdate (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks: AMDRyzenMasterSDKTask - C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks: BlueStacksHelper_nxt - C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe -sr (sign: 'Now.gg, INC')
O22 - Tasks: Cloud - C:\Program Files\GIGABYTE\Control Center\GbtCloudMatrix.exe (file missing)
O22 - Tasks: Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} - C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe /waitUpgrade (sign: 'Kaspersky Lab JSC')
O22 - Tasks: ModifyLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -UpdateCurrentUser (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks: MSI Task Host - LEDKeeper2_Host - C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O22 - Tasks: StartAUEP - C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks: StartCN - C:\Program Files\AMD\CNext\CNext\cncmd.exe startwithdelay (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks: StartCNBM - C:\Program Files\AMD\CNext\CNext\cncmd.exe benchmark (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks: StartDVR - C:\Program Files\AMD\CNext\CNext\RSServCmd.exe (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks_Migrated: (disabled) \Agent Activation Runtime\S-1-5-21-3668908226-1467175477-1431687317-1001 - C:\Windows\System32\AgentActivationRuntimeStarter.exe (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\WINDOWS\system32\fclip.exe (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (sign: 'Microsoft')
O22 - Tasks_Migrated: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (sign: 'Microsoft')
O22 - Tasks_Migrated: \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - C:\WINDOWS\System32\MbaeParserTask.exe (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\SettingSync\BackgroundUploadTask - {59B9640B-3F70-4D1C-B159-F26EEB8A4C87} - (no file)
O22 - Tasks_Migrated: \Microsoft\Windows\SettingSync\NetworkStateChangeTask - {A4173A49-F373-4475-9A0F-2D615204DC20} - (no file)
O22 - Tasks_Migrated: \Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Windows Defender\Windows Defender Cleanup - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe -IdleTask -TaskName WdCleanup (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe Scan -ScheduleJob -ScanTrigger 55 -IdleScheduledJob (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Windows Defender\Windows Defender Verification - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe -IdleTask -TaskName WdVerification (file missing)
O22 - Tasks_Migrated: AMDInstallLauncher - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe /InstallAUEP (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks_Migrated: AMDLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -AMDLinkUpdate (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks_Migrated: AMDRyzenMasterSDKTask - C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks_Migrated: BlueStacksHelper_nxt - C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe -sr (sign: 'Now.gg, INC')
O22 - Tasks_Migrated: GoogleUpdateTaskMachineCore{6CEB26F2-88E0-4365-8487-67674A4A8B78} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c (sign: 'Google LLC')
O22 - Tasks_Migrated: GoogleUpdateTaskMachineUA{98A4CD2E-C1E7-48F7-8426-38400E4DE0EB} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler (sign: 'Google LLC')
O22 - Tasks_Migrated: MicrosoftEdgeShadowStackRollbackTask - C:\Program Files (x86)\Microsoft\Edge\Application\108.0.1462.54\Installer\setup.exe --handle-crash="$(ProcessPath)" (file missing)
O22 - Tasks_Migrated: ModifyLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -UpdateCurrentUser (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks_Migrated: OneDrive Reporting Task-S-1-5-21-3668908226-1467175477-1431687317-1001 - C:\Users\ernes\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (file missing)
O22 - Tasks_Migrated: OneDrive Standalone Update Task-S-1-5-21-3668908226-1467175477-1431687317-1001 - C:\Users\ernes\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (file missing)
O22 - Tasks_Migrated: StartCN - C:\Program Files\AMD\CNext\CNext\cncmd.exe startwithdelay (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks_Migrated: StartDVR - C:\Program Files\AMD\CNext\CNext\RSServCmd.exe (sign: 'Advanced Micro Devices Inc.')
O23 - Service R2: AMD Crash Defender Service - C:\WINDOWS\System32\amdfendrsr.exe (sign: 'Microsoft')
O23 - Service R2: AMD External Events Utility - C:\WINDOWS\System32\DriverStore\FileRepository\u0401413.inf_amd64_997830838cb299a9\B401180\atiesrxx.exe (sign: 'Advanced Micro Devices Inc.')
O23 - Service R2: AMD User Experience Program Data Uploader - (AUEPLauncher) - C:\Program Files\AMD\CIM\..\Performance Profile Client\AUEPDU.exe (sign: 'Advanced Micro Devices Inc.')
O23 - Service R2: Gaming Services - (GamingServices) - C:\Program Files\WindowsApps\Microsoft.GamingServices_19.87.13001.0_x64__8wekyb3d8bbwe\GamingServices.exe (sign: 'Microsoft')
O23 - Service R2: Gaming Services - (GamingServicesNet) - C:\Program Files\WindowsApps\Microsoft.GamingServices_19.87.13001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe (sign: 'Microsoft')
O23 - Service R2: Kaspersky Anti-Virus Hizmeti 21.3 - (AVP21.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe -r (sign: 'Kaspersky Lab JSC')
O23 - Service R2: LightKeeperService - C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LightKeeperService.exe (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O23 - Service R2: MSI Center Service - (MSI_Center_Service) - C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O23 - Service R2: MSI Voice Control Service - (MSI_VoiceControl_Service) - C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O23 - Service R2: MSI_Case_Service - C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O23 - Service R2: MSI_Companion_Service - C:\Program Files (x86)\MSI\MSI Center\Game Highlights\MSI_Companion_Service.exe (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O23 - Service R2: MSI_Super_Charger_Service - C:\Program Files (x86)\MSI\MSI Center\Super Charger\MSI_Super_Charger_Service.exe (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O23 - Service R2: Mystic_Light_Service - C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Mystic_Light_Service.exe (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5349479f7c9fe8a6\RtkAudUService64.exe (sign: 'Realtek Semiconductor Corp.')
O23 - Service S2: Google Güncelleme Hizmeti (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc (sign: 'Google LLC')
O23 - Service S2: GoogleUpdater InternalService 125.0.6386.0 (GoogleUpdaterInternalService125.0.6386.0) - (GoogleUpdaterInternalService125.0.6386.0) - C:\Program Files (x86)\Google\GoogleUpdater\125.0.6386.0\updater.exe --system --windows-service --service=update-internal --enable-logging --vmodule=*/components/winhttp/*=1,*/components/update_client/*=2,*/chrome/updater/*=2 (sign: 'Google LLC')
O23 - Service S2: GoogleUpdater Service 125.0.6386.0 (GoogleUpdaterService125.0.6386.0) - (GoogleUpdaterService125.0.6386.0) - C:\Program Files (x86)\Google\GoogleUpdater\125.0.6386.0\updater.exe --system --windows-service --service=update --enable-logging --vmodule=*/components/winhttp/*=1,*/components/update_client/*=2,*/chrome/updater/*=2 (sign: 'Google LLC')
O23 - Service S3: Easy Anti-Cheat (Epic Online Services) - (EasyAntiCheat_EOS) - C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe (sign: 'EasyAntiCheat Oy')
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe (sign: 'EasyAntiCheat Oy')
O23 - Service S3: Epic Online Services - (EpicOnlineServices) - C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe (sign: 'Epic Games Inc.')
O23 - Service S3: GalaxyClientService - C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe (sign: 'GOG sp. z o.o')
O23 - Service S3: GalaxyCommunication - C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe (sign: 'GOG sp. z o.o')
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe (sign: 'Google LLC')
O23 - Service S3: Google Güncelleme Hizmeti (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc (sign: 'Google LLC')
O23 - Service S3: Kaspersky Volume Shadow Copy Service Bridge 21.3 - (klvssbridge64_21.3) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\vssbridge64.exe (sign: 'Kaspersky Lab JSC')
O23 - Service S3: ProtonVPN Service - C:\Program Files\Proton\VPN\v3.2.10\ProtonVPNService.exe (sign: 'Proton AG')
O23 - Service S3: ProtonVPN WireGuard - C:\Program Files\Proton\VPN\v3.2.4\ProtonVPN.WireGuardService.exe "C:\ProgramData\ProtonVPN\WireGuard\ProtonVPN.conf" (file missing)
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService (sign: 'Valve Corp.')
O23 - Driver R0: AMD PCI Root Bus Lower Filter - (amdkmpfd) - C:\WINDOWS\System32\drivers\amdkmpfd.sys (+safe mode) (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R0: AMD PSP Service - (amdpsp) - C:\WINDOWS\System32\drivers\amdpsp.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R0: AO Kaspersky Lab Cryptographic Module x64 (56 bit) - (cm_km) - C:\WINDOWS\system32\DRIVERS\cm_km.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R0: klupd_klif_arkmon - C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R0: klupd_klif_klbg - C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: CTIIO - C:\WINDOWS\system32\drivers\CtiIo64.sys (sign: 'Microsoft' - Creative Technology Innovation Co., LTd.)
O23 - Driver R1: Kaspersky Anti-Virus NDIS 6 Filter - (klim6) - C:\WINDOWS\system32\DRIVERS\klim6.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab Driver - (KLIF) - C:\WINDOWS\system32\DRIVERS\klif.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab format recognizer driver - (klpd) - C:\WINDOWS\system32\DRIVERS\klpd.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab Kernel DLL - (klflt) - C:\WINDOWS\system32\DRIVERS\klflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab klbackupdisk - (klbackupdisk) - C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab klbackupflt - (klbackupflt) - C:\WINDOWS\system32\DRIVERS\klbackupflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab klpnpflt - (klpnpflt) - C:\WINDOWS\system32\DRIVERS\klpnpflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab Security Extender Driver - (klgse) - C:\WINDOWS\system32\DRIVERS\klgse.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: Kaspersky Lab service driver - (klhk) - C:\WINDOWS\system32\DRIVERS\klhk.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: kldisk - C:\WINDOWS\system32\DRIVERS\kldisk.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: klwfp - C:\WINDOWS\system32\DRIVERS\klwfp.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: KLwtp - WFP callout traffic inspector - (klwtp) - C:\WINDOWS\system32\DRIVERS\klwtp.sys (+safe mode) (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: kneps - C:\WINDOWS\system32\DRIVERS\kneps.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R1: MSIO - C:\Windows\system32\drivers\MsIo64.sys (sign: 'Microsoft' - MICSYS Technology Co., LTd)
O23 - Driver R2: AMDRyzenMasterDriverV20 - C:\Program Files\AMD\RyzenMasterSDK\bin\AMDRyzenMasterDriver.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R2: AMDRyzenMasterDriverV22 - C:\WINDOWS\system32\AMDRyzenMasterDriver.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R2: BlueStacks Hypervisor_nxt - (BlueStacksDrv_nxt) - C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys (sign: 'Microsoft' - Bluestack System Inc.)
O23 - Driver R3: ___ Windows 10 64 Bit için Intel(R) Wireless Bağdaştırıcı Sürücüsü - (Netwtw12) - C:\WINDOWS\System32\DriverStore\FileRepository\netwtw6e.inf_amd64_4d2bf8e0a2f591ce\Netwtw12.sys (+safe mode) (sign: 'Intel Corporation')
O23 - Driver R3: AMD Crash Defender Driver - (amdfendr) - C:\WINDOWS\System32\drivers\amdfendr.sys (sign: 'Microsoft' - Advanced Micro Devices, Inc.)
O23 - Driver R3: AMD Crash Defender Manager Driver - (amdfendrmgr) - C:\WINDOWS\System32\drivers\amdfendrmgr.sys (sign: 'Microsoft' - Advanced Micro Devices, Inc.)
O23 - Driver R3: AMD Function Driver for HD Audio Service - (AtiHDAudioService) - C:\WINDOWS\system32\drivers\AtihdWT6.sys (sign: 'Microsoft' - Advanced Micro Devices)
O23 - Driver R3: AMD GPIO Client Driver - (amdgpio2) - C:\WINDOWS\System32\drivers\amdgpio2.sys (sign: 'Advanced Micro Devices INC.')
O23 - Driver R3: AMD GPIO Client Driver - (amdgpio3) - C:\WINDOWS\System32\drivers\amdgpio3.sys (sign: 'ASMedia Technology Inc.')
O23 - Driver R3: AMD Link Controller Emulation - (AMDXE) - C:\WINDOWS\System32\drivers\amdxe.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R3: AMD PCI - (AMDPCIDev) - C:\WINDOWS\System32\drivers\AMDPCIDev.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R3: AMDSAFD - C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_54807f69fe156f14\amdsafd.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R3: amduw23g - C:\WINDOWS\System32\DriverStore\FileRepository\u0401413.inf_amd64_997830838cb299a9\B401180\amdkmdag.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R3: Intel(R) Wireless Bluetooth(R) - (ibtusb) - C:\WINDOWS\System32\DriverStore\FileRepository\ibtusb.inf_amd64_adbe1aba87fc1ba2\ibtusb.sys (+safe mode) (sign: 'Intel Corporation')
O23 - Driver R3: Kaspersky Lab KLKBDFLT - (klkbdflt) - C:\WINDOWS\system32\DRIVERS\klkbdflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R3: Kaspersky Lab KLMOUFLT - (klmouflt) - C:\WINDOWS\system32\DRIVERS\klmouflt.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R3: klids - C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R3: klupd_klif_klark - C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R3: klupd_klif_mark - C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys (sign: 'Microsoft' - AO Kaspersky Lab)
O23 - Driver R3: NTIOLib_CC_Clock - C:\Program Files (x86)\MSI\MSI Center\Lib\NTIOLib_X64.sys (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O23 - Driver R3: NTIOLib_CC_COMM - C:\Program Files (x86)\MSI\MSI Center\Lib\SYS\NTIOLib_X64.sys (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O23 - Driver R3: NTIOLib_CC_CPU - C:\Program Files (x86)\MSI\MSI Center\Super Charger\NTIOLib_X64.sys (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O23 - Driver R3: NTIOLib_MysticLight - C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Lib\NTIOLib_X64.sys (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O23 - Driver R3: Realtek NetAdapter Driver - (rt25cx21) - C:\WINDOWS\System32\DriverStore\FileRepository\rt25cx21x64.inf_amd64_9b52b3441bf62028\rt25cx21x64.sys (sign: 'Realtek Semiconductor Corp.')
O23 - Driver R3: Service for Realtek HD Audio (WDM) - (IntcAzAudAddService) - C:\WINDOWS\system32\drivers\RTKVHD64.sys (sign: 'Realtek Semiconductor Corp.')
O23 - Driver R3: TAP-ProtonVPN Windows Adapter V9 - (tapprotonvpn) - C:\WINDOWS\System32\drivers\tapprotonvpn.sys (+safe mode) (sign: 'Microsoft' - The OpenVPN Project)
O23 - Driver S1: WinSetupMon - C:\WINDOWS\system32\DRIVERS\WinSetupMon.sys (file missing)
O23 - Driver S3: ___ Intel(R) Wireless Adapter Driver for Windows 10 - 64 Bit - (Netwtw10) - C:\WINDOWS\System32\DriverStore\FileRepository\netwtw6e.inf_amd64_ed6cba5ffa9fc767\Netwtw10.sys (+safe mode) (sign: 'Intel Corporation')
O23 - Driver S3: amdwddmg - C:\WINDOWS\System32\DriverStore\FileRepository\u0395510.inf_amd64_266bc083bb7590df\B395348\amdkmdag.sys (file missing)
O23 - Driver S3: EasyAntiCheat_EOSSys - C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.sys (sign: 'EasyAntiCheat Oy')
O23 - Driver S3: gdrv3 - C:\WINDOWS\system32\drivers\gdrv3.sys (sign: 'GIGA-BYTE TECHNOLOGY CO., LTD.')
O23 - Driver S3: HWiNFO Kernel Driver (v153) - (HWiNFO_153) - C:\Users\ernes\AppData\Local\Temp\HWiNFO64A_153.SYS (file missing)
O23 - Driver S3: Intel(R) Serial IO GPIO Controller Driver - (iaLPSSi_GPIO) - C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys (sign: 'Intel Corporation - Client Components Group')
O23 - Driver S3: ProtonVPNCallout - C:\Program Files\Proton\VPN\v3.2.10\Resources\ProtonVPN.CalloutDriver.sys (+safe mode) (sign: 'Microsoft' - Proton Technologies AG)
O23 - Driver S3: Realtek RT640 NT Driver - (rt640x64) - C:\WINDOWS\System32\drivers\rt640x64.sys (+safe mode) (sign: 'Realtek Semiconductor Corp.')
O23 - Driver S3: WinRing0_1_2_0 - C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\MODAPI.sys (sign: 'Noriyuki MIYAZAKI')
O23 - Driver S3: Wintun - (wintun) - C:\WINDOWS\System32\drivers\wintun.sys (+safe mode) (sign: 'Microsoft' - WireGuard LLC)
O23 - Driver S3: WireGuard - C:\WINDOWS\System32\drivers\wireguard.sys (sign: 'Microsoft' - WireGuard LLC)
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'klim6'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'klwtp'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'Netwtw10'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'Netwtw12'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'ProtonVPN Service'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'ProtonVPNCallout'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'rt640x64'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'tapprotonvpn'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'wintun'
--
End of file - Time spent: 26,8 sec. - 65618 bytes, CRC32: FFFFFFFF. Sign: 褖镘