Logfile of HiJackThis+ build 2025-01-16 Beta v.3.4.0.17
Platform: x64 Windows 11 (Pro), 10.0.26100.6584 (ReleaseId: 2009, 24H2), Service Pack: 0
Time: 21.09.2025 - 15:32 (UTC+03:00)
Language: OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Memory: 1,22 GiB Free / 16. Loading RAM (92 %), CPU (23 %)
Disk C: 60,67 GiB Free / 465 (SSD, GPT)
Elevated: Yes
Ran by: PC (group: Administrators; type: Local) on RIZA1903, FirstRun: yes
Chrome: 140.0.7339.186
Internet Explorer: 11.0.26100.1882
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)
Boot mode: Normal (Secure Boot: On) (Code Integrity: On)
Running processes:
Number | Path
1 C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe
1 C:\Program Files (x86)\Gigabyte\AppCenter\ApCent.exe
1 C:\Program Files (x86)\Internet Download Manager\IDMan.exe
1 C:\Program Files (x86)\KIOXIA Corporation\SSD Utility\SSDUtility.exe
12 C:\Program Files (x86)\Microsoft\EdgeWebView\Application\140.0.3485.81\msedgewebview2.exe
7 C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
1 C:\Program Files (x86)\Steam\steam.exe
1 C:\Program Files\AMD\Performance Profile Client\AUEPDU.exe
1 C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
1 C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
16 C:\Program Files\Google\Chrome\Application\chrome.exe
1 C:\Program Files\Google\Drive File Stream\114.0.1.0\crashpad_handler.exe
2 C:\Program Files\Google\Drive File Stream\114.0.1.0\GoogleDriveFS.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
1 C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
1 C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
1 C:\Program Files\Microsoft Mouse and Keyboard Center\MKCHelper.exe
5 C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
5 C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\NVIDIA Overlay.exe
1 C:\Program Files\NVIDIA Corporation\NVIDIA app\ShadowPlay\nvsphelper64.exe
1 C:\Program Files\Rainmeter\Rainmeter.exe
1 C:\Program Files\Riot Vanguard\vgtray.exe
1 C:\Program Files\Softdeluxe\Free Download Manager\helperservice.exe
1 C:\Program Files\WindowsApps\28017CharlesMilette.TranslucentTB_2025.1.0.0_x64__v826wp6bftszj\TranslucentTB.exe
1 C:\Program Files\WindowsApps\32669SamG.ModernFlyouts_0.9.8622.0_x64__0dbdf1n3n58kt\ModernFlyouts.exe
1 C:\Program Files\WindowsApps\62269AlexShats.OneGameLauncher_1.9.10.0_x64__gghb1w55myjr2\OneGameLauncher.exe
1 C:\Program Files\WindowsApps\62269AlexShats.OneGameLauncher_1.9.10.0_x64__gghb1w55myjr2\Service\OneGameLauncherService.exe
1 C:\Program Files\WindowsApps\Microsoft.Copilot_1.25092.166.0_x64__8wekyb3d8bbwe\Copilot.exe
1 C:\Program Files\WindowsApps\Microsoft.GamingApp_2509.1001.8.0_x64__8wekyb3d8bbwe\XboxPcApp.exe
1 C:\Program Files\WindowsApps\Microsoft.GamingApp_2509.1001.8.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
1 C:\Program Files\WindowsApps\Microsoft.GamingApp_2509.1001.8.0_x64__8wekyb3d8bbwe\XboxPcTray.exe
1 C:\Program Files\WindowsApps\Microsoft.GamingServices_30.104.29001.0_x64__8wekyb3d8bbwe\gamingservices.exe
1 C:\Program Files\WindowsApps\Microsoft.GamingServices_30.104.29001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
1 C:\Program Files\WindowsApps\Microsoft.WidgetsPlatformRuntime_1.6.14.0_x64__8wekyb3d8bbwe\WidgetService\WidgetService.exe
1 C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_525.24401.50.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
1 C:\Riot Games\VALORANT\Riot Client\RiotClientCrashHandler.exe
1 C:\Riot Games\VALORANT\Riot Client\RiotClientServices.exe
1 C:\Users\PC\AppData\Local\PowerToys\KeyboardManagerEngine\PowerToys.KeyboardManagerEngine.exe
1 C:\Users\PC\AppData\Local\PowerToys\PowerToys.AlwaysOnTop.exe
1 C:\Users\PC\AppData\Local\PowerToys\PowerToys.Awake.exe
1 C:\Users\PC\AppData\Local\PowerToys\PowerToys.exe
1 C:\Users\PC\AppData\Local\PowerToys\PowerToys.FancyZones.exe
1 C:\Users\PC\AppData\Local\PowerToys\PowerToys.PowerLauncher.exe
1 C:\Users\PC\AppData\Local\PowerToys\PowerToys.PowerOCR.exe
1 C:\Users\PC\AppData\Local\PowerToys\WinUI3Apps\PowerToys.Peek.UI.exe
1 C:\Users\PC\Desktop\HiJackThis\HiJackThis.exe
1 C:\Users\Public\AppData\Roaming\Flixmate\flixmate.service.exe
1 C:\Users\Public\AppData\Roaming\Flixmate\update\Flixmate.UpdateService.exe
2 C:\Windows\explorer.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\audiodg.exe
3 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
2 C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_6cdc9372d41a2731\Display.NvContainer\NVDisplay.Container.exe
2 C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_b55ed36a9a78cc75\RtkAudUService64.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\GigabyteUpdateService.exe
1 C:\Windows\System32\LsaIso.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\NgcIso.exe
1 C:\Windows\System32\rundll32.exe
7 C:\Windows\System32\RuntimeBroker.exe
5 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\ShellHost.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
89 C:\Windows\System32\svchost.exe
2 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\vmcompute.exe
1 C:\Windows\System32\wbem\WMIADAP.exe
2 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\CrossDeviceResume.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
6346 C:\Windows\SysWOW64\rundll32.exe
1 C:\Windows\SysWOW64\wallpaperservice32.exe
1 C:\Windows\UUS\amd64\MoUsoCoreWorker.exe
1 E:\Program Files (x86)\Driver Booster\12.6.0\Scheduler.exe
1 E:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
1 E:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
1 E:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
1 E:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
1 E:\SteamLibrary\steamapps\common\wallpaper_engine\wallpaper32.exe
1 vmmemCmZygote
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyOverride] = *.local
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [SuggestionsURL_JSON] = hxxps://suggest.yandex.com.tr/suggest-ff.cgi?srv=ie11&uil=tr&part={searchTerms}&clid=2233630 - Yandex
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8}: [URL] = hxxps://yandex.com.tr/search/?text={searchTerms}&clid=2233630 - Yandex
O1 - Hosts: 127.0.0.1 keystone.mwbsys.com
O1 - Hosts: 127.0.0.1 holocron.mwbsys.com
O2 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (sign: 'Tonec Inc.')
O2-32 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (sign: 'Tonec Inc.')
O4 - ActiveSetup: HKLM\..\{8A69D345-D564-463c-AFF1-A69D9E530F96}: [StubPath] = C:\Program Files\Google\Chrome\Application\140.0.7339.186\Installer\chrmstp.exe --configure-user-settings --verbose-logging --system-level --channel=stable (sign: 'Google LLC')
O4 - HKCU\..\Run: [GoogleDriveFS] = C:\Program Files\Google\Drive File Stream\114.0.1.0\GoogleDriveFS.exe --startup_mode (sign: 'Google LLC')
O4 - HKCU\..\Run: [IDMan] = C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot (not signed - Tonec Inc. - 6807BE1F04175B6C54BB6822829041FEC5CDA9EB)
O4 - HKCU\..\Run: [RiotClient] = C:\Riot Games\VALORANT\Riot Client\RiotClientServices.exe --launch-background-mode (sign: 'Riot Games, Inc.')
O4 - HKCU\..\Run: [schd.dll] = C:\WINDOWS\system32\rundll32.exe C:\Users\PC\AppData\Roaming\10000140110\schd.dll, schd (sign: 'Microsoft')
O4 - HKCU\..\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (sign: 'Valve Corp.')
O4 - HKCU\..\Run: [Visual Subst] = C:\Program Files\Visual Subst\VSubst.exe /startup (sign: 'NTWIND LLC')
O4 - HKCU\..\StartupApproved\Run: [btweb] = "C:\Users\PC\AppData\Roaming\BitTorrent Web\btweb.exe" /MINIMIZED (file missing) (2024/11/22)
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\PC\AppData\Local\Discord\Update.exe --processStart Discord.exe (2022/05/06) (invalid sign - Discord Inc. - BEB3E02DFE8947ABB7F45AE8F7C214F3D8FEA84F)
O4 - HKCU\..\StartupApproved\Run: [EADM] = C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe -silent (2024/09/01) (sign: 'Electronic Arts, Inc.')
O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent -launchcontext=boot (2024/09/10) (sign: 'Epic Games Inc.')
O4 - HKCU\..\StartupApproved\Run: [GogGalaxy] = C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe /launchViaAutoStart (2023/01/12) (sign: 'GOG sp. z o.o')
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_B47356396DDD0FAAE76D0ED141F5CEA2] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --win-session-start (2023/01/12) (sign: 'Microsoft')
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Program Files\Microsoft OneDrive\OneDrive.exe /background (2022/04/24) (sign: 'Microsoft')
O4 - HKCU\..\StartupApproved\Run: [Opera GX Stable] = E:\Opera GX\opera.exe (2022/09/24) (sign: 'Opera Norway AS')
O4 - HKCU\..\StartupApproved\Run: [Zona] = E:\Zona\Zona.exe /MINIMIZED (2024/11/18) (sign: 'OOO "INSTREM"')
O4 - HKLM\..\Run: [Riot Vanguard] = C:\Program Files\Riot Vanguard\vgtray.exe (sign: 'Riot Games, Inc.')
O4 - HKLM\..\Run: [RtkAudUService] = C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_b55ed36a9a78cc75\RtkAudUService64.exe -background (sign: 'Realtek Semiconductor Corp.')
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe (sign: 'Microsoft')
O4 - HKLM\..\StartupApproved\Run: [SteelSeriesGG] = "C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe" -dataPath="C:\ProgramData\SteelSeries\GG" -dbEnv=production -auto=true (file missing) (2025/03/07)
O4 - HKLM\..\StartupApproved\Run: [XboxStat] = C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe silentrun (2025/03/07) (sign: 'Microsoft')
O4 - HKU\S-1-5-18\..\Run: [GoogleDriveFS] = C:\Program Files\Google\Drive File Stream\114.0.1.0\GoogleDriveFS.exe --startup_mode (User 'LocalSystem') (sign: 'Google LLC')
O4 - HKU\S-1-5-19\..\Run: [GoogleDriveFS] = C:\Program Files\Google\Drive File Stream\114.0.1.0\GoogleDriveFS.exe --startup_mode (User 'Local service') (sign: 'Google LLC')
O4 - HKU\S-1-5-19\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'Local service') (sign: 'Microsoft')
O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'Local service') (sign: 'Microsoft')
O4 - HKU\S-1-5-20\..\Run: [GoogleDriveFS] = C:\Program Files\Google\Drive File Stream\114.0.1.0\GoogleDriveFS.exe --startup_mode (User 'Network service') (sign: 'Google LLC')
O4 - HKU\S-1-5-20\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'Network service') (sign: 'Microsoft')
O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'Network service') (sign: 'Microsoft')
O4 - MountPoints2: HKCU\..\{35574ee6-5c26-11ef-bad0-18c04dac20e2}\shell\AutoRun\command: (default) = I:\Autorun.exe (file missing)
O4 - Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe (invalid sign: CERT_E_CHAINING - Rainmeter - 142E3EBC3478DC564D22E3B9F7408716175FFE39)
O4-32 - HKLM\..\RunOnce: [PreRun] = C:\Program Files (x86)\Gigabyte\AppCenter\PreRun.exe (sign: 'GIGA-BYTE TECHNOLOGY CO., LTD.')
O5 - Applet: C:\WINDOWS\System32\AxSWindCx64.cpl (sign: 'Alcohol Soft')
O5 - Applet: C:\WINDOWS\System32\RTSnMg64.cpl (sign: 'Realtek Semiconductor Corp.')
O7 - Policy: (UAC) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System: [EnableLUA] = 0
O7 - Policy: (UAC) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System: [PromptOnSecureDesktop] = 0
O7 - Policy: HKLM\Software\Microsoft\Windows Defender: [DisableAntiSpyware] = 1
O7 - Policy: HKLM\Software\Microsoft\Windows Defender: [DisableAntiVirus] = 1
O7 - Policy: HKLM\Software\Microsoft\Windows Defender\Features: [TamperProtection] = 4
O7 - Policy: HKLM\Software\Microsoft\Windows Defender\Real-Time Protection: [DisableRealtimeMonitoring] = 1
O7 - Policy: HKLM\Software\Policies\Microsoft\Windows Defender: [DisableAntiVirus] = 1
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\E&xport to Microsoft Excel: (default) = C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (file missing)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\IDM ile indir: (default) = C:\Program Files (x86)\Internet Download Manager\IEExt.htm (not signed - no company - 1A49C5F7A98580F8002AC1D6115AB39CB753975B)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Se&nd to OneNote: (default) = C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (file missing)
O17 - DHCP DNS 1: 45.90.30.230
O17 - DHCP DNS 2: 45.90.28.230
O17 - DHCP DNS 3: 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{dbc98ecd-884b-41a8-9495-1bced15498c2}: [NameServer] = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{dbc98ecd-884b-41a8-9495-1bced15498c2}: [NameServer] = 45.90.28.230
O17 - HKLM\System\CCS\Services\Tcpip\..\{dbc98ecd-884b-41a8-9495-1bced15498c2}: [NameServer] = 45.90.30.230
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{B4B376E8-4F43-4E6B-854C-0C1933F29EDF}: [NameServer] = 192.168.1.1
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{B4B376E8-4F43-4E6B-854C-0C1933F29EDF}: [NameServer] = 94.140.14.14 (Well-known DNS: Adguard DNS)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{B4B376E8-4F43-4E6B-854C-0C1933F29EDF}: [NameServer] = 94.140.15.15 (Well-known DNS: Adguard DNS)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{BF6F5B49-B8C3-48C1-8551-9D401BC53857}: [NameServer] = 192.168.1.1
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{BF6F5B49-B8C3-48C1-8551-9D401BC53857}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{BF6F5B49-B8C3-48C1-8551-9D401BC53857}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{DBC98ECD-884B-41A8-9495-1BCED15498C2}: [NameServer] = 192.168.1.1
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{DBC98ECD-884B-41A8-9495-1BCED15498C2}: [NameServer] = 45.90.28.230
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{DBC98ECD-884B-41A8-9495-1BCED15498C2}: [NameServer] = 45.90.30.230
O18 - HKLM\Software\Classes\Protocols\Filter\application/octet-stream: [CLSID] = {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - (no file)
O18 - HKLM\Software\Classes\Protocols\Filter\application/x-complus: [CLSID] = {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - (no file)
O18 - HKLM\Software\Classes\Protocols\Filter\application/x-msdownload: [CLSID] = {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll (sign: 'Tonec Inc.')
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files\Google\Drive File Stream\114.0.1.0\drivefsext.dll (sign: 'Google LLC')
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files\Google\Drive File Stream\114.0.1.0\x86\drivefsext.dll (sign: 'Google LLC')
O22 - BITS Job: (download) {41026BED-CF83-4811-9D61-B7D46D782677} - Microsoft Office Click-to-Run - (no URL)
O22 - BITS Job: (download) {41026BED-CF83-4811-9D61-B7D46D782677} - Microsoft Office Click-to-Run - (no URL)
O22 - BITS Job: (download) {7BA4E840-3D71-46B8-B807-7AC44DC23CC5} - hxxp://edgedl.me.gvt1.com/edgedl/release2/chrome_component/mfnf4w4aaa2rporuqgtjqv35v4_4.10.2891.0/oimompecagnajdejgnnjijobebaeigek_4.10.2891.0_win64_acwxtxt2znguar3w2o252umtomsq.crx3 -> C:\WINDOWS\SystemTemp\chrome_BITS_28996_1723225649\oimompecagnajdejgnnjijobebaeigek_4.10.2891.0_win64_acwxtxt2znguar3w2o252umtomsq.crx3
O22 - BITS Job: (download) {82CFE343-663D-4A7A-8BB8-820AA24288BC} - hxxp://edgedl.me.gvt1.com/edgedl/diffgen-puffin/gcmjkmgdlgnkkcocmoeiminaijmmjnii/de96189181cd99da62096c3a2fa7496622a777f3d5161dea9b472598621a9bfa -> C:\WINDOWS\SystemTemp\chrome_BITS_27304_777674233\de96189181cd99da62096c3a2fa7496622a777f3d5161dea9b472598621a9bfa
O22 - BITS Job: (download) {A25FBDCC-1DA0-48BD-B4B5-01973F0CB878} - hxxp://edgedl.me.gvt1.com/edgedl/diffgen-puffin/obedbbhbpmojnkanicioggnmelmoomoc/7ea8c389f285d819b2a9ecc8e8793e81634b53ef23455666d45a405e3ea2bc27 -> C:\WINDOWS\SystemTemp\chrome_BITS_17488_1899935621\7ea8c389f285d819b2a9ecc8e8793e81634b53ef23455666d45a405e3ea2bc27
O22 - BITS Job: (download) {EF4516DA-683E-41F3-916B-74C60BC29D93} - hxxp://edgedl.me.gvt1.com/edgedl/release2/chrome_component/acnb6gjb2h75j5ihqpp6xvbhm6sq_540/lmelglejhemejginpboagddgdfbepgmp_540_all_ZZ_adxnd4n2kijwi3fxrb3hjdfgng4q.crx3 -> C:\WINDOWS\SystemTemp\chrome_BITS_25908_1568230344\lmelglejhemejginpboagddgdfbepgmp_540_all_ZZ_adxnd4n2kijwi3fxrb3hjdfgng4q.crx3
O22 - BITS Job: Fix all (including legit)
O22 - Task: (damaged) C:\WINDOWS\System32\Tasks\FxSound (empty)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avira\System Speedup (empty)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Mozilla (empty)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Service (empty)
O22 - Tasks: (disabled) (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (sign: 'Microsoft')
O22 - Tasks: (disabled) (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (sign: 'Microsoft')
O22 - Tasks: (disabled) (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (sign: 'Microsoft')
O22 - Tasks: (disabled) (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\WINDOWS\system32\sc.exe start InventorySvc (sign: '')
O22 - Tasks: (disabled) (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser Exp - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun express (sign: 'Microsoft')
O22 - Tasks: (disabled) \Agent Activation Runtime\S-1-5-21-2782965943-3355666828-1049110221-1001 - C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical - {613FBA38-A3DF-4AB8-9674-5604984A299A},/RuntimeWide - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical - {DE434264-8FE9-4C0B-A83B-89EBEEBFF78E},/RuntimeWide - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\AppxDeploymentClient\AppInstallerUpdater - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\AppxDeploymentClient.dll,ScheduleAppInstallerBackgroundUpdate (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\WINDOWS\system32\fclip.exe (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Device Setup\Driver Recovery on Reboot - {452f6ddc-7930-4b57-8794-19cd7420241d} - C:\WINDOWS\System32\DeviceSetupManagerAPI.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Flighting\FeatureConfig\BootstrapUsageDataReporting - {D759C938-B375-41CB-A2A2-E6D866A767F4} - C:\Windows\System32\fcon.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\MdmDiagnosticsCleanup - C:\WINDOWS\system32\MdmDiagnosticsTool.exe /clean (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Servicing\OOBEFodSetup - C:\WINDOWS\system32\OOBEFodSetup.exe (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\SharedPC\Account Cleanup - {7750564D-D61C-4557-8A9D-7DF56BDCFF96} - C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Shell\ThemeAssetTask_SyncFODState - {3BC5DD7D-EA3B-428C-B9B6-0723DB6A1057} - C:\Windows\System32\Windows.UI.Immersive.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Shell\UndockedFlightingUpdate - C:\WINDOWS\system32\UndockedFlightingUpdateTask.exe (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\WINDOWS\system32\MusNotification.exe /RunOnAC RebootDialog (file missing)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\WINDOWS\system32\MusNotification.exe /RunOnBattery RebootDialog (file missing)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\WaaSMedic\MaintenanceWork - {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32},MaintenanceWork - C:\WINDOWS\System32\WaaSMedicSvc.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\WindowsAI\Recall\InitialConfiguration - {709FD5EF-7296-4154-BD3A-E9830FCFA60A} - C:\WINDOWS\system32\ShellConfigTask.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Ubisoft\Ubisoft Connect Background Update - E:/Program Files/Ubisoft/Ubisoft Game Launcher/upc.exe -upc_scheduled_task update (sign: 'Microsoft')
O22 - Tasks: (disabled) Adobe Flash Player Updater - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (sign: 'Adobe Inc.')
O22 - Tasks: (disabled) Optimize Push Notification Data File-S-1-5-21-2782965943-3355666828-1049110221-1001 - {201600D8-6EFF-48CE-B842-E14D37A0682D} - C:\WINDOWS\System32\wpninprc.dll (file missing)
O22 - Tasks: (telemetry) \Microsoft\Office\Office Performance Monitor - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\SdbinstMergeDbTask - C:\WINDOWS\system32\sdbinst.exe -mm (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Sustainability\SustainabilityTelemetry - {6EE41D75-D091-4FB7-9AD5-018760DD25D4} - C:\WINDOWS\system32\EcoScoreTask.dll (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\WindowsUpdate\RUXIM\PLUGScheduler - C:\Program Files\RUXIM\PLUGscheduler.exe (file missing)
O22 - Tasks: \Apple\AppleSoftwareUpdate - C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe -task (sign: 'Apple Inc.')
O22 - Tasks: \Diagnostic\Service - C:\Users\PC\AppData\Roaming\dktduyxoul\mecsev.exe "C:\Users\PC\AppData\Roaming\dktduyxoul\mecsev.dat" (file missing)
O22 - Tasks: \GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem141.0.7376.0{D9195348-789D-4571-8F7C-245AB3EEFA6C} - C:\Program Files (x86)\Google\GoogleUpdater\141.0.7376.0\updater.exe --wake --system (sign: 'Google LLC')
O22 - Tasks: \Microsoft\Office\Office Actions Server - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\ActionsServer\ActionsServer.exe availabilitycheck (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Office\Office Background Push Maintenance - C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\opushutil.exe /pushregistration (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 - {84F0FAE1-C27B-4F6F-807B-28CF6F96287D},/RuntimeWide - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 - {429BC048-379E-45E0-80E4-EB1977941B5C},/RuntimeWide - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\AccountHealth\RecoverabilityToastTask - {B7F5B442-EBF8-46CD-9F0B-D8E45ED43492},-flow showtoast -checkup recoverability - C:\WINDOWS\system32\AccountHealth.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Clip\ClipESU - C:\WINDOWS\system32\clipesu.exe (file missing)
O22 - Tasks: \Microsoft\Windows\Containers\CmCleanup - {F50E9363-6BC8-4DC5-8CAB-7D9F8C1B81B4} - C:\WINDOWS\System32\cmcleanup.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Diagnosis\UnexpectedCodepath - C:\WINDOWS\system32\UCConfigTask.exe (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Flighting\FeatureConfig\GovernedFeatureUsageProcessing - {866F38A9-0302-4926-A36F-E4BAABAAE116} - C:\WINDOWS\System32\fcon.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Flighting\FeatureConfig\ReconcileConfigs - {15F5ECE1-4550-4A92-8E26-984FD1DA54FA} - C:\WINDOWS\System32\fcon.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Flighting\FeatureConfig\UsageDataReceiver - {D4C0420F-76BD-4F66-A91F-918A93ABEBEB} - C:\Windows\System32\fcon.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Hotpatch\Monitoring - C:\WINDOWS\system32\cmd.exe /d /c C:\WINDOWS\system32\hpatchmonTask.cmd (sign: '')
O22 - Tasks: \Microsoft\Windows\Input\RemoteMouseSyncDataAvailable - {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA},RemoteMouseSyncDataAvailable - C:\Windows\System32\InputCloudStore.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Input\RemotePenSyncDataAvailable - {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA},RemotePenSyncDataAvailable - C:\Windows\System32\InputCloudStore.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Input\RemoteTouchpadSyncDataAvailable - {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA},RemoteTouchpadSyncDataAvailable - C:\Windows\System32\InputCloudStore.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Location\Notifications - C:\WINDOWS\System32\LocationNotificationWindows.exe (file missing)
O22 - Tasks: \Microsoft\Windows\MemoryDiagnostic\AutomaticOfflineMemoryDiagnostic - {44f6c389-604a-4363-b09a-f38da08e6079} - C:\WINDOWS\System32\MemoryDiagnostic.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - C:\WINDOWS\System32\MbaeParserTask.exe (file missing)
O22 - Tasks: \Microsoft\Windows\Network Connectivity Status Indicator\NcsiIdentifyUserProxies - {706B965A-8308-4CD4-9900-87C2D79C121B} - C:\Windows\System32\netprofm.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\PCRPF\PCR Prediction Framework Firmware Update Task - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\pcrpf.dll,NotifyFirmwareUpdateStaged (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\PerformanceTrace\RequestTrace - {9efeb182-2ee3-4af9-affa-521410d110d1} - C:\WINDOWS\system32\PerformanceTraceHandler.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\PerformanceTrace\WhesvcToast - {c34546ad-2e37-41d9-8e23-277837b7a234} - C:\WINDOWS\system32\PerformanceTraceHandler.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Pluton\Pluton-Ksp-Provisioning - {997e11e1-0eff-40bd-9b25-8da694816600},PlutonKspProvision - C:\WINDOWS\system32\PlutonTasks.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\ReFsDedupSvc\Initialization - {DCFF735B-64F7-45F3-B39C-6C66BBE2120F} - C:\WINDOWS\System32\ReFsDedupSvc.exe (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Sustainability\PowerGridForecastTask - {251E5B1F-E370-4E12-B5BD-B7AD2A8EE810} - C:\WINDOWS\system32\PowerGridForecastTask.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\TPM\Tpm-PreAttestationHealthCheck - {5014B7C8-934E-4262-9816-887FA745A6C4},TpmPreAttestationHealthCheck - C:\WINDOWS\system32\TpmTasks.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\UIEOrchestrator - C:\WINDOWS\system32\UIEOrchestrator.exe /SendHeartbeat (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (file missing)
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\UUS Failover Task - C:\WINDOWS\System32\MLEngineStub.exe HandleUusFailoverEvaluationSignalFromWnf (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\WindowsAI\Recall\PolicyConfiguration - {0BE6820D-B667-4CB6-931B-C153A77DA895} - C:\WINDOWS\system32\ShellConfigTask.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\WindowsAI\Settings\InitialConfiguration - {2886e5fb-4f01-4a89-9a0e-5d6a9c8048ac} - C:\WINDOWS\system32\SettingsConfigTask.dll (sign: 'Microsoft')
O22 - Tasks: \PowerToys\Autorun for PC - C:\Users\PC\AppData\Local\PowerToys\PowerToys.exe (sign: 'Microsoft')
O22 - Tasks: Adobe Flash Player PPAPI Notifier - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_371_pepper.exe -check pepperplugin (sign: 'Adobe Inc.')
O22 - Tasks: AMDAutoUpdate - C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe (sign: 'Advanced Micro Devices')
O22 - Tasks: atkexComSvc - C:\ProgramData\atkex\CybBeac64.exe (file missing)
O22 - Tasks: ClpHtt - C:\ProgramData\ClpHtt\MatrixElect64.exe (file missing)
O22 - Tasks: DB Bigupgrade Task (One Time) - E:\Program Files (x86)\Driver Booster\Pub\dbupgrade.exe /upgrade /round=1 (sign: 'IObit CO., LTD')
O22 - Tasks: Driver Booster Scheduler - E:\Program Files (x86)\Driver Booster\12.6.0\Scheduler.exe /scheduler (sign: 'IObit CO., LTD')
O22 - Tasks: Driver Booster SkipUAC (PC) - E:\Program Files (x86)\Driver Booster\12.6.0\DriverBooster.exe /skipuac (sign: 'IObit CO., LTD')
O22 - Tasks: Driver Booster Update - E:\Program Files (x86)\Driver Booster\12.6.0\AutoUpdate.exe /auto (sign: 'IObit CO., LTD')
O22 - Tasks: FreeDownloadManagerHelperService - C:\Program Files\Softdeluxe\Free Download Manager\helperservice.exe (not signed - Softdeluxe - 01799AB981BC716DCA62356CBA194843C0B1323D)
O22 - Tasks: Microsoft_Hardware_Launch_ipoint_exe - C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (sign: 'Microsoft')
O22 - Tasks: Microsoft_Hardware_Launch_itype_exe - C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (sign: 'Microsoft')
O22 - Tasks: Microsoft_Hardware_Launch_mousekeyboardcenter_exe - C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe (sign: 'Microsoft')
O22 - Tasks: Microsoft_MKC_Logon_Task_ceip.exe - C:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe (sign: 'Microsoft')
O22 - Tasks: Microsoft_MKC_Logon_Task_ipoint.exe - C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (sign: 'Microsoft')
O22 - Tasks: Microsoft_MKC_Logon_Task_itype.exe - C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (sign: 'Microsoft')
O22 - Tasks: MSIAfterburner - E:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe /s (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O22 - Tasks: NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA App.exe (sign: 'NVIDIA Corporation')
O22 - Tasks: OneDrive Reporting Task-S-1-5-21-2782965943-3355666828-1049110221-1001 - C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe /reporting (sign: 'Microsoft')
O22 - Tasks: OneDrive Reporting Task-S-1-5-21-2782965943-3355666828-1049110221-500 - C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe /reporting (sign: 'Microsoft')
O22 - Tasks: OneDrive Startup Task-S-1-5-21-2782965943-3355666828-1049110221-1001 - C:\Program Files\Microsoft OneDrive\25.164.0824.0003\OneDriveLauncher.exe /startInstances (sign: 'Microsoft')
O22 - Tasks: OneDrive Startup Task-S-1-5-21-2782965943-3355666828-1049110221-500 - C:\Program Files\Microsoft OneDrive\25.164.0824.0003\OneDriveLauncher.exe /startInstances (sign: 'Microsoft')
O22 - Tasks: Opera GX scheduled assistant Autoupdate 1664479099 - C:\Users\PC\AppData\Local\Programs\Opera GX\launcher.exe --scheduledautoupdate --component-name=assistant --component-path="C:\Users\PC\AppData\Local\Programs\Opera GX\assistant" $(Arg0) (file missing)
O22 - Tasks: Opera GX scheduled Autoupdate 1664038697 - E:\Opera GX\autoupdate\opera_autoupdate.exe --scheduledtask --bypasslauncher $(Arg0) (sign: 'Opera Norway AS')
O22 - Tasks: SSDUtilityAutorun - C:\Program Files (x86)\KIOXIA Corporation\SSD Utility\SSDUtility.exe "-minimise" (sign: 'Kioxia Corporation')
O22 - Tasks: StartAUEP - C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe (sign: 'Advanced Micro Devices')
O22 - Tasks: VisualSubstUAC - C:\Program Files\Visual Subst\VSubst.exe /UACTASK (sign: 'NTWIND LLC')
O22 - Tasks_Migrated: (disabled) \Agent Activation Runtime\S-1-5-21-2782965943-3355666828-1049110221-1001 - C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical - {613FBA38-A3DF-4AB8-9674-5604984A299A},/RuntimeWide - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical - {DE434264-8FE9-4C0B-A83B-89EBEEBFF78E},/RuntimeWide - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\WINDOWS\system32\fclip.exe (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\WaaSMedic\MaintenanceWork - {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32},MaintenanceWork - C:\WINDOWS\System32\WaaSMedicSvc.dll (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) Optimize Push Notification Data File-S-1-5-21-2782965943-3355666828-1049110221-1001 - {201600D8-6EFF-48CE-B842-E14D37A0682D} - C:\WINDOWS\System32\wpninprc.dll (file missing)
O22 - Tasks_Migrated: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (sign: 'Microsoft')
O22 - Tasks_Migrated: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (sign: 'Microsoft')
O22 - Tasks_Migrated: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (sign: 'Microsoft')
O22 - Tasks_Migrated: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (sign: 'Microsoft')
O22 - Tasks_Migrated: (telemetry) \Microsoft\Windows\WindowsUpdate\RUXIM\PLUGScheduler - C:\Program Files\RUXIM\PLUGscheduler.exe (file missing)
O22 - Tasks_Migrated: \Apple\AppleSoftwareUpdate - C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe -task (sign: 'Apple Inc.')
O22 - Tasks_Migrated: \Diagnostic\Service - C:\Users\PC\AppData\Roaming\dktduyxoul\mecsev.exe "C:\Users\PC\AppData\Roaming\dktduyxoul\mecsev.dat" (file missing)
O22 - Tasks_Migrated: \GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem131.0.6776.0{4278252B-6D7F-4D83-8A98-ABA2792F2528} - C:\Program Files (x86)\Google\GoogleUpdater\131.0.6776.0\updater.exe --wake --system (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 - {84F0FAE1-C27B-4F6F-807B-28CF6F96287D},/RuntimeWide - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll (sign: 'Microsoft')
O22 - Tasks_Migrated: \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 - {429BC048-379E-45E0-80E4-EB1977941B5C},/RuntimeWide - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll (sign: 'Microsoft')
O22 - Tasks_Migrated: \Microsoft\Windows\Clip\ClipESU - C:\WINDOWS\system32\clipesu.exe (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Location\Notifications - C:\WINDOWS\System32\LocationNotificationWindows.exe (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - C:\WINDOWS\System32\MbaeParserTask.exe (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\NetTrace\GatherNetworkInfo - C:\WINDOWS\system32\gatherNetworkInfo.vbs (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\PI\SecureBootEncodeUEFI - C:\WINDOWS\system32\SecureBootEncodeUEFI.exe (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\SettingSync\BackgroundUploadTask - {59B9640B-3F70-4D1C-B159-F26EEB8A4C87} - (no file)
O22 - Tasks_Migrated: \Microsoft\Windows\SettingSync\NetworkStateChangeTask - {A4173A49-F373-4475-9A0F-2D615204DC20} - (no file)
O22 - Tasks_Migrated: FreeDownloadManagerHelperService - C:\Program Files\Softdeluxe\Free Download Manager\helperservice.exe (not signed - Softdeluxe - 01799AB981BC716DCA62356CBA194843C0B1323D)
O22 - Tasks_Migrated: Google Play Games Notifier - C:\Program Files\Google\Play Games\Bootstrapper.exe /bg (file missing)
O22 - Tasks_Migrated: Microsoft_Hardware_Launch_ipoint_exe - C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (sign: 'Microsoft')
O22 - Tasks_Migrated: Microsoft_Hardware_Launch_itype_exe - C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (sign: 'Microsoft')
O22 - Tasks_Migrated: Microsoft_Hardware_Launch_mousekeyboardcenter_exe - C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe (sign: 'Microsoft')
O22 - Tasks_Migrated: Microsoft_MKC_Logon_Task_ceip.exe - C:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe (sign: 'Microsoft')
O22 - Tasks_Migrated: Microsoft_MKC_Logon_Task_ipoint.exe - C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (sign: 'Microsoft')
O22 - Tasks_Migrated: Microsoft_MKC_Logon_Task_itype.exe - C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (sign: 'Microsoft')
O22 - Tasks_Migrated: MSIAfterburner - E:\MSI Afterburner\MSIAfterburner.exe /s (file missing)
O22 - Tasks_Migrated: NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\NVIDIA App.exe (sign: 'NVIDIA Corporation')
O22 - Tasks_Migrated: OneDrive Reporting Task-S-1-5-21-2782965943-3355666828-1049110221-1001 - C:\Users\PC\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (file missing)
O22 - Tasks_Migrated: OneDrive Reporting Task-S-1-5-21-2782965943-3355666828-1049110221-500 - C:\Users\PC\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (file missing)
O22 - Tasks_Migrated: OneDrive Standalone Update Task-S-1-5-21-2782965943-3355666828-1049110221-1001 - C:\Users\PC\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (file missing)
O22 - Tasks_Migrated: OneDrive Standalone Update Task-S-1-5-21-2782965943-3355666828-1049110221-500 - C:\Users\PC\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (file missing)
O22 - Tasks_Migrated: Opera GX scheduled assistant Autoupdate 1664479099 - C:\Users\PC\AppData\Local\Programs\Opera GX\launcher.exe --scheduledautoupdate --component-name=assistant --component-path="C:\Users\PC\AppData\Local\Programs\Opera GX\assistant" $(Arg0) (file missing)
O22 - Tasks_Migrated: Opera GX scheduled Autoupdate 1664038697 - E:\Opera GX\autoupdate\opera_autoupdate.exe --scheduledtask --bypasslauncher $(Arg0) (sign: 'Opera Norway AS')
O23 - Service R2: AMD User Experience Program Data Uploader - (AUEPLauncher) - C:\Program Files\AMD\Performance Profile Client\AUEPDU.exe (sign: 'Advanced Micro Devices')
O23 - Service R2: Flixmate service - (FlixmateService) - C:\Users\public\AppData\Roaming\Flixmate\flixmate.service.exe (not signed - no company - 131051912DC1B9CB412071D085ECAC182E0C639C)
O23 - Service R2: Flixmate update service - (Flixmate.UpdateService) - C:\Users\public\AppData\Roaming\Flixmate\update\Flixmate.UpdateService.exe (sign: 'Zinlab Technologies')
O23 - Service R2: Gaming Services - (GamingServices) - C:\Program Files\WindowsApps\Microsoft.GamingServices_30.104.29001.0_x64__8wekyb3d8bbwe\GamingServices.exe (sign: 'Microsoft')
O23 - Service R2: Gaming Services - (GamingServicesNet) - C:\Program Files\WindowsApps\Microsoft.GamingServices_30.104.29001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe (sign: 'Microsoft')
O23 - Service R2: GIGABYTE Adjust - (MyService1) - C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe (not signed - no company - 5ED286E95710B515F8D2C70D99309EE63459D2F8)
O23 - Service R2: GIGABYTE Update Service - (GigabyteUpdateService) - C:\WINDOWS\system32\GigabyteUpdateService.exe 1 (sign: 'GIGA-BYTE TECHNOLOGY CO., LTD.')
O23 - Service R2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (sign: 'Malwarebytes Inc.') (+safe mode)
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_6cdc9372d41a2731\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_6cdc9372d41a2731\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem /ert (sign: 'NVIDIA Corporation')
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA Corporation\NVIDIA App\NvContainer\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -ert (sign: 'NVIDIA Corporation')
O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_b55ed36a9a78cc75\RtkAudUService64.exe (sign: 'Realtek Semiconductor Corp.')
O23 - Service R2: Wallpaper Engine Service - C:\WINDOWS\SysWOW64\wallpaperservice32.exe -p "E:\SteamLibrary\steamapps\common\wallpaper_engine\wallpaper32.exe" (sign: 'Skutta Software GmbH')
O23 - Service S2: Google Güncelleyici Dahili Hizmeti (GoogleUpdaterInternalService141.0.7376.0) - (GoogleUpdaterInternalService141.0.7376.0) - C:\Program Files (x86)\Google\GoogleUpdater\141.0.7376.0\updater.exe --system --windows-service --service=update-internal (sign: 'Google LLC')
O23 - Service S2: Google Güncelleyici Hizmeti (GoogleUpdaterService141.0.7376.0) - (GoogleUpdaterService141.0.7376.0) - C:\Program Files (x86)\Google\GoogleUpdater\141.0.7376.0\updater.exe --system --windows-service --service=update (sign: 'Google LLC')
O23 - Service S2: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService (sign: 'Valve Corp.')
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe (sign: 'BattlEye Innovations e.K.')
O23 - Service S3: Chrome Uzaktan Masaüstü Hizmeti - (chromoting) - C:\Program Files (x86)\Google\Chrome Remote Desktop\141.0.7390.12\remoting_host.exe --type=daemon --host-config="C:\ProgramData\Google\Chrome Remote Desktop\host.json" (sign: 'Google LLC')
O23 - Service S3: EABackgroundService - C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (sign: 'Electronic Arts, Inc.')
O23 - Service S3: Epic Games Updater - (EpicGamesUpdater) - C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesUpdater.exe (sign: 'Epic Games Inc.')
O23 - Service S3: FileSyncHelper - C:\Program Files\Microsoft OneDrive\25.164.0824.0003\FileSyncHelper.exe (sign: 'Microsoft')
O23 - Service S3: GalaxyClientService - C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe (sign: 'GOG sp. z o.o')
O23 - Service S3: GalaxyCommunication - C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe (sign: 'GOG sp. z o.o')
O23 - Service S3: GameGuard AntiCheat service - (ggsvc) - C:\Program Files (x86)\GameGuard\acsvc.exe (sign: 'INPLERON LTD')
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\140.0.7339.186\elevation_service.exe (sign: 'Google LLC')
O23 - Service S3: MBVpnTunnelService - C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe (sign: 'Malwarebytes Inc.')
O23 - Service S3: Microsoft Defender Çekirdek Hizmeti - (MDCoreSvc) - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe (sign: 'Microsoft')
O23 - Service S3: NVIDIA FrameView SDK service - (FvSvc) - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe -service (sign: 'NVIDIA Corporation')
O23 - Service S3: OneDrive Updater Service - C:\Program Files\Microsoft OneDrive\25.164.0824.0003\OneDriveUpdaterService.exe (sign: 'Microsoft')
O23 - Service S3: Rockstar Game Library Service - (Rockstar Service) - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe (sign: 'Rockstar Games, Inc.')
O23 - Service S3: SteelSeries GG Update Service Proxy - (SteelSeriesGGUpdateServiceProxy) - C:\Program Files\SteelSeries\GG\SteelSeriesGGUpdateServiceProxy.exe (file missing)
O23 - Service S3: vgc - C:\Program Files\Riot Vanguard\vgc.exe (sign: 'Riot Games, Inc.')
O23 - Service S3: Zakynthos Service - (zksvc) - C:\Program Files\Common Files\PUBG\zksvc.exe (sign: 'KRAFTON, Inc.')
O23 - Driver R0: AMD PSP Service - (amdpsp) - C:\WINDOWS\System32\drivers\amdpsp.sys (sign: 'Advanced Micro Devices')
O23 - Driver R0: sptd2 - C:\WINDOWS\System32\Drivers\sptd2.sys (+safe mode) (sign: 'Disc Soft Ltd')
O23 - Driver R1: adgnetworkwfpdrv - C:\WINDOWS\system32\drivers\adgnetworkwfpdrv.sys (+safe mode) (sign: 'Microsoft' - Adguard Software Ltd)
O23 - Driver R1: Malwarebytes Anti-Exploit - (ESProtectionDriver) - C:\WINDOWS\system32\drivers\mbae64.sys (sign: 'Microsoft' - Malwarebytes)
O23 - Driver R1: MSIO - C:\WINDOWS\system32\drivers\MsIo64.sys (sign: 'Microsoft' - MICSYS Technology Co., LTd)
O23 - Driver R1: vgk - C:\Program Files\Riot Vanguard\vgk.sys (sign: 'Riot Games, Inc.')
O23 - Driver R2: AMDRyzenMasterDriverV26 - C:\Program Files\AMD\Performance Profile Client\AMDRyzenMasterDriver.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R2: AMDRyzenMasterDriverV27 - C:\Program Files\AMD\RyzenMaster\bin\AMDRyzenMasterDriver.sys (sign: 'Advanced Micro Devices')
O23 - Driver R2: googledrivefs31931 - C:\Program Files\Google\Drive File Stream\Drivers\31931\googledrivefs31931.sys (sign: 'Microsoft' - Google, Inc.)
O23 - Driver R2: IDMWFP - C:\WINDOWS\System32\drivers\idmwfp.sys (sign: 'Microsoft' - Tonec Inc.)
O23 - Driver R2: MBAMChameleon - (mbamchameleon) - C:\WINDOWS\System32\Drivers\MbamChameleon.sys (sign: 'Microsoft' - Malwarebytes)
O23 - Driver R3: AMD GPIO Client Driver - (amdgpio2) - C:\WINDOWS\System32\drivers\amdgpio2.sys (sign: 'Advanced Micro Devices')
O23 - Driver R3: AMD GPIO Client Driver - (amdgpio3) - C:\WINDOWS\System32\drivers\amdgpio3.sys (sign: 'ASMedia Technology Inc.')
O23 - Driver R3: AMD PCI - (AMDPCIDev) - C:\WINDOWS\System32\drivers\AMDPCIDev.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R3: gdrv3 - C:\WINDOWS\System32\drivers\gdrv3.sys (sign: 'GIGA-BYTE TECHNOLOGY CO., LTD.')
O23 - Driver R3: MBAMFarflt - C:\WINDOWS\system32\DRIVERS\farflt11.sys (sign: 'Malwarebytes Inc.')
O23 - Driver R3: MBAMProtection - C:\WINDOWS\system32\DRIVERS\mbam.sys (sign: 'Microsoft' - Malwarebytes)
O23 - Driver R3: MBAMSwissArmy - C:\WINDOWS\System32\Drivers\mbamswissarmy.sys (sign: 'Microsoft' - Malwarebytes)
O23 - Driver R3: MBAMWebProtection - C:\WINDOWS\system32\DRIVERS\mwac.sys (sign: 'Malwarebytes Inc.')
O23 - Driver R3: NVIDIA Virtual Audio Device (Wave Extensible) (WDM) - (nvvad_WaveExtensible) - C:\WINDOWS\system32\drivers\nvvad64v.sys (sign: 'NVIDIA Corporation')
O23 - Driver R3: nvlddmkm - C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_6cdc9372d41a2731\nvlddmkm.sys (sign: 'NVIDIA Corporation')
O23 - Driver R3: Realtek NetAdapter Driver - (rt68cx21) - C:\WINDOWS\System32\DriverStore\FileRepository\rt68cx21x64sta.inf_amd64_dd02613ac8afa9e2\rt68cx21x64.sys (sign: 'Realtek Semiconductor Corp.')
O23 - Driver R3: RTCore64 - E:\Program Files (x86)\MSI Afterburner\RTCore64.sys (sign: 'MICRO-STAR INTERNATIONAL CO., LTD.')
O23 - Driver R3: Scp Virtual Bus Driver - (ScpVBus) - C:\WINDOWS\System32\drivers\ScpVBus.sys (sign: 'Bruce James')
O23 - Driver R3: Service for NVIDIA High Definition Audio Driver - (NVHDA) - C:\WINDOWS\system32\drivers\nvhda64v.sys (sign: 'NVIDIA Corporation')
O23 - Driver R3: Service for Realtek HD Audio (WDM) - (IntcAzAudAddService) - C:\WINDOWS\system32\drivers\RTKVHD64.sys (sign: 'Realtek Semiconductor Corp.')
O23 - Driver R3: SteelSeries Device Factory Service - (ssdevfactory) - C:\WINDOWS\System32\drivers\ssdevfactory.sys (sign: 'Microsoft' - SteelSeries ApS)
O23 - Driver R3: SteelSeries HID Service - (sshid) - C:\WINDOWS\System32\drivers\sshid.sys (sign: 'Microsoft' - SteelSeries ApS)
O23 - Driver R3: SteelSeries Sonar Driver - (SteelSeries_Sonar_VAD) - C:\WINDOWS\System32\DriverStore\FileRepository\steelseries-sonar-vad.inf_amd64_4a7a0876e89a4ff8\SteelSeries-Sonar-VAD.sys (sign: 'GN Hearing A/S')
O23 - Driver R3: USB Redirector Client Virtual USB Bus Driver - (tusbdbuslt) - C:\WINDOWS\System32\drivers\tusbdbuslt.sys (sign: 'Microsoft' - SimplyCore LLC)
O23 - Driver S3: AC driver - (acdrv) - C:\WINDOWS\system32\drivers\acdrv.sys (sign: 'Microsoft' - no company)
O23 - Driver S3: ACE-BASE - C:\WINDOWS\system32\drivers\ACE-BASE.sys (sign: 'PUBG CORPORATION')
O23 - Driver S3: ACE-GAME - C:\WINDOWS\system32\drivers\ACE-GAME.sys (sign: 'PUBG CORPORATION')
O23 - Driver S3: Apple KMDF Filter Driver - (AppleKmdfFilter) - C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys (sign: 'Microsoft' - Apple Inc.)
O23 - Driver S3: Apple Lower Filter Driver - (AppleLowerFilter) - C:\WINDOWS\System32\drivers\AppleLowerFilter.sys (sign: 'Microsoft' - Apple Inc.)
O23 - Driver S3: cpuz154 - C:\WINDOWS\temp\cpuz154\cpuz154_x64.sys (file missing)
O23 - Driver S3: FxSound Audio Enhancer - (FXVAD) - C:\WINDOWS\system32\drivers\fxvad.sys (sign: 'Microsoft' - Windows (R) Win 7 DDK provider)
O23 - Driver S3: Intel(R) Serial IO GPIO Controller Driver - (iaLPSSi_GPIO) - C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys (sign: 'Intel Corporation - Client Components Group')
O23 - Driver S3: libusb-win32 - Kernel Driver, Version 1.2.6.0 - (libusb0) - C:\WINDOWS\system32\drivers\libusb0.sys (sign: 'Travis Lee Robinson')
O23 - Driver S3: Realtek RT640 NT Driver - (rt640x64) - C:\WINDOWS\System32\drivers\rt640x64.sys (+safe mode) (sign: 'Realtek Semiconductor Corp.')
O23 - Driver S3: RevoProcessDetector - C:\WINDOWS\system32\DRIVERS\RevoProcessDetector.sys (sign: 'Microsoft' - VS Revo Group)
O23 - Driver S3: SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.) - (ssudmdm) - C:\WINDOWS\system32\DRIVERS\ssudmdm.sys (sign: 'Samsung Electronics CO., LTD.')
O23 - Driver S3: SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.) - (dg_ssudbus) - C:\WINDOWS\system32\DRIVERS\ssudbus2.sys (+safe mode) (sign: 'Samsung Electronics CO., LTD.')
O23 - Driver S3: TAP-ProtonVPN Windows Adapter V9 - (tapprotonvpn) - C:\WINDOWS\System32\drivers\tapprotonvpn.sys (+safe mode) (sign: 'Microsoft' - The OpenVPN Project)
O23 - Driver S3: TeamViewer VPN Adapter - (teamviewervpn) - C:\WINDOWS\System32\drivers\teamviewervpn.sys (+safe mode) (sign: 'TeamViewer Germany GmbH')
O23 - Driver S3: UniFairy_x64 - C:\Windows\system32\drivers\UniFairy_x64.sys (sign: 'Tencent Technology(Shenzhen) Company Limited')
O23 - Driver S3: unirsdt - C:\WINDOWS\system32\drivers\unirsdt.sys (+safe mode) (sign: 'Tencent Technology(Shenzhen) Company Limited')
O23 - Driver S3: VB-Audio Voicemeeter VAIO (WDM) - (VBVoicemeeterVAIOMME) - C:\WINDOWS\System32\DriverStore\FileRepository\vbvoicemeetervaio64_win10.inf_amd64_ce452124b45dd943\vbvoicemeetervaio64_win10.sys (sign: 'BUREL VINCENT Entrepreneur individuel')
O23 - Driver S3: xhunter1 - C:\WINDOWS\xhunter1.sys (sign: 'Wellbia.com Co., Ltd.')
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'rt640x64'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'tapprotonvpn'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'teamviewervpn'
O26 - Debugger: HKLM\..\LicenseManager.exe: [Debugger] = C:\WINDOWS\system32\systray.exe (sign: 'Microsoft')
O26 - Office Addin: HKLM\..\MicrosoftDataStreamerforExcel - (Microsoft Data Streamer for Excel) -> C:\Program Files\Microsoft Office\root\Office16\ADDINS\EduWorks Data Streamer Add-In\MicrosoftDataStreamerforExcel.vsto (not signed - no company - A9DA61511D2073E5B80ED742394B35C61D96DE3A)
O26 - Office Addin: HKLM\..\NativeShim - (Inquire) -> (no file)
O26 - Office Addin: HKLM\..\OutlookChangeNotifier.Connect - (Outlook Change Notifier) -> C:\Program Files\Common Files\Apple\Mobile Device Support\OutlookChangeNotifierAddIn.dll (sign: 'Apple Inc.')
--
End of file - Time spent: 142,2 sec. - 112672 bytes, CRC32: FFFFFFFF. Sign: 貌恫
