Hey everyone! A few days ago, I unfortunately ran an executable which had been labeled as a RAT virus by Windows Defender. Since the file was a gamehack tool, I mostly thought that it could be a false positive and ignored the warning. After a day or two, though, my Discord account was in a server which I hadn't joined beforehand and seemed to have sent a lot of spam messages. I immediately deleted the file, and did a lot of scans with both Defender and KIS. I also took it a bit further and just fresh installed my Windows. However, again, I saw this file called "ament.ini" in ProgramData files, which I looked up on the internet. I deleted the file after having read something along the lines of "pendrive virus". Anyway, long story short, I'm wondering whether the virus could have survived the formatting. My logs are as follows. Thank you kindly in advance
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-04-2021 Ran by emreu (administrator) on DESKTOP-B7OFBHC (09-04-2021 18:29:13) Running from C:\Users\emreu\Desktop Loaded Profiles: emreu Platform: Windows 10 Home Version 20H2 19042.867 (X64) Language: Turkish (Turkey) -> English (United Kingdom) Default browser: Opera Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepositoryͥ275.inf_amd64_136741f59e43f995\B364966\atiesrxx.exe (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.94\AsusFanControlService.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.00.51\atkexComSvc.exe (DTS, Inc. -> ) C:\Windows\System32\DTS\PC\APO3x\DTSAPO3Service.exe (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avp.exe (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avpui.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\userinit.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.860_none_e73d0c67262f5c28\TiWorker.exe (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2> (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [1081648 2021-04-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM-x32\...\Run: [TeamsMachineUninstallerLocalAppData] => C:\Users\emreu\AppData\Local\Microsoft\Teams\Update.exe [2453728 2021-04-09] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKLM-x32\...\Run: [TeamsMachineUninstallerProgramData] => %ProgramData%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-1321759622-1913416926-2370318738-1001\...\Run: [Opera Browser Assistant] => C:\Users\emreu\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3363480 2021-04-01] (Opera Software AS -> Opera Software) HKU\S-1-5-21-1321759622-1913416926-2370318738-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4087528 2021-03-24] (Valve -> Valve Corporation) HKU\S-1-5-21-1321759622-1913416926-2370318738-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33000928 2021-04-09] (Epic Games Inc. -> Epic Games, Inc.) HKLM\...\Print\Monitors\HP c111 Status Monitor: C:\Windows\system32\hpinkstsc111LM.dll [333496 2012-12-16] (Hewlett Packard -> Hewlett-Packard Co.) Startup: C:\Users\emreu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitör Mürekkep Uyarıları - HP Deskjet 1510 series.lnk [2021-04-09] ShortcutAndArgument: Monitör Mürekkep Uyarıları - HP Deskjet 1510 series.lnk -> C:\Windows\system32\RunDll32.exe => "C:\Program Files\HP\HP Deskjet 1510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN38L17JQX05XJ;CONNECTION=USB;MONITOR=1; HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION HKU\S-1-5-21-1321759622-1913416926-2370318738-1001\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {13A398FD-FBD9-45E2-AA52-33C6F459406A} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [743488 2021-04-09] (Kaspersky Lab JSC -> AO Kaspersky Lab) Task: {1D58F96D-2783-4452-8BAC-D16EC597602C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3915168 2021-04-09] (Microsoft Corporation -> Microsoft Corporation) Task: {2B93ECEC-62AC-4120-A08B-3C16FA0622CD} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [60496 2021-03-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {4760050F-45E6-4E60-9FE8-B329F94C93E7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22764936 2020-10-06] (Microsoft Corporation -> Microsoft Corporation) Task: {5537EEFE-B609-40E9-9A48-7D33903E06A9} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2115632 2020-10-22] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) Task: {55894AF9-720A-42DF-B14F-6B561BC29749} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [68176 2021-03-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {5D2DB408-637B-4EEA-BDC1-E5C7E6C34709} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709344 2021-03-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {7BCF9914-8509-4B47-9B98-C4AEA78C8FBF} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22764936 2020-10-06] (Microsoft Corporation -> Microsoft Corporation) Task: {82692151-5209-4A32-BC21-6C0FE97227CD} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118128 2021-04-09] (Microsoft Corporation -> Microsoft Corporation) Task: {84DC5B52-407F-4175-BBB7-C2AECF004146} - System32\Tasks\Opera scheduled Autoupdate 1617966362 => C:\Users\emreu\AppData\Local\Programs\Opera\launcher.exe [1886872 2021-04-01] (Opera Software AS -> Opera Software) Task: {A20B2C25-4D42-47BC-81A1-56A2A4723695} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118128 2021-04-09] (Microsoft Corporation -> Microsoft Corporation) Task: {BA42EFC2-1C5F-4702-A98E-16EB11BAF484} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [4329008 2020-10-12] (ASUSTeK Computer Inc. -> TODO: <Company name>) Task: {C8A1DE7F-82FE-4BE8-947E-B3420D646A70} - System32\Tasks\Opera scheduled assistant Autoupdate 1617966364 => C:\Users\emreu\AppData\Local\Programs\Opera\launcher.exe [1886872 2021-04-01] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\emreu\AppData\Local\Programs\Opera\assistant" $(Arg0) Task: {DAFE2E7B-6C4D-4BD2-8E06-A670B42083D0} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [1469800 2020-10-30] (ASUSTeK Computer Inc. -> ) Task: {DDEC5586-E2C4-4624-B061-70726923857C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3915168 2021-04-09] (Microsoft Corporation -> Microsoft Corporation) Task: {E4A60FEB-DACD-46FF-984F-E8FBC4C6BF0F} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709344 2021-03-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {F1AB98AB-AA55-473A-9954-E1BC4C3AEE39} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709344 2021-03-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{f20439bd-7012-4c68-82ce-70d66f48e63c}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge Profile: C:\Users\emreu\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-09] Edge HKU\S-1-5-21-1321759622-1913416926-2370318738-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] FireFox: ======== FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\FFExt\light_plugin_firefox\addon.xpi => not found FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\FFExt\light_plugin_firefox\addon.xpi => not found FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-04-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm Opera: ======= OPR Profile: C:\Users\emreu\AppData\Roaming\Opera Software\Opera Stable [2021-04-09] OPR StartupUrls: Opera Stable -> "hxxp://www.google.com.tr/" OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Extension: (Translator) - C:\Users\emreu\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnbpedcoekjafichoehopgaaldogogch [2021-04-09] OPR Extension: (Rich Hints Agent) - C:\Users\emreu\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-04-09] OPR Extension: (Multi Sözlük) - C:\Users\emreu\AppData\Roaming\Opera Software\Opera Stable\Extensions\ikokoacoaalbmjeilgpgmgmnffaooonf [2021-04-09] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.51\atkexComSvc.exe [442928 2021-04-09] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.94\AsusFanControlService.exe [2073136 2021-04-09] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avp.exe [384280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8853384 2020-10-05] (Microsoft Corporation -> Microsoft Corporation) R2 DTSAPO3Service; C:\Windows\System32\DTS\PC\APO3x\DTSAPO3Service.exe [222104 2021-04-09] (DTS, Inc. -> ) S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [926176 2021-03-16] (Epic Games Inc. -> Epic Games, Inc.) S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 AMDXE; C:\Windows\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) R1 Asusgio2; C:\Windows\system32\drivers\AsIO2.sys [35136 2021-04-09] (ASUSTeK Computer Inc. -> ) S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed] R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [250032 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R4 IOMap; C:\Windows\system32\drivers\IOMap64.sys [34064 2020-10-15] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) S1 klbackupdisk; C:\Windows\system32\DRIVERS\klbackupdisk.sys [110336 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) S1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [211704 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [126216 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab) R1 klflt; C:\Windows\system32\DRIVERS\klflt.sys [514840 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [657176 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [1400584 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [245280 2021-04-09] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1042712 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [98040 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) S3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [112392 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R4 klkbdflt2; C:\Windows\system32\DRIVERS\klkbdflt2.sys [88824 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) S3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [112904 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [85256 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [96008 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) U0 klupd_klif_arkmon; C:\Windows\System32\Drivers\klupd_klif_arkmon.sys [257208 2021-04-09] (Kaspersky Lab JSC -> AO Kaspersky Lab) U3 klupd_klif_arkmon_818E8C6D; C:\ProgramData\Kaspersky Lab\AVP21.3\Temp\818E8C6D8588802E3E63CD8CEF03AF3B\klupd_klif_arkmon.sys [257208 2021-04-09] (Kaspersky Lab JSC -> AO Kaspersky Lab) U3 klupd_klif_klark; C:\Windows\System32\Drivers\klupd_klif_klark.sys [310232 2021-04-09] (Kaspersky Lab JSC -> AO Kaspersky Lab) U0 klupd_klif_klbg; C:\Windows\System32\Drivers\klupd_klif_klbg.sys [116888 2021-04-09] (Kaspersky Lab JSC -> AO Kaspersky Lab) U3 klupd_klif_mark; C:\Windows\System32\Drivers\klupd_klif_mark.sys [207352 2021-04-09] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [155912 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [327936 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [300808 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2021-04-09 18:29 - 2021-04-09 18:29 - 000017261 _____ C:\Users\emreu\Desktop\FRST.txt 2021-04-09 18:18 - 2021-04-09 18:19 - 000304078 _____ C:\TDSSKiller.3.1.0.28_09.04.2021_18.18.22_log.txt 2021-04-09 18:17 - 2021-04-09 18:17 - 005054744 _____ (AO Kaspersky Lab) C:\Users\emreu\Desktop\tdsskiller.exe 2021-04-09 18:01 - 2021-04-09 18:29 - 000000000 ____D C:\FRST 2021-04-09 18:01 - 2021-04-09 18:01 - 002298368 _____ (Farbar) C:\Users\emreu\Desktop\FRST64.exe 2021-04-09 17:59 - 2021-04-09 17:59 - 000852798 _____ C:\Users\emreu\Desktop\SecurityCheck.exe 2021-04-09 17:41 - 2021-04-09 17:41 - 000002368 _____ C:\Users\emreu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk 2021-04-09 17:41 - 2021-04-09 17:41 - 000000000 ____D C:\Users\emreu\AppData\Roaming\Teams 2021-04-09 17:41 - 2021-04-09 17:41 - 000000000 ____D C:\Users\emreu\AppData\Local\SquirrelTemp 2021-04-09 17:21 - 2021-04-09 17:21 - 000310232 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klark.sys 2021-04-09 17:11 - 2021-04-09 17:11 - 000257208 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_arkmon.sys 2021-04-09 17:11 - 2021-04-09 17:11 - 000207352 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_mark.sys 2021-04-09 17:11 - 2021-04-09 17:11 - 000116888 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klbg.sys 2021-04-09 17:11 - 2021-04-09 17:11 - 000003392 _____ C:\Windows\system32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} 2021-04-09 17:11 - 2021-04-09 17:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Cloud 2021-04-09 17:11 - 2021-04-09 17:11 - 000000000 ____D C:\Program Files\Common Files\AV 2021-04-09 17:11 - 2021-02-19 21:09 - 000110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll 2021-04-09 17:10 - 2021-04-09 17:12 - 000000000 ____D C:\ProgramData\Kaspersky Lab 2021-04-09 17:10 - 2021-04-09 17:12 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab 2021-04-09 17:10 - 2021-02-19 21:08 - 001042712 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys 2021-04-09 17:10 - 2021-02-19 21:08 - 000514840 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys 2021-04-09 17:07 - 2021-04-09 17:07 - 002793872 _____ (Kaspersky) C:\Users\emreu\Downloads\ks4.021.3.10.391tr_25204.exe 2021-04-09 16:52 - 2021-04-09 16:52 - 000095744 _____ C:\Windows\system32\VirtualMonitorManager.dll 2021-04-09 16:51 - 2021-04-09 16:51 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2021-04-09 16:51 - 2021-04-09 16:51 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2021-04-09 16:51 - 2021-04-09 16:51 - 002260992 _____ C:\Windows\system32\TextInputMethodFormatter.dll 2021-04-09 16:51 - 2021-04-09 16:51 - 002254336 _____ C:\Windows\system32\dwmscene.dll 2021-04-09 16:51 - 2021-04-09 16:51 - 001822272 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2021-04-09 16:51 - 2021-04-09 16:51 - 001394024 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2021-04-09 16:51 - 2021-04-09 16:51 - 001333760 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll 2021-04-09 16:51 - 2021-04-09 16:51 - 001314128 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi 2021-04-09 16:51 - 2021-04-09 16:51 - 001163776 _____ C:\Windows\system32\MBR2GPT.EXE 2021-04-09 16:51 - 2021-04-09 16:51 - 000729600 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx 2021-04-09 16:51 - 2021-04-09 16:51 - 000707016 _____ C:\Windows\system32\TextShaping.dll 2021-04-09 16:51 - 2021-04-09 16:51 - 000643072 _____ C:\Windows\system32\WindowManagementAPI.dll 2021-04-09 16:51 - 2021-04-09 16:51 - 000611952 _____ C:\Windows\SysWOW64\TextShaping.dll 2021-04-09 16:51 - 2021-04-09 16:51 - 000595968 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl 2021-04-09 16:51 - 2021-04-09 16:51 - 000581120 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr 2021-04-09 16:51 - 2021-04-09 16:51 - 000575488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx 2021-04-09 16:51 - 2021-04-09 16:51 - 000544768 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl 2021-04-09 16:51 - 2021-04-09 16:51 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoScreensaver.scr 2021-04-09 16:51 - 2021-04-09 16:51 - 000469504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl 2021-04-09 16:51 - 2021-04-09 16:51 - 000455680 _____ C:\Windows\SysWOW64\WindowManagementAPI.dll 2021-04-09 16:51 - 2021-04-09 16:51 - 000446976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmsys.cpl 2021-04-09 16:51 - 2021-04-09 16:51 - 000422912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv 2021-04-09 16:51 - 2021-04-09 16:51 - 000330752 _____ C:\Windows\SysWOW64\ssdm.dll 2021-04-09 16:51 - 2021-04-09 16:51 - 000306688 _____ C:\Windows\system32\HeatCore.dll 2021-04-09 16:51 - 2021-04-09 16:51 - 000304128 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax 2021-04-09 16:51 - 2021-04-09 16:51 - 000266240 _____ C:\Windows\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll 2021-04-09 16:51 - 2021-04-09 16:51 - 000240640 _____ C:\Windows\SysWOW64\CoreMas.dll 2021-04-09 16:51 - 2021-04-09 16:51 - 000238592 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl 2021-04-09 16:51 - 2021-04-09 16:51 - 000235520 _____ C:\Windows\SysWOW64\HeatCore.dll 2021-04-09 16:51 - 2021-04-09 16:51 - 000234496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax 2021-04-09 16:51 - 2021-04-09 16:51 - 000231248 _____ C:\Windows\system32\containerdevicemanagement.dll 2021-04-09 16:51 - 2021-04-09 16:51 - 000190976 _____ C:\Windows\system32\BthpanContextHandler.dll 2021-04-09 16:51 - 2021-04-09 16:51 - 000182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl 2021-04-09 16:51 - 2021-04-09 16:51 - 000178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl 2021-04-09 16:51 - 2021-04-09 16:51 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\VBICodec.ax 2021-04-09 16:51 - 2021-04-09 16:51 - 000152064 _____ C:\Windows\system32\EoAExperiences.exe 2021-04-09 16:51 - 2021-04-09 16:51 - 000135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VBICodec.ax 2021-04-09 16:51 - 2021-04-09 16:51 - 000102912 _____ (Microsoft Corporation) C:\Windows\system32\ncpa.cpl 2021-04-09 16:51 - 2021-04-09 16:51 - 000100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncpa.cpl 2021-04-09 16:51 - 2021-04-09 16:51 - 000091136 _____ C:\Windows\system32\Drivers\cimfs.sys 2021-04-09 16:51 - 2021-04-09 16:51 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2021-04-09 16:51 - 2021-04-09 16:51 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl 2021-04-09 16:51 - 2021-04-09 16:51 - 000072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2021-04-09 16:51 - 2021-04-09 16:51 - 000067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscui.cpl 2021-04-09 16:51 - 2021-04-09 16:51 - 000067072 _____ C:\Windows\system32\BWContextHandler.dll 2021-04-09 16:51 - 2021-04-09 16:51 - 000060928 _____ C:\Windows\system32\runexehelper.exe 2021-04-09 16:51 - 2021-04-09 16:51 - 000053760 _____ C:\Windows\SysWOW64\BWContextHandler.dll 2021-04-09 16:51 - 2021-04-09 16:51 - 000048640 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2021-04-09 16:51 - 2021-04-09 16:51 - 000039936 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2021-04-09 16:51 - 2021-04-09 16:51 - 000011359 _____ C:\Windows\system32\DrtmAuthTxt.wim 2021-04-09 16:51 - 2021-04-09 16:51 - 000010752 _____ C:\Windows\SysWOW64\agentactivationruntimestarter.exe 2021-04-09 16:51 - 2021-04-09 16:51 - 000001370 _____ C:\Windows\system32\ThirdPartyNoticesBySHS.txt 2021-04-09 16:50 - 2021-04-09 16:50 - 000562688 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv 2021-04-09 16:50 - 2021-04-09 16:50 - 000455168 _____ C:\Windows\system32\ssdm.dll 2021-04-09 16:50 - 2021-04-09 16:50 - 000363520 _____ C:\Windows\system32\Windows.Internal.UI.Shell.WindowTabManager.dll 2021-04-09 16:50 - 2021-04-09 16:50 - 000287232 _____ C:\Windows\system32\CoreMas.dll 2021-04-09 16:50 - 2021-04-09 16:50 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl 2021-04-09 16:50 - 2021-04-09 16:50 - 000165888 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe 2021-04-09 16:50 - 2021-04-09 16:50 - 000089088 _____ C:\Windows\system32\windows.applicationmodel.conversationalagent.proxystub.dll 2021-04-09 16:50 - 2021-04-09 16:50 - 000074240 _____ C:\Windows\system32\rdsxvmaudio.dll 2021-04-09 16:50 - 2021-04-09 16:50 - 000073216 _____ C:\Windows\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll 2021-04-09 16:50 - 2021-04-09 16:50 - 000013312 _____ C:\Windows\system32\agentactivationruntimestarter.exe 2021-04-09 16:48 - 2021-04-09 16:48 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1321759622-1913416926-2370318738-1001 2021-04-09 16:48 - 2021-04-09 16:48 - 000002341 _____ C:\Users\emreu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-04-09 16:47 - 2021-04-09 16:47 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk 2021-04-09 16:47 - 2021-04-09 16:47 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk 2021-04-09 16:47 - 2021-04-09 16:47 - 000002492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk 2021-04-09 16:47 - 2021-04-09 16:47 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk 2021-04-09 16:47 - 2021-04-09 16:47 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk 2021-04-09 16:47 - 2021-04-09 16:47 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk 2021-04-09 16:47 - 2021-04-09 16:47 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk 2021-04-09 16:47 - 2021-04-09 16:47 - 000002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk 2021-04-09 16:47 - 2021-04-09 16:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools 2021-04-09 16:46 - 2021-04-09 16:47 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2021-04-09 16:46 - 2021-04-09 16:46 - 000000000 ____D C:\Program Files\Microsoft Office 15 2021-04-09 16:45 - 2021-04-09 16:45 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2021-04-09 16:44 - 2021-04-09 16:45 - 000000000 ____D C:\Windows\system32\MRT 2021-04-09 16:41 - 2021-04-09 16:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2021-04-09 16:41 - 2021-04-09 16:41 - 000000000 ____D C:\Program Files\HP 2021-04-09 16:41 - 2021-04-09 16:41 - 000000000 ____D C:\Program Files (x86)\HP 2021-04-09 16:41 - 2021-04-09 16:41 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard 2021-04-09 16:40 - 2021-04-09 16:41 - 000000000 ____D C:\Users\emreu\AppData\Local\HP 2021-04-09 16:31 - 2021-04-09 16:32 - 098364712 _____ C:\Users\emreu\Downloads\DJ1510_188.exe 2021-04-09 16:30 - 2021-04-09 16:41 - 000000000 ____D C:\ProgramData\HP 2021-04-09 16:29 - 2021-04-09 16:29 - 000483012 _____ C:\Users\emreu\Documents\1-cokgenler.pdf 2021-04-09 15:46 - 2021-04-09 16:41 - 3620960256 _____ C:\Users\emreu\Downloads\O365ProPlusRetail.img 2021-04-09 15:46 - 2021-04-09 15:46 - 007310824 _____ (HeiDoc V.O.F.) C:\Users\emreu\Downloads\Windows-ISO-Downloader.exe 2021-04-09 15:44 - 2021-04-09 15:44 - 000681105 _____ C:\Users\emreu\Downloads\Red Dead Redemption 2 [FitGirl Repack].torrent 2021-04-09 15:43 - 2021-04-09 15:43 - 000443780 _____ C:\Users\emreu\Downloads\Grand Theft Auto V [FitGirl Repack].torrent 2021-04-09 15:39 - 2021-04-09 16:40 - 000000000 ____D C:\Users\emreu\AppData\Roaming\qBittorrent 2021-04-09 15:39 - 2021-04-09 15:39 - 000000000 ____D C:\Users\emreu\AppData\Local\qBittorrent 2021-04-09 15:39 - 2021-04-09 15:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent 2021-04-09 15:39 - 2021-04-09 15:39 - 000000000 ____D C:\Program Files\qBittorrent 2021-04-09 15:38 - 2021-04-09 18:28 - 000000000 ____D C:\Users\emreu\AppData\Local\PlaceholderTileLogoFolder 2021-04-09 15:36 - 2021-04-09 15:36 - 026724770 _____ (The qBittorrent project) C:\Users\emreu\Downloads\qbittorrent_4.3.4.1_x64_setup.exe 2021-04-09 14:29 - 2021-04-09 14:29 - 000000000 ____D C:\Users\emreu\AppData\Local\Steam 2021-04-09 14:29 - 2021-04-09 14:29 - 000000000 ____D C:\Users\emreu\AppData\Local\NVIDIA Corporation 2021-04-09 14:29 - 2021-04-09 14:29 - 000000000 ____D C:\Users\emreu\AppData\Local\CEF 2021-04-09 14:22 - 2021-04-09 18:29 - 000000000 ____D C:\Program Files (x86)\Steam 2021-04-09 14:22 - 2021-04-09 14:22 - 001770744 _____ C:\Users\emreu\Downloads\SteamSetup.exe 2021-04-09 14:22 - 2021-04-09 14:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2021-04-09 14:20 - 2021-04-09 14:29 - 000000000 ____D C:\ProgramData\Epic 2021-04-09 14:20 - 2021-04-09 14:20 - 000001278 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk 2021-04-09 14:20 - 2021-04-09 14:20 - 000000000 ____D C:\Users\emreu\AppData\Local\UnrealEngineLauncher 2021-04-09 14:20 - 2021-04-09 14:20 - 000000000 ____D C:\Users\emreu\AppData\Local\UnrealEngine 2021-04-09 14:20 - 2021-04-09 14:20 - 000000000 ____D C:\Users\emreu\AppData\Local\EpicGamesLauncher 2021-04-09 14:20 - 2021-04-09 14:20 - 000000000 ____D C:\Program Files (x86)\Epic Games 2021-04-09 14:19 - 2021-04-09 16:46 - 000000000 ___HD C:\$WinREAgent 2021-04-09 14:19 - 2021-04-09 14:20 - 056827904 _____ C:\Users\emreu\Downloads\EpicInstaller-12.1.1.msi 2021-04-09 14:06 - 2021-04-09 14:06 - 000004460 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1617966364 2021-04-09 14:06 - 2021-04-09 14:06 - 000004204 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1617966362 2021-04-09 14:06 - 2021-04-09 14:06 - 000001403 _____ C:\Users\emreu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera tarayıcı.lnk 2021-04-09 14:06 - 2021-04-09 14:06 - 000000000 ____D C:\Users\emreu\AppData\Local\Opera Software 2021-04-09 14:05 - 2021-04-09 14:05 - 000000000 ____D C:\Users\emreu\AppData\Roaming\Opera Software 2021-04-09 13:36 - 2021-04-09 13:36 - 000000000 ____D C:\Users\emreu\AppData\Local\OO Software 2021-04-09 13:28 - 2020-10-15 13:59 - 000034064 ____N (ASUSTeK Computer Inc.) C:\Windows\system32\Drivers\IOMap64.sys 2021-04-09 13:27 - 2021-04-09 13:27 - 000000000 ____D C:\Windows\system32\Tasks\ASUS 2021-04-09 13:27 - 2021-04-09 13:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS 2021-04-09 13:25 - 2021-04-09 13:25 - 000000000 ____D C:\Users\emreu\AppData\Roaming\AMD 2021-04-09 13:25 - 2021-04-09 13:25 - 000000000 ____D C:\Program Files (x86)\AMD 2021-04-09 13:23 - 2021-04-09 18:28 - 000003126 _____ C:\Windows\system32\Tasks\AMDInstallLauncher 2021-04-09 13:23 - 2021-04-09 18:28 - 000003110 _____ C:\Windows\system32\Tasks\AMDLinkUpdate 2021-04-09 13:23 - 2021-04-09 13:23 - 000003488 _____ C:\Windows\system32\Tasks\ModifyLinkUpdate 2021-04-09 13:23 - 2021-04-09 13:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool 2021-04-09 13:22 - 2021-04-09 13:24 - 000000000 ____D C:\Users\emreu\AppData\Local\AMD 2021-04-09 13:22 - 2021-04-09 13:22 - 000003160 _____ C:\Windows\system32\Tasks\StartCN 2021-04-09 13:22 - 2021-04-09 13:22 - 000003080 _____ C:\Windows\system32\Tasks\StartDVR 2021-04-09 13:22 - 2021-04-09 13:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Software 2021-04-09 13:22 - 2021-03-23 21:20 - 000107048 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\amdkmpfd.sys 2021-04-09 13:22 - 2021-03-10 22:43 - 002241008 _____ (AMD Inc.) C:\Windows\SysWOW64\AMDBugReportTool.exe 2021-04-09 13:21 - 2021-04-09 13:21 - 000000000 ____D C:\ProgramData\AMD 2021-04-09 13:18 - 2021-04-09 13:18 - 000000000 ____D C:\ProgramData\Propagation 2021-04-09 12:58 - 2021-04-09 13:27 - 000000000 ____D C:\Program Files (x86)\ASUS 2021-04-09 12:58 - 2021-04-09 12:57 - 000120880 _____ C:\Windows\system32\AsIO2.dll 2021-04-09 12:58 - 2021-04-09 12:57 - 000095280 _____ C:\Windows\SysWOW64\AsIO2.dll 2021-04-09 12:57 - 2021-04-09 13:28 - 000000000 ____D C:\ProgramData\ASUS 2021-04-09 12:57 - 2021-04-09 12:57 - 000035136 _____ C:\Windows\system32\Drivers\AsIO2.sys 2021-04-09 12:49 - 2021-04-09 12:52 - 000000000 ____D C:\Users\emreu\AppData\LocalLow\AMD 2021-04-09 12:45 - 2021-04-09 12:41 - 040149888 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT 2021-04-09 12:45 - 2021-04-09 12:41 - 006792792 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys 2021-04-09 12:45 - 2021-04-09 12:41 - 001145464 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtCOM64.dll 2021-04-09 12:45 - 2021-04-09 12:41 - 001081648 _____ (Realtek Semiconductor) C:\Windows\system32\RtkAudUService64.exe 2021-04-09 12:45 - 2021-04-09 12:41 - 000844896 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64U.dll 2021-04-09 12:45 - 2021-04-09 12:41 - 000468776 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll 2021-04-09 12:45 - 2021-04-09 12:41 - 000274720 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTHDASIO64.dll 2021-04-09 12:45 - 2021-04-09 12:41 - 000229664 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RTHDASIO.dll 2021-04-09 12:45 - 2021-04-09 12:41 - 000224280 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll 2021-04-09 12:43 - 2021-04-09 12:43 - 000000000 ____D C:\Users\emreu\AppData\Local\RadeonInstaller 2021-04-09 12:42 - 2021-04-09 13:01 - 000000000 ____D C:\ProgramData\UWP 2021-04-09 12:41 - 2021-04-09 12:46 - 000000000 ___HD C:\Program Files (x86)\Temp 2021-04-09 12:41 - 2021-04-09 12:41 - 002877104 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll 2021-04-09 12:41 - 2021-04-09 12:41 - 000000000 ____D C:\Windows\system32\DTS 2021-04-09 12:41 - 2021-04-09 12:41 - 000000000 ____D C:\ProgramData\DTSAudio 2021-04-09 12:40 - 2021-04-09 12:40 - 000000000 ____D C:\Users\emreu\AppData\Local\OneDrive 2021-04-09 12:27 - 2021-04-09 14:29 - 000000000 ____D C:\ProgramData\Package Cache 2021-04-09 12:27 - 2021-04-09 13:25 - 000000000 ____D C:\AMD 2021-04-09 12:27 - 2021-04-09 13:18 - 000000000 ____D C:\Users\emreu\AppData\Local\cache 2021-04-09 12:27 - 2021-04-09 12:27 - 000000000 ____D C:\Users\emreu\AppData\Local\setup 2021-04-09 12:26 - 2021-04-09 13:27 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2021-04-09 12:26 - 2021-04-09 12:43 - 000000000 ____D C:\Program Files (x86)\Realtek 2021-04-09 12:26 - 2021-04-09 12:25 - 001146456 _____ (Realtek ) C:\Windows\system32\Drivers\rt640x64.sys 2021-04-09 12:25 - 2021-04-09 12:25 - 000000000 ____D C:\Users\emreu\AppData\Local\Comms 2021-04-09 12:23 - 2021-04-09 17:41 - 000000000 ____D C:\Users\emreu\AppData\Local\D3DSCache 2021-04-09 12:18 - 2021-04-09 13:22 - 000000000 ____D C:\Program Files\AMD 2021-04-09 12:18 - 2021-04-09 12:46 - 000000000 ____D C:\Windows\system32\AMD 2021-04-09 12:11 - 2021-04-09 17:11 - 001592894 _____ C:\Windows\system32\PerfStringBackup.INI 2021-04-09 12:11 - 2021-04-09 14:16 - 000000000 ____D C:\Users\emreu\AppData\Local\Google 2021-04-09 12:11 - 2021-04-09 14:16 - 000000000 ____D C:\Program Files (x86)\Google 2021-04-09 12:10 - 2021-04-09 16:48 - 000000000 ___RD C:\Users\emreu\OneDrive 2021-04-09 12:10 - 2021-04-09 12:10 - 000000000 ___HD C:\OneDriveTemp 2021-04-09 12:08 - 2021-04-09 18:28 - 000000000 ____D C:\Users\emreu\AppData\Local\Packages 2021-04-09 12:08 - 2021-04-09 17:10 - 000000000 ____D C:\Users\emreu\AppData\Local\ConnectedDevicesPlatform 2021-04-09 12:08 - 2021-04-09 12:08 - 000000000 ___RD C:\Users\emreu\3D Objects 2021-04-09 12:08 - 2021-04-09 12:08 - 000000000 ____D C:\Users\emreu\AppData\Roaming\Adobe 2021-04-09 12:08 - 2021-04-09 12:08 - 000000000 ____D C:\Users\emreu\AppData\Local\VirtualStore 2021-04-09 12:08 - 2021-04-09 12:08 - 000000000 ____D C:\Users\emreu\AppData\Local\Publishers 2021-04-09 12:06 - 2021-04-09 13:20 - 000000000 ____D C:\Users\emreu 2021-04-09 12:06 - 2021-04-09 12:06 - 000000020 ___SH C:\Users\emreu\ntuser.ini 2021-04-09 12:06 - 2021-04-09 12:06 - 000000000 _SHDL C:\Users\emreu\Documents\Videolarım 2021-04-09 12:06 - 2021-04-09 12:06 - 000000000 _SHDL C:\Users\emreu\Documents\Resimlerim 2021-04-09 12:06 - 2021-04-09 12:06 - 000000000 _SHDL C:\Users\emreu\Documents\Müziğim 2021-04-09 12:06 - 2021-04-09 12:06 - 000000000 _SHDL C:\Users\emreu\Belgelerim 2021-04-09 12:06 - 2021-04-09 12:06 - 000000000 _SHDL C:\Users\emreu\AppData\Roaming\Microsoft\Windows\Start Menu\Programlar 2021-04-09 12:04 - 2021-04-09 12:04 - 000000000 _SHDL C:\Users\Public\Documents\Videolarım 2021-04-09 12:04 - 2021-04-09 12:04 - 000000000 _SHDL C:\Users\Public\Documents\Resimlerim 2021-04-09 12:04 - 2021-04-09 12:04 - 000000000 _SHDL C:\Users\Public\Documents\Müziğim 2021-04-09 12:04 - 2021-04-09 12:04 - 000000000 _SHDL C:\Users\Default\Documents\Videolarım 2021-04-09 12:04 - 2021-04-09 12:04 - 000000000 _SHDL C:\Users\Default\Documents\Resimlerim 2021-04-09 12:04 - 2021-04-09 12:04 - 000000000 _SHDL C:\Users\Default\Documents\Müziğim 2021-04-09 12:04 - 2021-04-09 12:04 - 000000000 _SHDL C:\Users\Default\Belgelerim 2021-04-09 12:04 - 2021-04-09 12:04 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programlar 2021-04-09 12:04 - 2021-04-09 12:04 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programlar 2021-04-09 12:04 - 2021-04-09 12:04 - 000000000 _SHDL C:\ProgramData\Belgeler 2021-04-09 12:04 - 2021-04-09 12:04 - 000000000 _SHDL C:\Documents and Settings 2021-04-09 12:03 - 2021-04-09 17:05 - 000008192 ___SH C:\DumpStack.log.tmp 2021-04-09 12:03 - 2021-04-09 12:03 - 000002858 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1321759622-1913416926-2370318738-500 2021-04-09 12:03 - 2021-04-09 12:03 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2021-04-09 12:02 - 2021-04-09 12:04 - 000000000 ____D C:\Windows\Panther 2021-03-23 21:21 - 2021-03-23 21:21 - 001857224 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe 2021-03-23 21:21 - 2021-03-23 21:21 - 001857224 _____ C:\Windows\system32\vulkaninfo.exe 2021-03-23 21:21 - 2021-03-23 21:21 - 001437920 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2021-03-23 21:21 - 2021-03-23 21:21 - 001437920 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2021-03-23 21:21 - 2021-03-23 21:21 - 001093104 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll 2021-03-23 21:21 - 2021-03-23 21:21 - 001093104 _____ C:\Windows\system32\vulkan-1.dll 2021-03-23 21:21 - 2021-03-23 21:21 - 000946272 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll 2021-03-23 21:21 - 2021-03-23 21:21 - 000946272 _____ C:\Windows\SysWOW64\vulkan-1.dll 2021-03-23 21:21 - 2021-03-23 21:21 - 000798928 _____ (AMD) C:\Windows\system32\atieclxx.exe 2021-03-23 21:21 - 2021-03-23 21:21 - 000735952 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Rapidfire64.dll 2021-03-23 21:21 - 2021-03-23 21:21 - 000620240 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\Rapidfire.dll 2021-03-23 21:21 - 2021-03-23 21:21 - 000495840 _____ C:\Windows\system32\GameManager64.dll 2021-03-23 21:21 - 2021-03-23 21:21 - 000492240 _____ C:\Windows\system32\dgtrayicon.exe 2021-03-23 21:21 - 2021-03-23 21:21 - 000467664 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll 2021-03-23 21:21 - 2021-03-23 21:21 - 000455376 _____ C:\Windows\system32\atieah64.exe 2021-03-23 21:21 - 2021-03-23 21:21 - 000431824 _____ C:\Windows\system32\EEURestart.exe 2021-03-23 21:21 - 2021-03-23 21:21 - 000379104 _____ C:\Windows\SysWOW64\GameManager32.dll 2021-03-23 21:21 - 2021-03-23 21:21 - 000350928 _____ C:\Windows\SysWOW64\atieah32.exe 2021-03-23 21:21 - 2021-03-23 21:21 - 000345808 _____ C:\Windows\system32\clinfo.exe 2021-03-23 21:21 - 2021-03-23 21:21 - 000244432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll 2021-03-23 21:21 - 2021-03-23 21:21 - 000212176 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll 2021-03-23 21:21 - 2021-03-23 21:21 - 000186064 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll 2021-03-23 21:21 - 2021-03-23 21:21 - 000166096 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll 2021-03-23 21:21 - 2021-03-23 21:21 - 000165584 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll 2021-03-23 21:21 - 2021-03-23 21:21 - 000155856 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll 2021-03-23 21:21 - 2021-03-23 21:21 - 000141536 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll 2021-03-23 21:21 - 2021-03-23 21:21 - 000139984 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll 2021-03-23 21:21 - 2021-03-23 21:21 - 000134864 _____ (AMD) C:\Windows\system32\atimuixx.dll 2021-03-23 21:21 - 2021-03-23 21:21 - 000124624 _____ C:\Windows\system32\atidxx64.dll 2021-03-23 21:21 - 2021-03-23 21:21 - 000106704 _____ C:\Windows\SysWOW64\atidxx32.dll 2021-03-23 21:21 - 2021-03-23 21:21 - 000089808 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mcl64.dll 2021-03-23 21:21 - 2021-03-23 21:21 - 000074448 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mcl32.dll 2021-03-23 21:21 - 2021-03-23 21:21 - 000045768 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\RapidFireServer64.dll 2021-03-23 21:21 - 2021-03-23 21:21 - 000042696 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\RapidFireServer.dll 2021-03-23 21:21 - 2021-03-23 21:21 - 000019248 _____ (Microsoft Corporation) C:\Windows\system32\detoured.dll 2021-03-23 21:21 - 2021-03-23 21:21 - 000019240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\detoured.dll 2021-03-23 21:20 - 2021-03-23 21:20 - 081414864 _____ C:\Windows\system32\amd_comgr.dll 2021-03-23 21:20 - 2021-03-23 21:20 - 066865360 _____ C:\Windows\SysWOW64\amd_comgr32.dll 2021-03-23 21:20 - 2021-03-23 21:20 - 005221584 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amfrt64.dll 2021-03-23 21:20 - 2021-03-23 21:20 - 004986592 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amfrt32.dll 2021-03-23 21:20 - 2021-03-23 21:20 - 001766608 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll 2021-03-23 21:20 - 2021-03-23 21:20 - 001492176 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiacm64.dll 2021-03-23 21:20 - 2021-03-23 21:20 - 001338592 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll 2021-03-23 21:20 - 2021-03-23 21:20 - 001338592 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll 2021-03-23 21:20 - 2021-03-23 21:20 - 000940240 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll 2021-03-23 21:20 - 2021-03-23 21:20 - 000767696 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll 2021-03-23 21:20 - 2021-03-23 21:20 - 000465616 _____ C:\Windows\system32\amdlogum.exe 2021-03-23 21:20 - 2021-03-23 21:20 - 000201512 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdihk64.dll 2021-03-23 21:20 - 2021-03-23 21:20 - 000181472 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll 2021-03-23 21:20 - 2021-03-23 21:20 - 000169064 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdihk32.dll 2021-03-23 21:20 - 2021-03-23 21:20 - 000157728 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll 2021-03-23 21:20 - 2021-03-23 21:20 - 000149200 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2021-03-23 21:20 - 2021-03-23 21:20 - 000129744 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2021-03-23 21:20 - 2021-03-23 21:20 - 000121552 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdxc64.dll 2021-03-23 21:20 - 2021-03-23 21:20 - 000106192 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdxc32.dll 2021-03-23 21:20 - 2021-03-23 21:20 - 000069328 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ati2erec.dll 2021-03-23 21:19 - 2021-03-23 21:19 - 072437968 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdhip64.dll 2021-03-23 21:19 - 2021-03-23 21:19 - 001685080 _____ (AMD) C:\Windows\system32\amf-mft-mjpeg-decoder64.dll 2021-03-23 21:19 - 2021-03-23 21:19 - 001364432 _____ (AMD) C:\Windows\SysWOW64\amf-mft-mjpeg-decoder32.dll 2021-03-23 21:19 - 2021-03-23 21:19 - 000546256 _____ C:\Windows\system32\amdmiracast.dll 2021-03-23 21:19 - 2021-03-23 21:19 - 000488656 _____ C:\Windows\system32\amdgfxinfo64.dll 2021-03-23 21:19 - 2021-03-23 21:19 - 000379088 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll 2021-03-23 21:19 - 2021-03-23 21:19 - 000135376 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll 2021-03-23 21:19 - 2021-03-23 21:19 - 000129696 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll 2021-03-23 21:19 - 2021-03-23 21:19 - 000129696 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll 2021-03-23 21:19 - 2021-03-23 21:19 - 000119744 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll 2021-03-23 21:19 - 2021-03-23 21:19 - 000107712 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll 2021-03-23 21:19 - 2021-03-23 21:19 - 000107712 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll 2021-03-23 19:48 - 2021-03-23 19:48 - 058675112 _____ C:\Windows\system32\amdxc64.so 2021-03-23 19:48 - 2021-03-23 19:48 - 003471376 _____ C:\Windows\SysWOW64\atiumdva.cap 2021-03-23 19:48 - 2021-03-23 19:48 - 003437632 _____ C:\Windows\system32\atiumd6a.cap 2021-03-23 19:48 - 2021-03-23 19:48 - 000556128 _____ C:\Windows\SysWOW64\atiapfxx.blb 2021-03-23 19:48 - 2021-03-23 19:48 - 000556128 _____ C:\Windows\system32\atiapfxx.blb 2021-03-23 19:48 - 2021-03-23 19:48 - 000204952 _____ C:\Windows\SysWOW64\ativvsvl.dat 2021-03-23 19:48 - 2021-03-23 19:48 - 000204952 _____ C:\Windows\system32\ativvsvl.dat 2021-03-23 19:48 - 2021-03-23 19:48 - 000157144 _____ C:\Windows\SysWOW64\ativvsva.dat 2021-03-23 19:48 - 2021-03-23 19:48 - 000157144 _____ C:\Windows\system32\ativvsva.dat 2021-03-23 19:48 - 2021-03-23 19:48 - 000154384 _____ C:\Windows\system32\samu_krnl_ci.sbin 2021-03-23 19:48 - 2021-03-23 19:48 - 000138832 _____ C:\Windows\system32\samu_krnl_isv_ci.sbin 2021-03-23 19:48 - 2021-03-23 19:48 - 000125488 _____ C:\Windows\system32\kapp_ci.sbin 2021-03-23 19:48 - 2021-03-23 19:48 - 000121168 _____ C:\Windows\system32\kapp_si.sbin 2021-03-23 19:48 - 2021-03-23 19:48 - 000076237 _____ C:\Windows\system32\AMDKernelEvents.man 2021-03-23 19:48 - 2021-03-23 19:48 - 000012344 _____ C:\Windows\system32\brandingWS_RSX.bmp 2021-03-23 19:48 - 2021-03-23 19:48 - 000012344 _____ C:\Windows\system32\brandingRSX.bmp 2021-03-23 19:48 - 2021-03-23 19:48 - 000011014 _____ C:\Windows\system32\atiacmLocalisation.ini 2021-03-23 19:48 - 2021-03-23 19:48 - 000000822 _____ C:\Windows\system32\branding.bmp ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2021-04-09 18:30 - 2019-12-07 12:14 - 000000000 ____D C:\Program Files\Common Files\System 2021-04-09 18:29 - 2019-12-07 12:03 - 000000000 ____D C:\Windows\CbsTemp 2021-04-09 18:28 - 2019-12-07 12:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-04-09 18:28 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\AppReadiness 2021-04-09 18:28 - 2019-12-07 12:03 - 000000000 ____D C:\Windows\servicing 2021-04-09 18:27 - 2019-12-07 12:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-04-09 18:03 - 2019-12-07 12:13 - 000000000 ____D C:\Windows\INF 2021-04-09 17:41 - 2020-11-18 23:33 - 000000000 ____D C:\Windows\system32\SleepStudy 2021-04-09 17:11 - 2019-12-07 17:43 - 000670170 _____ C:\Windows\system32\perfh01F.dat 2021-04-09 17:11 - 2019-12-07 17:43 - 000136400 _____ C:\Windows\system32\perfc01F.dat 2021-04-09 17:11 - 2019-12-07 12:03 - 000032768 _____ C:\Windows\system32\config\ELAM 2021-04-09 17:10 - 2019-12-07 12:14 - 000000000 ___HD C:\Windows\ELAMBKUP 2021-04-09 17:05 - 2020-11-19 02:34 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2021-04-09 17:05 - 2020-11-18 23:33 - 000439032 _____ C:\Windows\system32\FNTCACHE.DAT 2021-04-09 17:04 - 2019-12-07 17:45 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2021-04-09 17:04 - 2019-12-07 17:45 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ___SD C:\Windows\SysWOW64\F12 2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs 2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ___SD C:\Windows\system32\UNP 2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ___SD C:\Windows\system32\F12 2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs 2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ___RD C:\Windows\PrintDialog 2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\SysWOW64\setup 2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation 2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\SysWOW64\oobe 2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\SysWOW64\Keywords 2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\SysWOW64\Dism 2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\SysWOW64\Com 2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\SysWOW64\AdvancedInstallers 2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\SystemResources 2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns 2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\system32\SystemResetPlatform 2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\system32\Sysprep 2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\system32\setup 2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation 2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\system32\oobe 2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\system32\migwiz 2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\system32\Keywords 2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\system32\es-MX 2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\system32\Dism 2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\system32\Com 2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\system32\AdvancedInstallers 2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\ShellExperiences 2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\ShellComponents 2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\Provisioning 2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\PolicyDefinitions 2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\IME 2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\bcastdvr 2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Program Files\Windows Defender 2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2021-04-09 17:04 - 2019-12-07 12:03 - 000524288 _____ C:\Windows\system32\config\BBI 2021-04-09 16:50 - 2020-11-19 02:36 - 002877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll 2021-04-09 16:46 - 2019-12-07 12:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2021-04-09 13:03 - 2020-11-19 02:37 - 000000000 ____D C:\ProgramData\Packages 2021-04-09 12:40 - 2020-03-25 00:11 - 000442384 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdtee_api.dll 2021-04-09 12:40 - 2020-03-25 00:11 - 000355856 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdtee_api.dll 2021-04-09 12:40 - 2020-03-25 00:11 - 000135184 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\Drivers\amdpsp.sys 2021-04-09 12:24 - 2019-12-07 17:44 - 000000000 ____D C:\Windows\OCR 2021-04-09 12:15 - 2020-11-19 02:36 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-04-09 12:10 - 2020-11-19 02:37 - 000000000 __RHD C:\Users\Public\AccountPictures 2021-04-09 12:06 - 2020-11-19 02:36 - 000003566 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-04-09 12:06 - 2020-11-19 02:36 - 000003442 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-04-09 12:05 - 2019-12-07 17:44 - 000000000 ____D C:\Windows\system32\FxsTmp 2021-04-09 12:05 - 2019-12-07 12:14 - 000000000 ____D C:\ProgramData\USOPrivate 2021-04-09 12:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\ServiceState 2021-04-09 12:04 - 2019-12-07 12:14 - 000000000 ____D C:\Program Files\Windows NT 2021-04-09 12:02 - 2019-12-07 12:14 - 000028672 _____ C:\Windows\system32\config\BCD-Template ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-04-2021 Ran by emreu (09-04-2021 18:30:12) Running from C:\Users\emreu\Desktop Windows 10 Home Version 20H2 19042.867 (X64) (2021-04-09 09:04:50) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1321759622-1913416926-2370318738-500 - Administrator - Disabled) emreu (S-1-5-21-1321759622-1913416926-2370318738-1001 - Administrator - Enabled) => C:\Users\emreu Guest (S-1-5-21-1321759622-1913416926-2370318738-501 - Limited - Disabled) VarsayılanHesap (S-1-5-21-1321759622-1913416926-2370318738-503 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-1321759622-1913416926-2370318738-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Kaspersky Security Cloud (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23} FW: Kaspersky Security Cloud (Enabled) {774D7037-0984-41B0-3A87-5E88E680AD58} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 3.00.69 - ASUSTeK Computer Inc.) AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 2.11.26.106 - Advanced Micro Devices, Inc.) AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 21.3.1 - Advanced Micro Devices, Inc.) AMD_Chipset_Drivers (HKLM-x32\...\{ac726f18-c961-4fa1-a46d-6f0c644cd12b}) (Version: 2.11.26.106 - Advanced Micro Devices, Inc.) Hidden Branding64 (HKLM\...\{856DA29A-EA4A-468B-BBC2-B5F60DD75BFE}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden Epic Games Launcher (HKLM-x32\...\{C5DBFFD8-8D64-4AE4-97DD-946D67C232B5}) (Version: 1.2.11.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Epic Online Services (HKLM-x32\...\{0B736177-814A-4ADE-81D1-66A0FDD55BB4}) (Version: 1.1.11.0 - Epic Games, Inc.) HP Deskjet 1510 series Temel Aygıt Yazılımı (HKLM\...\{C43373FC-9027-4AD4-BFCD-2AD96298B4DF}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) Kaspersky Security Cloud (HKLM-x32\...\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Hidden Kaspersky Security Cloud (HKLM-x32\...\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Kurumlar için Microsoft 365 Uygulamaları - tr-tr (HKLM\...\O365ProPlusRetail - tr-tr) (Version: 16.0.13127.20616 - Microsoft Corporation) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.68 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1321759622-1913416926-2370318738-1001\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-1321759622-1913416926-2370318738-1001\...\Teams) (Version: 1.4.00.8872 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13127.20616 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13127.20616 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13127.20616 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-041F-0000-0000000FF1CE}) (Version: 16.0.13127.20616 - Microsoft Corporation) Hidden Opera Stable 75.0.3969.149 (HKU\S-1-5-21-1321759622-1913416926-2370318738-1001\...\Opera 75.0.3969.149) (Version: 75.0.3969.149 - Opera Software) Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 2.0.1.0 - Advanced Micro Devices, Inc.) Hidden qBittorrent 4.3.4.1 (HKLM-x32\...\qBittorrent) (Version: 4.3.4.1 - The qBittorrent project) Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8971.1 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.42.526.2020 - Realtek) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Packages: ========= AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.45011.0_x64__0a9344xs7nr4m [2021-04-09] (Advanced Micro Devices Inc.) [Startup Task] DTS Custom for Asus -> C:\Program Files\WindowsApps\DTSInc.DTSCustomforAsus_2.1.1.0_x64__t5j2fzbtdg37r [2021-04-09] (DTS, Inc.) Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2019-12-07] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2019-12-07] (Microsoft Corporation) [MS Ad] Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.14.221.0_x64__dt26b99r8h8gj [2021-04-09] (Realtek Semiconductor Corp) Your Phone -> C:\Program Files\WindowsApps\Microsoft.YourPhone_0.19051.7.0_x64__8wekyb3d8bbwe [2019-12-07] (Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1321759622-1913416926-2370318738-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\emreu\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20339.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-04-09] (Kaspersky Lab JSC -> AO Kaspersky Lab) ContextMenuHandlers2: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-04-09] (Kaspersky Lab JSC -> AO Kaspersky Lab) ContextMenuHandlers4: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-04-09] (Kaspersky Lab JSC -> AO Kaspersky Lab) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Windows\System32\atiacm64.dll [2021-03-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) ContextMenuHandlers6: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-04-09] (Kaspersky Lab JSC -> AO Kaspersky Lab) ==================== Codecs (Whitelisted) ==================== ==================== Shortcuts & WMI ======================== ==================== Loaded Modules (Whitelisted) ============= 2021-04-09 13:27 - 2020-10-30 09:16 - 000886272 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll 2021-04-09 13:27 - 2020-10-30 09:16 - 000996864 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll 2021-04-09 13:27 - 2020-10-30 09:16 - 000990208 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll 2021-04-09 13:27 - 2020-10-30 09:16 - 000952832 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll 2021-04-09 13:27 - 2021-04-09 12:57 - 006065152 _____ () [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.94\libprotobufd.dll 2021-01-05 11:56 - 2021-01-05 11:56 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll 2021-01-05 11:56 - 2021-01-05 11:56 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll 2021-03-10 14:21 - 2021-03-10 14:21 - 001640448 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\WVR\OpenVR\bin\win64\driver_amdwvr.dll 2021-01-05 11:57 - 2021-01-05 11:57 - 001189888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll 2021-01-05 11:56 - 2021-01-05 11:56 - 006184448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll 2021-01-05 11:56 - 2021-01-05 11:56 - 006867456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll 2021-01-05 11:56 - 2021-01-05 11:56 - 001104896 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll 2021-01-05 11:56 - 2021-01-05 11:56 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll 2021-01-05 11:56 - 2021-01-05 11:56 - 003668480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll 2021-01-05 11:56 - 2021-01-05 11:56 - 000517120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlModels.dll 2021-01-05 11:56 - 2021-01-05 11:56 - 004228608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll 2021-01-05 11:56 - 2021-01-05 11:56 - 000205824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll 2021-01-05 11:56 - 2021-01-05 11:56 - 000127488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll 2021-01-05 11:56 - 2021-01-05 11:56 - 000390656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll 2021-01-05 11:56 - 2021-01-05 11:56 - 095598080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll 2021-01-05 11:56 - 2021-01-05 11:56 - 005587968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll 2021-01-05 11:56 - 2021-01-05 11:56 - 000462848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll 2021-01-05 11:56 - 2021-01-05 11:56 - 000188928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll 2021-01-05 11:56 - 2021-01-05 11:56 - 002878464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll ==================== Alternate Data Streams (Whitelisted) ======== ==================== Safe Mode (Whitelisted) ================== ==================== Association (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-04-09] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-04-09] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation) (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-1321759622-1913416926-2370318738-1001\...\sharepoint.com -> hxxps://comuedutr-files.sharepoint.com ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2019-12-07 12:14 - 2019-12-07 12:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1321759622-1913416926-2370318738-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\emreu\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\3b8ad2c7b1be2caf24321c852103598a.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{ED884AD5-A580-417C-B699-FFB249F019B1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{7A96506E-5D57-49B7-9A28-07FEA9F7E5BD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{139D7014-AEFE-4256-BE3B-27AE3EF4FAB6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{0F4877CD-6319-473A-AD61-81EA10EAA14B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{49EB3322-31ED-49C6-8D54-4ABDFF5BAE04}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed] FirewallRules: [{1A7F7B58-D8C3-4197-A13A-705135A2D9DC}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed] FirewallRules: [{55CA4CAA-9FD1-4A42-B25E-4C0151ABA59F}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\USBSetup.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{A327D8A6-1CF2-42DA-A5F1-30E3097A6AC7}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{2CBA630E-E5FE-4C98-9BAB-B4712C9B494E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{D8F02ECD-FD10-418B-AAE2-5BDA14C3B98F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{28BC58E5-E25F-41E3-AC21-B15E3659BBDA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{FB1BD2C1-D745-42E8-BC63-937FBAFF6AF4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{17FF23A6-2534-45D0-8C8A-C2DC366CE575}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{8C534569-373D-4A39-9202-D956B57AE575}C:\users\emreu\appdata\local\programs\opera\75.0.3969.149\opera.exe] => (Allow) C:\users\emreu\appdata\local\programs\opera\75.0.3969.149\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [UDP Query User{88709749-02AC-4311-A134-763C6A65112F}C:\users\emreu\appdata\local\programs\opera\75.0.3969.149\opera.exe] => (Allow) C:\users\emreu\appdata\local\programs\opera\75.0.3969.149\opera.exe (Opera Software AS -> Opera Software) ==================== Restore Points ========================= 09-04-2021 12:18:22 Windows Update 09-04-2021 13:36:46 O&O ShutUp10 ==================== Faulty Device Manager Devices ============ ==================== Event log errors: ======================== Application errors: ================== Error: (04/09/2021 04:52:57 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program SystemSettings.exe version 10.0.19041.610 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 1050 Start Time: 01d72d466559452b Termination Time: 4294967295 Application Path: C:\Windows\ImmersiveControlPanel\SystemSettings.exe Report Id: c2423c5c-a794-4ac0-b1ad-926c26b952ab Faulting package full name: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel Hang type: Quiesce Error: (04/09/2021 04:47:32 PM) (Source: SideBySide) (EventID: 35) (User: ) Description: Activation context generation failed for "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest".Error in manifest or policy file "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" on line 1. Component identity found in manifest does not match the identity of the component requested. Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0". Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0". Please use sxstrace.exe for detailed diagnosis. Error: (04/09/2021 03:48:30 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: ) Description: Installation of the Proof of Purchase failed. 0xC004F069 Partial Pkey=GCQG9 ACID=? Detailed Error[?] Error: (04/09/2021 03:48:30 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: ) Description: Installation of the Proof of Purchase failed. 0xC004F069 Partial Pkey=T83GX ACID=? Detailed Error[?] Error: (04/09/2021 01:38:35 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: License Activation (slui.exe) failed with the following error code: hr=0x803F7001 Command-line arguments: RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2b1f36bb-c1cd-4306-bf5c-a0367c2d97d8;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (04/09/2021 01:38:31 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: License Activation (slui.exe) failed with the following error code: hr=0x8007139F Command-line arguments: RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2b1f36bb-c1cd-4306-bf5c-a0367c2d97d8;NotificationInterval=1440;Trigger=NetworkAvailable Error: (04/09/2021 01:28:37 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: License Activation (slui.exe) failed with the following error code: hr=0x803F7001 Command-line arguments: RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2b1f36bb-c1cd-4306-bf5c-a0367c2d97d8;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (04/09/2021 01:28:09 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: License Activation (slui.exe) failed with the following error code: hr=0x8007139F Command-line arguments: RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2b1f36bb-c1cd-4306-bf5c-a0367c2d97d8;NotificationInterval=1440;Trigger=NetworkAvailable System errors: ============= Error: (04/09/2021 05:11:08 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: The ScRegSetValueExW call failed for Start with the following error: Erişim engellendi. Error: (04/09/2021 05:06:34 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x8024200b: Microsoft Defender Antivirus İçin Güvenlik Zekâsı Güncelleştirmesi - KB2267602 (Sürüm 1.335.497.0). Error: (04/09/2021 04:57:43 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: EnterpriseDeviceManagement.Service.AutoPilot.AutoPilotServer sunucusu belirtilen zaman aşımı süresi içinde DCOM'a kayıt yaptıramadı. Error: (04/09/2021 04:54:08 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x8024200b: Microsoft Defender Antivirus İçin Güvenlik Zekâsı Güncelleştirmesi - KB2267602 (Sürüm 1.335.497.0). Error: (04/09/2021 04:53:03 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: EnterpriseDeviceManagement.Service.AutoPilot.AutoPilotServer sunucusu belirtilen zaman aşımı süresi içinde DCOM'a kayıt yaptıramadı. Error: (04/09/2021 02:31:34 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x8024200b: Microsoft Defender Antivirus İçin Güvenlik Zekâsı Güncelleştirmesi - KB2267602 (Sürüm 1.335.493.0). Error: (04/09/2021 02:29:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Steam Client Service service failed to start due to the following error: Hizmet, belirli aralıklarla yapılan başlama veya denetim isteğine yanıt vermedi. Error: (04/09/2021 02:29:41 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect. Windows Defender: ================ Date: 2021-04-09 17:06:34 Description: Microsoft Defender Antivirus has encountered an error trying to update the engine. New Engine Version: 1.1.18000.5 Previous Engine Version: 1.1.16400.2 Error Code: 0x8050800c Error description: Beklenmeyen bir hata oluştu. Mevcut güncelleştirmelerin tümünü yükleyin, ardından programı yeniden başlatmayı deneyin. Güncelleştirmeleri yükleme hakkında bilgi için Yardım ve Destek'e bakın. Date: 2021-04-09 16:54:07 Description: Microsoft Defender Antivirus has encountered an error trying to update the engine. New Engine Version: 1.1.18000.5 Previous Engine Version: 1.1.16400.2 Error Code: 0x8050800c Error description: Beklenmeyen bir hata oluştu. Mevcut güncelleştirmelerin tümünü yükleyin, ardından programı yeniden başlatmayı deneyin. Güncelleştirmeleri yükleme hakkında bilgi için Yardım ve Destek'e bakın. Date: 2021-04-09 14:31:34 Description: Microsoft Defender Antivirus has encountered an error trying to update the engine. New Engine Version: 1.1.18000.5 Previous Engine Version: 1.1.16400.2 Error Code: 0x8050800c Error description: Beklenmeyen bir hata oluştu. Mevcut güncelleştirmelerin tümünü yükleyin, ardından programı yeniden başlatmayı deneyin. Güncelleştirmeleri yükleme hakkında bilgi için Yardım ve Destek'e bakın. ==================== Memory info =========================== BIOS: American Megatrends Inc. 2006 11/13/2019 Motherboard: ASUSTeK COMPUTER INC. TUF B450M-PRO GAMING Processor: AMD Ryzen 5 3600 6-Core Processor Percentage of memory in use: 31% Total physical RAM: 16315.33 MB Available physical RAM: 11176.79 MB Total Virtual: 19259.33 MB Available Virtual: 12238.27 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:465.13 GB) (Free:410.44 GB) NTFS Drive d: () (Fixed) (Total:931.5 GB) (Free:922.9 GB) NTFS \\?\Volume{31bb8b81-9b76-4720-97ba-2a95244f8610}\ (Kurtarma) (Fixed) (Total:0.52 GB) (Free:0.09 GB) NTFS \\?\Volume{ed7dbf26-4e38-46d5-995b-27edce1ea6cc}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 1 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000) Partition: GPT. ==================== End of Addition.txt =======================
Edited by siroynthe, 09 April 2021 - 09:46 AM.