Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Is My PC Infected? [Solved]

infection virus trojan rat ament.ini

  • This topic is locked This topic is locked

#1
siroynthe

siroynthe

    New Member

  • Member
  • Pip
  • 1 posts

Hey everyone! A few days ago, I unfortunately ran an executable which had been labeled as a RAT virus by Windows Defender. Since the file was a gamehack tool, I mostly thought that it could be a false positive and ignored the warning. After a day or two, though, my Discord account was in a server which I hadn't joined beforehand and seemed to have sent a lot of spam messages. I immediately deleted the file, and did a lot of scans with both Defender and KIS. I also took it a bit further and just fresh installed my Windows. However, again, I saw this file called "ament.ini" in ProgramData files, which I looked up on the internet. I deleted the file after having read something along the lines of "pendrive virus". Anyway, long story short, I'm wondering whether the virus could have survived the formatting. My logs are as follows. Thank you kindly in advance  :geek: 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-04-2021
Ran by emreu (administrator) on DESKTOP-B7OFBHC (09-04-2021 18:29:13)
Running from C:\Users\emreu\Desktop
Loaded Profiles: emreu
Platform: Windows 10 Home Version 20H2 19042.867 (X64) Language: Turkish (Turkey) -> English (United Kingdom)
Default browser: Opera
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepositoryͥ275.inf_amd64_136741f59e43f995\B364966\atiesrxx.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.94\AsusFanControlService.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.00.51\atkexComSvc.exe
(DTS, Inc. -> ) C:\Windows\System32\DTS\PC\APO3x\DTSAPO3Service.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avp.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avpui.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\userinit.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.860_none_e73d0c67262f5c28\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [1081648 2021-04-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [TeamsMachineUninstallerLocalAppData] => C:\Users\emreu\AppData\Local\Microsoft\Teams\Update.exe [2453728 2021-04-09] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM-x32\...\Run: [TeamsMachineUninstallerProgramData] => %ProgramData%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1321759622-1913416926-2370318738-1001\...\Run: [Opera Browser Assistant] => C:\Users\emreu\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3363480 2021-04-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-1321759622-1913416926-2370318738-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4087528 2021-03-24] (Valve -> Valve Corporation)
HKU\S-1-5-21-1321759622-1913416926-2370318738-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33000928 2021-04-09] (Epic Games Inc. -> Epic Games, Inc.)
HKLM\...\Print\Monitors\HP c111 Status Monitor: C:\Windows\system32\hpinkstsc111LM.dll [333496 2012-12-16] (Hewlett Packard -> Hewlett-Packard Co.)
Startup: C:\Users\emreu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitör Mürekkep Uyarıları - HP Deskjet 1510 series.lnk [2021-04-09]
ShortcutAndArgument: Monitör Mürekkep Uyarıları - HP Deskjet 1510 series.lnk -> C:\Windows\system32\RunDll32.exe => "C:\Program Files\HP\HP Deskjet 1510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN38L17JQX05XJ;CONNECTION=USB;MONITOR=1;
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
HKU\S-1-5-21-1321759622-1913416926-2370318738-1001\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {13A398FD-FBD9-45E2-AA52-33C6F459406A} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [743488 2021-04-09] (Kaspersky Lab JSC -> AO Kaspersky Lab)
Task: {1D58F96D-2783-4452-8BAC-D16EC597602C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3915168 2021-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {2B93ECEC-62AC-4120-A08B-3C16FA0622CD} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [60496 2021-03-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {4760050F-45E6-4E60-9FE8-B329F94C93E7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22764936 2020-10-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {5537EEFE-B609-40E9-9A48-7D33903E06A9} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2115632 2020-10-22] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {55894AF9-720A-42DF-B14F-6B561BC29749} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [68176 2021-03-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {5D2DB408-637B-4EEA-BDC1-E5C7E6C34709} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709344 2021-03-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {7BCF9914-8509-4B47-9B98-C4AEA78C8FBF} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22764936 2020-10-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {82692151-5209-4A32-BC21-6C0FE97227CD} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118128 2021-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {84DC5B52-407F-4175-BBB7-C2AECF004146} - System32\Tasks\Opera scheduled Autoupdate 1617966362 => C:\Users\emreu\AppData\Local\Programs\Opera\launcher.exe [1886872 2021-04-01] (Opera Software AS -> Opera Software)
Task: {A20B2C25-4D42-47BC-81A1-56A2A4723695} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118128 2021-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {BA42EFC2-1C5F-4702-A98E-16EB11BAF484} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [4329008 2020-10-12] (ASUSTeK Computer Inc. -> TODO: <Company name>)
Task: {C8A1DE7F-82FE-4BE8-947E-B3420D646A70} - System32\Tasks\Opera scheduled assistant Autoupdate 1617966364 => C:\Users\emreu\AppData\Local\Programs\Opera\launcher.exe [1886872 2021-04-01] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\emreu\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {DAFE2E7B-6C4D-4BD2-8E06-A670B42083D0} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [1469800 2020-10-30] (ASUSTeK Computer Inc. -> )
Task: {DDEC5586-E2C4-4624-B061-70726923857C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3915168 2021-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {E4A60FEB-DACD-46FF-984F-E8FBC4C6BF0F} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709344 2021-03-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {F1AB98AB-AA55-473A-9954-E1BC4C3AEE39} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709344 2021-03-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f20439bd-7012-4c68-82ce-70d66f48e63c}: [DhcpNameServer] 192.168.1.1

Edge: 
=======
Edge Profile: C:\Users\emreu\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-09]
Edge HKU\S-1-5-21-1321759622-1913416926-2370318738-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]

FireFox:
========
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-04-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation)

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm

Opera: 
=======
OPR Profile: C:\Users\emreu\AppData\Roaming\Opera Software\Opera Stable [2021-04-09]
OPR StartupUrls: Opera Stable -> "hxxp://www.google.com.tr/"
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Translator) - C:\Users\emreu\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnbpedcoekjafichoehopgaaldogogch [2021-04-09]
OPR Extension: (Rich Hints Agent) - C:\Users\emreu\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-04-09]
OPR Extension: (Multi Sözlük) - C:\Users\emreu\AppData\Roaming\Opera Software\Opera Stable\Extensions\ikokoacoaalbmjeilgpgmgmnffaooonf [2021-04-09]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.51\atkexComSvc.exe [442928 2021-04-09] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.94\AsusFanControlService.exe [2073136 2021-04-09] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avp.exe [384280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8853384 2020-10-05] (Microsoft Corporation -> Microsoft Corporation)
R2 DTSAPO3Service; C:\Windows\System32\DTS\PC\APO3x\DTSAPO3Service.exe [222104 2021-04-09] (DTS, Inc. -> )
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [926176 2021-03-16] (Epic Games Inc. -> Epic Games, Inc.)
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AMDXE; C:\Windows\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 Asusgio2; C:\Windows\system32\drivers\AsIO2.sys [35136 2021-04-09] (ASUSTeK Computer Inc. -> )
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [250032 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R4 IOMap; C:\Windows\system32\drivers\IOMap64.sys [34064 2020-10-15] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S1 klbackupdisk; C:\Windows\system32\DRIVERS\klbackupdisk.sys [110336 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [211704 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [126216 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\Windows\system32\DRIVERS\klflt.sys [514840 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [657176 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [1400584 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [245280 2021-04-09] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1042712 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [98040 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [112392 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R4 klkbdflt2; C:\Windows\system32\DRIVERS\klkbdflt2.sys [88824 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [112904 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [85256 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [96008 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
U0 klupd_klif_arkmon; C:\Windows\System32\Drivers\klupd_klif_arkmon.sys [257208 2021-04-09] (Kaspersky Lab JSC -> AO Kaspersky Lab)
U3 klupd_klif_arkmon_818E8C6D; C:\ProgramData\Kaspersky Lab\AVP21.3\Temp\818E8C6D8588802E3E63CD8CEF03AF3B\klupd_klif_arkmon.sys [257208 2021-04-09] (Kaspersky Lab JSC -> AO Kaspersky Lab)
U3 klupd_klif_klark; C:\Windows\System32\Drivers\klupd_klif_klark.sys [310232 2021-04-09] (Kaspersky Lab JSC -> AO Kaspersky Lab)
U0 klupd_klif_klbg; C:\Windows\System32\Drivers\klupd_klif_klbg.sys [116888 2021-04-09] (Kaspersky Lab JSC -> AO Kaspersky Lab)
U3 klupd_klif_mark; C:\Windows\System32\Drivers\klupd_klif_mark.sys [207352 2021-04-09] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [155912 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [327936 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [300808 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-09 18:29 - 2021-04-09 18:29 - 000017261 _____ C:\Users\emreu\Desktop\FRST.txt
2021-04-09 18:18 - 2021-04-09 18:19 - 000304078 _____ C:\TDSSKiller.3.1.0.28_09.04.2021_18.18.22_log.txt
2021-04-09 18:17 - 2021-04-09 18:17 - 005054744 _____ (AO Kaspersky Lab) C:\Users\emreu\Desktop\tdsskiller.exe
2021-04-09 18:01 - 2021-04-09 18:29 - 000000000 ____D C:\FRST
2021-04-09 18:01 - 2021-04-09 18:01 - 002298368 _____ (Farbar) C:\Users\emreu\Desktop\FRST64.exe
2021-04-09 17:59 - 2021-04-09 17:59 - 000852798 _____ C:\Users\emreu\Desktop\SecurityCheck.exe
2021-04-09 17:41 - 2021-04-09 17:41 - 000002368 _____ C:\Users\emreu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-04-09 17:41 - 2021-04-09 17:41 - 000000000 ____D C:\Users\emreu\AppData\Roaming\Teams
2021-04-09 17:41 - 2021-04-09 17:41 - 000000000 ____D C:\Users\emreu\AppData\Local\SquirrelTemp
2021-04-09 17:21 - 2021-04-09 17:21 - 000310232 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klark.sys
2021-04-09 17:11 - 2021-04-09 17:11 - 000257208 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_arkmon.sys
2021-04-09 17:11 - 2021-04-09 17:11 - 000207352 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_mark.sys
2021-04-09 17:11 - 2021-04-09 17:11 - 000116888 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klbg.sys
2021-04-09 17:11 - 2021-04-09 17:11 - 000003392 _____ C:\Windows\system32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2021-04-09 17:11 - 2021-04-09 17:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Cloud
2021-04-09 17:11 - 2021-04-09 17:11 - 000000000 ____D C:\Program Files\Common Files\AV
2021-04-09 17:11 - 2021-02-19 21:09 - 000110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2021-04-09 17:10 - 2021-04-09 17:12 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2021-04-09 17:10 - 2021-04-09 17:12 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2021-04-09 17:10 - 2021-02-19 21:08 - 001042712 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2021-04-09 17:10 - 2021-02-19 21:08 - 000514840 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2021-04-09 17:07 - 2021-04-09 17:07 - 002793872 _____ (Kaspersky) C:\Users\emreu\Downloads\ks4.021.3.10.391tr_25204.exe
2021-04-09 16:52 - 2021-04-09 16:52 - 000095744 _____ C:\Windows\system32\VirtualMonitorManager.dll
2021-04-09 16:51 - 2021-04-09 16:51 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2021-04-09 16:51 - 2021-04-09 16:51 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2021-04-09 16:51 - 2021-04-09 16:51 - 002260992 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2021-04-09 16:51 - 2021-04-09 16:51 - 002254336 _____ C:\Windows\system32\dwmscene.dll
2021-04-09 16:51 - 2021-04-09 16:51 - 001822272 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2021-04-09 16:51 - 2021-04-09 16:51 - 001394024 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2021-04-09 16:51 - 2021-04-09 16:51 - 001333760 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll
2021-04-09 16:51 - 2021-04-09 16:51 - 001314128 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2021-04-09 16:51 - 2021-04-09 16:51 - 001163776 _____ C:\Windows\system32\MBR2GPT.EXE
2021-04-09 16:51 - 2021-04-09 16:51 - 000729600 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2021-04-09 16:51 - 2021-04-09 16:51 - 000707016 _____ C:\Windows\system32\TextShaping.dll
2021-04-09 16:51 - 2021-04-09 16:51 - 000643072 _____ C:\Windows\system32\WindowManagementAPI.dll
2021-04-09 16:51 - 2021-04-09 16:51 - 000611952 _____ C:\Windows\SysWOW64\TextShaping.dll
2021-04-09 16:51 - 2021-04-09 16:51 - 000595968 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2021-04-09 16:51 - 2021-04-09 16:51 - 000581120 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2021-04-09 16:51 - 2021-04-09 16:51 - 000575488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2021-04-09 16:51 - 2021-04-09 16:51 - 000544768 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl
2021-04-09 16:51 - 2021-04-09 16:51 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoScreensaver.scr
2021-04-09 16:51 - 2021-04-09 16:51 - 000469504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl
2021-04-09 16:51 - 2021-04-09 16:51 - 000455680 _____ C:\Windows\SysWOW64\WindowManagementAPI.dll
2021-04-09 16:51 - 2021-04-09 16:51 - 000446976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmsys.cpl
2021-04-09 16:51 - 2021-04-09 16:51 - 000422912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2021-04-09 16:51 - 2021-04-09 16:51 - 000330752 _____ C:\Windows\SysWOW64\ssdm.dll
2021-04-09 16:51 - 2021-04-09 16:51 - 000306688 _____ C:\Windows\system32\HeatCore.dll
2021-04-09 16:51 - 2021-04-09 16:51 - 000304128 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2021-04-09 16:51 - 2021-04-09 16:51 - 000266240 _____ C:\Windows\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-04-09 16:51 - 2021-04-09 16:51 - 000240640 _____ C:\Windows\SysWOW64\CoreMas.dll
2021-04-09 16:51 - 2021-04-09 16:51 - 000238592 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl
2021-04-09 16:51 - 2021-04-09 16:51 - 000235520 _____ C:\Windows\SysWOW64\HeatCore.dll
2021-04-09 16:51 - 2021-04-09 16:51 - 000234496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2021-04-09 16:51 - 2021-04-09 16:51 - 000231248 _____ C:\Windows\system32\containerdevicemanagement.dll
2021-04-09 16:51 - 2021-04-09 16:51 - 000190976 _____ C:\Windows\system32\BthpanContextHandler.dll
2021-04-09 16:51 - 2021-04-09 16:51 - 000182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2021-04-09 16:51 - 2021-04-09 16:51 - 000178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2021-04-09 16:51 - 2021-04-09 16:51 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\VBICodec.ax
2021-04-09 16:51 - 2021-04-09 16:51 - 000152064 _____ C:\Windows\system32\EoAExperiences.exe
2021-04-09 16:51 - 2021-04-09 16:51 - 000135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VBICodec.ax
2021-04-09 16:51 - 2021-04-09 16:51 - 000102912 _____ (Microsoft Corporation) C:\Windows\system32\ncpa.cpl
2021-04-09 16:51 - 2021-04-09 16:51 - 000100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncpa.cpl
2021-04-09 16:51 - 2021-04-09 16:51 - 000091136 _____ C:\Windows\system32\Drivers\cimfs.sys
2021-04-09 16:51 - 2021-04-09 16:51 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2021-04-09 16:51 - 2021-04-09 16:51 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl
2021-04-09 16:51 - 2021-04-09 16:51 - 000072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2021-04-09 16:51 - 2021-04-09 16:51 - 000067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscui.cpl
2021-04-09 16:51 - 2021-04-09 16:51 - 000067072 _____ C:\Windows\system32\BWContextHandler.dll
2021-04-09 16:51 - 2021-04-09 16:51 - 000060928 _____ C:\Windows\system32\runexehelper.exe
2021-04-09 16:51 - 2021-04-09 16:51 - 000053760 _____ C:\Windows\SysWOW64\BWContextHandler.dll
2021-04-09 16:51 - 2021-04-09 16:51 - 000048640 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2021-04-09 16:51 - 2021-04-09 16:51 - 000039936 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2021-04-09 16:51 - 2021-04-09 16:51 - 000011359 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-04-09 16:51 - 2021-04-09 16:51 - 000010752 _____ C:\Windows\SysWOW64\agentactivationruntimestarter.exe
2021-04-09 16:51 - 2021-04-09 16:51 - 000001370 _____ C:\Windows\system32\ThirdPartyNoticesBySHS.txt
2021-04-09 16:50 - 2021-04-09 16:50 - 000562688 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2021-04-09 16:50 - 2021-04-09 16:50 - 000455168 _____ C:\Windows\system32\ssdm.dll
2021-04-09 16:50 - 2021-04-09 16:50 - 000363520 _____ C:\Windows\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-04-09 16:50 - 2021-04-09 16:50 - 000287232 _____ C:\Windows\system32\CoreMas.dll
2021-04-09 16:50 - 2021-04-09 16:50 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2021-04-09 16:50 - 2021-04-09 16:50 - 000165888 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2021-04-09 16:50 - 2021-04-09 16:50 - 000089088 _____ C:\Windows\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2021-04-09 16:50 - 2021-04-09 16:50 - 000074240 _____ C:\Windows\system32\rdsxvmaudio.dll
2021-04-09 16:50 - 2021-04-09 16:50 - 000073216 _____ C:\Windows\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2021-04-09 16:50 - 2021-04-09 16:50 - 000013312 _____ C:\Windows\system32\agentactivationruntimestarter.exe
2021-04-09 16:48 - 2021-04-09 16:48 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1321759622-1913416926-2370318738-1001
2021-04-09 16:48 - 2021-04-09 16:48 - 000002341 _____ C:\Users\emreu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-04-09 16:47 - 2021-04-09 16:47 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2021-04-09 16:47 - 2021-04-09 16:47 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-04-09 16:47 - 2021-04-09 16:47 - 000002492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2021-04-09 16:47 - 2021-04-09 16:47 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2021-04-09 16:47 - 2021-04-09 16:47 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-04-09 16:47 - 2021-04-09 16:47 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2021-04-09 16:47 - 2021-04-09 16:47 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2021-04-09 16:47 - 2021-04-09 16:47 - 000002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2021-04-09 16:47 - 2021-04-09 16:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-04-09 16:46 - 2021-04-09 16:47 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-04-09 16:46 - 2021-04-09 16:46 - 000000000 ____D C:\Program Files\Microsoft Office 15
2021-04-09 16:45 - 2021-04-09 16:45 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-04-09 16:44 - 2021-04-09 16:45 - 000000000 ____D C:\Windows\system32\MRT
2021-04-09 16:41 - 2021-04-09 16:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2021-04-09 16:41 - 2021-04-09 16:41 - 000000000 ____D C:\Program Files\HP
2021-04-09 16:41 - 2021-04-09 16:41 - 000000000 ____D C:\Program Files (x86)\HP
2021-04-09 16:41 - 2021-04-09 16:41 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2021-04-09 16:40 - 2021-04-09 16:41 - 000000000 ____D C:\Users\emreu\AppData\Local\HP
2021-04-09 16:31 - 2021-04-09 16:32 - 098364712 _____ C:\Users\emreu\Downloads\DJ1510_188.exe
2021-04-09 16:30 - 2021-04-09 16:41 - 000000000 ____D C:\ProgramData\HP
2021-04-09 16:29 - 2021-04-09 16:29 - 000483012 _____ C:\Users\emreu\Documents\1-cokgenler.pdf
2021-04-09 15:46 - 2021-04-09 16:41 - 3620960256 _____ C:\Users\emreu\Downloads\O365ProPlusRetail.img
2021-04-09 15:46 - 2021-04-09 15:46 - 007310824 _____ (HeiDoc V.O.F.) C:\Users\emreu\Downloads\Windows-ISO-Downloader.exe
2021-04-09 15:44 - 2021-04-09 15:44 - 000681105 _____ C:\Users\emreu\Downloads\Red Dead Redemption 2 [FitGirl Repack].torrent
2021-04-09 15:43 - 2021-04-09 15:43 - 000443780 _____ C:\Users\emreu\Downloads\Grand Theft Auto V [FitGirl Repack].torrent
2021-04-09 15:39 - 2021-04-09 16:40 - 000000000 ____D C:\Users\emreu\AppData\Roaming\qBittorrent
2021-04-09 15:39 - 2021-04-09 15:39 - 000000000 ____D C:\Users\emreu\AppData\Local\qBittorrent
2021-04-09 15:39 - 2021-04-09 15:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2021-04-09 15:39 - 2021-04-09 15:39 - 000000000 ____D C:\Program Files\qBittorrent
2021-04-09 15:38 - 2021-04-09 18:28 - 000000000 ____D C:\Users\emreu\AppData\Local\PlaceholderTileLogoFolder
2021-04-09 15:36 - 2021-04-09 15:36 - 026724770 _____ (The qBittorrent project) C:\Users\emreu\Downloads\qbittorrent_4.3.4.1_x64_setup.exe
2021-04-09 14:29 - 2021-04-09 14:29 - 000000000 ____D C:\Users\emreu\AppData\Local\Steam
2021-04-09 14:29 - 2021-04-09 14:29 - 000000000 ____D C:\Users\emreu\AppData\Local\NVIDIA Corporation
2021-04-09 14:29 - 2021-04-09 14:29 - 000000000 ____D C:\Users\emreu\AppData\Local\CEF
2021-04-09 14:22 - 2021-04-09 18:29 - 000000000 ____D C:\Program Files (x86)\Steam
2021-04-09 14:22 - 2021-04-09 14:22 - 001770744 _____ C:\Users\emreu\Downloads\SteamSetup.exe
2021-04-09 14:22 - 2021-04-09 14:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2021-04-09 14:20 - 2021-04-09 14:29 - 000000000 ____D C:\ProgramData\Epic
2021-04-09 14:20 - 2021-04-09 14:20 - 000001278 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2021-04-09 14:20 - 2021-04-09 14:20 - 000000000 ____D C:\Users\emreu\AppData\Local\UnrealEngineLauncher
2021-04-09 14:20 - 2021-04-09 14:20 - 000000000 ____D C:\Users\emreu\AppData\Local\UnrealEngine
2021-04-09 14:20 - 2021-04-09 14:20 - 000000000 ____D C:\Users\emreu\AppData\Local\EpicGamesLauncher
2021-04-09 14:20 - 2021-04-09 14:20 - 000000000 ____D C:\Program Files (x86)\Epic Games
2021-04-09 14:19 - 2021-04-09 16:46 - 000000000 ___HD C:\$WinREAgent
2021-04-09 14:19 - 2021-04-09 14:20 - 056827904 _____ C:\Users\emreu\Downloads\EpicInstaller-12.1.1.msi
2021-04-09 14:06 - 2021-04-09 14:06 - 000004460 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1617966364
2021-04-09 14:06 - 2021-04-09 14:06 - 000004204 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1617966362
2021-04-09 14:06 - 2021-04-09 14:06 - 000001403 _____ C:\Users\emreu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera tarayıcı.lnk
2021-04-09 14:06 - 2021-04-09 14:06 - 000000000 ____D C:\Users\emreu\AppData\Local\Opera Software
2021-04-09 14:05 - 2021-04-09 14:05 - 000000000 ____D C:\Users\emreu\AppData\Roaming\Opera Software
2021-04-09 13:36 - 2021-04-09 13:36 - 000000000 ____D C:\Users\emreu\AppData\Local\OO Software
2021-04-09 13:28 - 2020-10-15 13:59 - 000034064 ____N (ASUSTeK Computer Inc.) C:\Windows\system32\Drivers\IOMap64.sys
2021-04-09 13:27 - 2021-04-09 13:27 - 000000000 ____D C:\Windows\system32\Tasks\ASUS
2021-04-09 13:27 - 2021-04-09 13:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2021-04-09 13:25 - 2021-04-09 13:25 - 000000000 ____D C:\Users\emreu\AppData\Roaming\AMD
2021-04-09 13:25 - 2021-04-09 13:25 - 000000000 ____D C:\Program Files (x86)\AMD
2021-04-09 13:23 - 2021-04-09 18:28 - 000003126 _____ C:\Windows\system32\Tasks\AMDInstallLauncher
2021-04-09 13:23 - 2021-04-09 18:28 - 000003110 _____ C:\Windows\system32\Tasks\AMDLinkUpdate
2021-04-09 13:23 - 2021-04-09 13:23 - 000003488 _____ C:\Windows\system32\Tasks\ModifyLinkUpdate
2021-04-09 13:23 - 2021-04-09 13:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2021-04-09 13:22 - 2021-04-09 13:24 - 000000000 ____D C:\Users\emreu\AppData\Local\AMD
2021-04-09 13:22 - 2021-04-09 13:22 - 000003160 _____ C:\Windows\system32\Tasks\StartCN
2021-04-09 13:22 - 2021-04-09 13:22 - 000003080 _____ C:\Windows\system32\Tasks\StartDVR
2021-04-09 13:22 - 2021-04-09 13:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Software
2021-04-09 13:22 - 2021-03-23 21:20 - 000107048 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\amdkmpfd.sys
2021-04-09 13:22 - 2021-03-10 22:43 - 002241008 _____ (AMD Inc.) C:\Windows\SysWOW64\AMDBugReportTool.exe
2021-04-09 13:21 - 2021-04-09 13:21 - 000000000 ____D C:\ProgramData\AMD
2021-04-09 13:18 - 2021-04-09 13:18 - 000000000 ____D C:\ProgramData\Propagation
2021-04-09 12:58 - 2021-04-09 13:27 - 000000000 ____D C:\Program Files (x86)\ASUS
2021-04-09 12:58 - 2021-04-09 12:57 - 000120880 _____ C:\Windows\system32\AsIO2.dll
2021-04-09 12:58 - 2021-04-09 12:57 - 000095280 _____ C:\Windows\SysWOW64\AsIO2.dll
2021-04-09 12:57 - 2021-04-09 13:28 - 000000000 ____D C:\ProgramData\ASUS
2021-04-09 12:57 - 2021-04-09 12:57 - 000035136 _____ C:\Windows\system32\Drivers\AsIO2.sys
2021-04-09 12:49 - 2021-04-09 12:52 - 000000000 ____D C:\Users\emreu\AppData\LocalLow\AMD
2021-04-09 12:45 - 2021-04-09 12:41 - 040149888 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2021-04-09 12:45 - 2021-04-09 12:41 - 006792792 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2021-04-09 12:45 - 2021-04-09 12:41 - 001145464 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtCOM64.dll
2021-04-09 12:45 - 2021-04-09 12:41 - 001081648 _____ (Realtek Semiconductor) C:\Windows\system32\RtkAudUService64.exe
2021-04-09 12:45 - 2021-04-09 12:41 - 000844896 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64U.dll
2021-04-09 12:45 - 2021-04-09 12:41 - 000468776 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2021-04-09 12:45 - 2021-04-09 12:41 - 000274720 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTHDASIO64.dll
2021-04-09 12:45 - 2021-04-09 12:41 - 000229664 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RTHDASIO.dll
2021-04-09 12:45 - 2021-04-09 12:41 - 000224280 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2021-04-09 12:43 - 2021-04-09 12:43 - 000000000 ____D C:\Users\emreu\AppData\Local\RadeonInstaller
2021-04-09 12:42 - 2021-04-09 13:01 - 000000000 ____D C:\ProgramData\UWP
2021-04-09 12:41 - 2021-04-09 12:46 - 000000000 ___HD C:\Program Files (x86)\Temp
2021-04-09 12:41 - 2021-04-09 12:41 - 002877104 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2021-04-09 12:41 - 2021-04-09 12:41 - 000000000 ____D C:\Windows\system32\DTS
2021-04-09 12:41 - 2021-04-09 12:41 - 000000000 ____D C:\ProgramData\DTSAudio
2021-04-09 12:40 - 2021-04-09 12:40 - 000000000 ____D C:\Users\emreu\AppData\Local\OneDrive
2021-04-09 12:27 - 2021-04-09 14:29 - 000000000 ____D C:\ProgramData\Package Cache
2021-04-09 12:27 - 2021-04-09 13:25 - 000000000 ____D C:\AMD
2021-04-09 12:27 - 2021-04-09 13:18 - 000000000 ____D C:\Users\emreu\AppData\Local\cache
2021-04-09 12:27 - 2021-04-09 12:27 - 000000000 ____D C:\Users\emreu\AppData\Local\setup
2021-04-09 12:26 - 2021-04-09 13:27 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-04-09 12:26 - 2021-04-09 12:43 - 000000000 ____D C:\Program Files (x86)\Realtek
2021-04-09 12:26 - 2021-04-09 12:25 - 001146456 _____ (Realtek ) C:\Windows\system32\Drivers\rt640x64.sys
2021-04-09 12:25 - 2021-04-09 12:25 - 000000000 ____D C:\Users\emreu\AppData\Local\Comms
2021-04-09 12:23 - 2021-04-09 17:41 - 000000000 ____D C:\Users\emreu\AppData\Local\D3DSCache
2021-04-09 12:18 - 2021-04-09 13:22 - 000000000 ____D C:\Program Files\AMD
2021-04-09 12:18 - 2021-04-09 12:46 - 000000000 ____D C:\Windows\system32\AMD
2021-04-09 12:11 - 2021-04-09 17:11 - 001592894 _____ C:\Windows\system32\PerfStringBackup.INI
2021-04-09 12:11 - 2021-04-09 14:16 - 000000000 ____D C:\Users\emreu\AppData\Local\Google
2021-04-09 12:11 - 2021-04-09 14:16 - 000000000 ____D C:\Program Files (x86)\Google
2021-04-09 12:10 - 2021-04-09 16:48 - 000000000 ___RD C:\Users\emreu\OneDrive
2021-04-09 12:10 - 2021-04-09 12:10 - 000000000 ___HD C:\OneDriveTemp
2021-04-09 12:08 - 2021-04-09 18:28 - 000000000 ____D C:\Users\emreu\AppData\Local\Packages
2021-04-09 12:08 - 2021-04-09 17:10 - 000000000 ____D C:\Users\emreu\AppData\Local\ConnectedDevicesPlatform
2021-04-09 12:08 - 2021-04-09 12:08 - 000000000 ___RD C:\Users\emreu\3D Objects
2021-04-09 12:08 - 2021-04-09 12:08 - 000000000 ____D C:\Users\emreu\AppData\Roaming\Adobe
2021-04-09 12:08 - 2021-04-09 12:08 - 000000000 ____D C:\Users\emreu\AppData\Local\VirtualStore
2021-04-09 12:08 - 2021-04-09 12:08 - 000000000 ____D C:\Users\emreu\AppData\Local\Publishers
2021-04-09 12:06 - 2021-04-09 13:20 - 000000000 ____D C:\Users\emreu
2021-04-09 12:06 - 2021-04-09 12:06 - 000000020 ___SH C:\Users\emreu\ntuser.ini
2021-04-09 12:06 - 2021-04-09 12:06 - 000000000 _SHDL C:\Users\emreu\Documents\Videolarım
2021-04-09 12:06 - 2021-04-09 12:06 - 000000000 _SHDL C:\Users\emreu\Documents\Resimlerim
2021-04-09 12:06 - 2021-04-09 12:06 - 000000000 _SHDL C:\Users\emreu\Documents\Müziğim
2021-04-09 12:06 - 2021-04-09 12:06 - 000000000 _SHDL C:\Users\emreu\Belgelerim
2021-04-09 12:06 - 2021-04-09 12:06 - 000000000 _SHDL C:\Users\emreu\AppData\Roaming\Microsoft\Windows\Start Menu\Programlar
2021-04-09 12:04 - 2021-04-09 12:04 - 000000000 _SHDL C:\Users\Public\Documents\Videolarım
2021-04-09 12:04 - 2021-04-09 12:04 - 000000000 _SHDL C:\Users\Public\Documents\Resimlerim
2021-04-09 12:04 - 2021-04-09 12:04 - 000000000 _SHDL C:\Users\Public\Documents\Müziğim
2021-04-09 12:04 - 2021-04-09 12:04 - 000000000 _SHDL C:\Users\Default\Documents\Videolarım
2021-04-09 12:04 - 2021-04-09 12:04 - 000000000 _SHDL C:\Users\Default\Documents\Resimlerim
2021-04-09 12:04 - 2021-04-09 12:04 - 000000000 _SHDL C:\Users\Default\Documents\Müziğim
2021-04-09 12:04 - 2021-04-09 12:04 - 000000000 _SHDL C:\Users\Default\Belgelerim
2021-04-09 12:04 - 2021-04-09 12:04 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programlar
2021-04-09 12:04 - 2021-04-09 12:04 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programlar
2021-04-09 12:04 - 2021-04-09 12:04 - 000000000 _SHDL C:\ProgramData\Belgeler
2021-04-09 12:04 - 2021-04-09 12:04 - 000000000 _SHDL C:\Documents and Settings
2021-04-09 12:03 - 2021-04-09 17:05 - 000008192 ___SH C:\DumpStack.log.tmp
2021-04-09 12:03 - 2021-04-09 12:03 - 000002858 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1321759622-1913416926-2370318738-500
2021-04-09 12:03 - 2021-04-09 12:03 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2021-04-09 12:02 - 2021-04-09 12:04 - 000000000 ____D C:\Windows\Panther
2021-03-23 21:21 - 2021-03-23 21:21 - 001857224 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2021-03-23 21:21 - 2021-03-23 21:21 - 001857224 _____ C:\Windows\system32\vulkaninfo.exe
2021-03-23 21:21 - 2021-03-23 21:21 - 001437920 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-03-23 21:21 - 2021-03-23 21:21 - 001437920 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2021-03-23 21:21 - 2021-03-23 21:21 - 001093104 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2021-03-23 21:21 - 2021-03-23 21:21 - 001093104 _____ C:\Windows\system32\vulkan-1.dll
2021-03-23 21:21 - 2021-03-23 21:21 - 000946272 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2021-03-23 21:21 - 2021-03-23 21:21 - 000946272 _____ C:\Windows\SysWOW64\vulkan-1.dll
2021-03-23 21:21 - 2021-03-23 21:21 - 000798928 _____ (AMD) C:\Windows\system32\atieclxx.exe
2021-03-23 21:21 - 2021-03-23 21:21 - 000735952 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Rapidfire64.dll
2021-03-23 21:21 - 2021-03-23 21:21 - 000620240 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\Rapidfire.dll
2021-03-23 21:21 - 2021-03-23 21:21 - 000495840 _____ C:\Windows\system32\GameManager64.dll
2021-03-23 21:21 - 2021-03-23 21:21 - 000492240 _____ C:\Windows\system32\dgtrayicon.exe
2021-03-23 21:21 - 2021-03-23 21:21 - 000467664 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2021-03-23 21:21 - 2021-03-23 21:21 - 000455376 _____ C:\Windows\system32\atieah64.exe
2021-03-23 21:21 - 2021-03-23 21:21 - 000431824 _____ C:\Windows\system32\EEURestart.exe
2021-03-23 21:21 - 2021-03-23 21:21 - 000379104 _____ C:\Windows\SysWOW64\GameManager32.dll
2021-03-23 21:21 - 2021-03-23 21:21 - 000350928 _____ C:\Windows\SysWOW64\atieah32.exe
2021-03-23 21:21 - 2021-03-23 21:21 - 000345808 _____ C:\Windows\system32\clinfo.exe
2021-03-23 21:21 - 2021-03-23 21:21 - 000244432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2021-03-23 21:21 - 2021-03-23 21:21 - 000212176 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2021-03-23 21:21 - 2021-03-23 21:21 - 000186064 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2021-03-23 21:21 - 2021-03-23 21:21 - 000166096 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2021-03-23 21:21 - 2021-03-23 21:21 - 000165584 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2021-03-23 21:21 - 2021-03-23 21:21 - 000155856 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2021-03-23 21:21 - 2021-03-23 21:21 - 000141536 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2021-03-23 21:21 - 2021-03-23 21:21 - 000139984 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2021-03-23 21:21 - 2021-03-23 21:21 - 000134864 _____ (AMD) C:\Windows\system32\atimuixx.dll
2021-03-23 21:21 - 2021-03-23 21:21 - 000124624 _____ C:\Windows\system32\atidxx64.dll
2021-03-23 21:21 - 2021-03-23 21:21 - 000106704 _____ C:\Windows\SysWOW64\atidxx32.dll
2021-03-23 21:21 - 2021-03-23 21:21 - 000089808 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mcl64.dll
2021-03-23 21:21 - 2021-03-23 21:21 - 000074448 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mcl32.dll
2021-03-23 21:21 - 2021-03-23 21:21 - 000045768 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\RapidFireServer64.dll
2021-03-23 21:21 - 2021-03-23 21:21 - 000042696 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\RapidFireServer.dll
2021-03-23 21:21 - 2021-03-23 21:21 - 000019248 _____ (Microsoft Corporation) C:\Windows\system32\detoured.dll
2021-03-23 21:21 - 2021-03-23 21:21 - 000019240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\detoured.dll
2021-03-23 21:20 - 2021-03-23 21:20 - 081414864 _____ C:\Windows\system32\amd_comgr.dll
2021-03-23 21:20 - 2021-03-23 21:20 - 066865360 _____ C:\Windows\SysWOW64\amd_comgr32.dll
2021-03-23 21:20 - 2021-03-23 21:20 - 005221584 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amfrt64.dll
2021-03-23 21:20 - 2021-03-23 21:20 - 004986592 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amfrt32.dll
2021-03-23 21:20 - 2021-03-23 21:20 - 001766608 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2021-03-23 21:20 - 2021-03-23 21:20 - 001492176 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiacm64.dll
2021-03-23 21:20 - 2021-03-23 21:20 - 001338592 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2021-03-23 21:20 - 2021-03-23 21:20 - 001338592 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2021-03-23 21:20 - 2021-03-23 21:20 - 000940240 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2021-03-23 21:20 - 2021-03-23 21:20 - 000767696 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2021-03-23 21:20 - 2021-03-23 21:20 - 000465616 _____ C:\Windows\system32\amdlogum.exe
2021-03-23 21:20 - 2021-03-23 21:20 - 000201512 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdihk64.dll
2021-03-23 21:20 - 2021-03-23 21:20 - 000181472 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2021-03-23 21:20 - 2021-03-23 21:20 - 000169064 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdihk32.dll
2021-03-23 21:20 - 2021-03-23 21:20 - 000157728 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2021-03-23 21:20 - 2021-03-23 21:20 - 000149200 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2021-03-23 21:20 - 2021-03-23 21:20 - 000129744 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2021-03-23 21:20 - 2021-03-23 21:20 - 000121552 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdxc64.dll
2021-03-23 21:20 - 2021-03-23 21:20 - 000106192 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdxc32.dll
2021-03-23 21:20 - 2021-03-23 21:20 - 000069328 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ati2erec.dll
2021-03-23 21:19 - 2021-03-23 21:19 - 072437968 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdhip64.dll
2021-03-23 21:19 - 2021-03-23 21:19 - 001685080 _____ (AMD) C:\Windows\system32\amf-mft-mjpeg-decoder64.dll
2021-03-23 21:19 - 2021-03-23 21:19 - 001364432 _____ (AMD) C:\Windows\SysWOW64\amf-mft-mjpeg-decoder32.dll
2021-03-23 21:19 - 2021-03-23 21:19 - 000546256 _____ C:\Windows\system32\amdmiracast.dll
2021-03-23 21:19 - 2021-03-23 21:19 - 000488656 _____ C:\Windows\system32\amdgfxinfo64.dll
2021-03-23 21:19 - 2021-03-23 21:19 - 000379088 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2021-03-23 21:19 - 2021-03-23 21:19 - 000135376 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2021-03-23 21:19 - 2021-03-23 21:19 - 000129696 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2021-03-23 21:19 - 2021-03-23 21:19 - 000129696 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2021-03-23 21:19 - 2021-03-23 21:19 - 000119744 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2021-03-23 21:19 - 2021-03-23 21:19 - 000107712 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2021-03-23 21:19 - 2021-03-23 21:19 - 000107712 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2021-03-23 19:48 - 2021-03-23 19:48 - 058675112 _____ C:\Windows\system32\amdxc64.so
2021-03-23 19:48 - 2021-03-23 19:48 - 003471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2021-03-23 19:48 - 2021-03-23 19:48 - 003437632 _____ C:\Windows\system32\atiumd6a.cap
2021-03-23 19:48 - 2021-03-23 19:48 - 000556128 _____ C:\Windows\SysWOW64\atiapfxx.blb
2021-03-23 19:48 - 2021-03-23 19:48 - 000556128 _____ C:\Windows\system32\atiapfxx.blb
2021-03-23 19:48 - 2021-03-23 19:48 - 000204952 _____ C:\Windows\SysWOW64\ativvsvl.dat
2021-03-23 19:48 - 2021-03-23 19:48 - 000204952 _____ C:\Windows\system32\ativvsvl.dat
2021-03-23 19:48 - 2021-03-23 19:48 - 000157144 _____ C:\Windows\SysWOW64\ativvsva.dat
2021-03-23 19:48 - 2021-03-23 19:48 - 000157144 _____ C:\Windows\system32\ativvsva.dat
2021-03-23 19:48 - 2021-03-23 19:48 - 000154384 _____ C:\Windows\system32\samu_krnl_ci.sbin
2021-03-23 19:48 - 2021-03-23 19:48 - 000138832 _____ C:\Windows\system32\samu_krnl_isv_ci.sbin
2021-03-23 19:48 - 2021-03-23 19:48 - 000125488 _____ C:\Windows\system32\kapp_ci.sbin
2021-03-23 19:48 - 2021-03-23 19:48 - 000121168 _____ C:\Windows\system32\kapp_si.sbin
2021-03-23 19:48 - 2021-03-23 19:48 - 000076237 _____ C:\Windows\system32\AMDKernelEvents.man
2021-03-23 19:48 - 2021-03-23 19:48 - 000012344 _____ C:\Windows\system32\brandingWS_RSX.bmp
2021-03-23 19:48 - 2021-03-23 19:48 - 000012344 _____ C:\Windows\system32\brandingRSX.bmp
2021-03-23 19:48 - 2021-03-23 19:48 - 000011014 _____ C:\Windows\system32\atiacmLocalisation.ini
2021-03-23 19:48 - 2021-03-23 19:48 - 000000822 _____ C:\Windows\system32\branding.bmp

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-09 18:30 - 2019-12-07 12:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-04-09 18:29 - 2019-12-07 12:03 - 000000000 ____D C:\Windows\CbsTemp
2021-04-09 18:28 - 2019-12-07 12:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-09 18:28 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\AppReadiness
2021-04-09 18:28 - 2019-12-07 12:03 - 000000000 ____D C:\Windows\servicing
2021-04-09 18:27 - 2019-12-07 12:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-09 18:03 - 2019-12-07 12:13 - 000000000 ____D C:\Windows\INF
2021-04-09 17:41 - 2020-11-18 23:33 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-04-09 17:11 - 2019-12-07 17:43 - 000670170 _____ C:\Windows\system32\perfh01F.dat
2021-04-09 17:11 - 2019-12-07 17:43 - 000136400 _____ C:\Windows\system32\perfc01F.dat
2021-04-09 17:11 - 2019-12-07 12:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2021-04-09 17:10 - 2019-12-07 12:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-04-09 17:05 - 2020-11-19 02:34 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-04-09 17:05 - 2020-11-18 23:33 - 000439032 _____ C:\Windows\system32\FNTCACHE.DAT
2021-04-09 17:04 - 2019-12-07 17:45 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-04-09 17:04 - 2019-12-07 17:45 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ___SD C:\Windows\SysWOW64\F12
2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ___SD C:\Windows\system32\UNP
2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ___SD C:\Windows\system32\F12
2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ___RD C:\Windows\PrintDialog
2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation
2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\SysWOW64\Keywords
2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\SysWOW64\Com
2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\SystemResources
2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\system32\Sysprep
2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\system32\setup
2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\system32\oobe
2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\system32\migwiz
2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\system32\Keywords
2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\system32\es-MX
2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\system32\Dism
2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\system32\Com
2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\system32\AdvancedInstallers
2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\ShellExperiences
2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\ShellComponents
2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\Provisioning
2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\IME
2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\bcastdvr
2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-04-09 17:04 - 2019-12-07 12:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-04-09 17:04 - 2019-12-07 12:03 - 000524288 _____ C:\Windows\system32\config\BBI
2021-04-09 16:50 - 2020-11-19 02:36 - 002877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2021-04-09 16:46 - 2019-12-07 12:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-04-09 13:03 - 2020-11-19 02:37 - 000000000 ____D C:\ProgramData\Packages
2021-04-09 12:40 - 2020-03-25 00:11 - 000442384 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdtee_api.dll
2021-04-09 12:40 - 2020-03-25 00:11 - 000355856 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdtee_api.dll
2021-04-09 12:40 - 2020-03-25 00:11 - 000135184 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\Drivers\amdpsp.sys
2021-04-09 12:24 - 2019-12-07 17:44 - 000000000 ____D C:\Windows\OCR
2021-04-09 12:15 - 2020-11-19 02:36 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-09 12:10 - 2020-11-19 02:37 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-04-09 12:06 - 2020-11-19 02:36 - 000003566 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-09 12:06 - 2020-11-19 02:36 - 000003442 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-04-09 12:05 - 2019-12-07 17:44 - 000000000 ____D C:\Windows\system32\FxsTmp
2021-04-09 12:05 - 2019-12-07 12:14 - 000000000 ____D C:\ProgramData\USOPrivate
2021-04-09 12:04 - 2019-12-07 12:14 - 000000000 ____D C:\Windows\ServiceState
2021-04-09 12:04 - 2019-12-07 12:14 - 000000000 ____D C:\Program Files\Windows NT
2021-04-09 12:02 - 2019-12-07 12:14 - 000028672 _____ C:\Windows\system32\config\BCD-Template

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-04-2021
Ran by emreu (09-04-2021 18:30:12)
Running from C:\Users\emreu\Desktop
Windows 10 Home Version 20H2 19042.867 (X64) (2021-04-09 09:04:50)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1321759622-1913416926-2370318738-500 - Administrator - Disabled)
emreu (S-1-5-21-1321759622-1913416926-2370318738-1001 - Administrator - Enabled) => C:\Users\emreu
Guest (S-1-5-21-1321759622-1913416926-2370318738-501 - Limited - Disabled)
VarsayılanHesap (S-1-5-21-1321759622-1913416926-2370318738-503 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1321759622-1913416926-2370318738-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Security Cloud (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
FW: Kaspersky Security Cloud (Enabled) {774D7037-0984-41B0-3A87-5E88E680AD58}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 3.00.69 - ASUSTeK Computer Inc.)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 2.11.26.106 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 21.3.1 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{ac726f18-c961-4fa1-a46d-6f0c644cd12b}) (Version: 2.11.26.106 - Advanced Micro Devices, Inc.) Hidden
Branding64 (HKLM\...\{856DA29A-EA4A-468B-BBC2-B5F60DD75BFE}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden
Epic Games Launcher (HKLM-x32\...\{C5DBFFD8-8D64-4AE4-97DD-946D67C232B5}) (Version: 1.2.11.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{0B736177-814A-4ADE-81D1-66A0FDD55BB4}) (Version: 1.1.11.0 - Epic Games, Inc.)
HP Deskjet 1510 series Temel Aygıt Yazılımı (HKLM\...\{C43373FC-9027-4AD4-BFCD-2AD96298B4DF}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
Kaspersky Security Cloud (HKLM-x32\...\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky Security Cloud (HKLM-x32\...\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky)
Kurumlar için Microsoft 365 Uygulamaları - tr-tr (HKLM\...\O365ProPlusRetail - tr-tr) (Version: 16.0.13127.20616 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.68 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1321759622-1913416926-2370318738-1001\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1321759622-1913416926-2370318738-1001\...\Teams) (Version: 1.4.00.8872 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13127.20616 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13127.20616 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13127.20616 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-041F-0000-0000000FF1CE}) (Version: 16.0.13127.20616 - Microsoft Corporation) Hidden
Opera Stable 75.0.3969.149 (HKU\S-1-5-21-1321759622-1913416926-2370318738-1001\...\Opera 75.0.3969.149) (Version: 75.0.3969.149 - Opera Software)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 2.0.1.0 - Advanced Micro Devices, Inc.) Hidden
qBittorrent 4.3.4.1 (HKLM-x32\...\qBittorrent) (Version: 4.3.4.1 - The qBittorrent project)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8971.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.42.526.2020 - Realtek)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)

Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.45011.0_x64__0a9344xs7nr4m [2021-04-09] (Advanced Micro Devices Inc.) [Startup Task]
DTS Custom for Asus -> C:\Program Files\WindowsApps\DTSInc.DTSCustomforAsus_2.1.1.0_x64__t5j2fzbtdg37r [2021-04-09] (DTS, Inc.)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2019-12-07] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2019-12-07] (Microsoft Corporation) [MS Ad]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.14.221.0_x64__dt26b99r8h8gj [2021-04-09] (Realtek Semiconductor Corp)
Your Phone -> C:\Program Files\WindowsApps\Microsoft.YourPhone_0.19051.7.0_x64__8wekyb3d8bbwe [2019-12-07] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1321759622-1913416926-2370318738-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\emreu\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20339.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-04-09] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers2: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-04-09] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers4: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-04-09] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Windows\System32\atiacm64.dll [2021-03-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-04-09] (Kaspersky Lab JSC -> AO Kaspersky Lab)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-04-09 13:27 - 2020-10-30 09:16 - 000886272 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2021-04-09 13:27 - 2020-10-30 09:16 - 000996864 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2021-04-09 13:27 - 2020-10-30 09:16 - 000990208 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2021-04-09 13:27 - 2020-10-30 09:16 - 000952832 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2021-04-09 13:27 - 2021-04-09 12:57 - 006065152 _____ () [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.94\libprotobufd.dll
2021-01-05 11:56 - 2021-01-05 11:56 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2021-01-05 11:56 - 2021-01-05 11:56 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2021-03-10 14:21 - 2021-03-10 14:21 - 001640448 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\WVR\OpenVR\bin\win64\driver_amdwvr.dll
2021-01-05 11:57 - 2021-01-05 11:57 - 001189888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2021-01-05 11:56 - 2021-01-05 11:56 - 006184448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2021-01-05 11:56 - 2021-01-05 11:56 - 006867456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2021-01-05 11:56 - 2021-01-05 11:56 - 001104896 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2021-01-05 11:56 - 2021-01-05 11:56 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2021-01-05 11:56 - 2021-01-05 11:56 - 003668480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2021-01-05 11:56 - 2021-01-05 11:56 - 000517120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlModels.dll
2021-01-05 11:56 - 2021-01-05 11:56 - 004228608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2021-01-05 11:56 - 2021-01-05 11:56 - 000205824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2021-01-05 11:56 - 2021-01-05 11:56 - 000127488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2021-01-05 11:56 - 2021-01-05 11:56 - 000390656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2021-01-05 11:56 - 2021-01-05 11:56 - 095598080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2021-01-05 11:56 - 2021-01-05 11:56 - 005587968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2021-01-05 11:56 - 2021-01-05 11:56 - 000462848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2021-01-05 11:56 - 2021-01-05 11:56 - 000188928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2021-01-05 11:56 - 2021-01-05 11:56 - 002878464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-04-09] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-04-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1321759622-1913416926-2370318738-1001\...\sharepoint.com -> hxxps://comuedutr-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 12:14 - 2019-12-07 12:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1321759622-1913416926-2370318738-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\emreu\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\3b8ad2c7b1be2caf24321c852103598a.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{ED884AD5-A580-417C-B699-FFB249F019B1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{7A96506E-5D57-49B7-9A28-07FEA9F7E5BD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{139D7014-AEFE-4256-BE3B-27AE3EF4FAB6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{0F4877CD-6319-473A-AD61-81EA10EAA14B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{49EB3322-31ED-49C6-8D54-4ABDFF5BAE04}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{1A7F7B58-D8C3-4197-A13A-705135A2D9DC}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{55CA4CAA-9FD1-4A42-B25E-4C0151ABA59F}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\USBSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{A327D8A6-1CF2-42DA-A5F1-30E3097A6AC7}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{2CBA630E-E5FE-4C98-9BAB-B4712C9B494E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D8F02ECD-FD10-418B-AAE2-5BDA14C3B98F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{28BC58E5-E25F-41E3-AC21-B15E3659BBDA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FB1BD2C1-D745-42E8-BC63-937FBAFF6AF4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{17FF23A6-2534-45D0-8C8A-C2DC366CE575}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{8C534569-373D-4A39-9202-D956B57AE575}C:\users\emreu\appdata\local\programs\opera\75.0.3969.149\opera.exe] => (Allow) C:\users\emreu\appdata\local\programs\opera\75.0.3969.149\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{88709749-02AC-4311-A134-763C6A65112F}C:\users\emreu\appdata\local\programs\opera\75.0.3969.149\opera.exe] => (Allow) C:\users\emreu\appdata\local\programs\opera\75.0.3969.149\opera.exe (Opera Software AS -> Opera Software)

==================== Restore Points =========================

09-04-2021 12:18:22 Windows Update
09-04-2021 13:36:46 O&O ShutUp10

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (04/09/2021 04:52:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SystemSettings.exe version 10.0.19041.610 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1050

Start Time: 01d72d466559452b

Termination Time: 4294967295

Application Path: C:\Windows\ImmersiveControlPanel\SystemSettings.exe

Report Id: c2423c5c-a794-4ac0-b1ad-926c26b952ab

Faulting package full name: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel

Hang type: Quiesce

Error: (04/09/2021 04:47:32 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest".Error in manifest or policy file "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" on line 1.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (04/09/2021 03:48:30 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Installation of the Proof of Purchase failed. 0xC004F069
Partial Pkey=GCQG9
ACID=?
Detailed Error[?]

Error: (04/09/2021 03:48:30 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Installation of the Proof of Purchase failed. 0xC004F069
Partial Pkey=T83GX
ACID=?
Detailed Error[?]

Error: (04/09/2021 01:38:35 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x803F7001
Command-line arguments:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2b1f36bb-c1cd-4306-bf5c-a0367c2d97d8;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (04/09/2021 01:38:31 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007139F
Command-line arguments:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2b1f36bb-c1cd-4306-bf5c-a0367c2d97d8;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (04/09/2021 01:28:37 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x803F7001
Command-line arguments:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2b1f36bb-c1cd-4306-bf5c-a0367c2d97d8;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (04/09/2021 01:28:09 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007139F
Command-line arguments:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2b1f36bb-c1cd-4306-bf5c-a0367c2d97d8;NotificationInterval=1440;Trigger=NetworkAvailable


System errors:
=============
Error: (04/09/2021 05:11:08 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error: 
Erişim engellendi.

Error: (04/09/2021 05:06:34 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8024200b: Microsoft Defender Antivirus İçin Güvenlik Zekâsı Güncelleştirmesi - KB2267602 (Sürüm 1.335.497.0).

Error: (04/09/2021 04:57:43 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: EnterpriseDeviceManagement.Service.AutoPilot.AutoPilotServer sunucusu belirtilen zaman aşımı süresi içinde DCOM'a kayıt yaptıramadı.

Error: (04/09/2021 04:54:08 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8024200b: Microsoft Defender Antivirus İçin Güvenlik Zekâsı Güncelleştirmesi - KB2267602 (Sürüm 1.335.497.0).

Error: (04/09/2021 04:53:03 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: EnterpriseDeviceManagement.Service.AutoPilot.AutoPilotServer sunucusu belirtilen zaman aşımı süresi içinde DCOM'a kayıt yaptıramadı.

Error: (04/09/2021 02:31:34 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8024200b: Microsoft Defender Antivirus İçin Güvenlik Zekâsı Güncelleştirmesi - KB2267602 (Sürüm 1.335.493.0).

Error: (04/09/2021 02:29:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error: 
Hizmet, belirli aralıklarla yapılan başlama veya denetim isteğine yanıt vermedi.

Error: (04/09/2021 02:29:41 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.


Windows Defender:
================
Date: 2021-04-09 17:06:34
Description: 
Microsoft Defender Antivirus has encountered an error trying to update the engine.
New Engine Version: 1.1.18000.5
Previous Engine Version: 1.1.16400.2
Error Code: 0x8050800c
Error description: Beklenmeyen bir hata oluştu. Mevcut güncelleştirmelerin tümünü yükleyin, ardından programı yeniden başlatmayı deneyin. Güncelleştirmeleri yükleme hakkında bilgi için Yardım ve Destek'e bakın. 

Date: 2021-04-09 16:54:07
Description: 
Microsoft Defender Antivirus has encountered an error trying to update the engine.
New Engine Version: 1.1.18000.5
Previous Engine Version: 1.1.16400.2
Error Code: 0x8050800c
Error description: Beklenmeyen bir hata oluştu. Mevcut güncelleştirmelerin tümünü yükleyin, ardından programı yeniden başlatmayı deneyin. Güncelleştirmeleri yükleme hakkında bilgi için Yardım ve Destek'e bakın. 

Date: 2021-04-09 14:31:34
Description: 
Microsoft Defender Antivirus has encountered an error trying to update the engine.
New Engine Version: 1.1.18000.5
Previous Engine Version: 1.1.16400.2
Error Code: 0x8050800c
Error description: Beklenmeyen bir hata oluştu. Mevcut güncelleştirmelerin tümünü yükleyin, ardından programı yeniden başlatmayı deneyin. Güncelleştirmeleri yükleme hakkında bilgi için Yardım ve Destek'e bakın. 

==================== Memory info =========================== 

BIOS: American Megatrends Inc. 2006 11/13/2019
Motherboard: ASUSTeK COMPUTER INC. TUF B450M-PRO GAMING
Processor: AMD Ryzen 5 3600 6-Core Processor 
Percentage of memory in use: 31%
Total physical RAM: 16315.33 MB
Available physical RAM: 11176.79 MB
Total Virtual: 19259.33 MB
Available Virtual: 12238.27 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.13 GB) (Free:410.44 GB) NTFS
Drive d: () (Fixed) (Total:931.5 GB) (Free:922.9 GB) NTFS

\\?\Volume{31bb8b81-9b76-4720-97ba-2a95244f8610}\ (Kurtarma) (Fixed) (Total:0.52 GB) (Free:0.09 GB) NTFS
\\?\Volume{ed7dbf26-4e38-46d5-995b-27edce1ea6cc}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Edited by siroynthe, 09 April 2021 - 09:46 AM.

  • 0

Advertisements


#2
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 4,284 posts

Hi, Siroynthe.
 
Welcome to GTG Forums.  EPFGbk7.gif
 
There is no evidence of malware in your logs.
 
Just to ensure that the computer is clean, you can perform an online scan with Eset.

ESET Online Scanner

Download ESET Online Scanner and save it to your desktop.

  • Right-click on esetonlinescanner_enu.exe and select Run as Administrator.
  • When the tool opens, click Get Started.
  • Read and accept the license agreement.
  • At the Welcome to ESET Online Scanner window, click Get Started.
  • Select whether you would like to send anonymous data to ESET.
  • Note: if you see the "Welcome Back to ESET Online Scanner" screen, click Computer Scan > Full Scan.
  • Click on the Full Scan option.
  • Select Enable ESET to detect and remove potentially unwanted applications, then click Start scan.
  • ESET will now begin scanning your computer. This may take some time.
  • When the scan is finished and if threats have been detected, select Save scan log. Save it to your desktop as eset.txt. Click on Continue.
  • ESET Online Scanner may ask if you'd like to turn on the Periodic Scan feature. Click on Continue.
  • On the next screen, you can leave feedback about the program if you wish. Check the box for Delete application data on closing. If you left feedback, click Submit and continue. If not, Close without feedback.
  • Open the scan log on your desktop (eset.txt) and copy and paste its contents into your next reply.

 


  • 0

#3
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 4,284 posts

It appears that this issue is resolved, and therefore this topic has been marked as such.

If you are the topic starter and still need assistance, please send me a personal message to reopen the thread. Everyone else, please start a new topic.


  • 0






Similar Topics


Also tagged with one or more of these keywords: infection, virus, trojan, rat, ament.ini

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP