Hyper Scape BattlEye "PROCMON24.sys" hatası

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.26

Platform:  x64 Windows 10 (Pro), 10.0.18362.959 (ReleaseId: 1903), Service Pack: 0
Time:      22.08.2020 - 21:33 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: English (0x409)
Elevated:  Yes
Ran by:    alibe    (group: Administrator) on DESKTOP-IVGBPOB, FirstRun: no

Chrome:  84.0.4147.135
Edge:    11.0.18362.959
Internet Explorer: 11.959.18362.0
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
   1  C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
   1  C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
   1  C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
   1  C:\Program Files\AMD\CNext\CNext\amdow.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2007.8-0\MsMpEng.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2007.8-0\NisSrv.exe
   1  C:\Users\alibe\AppData\Local\Temp\Rar$EXa2704.49005\HiJackThis.exe
   1  C:\Users\alibe\Desktop\HiJackThis\HiJackThis.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   1  C:\Windows\System32\RtkAudUService64.exe
   4  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SettingSyncHost.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\audiodg.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   2  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  61  C:\Windows\System32\svchost.exe
   2  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   1  C:\Windows\explorer.exe
   1  D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
   4  D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UplayWebCore.exe
   1  D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Hyper Scape\HyperScape_BE.exe
   1  D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\upc.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyServer] = 193.140.151.155:13128 (disabled)
O2 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
O2-32 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = D:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent (2020/07/21)
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\alibe\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2020/07/21)
O4 - HKLM\..\Run: [RtkAudUService] = C:\WINDOWS\System32\RtkAudUService64.exe -background
O4 - HKLM\..\StartupApproved\Run32: [USB Gamepad] = C:\WINDOWS\USB Vibration\7906\USB Gamepad.exe -boot (2020/07/21)
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe (2020/08/05)
O17 - DHCP DNS 1: 1.1.1.1 (Well-known DNS: Cloudflare / APNIC)
O17 - DHCP DNS 2: 1.0.0.1 (Well-known DNS: Cloudflare / APNIC)
O17 - HKLM\System\CCS\Services\Tcpip\..\{606b0941-ee6a-4820-9401-cad32fdb30be}: [NameServer] = 1.0.0.1 (Well-known DNS: Cloudflare / APNIC)
O17 - HKLM\System\CCS\Services\Tcpip\..\{606b0941-ee6a-4820-9401-cad32fdb30be}: [NameServer] = 1.1.1.1 (Well-known DNS: Cloudflare / APNIC)
O18 - HKLM\Software\Classes\Protocols\Handler\wlpg: [CLSID] = {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Pending):  MEGA (Pending) - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} - C:\Users\alibe\AppData\Local\MEGAsync\ShellExtX64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Synced):  MEGA (Synced) - {05B38830-F4E9-4329-978B-1DD28605D202} - C:\Users\alibe\AppData\Local\MEGAsync\ShellExtX64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Syncing):  MEGA (Syncing) - {0596C850-7BDD-4C9D-AFDF-873BE6890637} - C:\Users\alibe\AppData\Local\MEGAsync\ShellExtX64.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Pending):  MEGA (Pending) - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} - C:\Users\alibe\AppData\Local\MEGAsync\ShellExtX32.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Synced):  MEGA (Synced) - {05B38830-F4E9-4329-978B-1DD28605D202} - C:\Users\alibe\AppData\Local\MEGAsync\ShellExtX32.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Syncing):  MEGA (Syncing) - {0596C850-7BDD-4C9D-AFDF-873BE6890637} - C:\Users\alibe\AppData\Local\MEGAsync\ShellExtX32.dll
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\WINDOWS\system32\MusNotification.exe /RunOnAC ReadyToReboot (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\WINDOWS\system32\MusNotification.exe /RunOnBattery ReadyToReboot (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (Microsoft)
O22 - Task: AMDInstallLauncher - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe /InstallAUEP
O22 - Task: AMDLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -AMDLinkUpdate
O22 - Task: Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O22 - Task: Adobe Flash Player PPAPI Notifier - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_414_pepper.exe -check pepperplugin
O22 - Task: Adobe Flash Player Updater - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O22 - Task: BlueStacksHelper - D:\Program Files\BlueStacks\Client\Helper\BlueStacksHelper.exe -sr
O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: ModifyLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -UpdateCurrentUser
O22 - Task: StartCN - C:\Program Files\AMD\CNext\CNext\cncmd.exe startwithdelay
O22 - Task: StartCNBM - C:\Program Files\AMD\CNext\CNext\cncmd.exe benchmark
O22 - Task: StartDVR - C:\Program Files\AMD\CNext\CNext\RSServCmd.exe
O22 - Task: \Microsoft\Windows Live\SOXE\Extractor Definitions Update Task - {3519154C-227E-47F3-9CC9-12C3F05817F1} - (no file)
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.135\elevation_service.exe
O23 - Service S3: Office 64 Source Engine - (ose64) - c:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: Rockstar Game Library Service - (Rockstar Service) - D:\Program Files\Rockstar Games\Launcher\RockstarService.exe
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService


--
End of file - Time spent: 7,2 sec. - 16150 bytes, CRC32: FFFFFFFF. Sign: ݳ

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyServer] = 193.140.151.155:13128 (disabled)
4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = D:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent (2020/07/21)
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\alibe\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2020/07/21)
O4 - HKLM\..\Run: [RtkAudUService] = C:\WINDOWS\System32\RtkAudUService64.exe -background
O4 - HKLM\..\StartupApproved\Run32: [USB Gamepad] = C:\WINDOWS\USB Vibration\7906\USB Gamepad.exe -boot (2020/07/21)
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe (2020/08/05)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\WINDOWS\system32\MusNotification.exe /RunOnAC ReadyToReboot (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\WINDOWS\system32\MusNotification.exe /RunOnBattery ReadyToReboot (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (Microsoft)
O22 - Task: AMDInstallLauncher - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe /InstallAUEP
O22 - Task: AMDLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -AMDLinkUpdate
O22 - Task: Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O22 - Task: Adobe Flash Player PPAPI Notifier - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_414_pepper.exe -check pepperplugin
O22 - Task: Adobe Flash Player Updater - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O22 - Task: BlueStacksHelper - D:\Program Files\BlueStacks\Client\Helper\BlueStacksHelper.exe -sr
O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: ModifyLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -UpdateCurrentUser
O22 - Task: StartCN - C:\Program Files\AMD\CNext\CNext\cncmd.exe startwithdelay
O22 - Task: StartCNBM - C:\Program Files\AMD\CNext\CNext\cncmd.exe benchmark
O22 - Task: StartDVR - C:\Program Files\AMD\CNext\CNext\RSServCmd.exe
O22 - Task: \Microsoft\Windows Live\SOXE\Extractor Definitions Update Task - {3519154C-227E-47F3-9CC9-12C3F05817F1} - (no file)

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.26

Platform:  x64 Windows 10 (Pro), 10.0.18362.959 (ReleaseId: 1903), Service Pack: 0
Time:      23.08.2020 - 16:27 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: English (0x409)
Elevated:  Yes
Ran by:    alibe    (group: Administrator) on DESKTOP-IVGBPOB, FirstRun: no

Chrome:  84.0.4147.135
Edge:    11.0.18362.959
Internet Explorer: 11.959.18362.0
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
   1  C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
   1  C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
   1  C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
   2  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2007.8-0\MpCmdRun.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2007.8-0\MsMpEng.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2007.8-0\NisSrv.exe
   1  C:\Users\alibe\Desktop\HiJackThis\HiJackThis.exe
   1  C:\Windows\HelpPane.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   1  C:\Windows\System32\RtkAudUService64.exe
   5  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SecurityHealthHost.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\audiodg.exe
   1  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
   1  C:\Windows\System32\sppsvc.exe
  62  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   2  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
   1  C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   1  C:\Windows\explorer.exe
   1  D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
   4  D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UplayWebCore.exe
   1  D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Hyper Scape\HyperScape_BE.exe
   1  D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Hyper Scape\Hyperscape.exe
   1  D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\upc.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyServer] = 193.140.151.155:13128 (disabled)
O2 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
O2-32 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = D:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent (2020/07/21)
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\alibe\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2020/07/21)
O4 - HKLM\..\Run: [RtkAudUService] = C:\WINDOWS\System32\RtkAudUService64.exe -background
O4 - HKLM\..\StartupApproved\Run32: [USB Gamepad] = C:\WINDOWS\USB Vibration\7906\USB Gamepad.exe -boot (2020/07/21)
O4 - HKLM\..\StartupApproved\Run: [Riot Vanguard] = C:\Program Files\Riot Vanguard\vgtray.exe (2020/07/22)
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe (2020/08/05)
O17 - DHCP DNS 1: 1.1.1.1 (Well-known DNS: Cloudflare / APNIC)
O17 - DHCP DNS 2: 1.0.0.1 (Well-known DNS: Cloudflare / APNIC)
O17 - HKLM\System\CCS\Services\Tcpip\..\{606b0941-ee6a-4820-9401-cad32fdb30be}: [NameServer] = 1.0.0.1 (Well-known DNS: Cloudflare / APNIC)
O17 - HKLM\System\CCS\Services\Tcpip\..\{606b0941-ee6a-4820-9401-cad32fdb30be}: [NameServer] = 1.1.1.1 (Well-known DNS: Cloudflare / APNIC)
O18 - HKLM\Software\Classes\Protocols\Handler\wlpg: [CLSID] = {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Pending):  MEGA (Pending) - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} - C:\Users\alibe\AppData\Local\MEGAsync\ShellExtX64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Synced):  MEGA (Synced) - {05B38830-F4E9-4329-978B-1DD28605D202} - C:\Users\alibe\AppData\Local\MEGAsync\ShellExtX64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Syncing):  MEGA (Syncing) - {0596C850-7BDD-4C9D-AFDF-873BE6890637} - C:\Users\alibe\AppData\Local\MEGAsync\ShellExtX64.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Pending):  MEGA (Pending) - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} - C:\Users\alibe\AppData\Local\MEGAsync\ShellExtX32.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Synced):  MEGA (Synced) - {05B38830-F4E9-4329-978B-1DD28605D202} - C:\Users\alibe\AppData\Local\MEGAsync\ShellExtX32.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Syncing):  MEGA (Syncing) - {0596C850-7BDD-4C9D-AFDF-873BE6890637} - C:\Users\alibe\AppData\Local\MEGAsync\ShellExtX32.dll
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\WINDOWS\system32\MusNotification.exe /RunOnAC ReadyToReboot (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\WINDOWS\system32\MusNotification.exe /RunOnBattery ReadyToReboot (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (Microsoft)
O22 - Task: AMDInstallLauncher - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe /InstallAUEP
O22 - Task: AMDLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -AMDLinkUpdate
O22 - Task: Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O22 - Task: Adobe Flash Player PPAPI Notifier - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_414_pepper.exe -check pepperplugin
O22 - Task: Adobe Flash Player Updater - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O22 - Task: BlueStacksHelper - D:\Program Files\BlueStacks\Client\Helper\BlueStacksHelper.exe -sr
O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: ModifyLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -UpdateCurrentUser
O22 - Task: StartCN - C:\Program Files\AMD\CNext\CNext\cncmd.exe startwithdelay
O22 - Task: StartCNBM - C:\Program Files\AMD\CNext\CNext\cncmd.exe benchmark
O22 - Task: StartDVR - C:\Program Files\AMD\CNext\CNext\RSServCmd.exe
O22 - Task: \Microsoft\Windows Live\SOXE\Extractor Definitions Update Task - {3519154C-227E-47F3-9CC9-12C3F05817F1} - (no file)
O23 - Service R3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.135\elevation_service.exe
O23 - Service S3: Office 64 Source Engine - (ose64) - c:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: Rockstar Game Library Service - (Rockstar Service) - D:\Program Files\Rockstar Games\Launcher\RockstarService.exe
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService
O23 - Service S3: vgc - C:\Program Files\Riot Vanguard\vgc.exe


--
End of file - Time spent: 7,4 sec. - 17266 bytes, CRC32: FFFFFFFF. Sign: 獨猊

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.26

Platform:  x64 Windows 10 (Pro), 10.0.18362.959 (ReleaseId: 1903), Service Pack: 0
Time:      23.08.2020 - 17:06 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: English (0x409)
Elevated:  Yes
Ran by:    alibe    (group: Administrator) on DESKTOP-IVGBPOB, FirstRun: no

Chrome:  84.0.4147.135
Edge:    11.0.18362.959
Internet Explorer: 11.959.18362.0
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
  15  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
   1  C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
   1  C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2007.8-0\MsMpEng.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2007.8-0\NisSrv.exe
   1  C:\Users\alibe\Desktop\HiJackThis\HiJackThis.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   1  C:\Windows\System32\RtkAudUService64.exe
   5  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SecurityHealthHost.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\audiodg.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   2  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  59  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   1  C:\Windows\explorer.exe

O2 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
O2-32 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O17 - DHCP DNS 1: 1.1.1.1 (Well-known DNS: Cloudflare / APNIC)
O17 - DHCP DNS 2: 1.0.0.1 (Well-known DNS: Cloudflare / APNIC)
O17 - HKLM\System\CCS\Services\Tcpip\..\{606b0941-ee6a-4820-9401-cad32fdb30be}: [NameServer] = 1.0.0.1 (Well-known DNS: Cloudflare / APNIC)
O17 - HKLM\System\CCS\Services\Tcpip\..\{606b0941-ee6a-4820-9401-cad32fdb30be}: [NameServer] = 1.1.1.1 (Well-known DNS: Cloudflare / APNIC)
O18 - HKLM\Software\Classes\Protocols\Handler\wlpg: [CLSID] = {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Pending):  MEGA (Pending) - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} - C:\Users\alibe\AppData\Local\MEGAsync\ShellExtX64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Synced):  MEGA (Synced) - {05B38830-F4E9-4329-978B-1DD28605D202} - C:\Users\alibe\AppData\Local\MEGAsync\ShellExtX64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Syncing):  MEGA (Syncing) - {0596C850-7BDD-4C9D-AFDF-873BE6890637} - C:\Users\alibe\AppData\Local\MEGAsync\ShellExtX64.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Pending):  MEGA (Pending) - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} - C:\Users\alibe\AppData\Local\MEGAsync\ShellExtX32.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Synced):  MEGA (Synced) - {05B38830-F4E9-4329-978B-1DD28605D202} - C:\Users\alibe\AppData\Local\MEGAsync\ShellExtX32.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Syncing):  MEGA (Syncing) - {0596C850-7BDD-4C9D-AFDF-873BE6890637} - C:\Users\alibe\AppData\Local\MEGAsync\ShellExtX32.dll
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.135\elevation_service.exe
O23 - Service S3: Office 64 Source Engine - (ose64) - c:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: Rockstar Game Library Service - (Rockstar Service) - D:\Program Files\Rockstar Games\Launcher\RockstarService.exe
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService
O23 - Service S3: vgc - C:\Program Files\Riot Vanguard\vgc.exe


--
End of file - Time spent: 8,5 sec. - 10314 bytes, CRC32: FFFFFFFF. Sign: 릹릹

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.26

Platform:  x64 Windows 10 (Pro), 10.0.18362.959 (ReleaseId: 1903), Service Pack: 0
Time:      23.08.2020 - 17:06 (UTC+03:00)
Language:  OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: English (0x409)
Elevated:  Yes
Ran by:    alibe    (group: Administrator) on DESKTOP-IVGBPOB, FirstRun: no

Chrome:  84.0.4147.135
Edge:    11.0.18362.959
Internet Explorer: 11.959.18362.0
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
  15  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
   1  C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
   1  C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2007.8-0\MsMpEng.exe
   1  C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2007.8-0\NisSrv.exe
   1  C:\Users\alibe\Desktop\HiJackThis\HiJackThis.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   1  C:\Windows\System32\RtkAudUService64.exe
   5  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SecurityHealthHost.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\audiodg.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   2  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  59  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\wbem\WmiPrvSE.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   1  C:\Windows\explorer.exe

O2 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
O2-32 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O17 - DHCP DNS 1: 1.1.1.1 (Well-known DNS: Cloudflare / APNIC)
O17 - DHCP DNS 2: 1.0.0.1 (Well-known DNS: Cloudflare / APNIC)
O17 - HKLM\System\CCS\Services\Tcpip\..\{606b0941-ee6a-4820-9401-cad32fdb30be}: [NameServer] = 1.0.0.1 (Well-known DNS: Cloudflare / APNIC)
O17 - HKLM\System\CCS\Services\Tcpip\..\{606b0941-ee6a-4820-9401-cad32fdb30be}: [NameServer] = 1.1.1.1 (Well-known DNS: Cloudflare / APNIC)
O18 - HKLM\Software\Classes\Protocols\Handler\wlpg: [CLSID] = {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Pending):  MEGA (Pending) - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} - C:\Users\alibe\AppData\Local\MEGAsync\ShellExtX64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Synced):  MEGA (Synced) - {05B38830-F4E9-4329-978B-1DD28605D202} - C:\Users\alibe\AppData\Local\MEGAsync\ShellExtX64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Syncing):  MEGA (Syncing) - {0596C850-7BDD-4C9D-AFDF-873BE6890637} - C:\Users\alibe\AppData\Local\MEGAsync\ShellExtX64.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Pending):  MEGA (Pending) - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} - C:\Users\alibe\AppData\Local\MEGAsync\ShellExtX32.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Synced):  MEGA (Synced) - {05B38830-F4E9-4329-978B-1DD28605D202} - C:\Users\alibe\AppData\Local\MEGAsync\ShellExtX32.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Syncing):  MEGA (Syncing) - {0596C850-7BDD-4C9D-AFDF-873BE6890637} - C:\Users\alibe\AppData\Local\MEGAsync\ShellExtX32.dll
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.135\elevation_service.exe
O23 - Service S3: Office 64 Source Engine - (ose64) - c:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: Rockstar Game Library Service - (Rockstar Service) - D:\Program Files\Rockstar Games\Launcher\RockstarService.exe
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService
O23 - Service S3: vgc - C:\Program Files\Riot Vanguard\vgc.exe


--
End of file - Time spent: 8,5 sec. - 10314 bytes, CRC32: FFFFFFFF. Sign: 릹릹