Jump to content

Interesting Chrome Extension


Recommended Posts

Hello Guys i need your help i hope u can help me.

Malwarebytes gives these warnings but no other application is complaining about them. Should I still change my credit card information?

Best Regards.

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 371028
Threats Detected: 26
Threats Quarantined: 0
Time Elapsed: 5 min, 28 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 3
PUP.Optional.RussAd, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\ablpcikjmhamjanpibkccdmpoekjigja, No Action By User, 336, 405530, 1.0.59613, , ame, , , 
Trojan.RussAd, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\cpegcopcfajiiibidlaelhjjblpefbjk, No Action By User, 6294, 719709, 1.0.59613, , ame, , , 
PUP.Optional.RussAd, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\jkfblcbjfojmgagikhldeppgmgdpjkpl, No Action By User, 336, 423756, 1.0.59613, , ame, , , 

Registry Value: 3
PUP.Optional.RussAd, HKU\S-1-5-21-1079746126-3138819921-2173301284-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Profile 3\extensions.settings|ABLPCIKJMHAMJANPIBKCCDMPOEKJIGJA, No Action By User, 336, 405530, , , , , , 
Trojan.RussAd, HKU\S-1-5-21-1079746126-3138819921-2173301284-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Profile 3\extensions.settings|CPEGCOPCFAJIIIBIDLAELHJJBLPEFBJK, No Action By User, 6294, 719709, , , , , , 
PUP.Optional.RussAd, HKU\S-1-5-21-1079746126-3138819921-2173301284-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Profile 3\extensions.settings|JKFBLCBJFOJMGAGIKHLDEPPGMGDPJKPL, No Action By User, 336, 423756, , , , , , 

 

Link to post
Share on other sites

Sorry, I just found out that I have to upload them.

FRST.txt:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-08-2022
Ran by Enes (administrator) on HITOKIRI (Micro-Star International Co., Ltd. MS-7C88) (04-09-2022 21:06:27)
Running from C:\Users\Enes\Downloads
Loaded Profiles: Enes
Platform: Microsoft Windows 11 Home Version 21H2 22000.856 (X64) Language: Türkçe (Türkiye)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngineProcess.exe
(C:\Program Files\LGHUB\lghub.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.565.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\105.0.1343.25\msedgewebview2.exe <6>
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.5-0\MpCopyAccelerator.exe
(DriverStore\FileRepository\u0379219.inf_amd64_3649648678001de4\B378972\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0379219.inf_amd64_3649648678001de4\B378972\atieclxx.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat DC\Acrobat\acrotray.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <20>
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <3>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <8>
(explorer.exe ->) (Notepad++ -> Don HO don.h@free.fr) C:\Program Files\Notepad++\notepad++.exe
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0379219.inf_amd64_3649648678001de4\B378972\atiesrxx.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_ec6acb81b9300f24\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_5.68.30003.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.5-0\NisSrv.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(services.exe ->) (Razer USA Ltd. -> Razer) C:\Program Files (x86)\Razer\RzUpdateEngineService\RzUpdateEngineService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_05fe713c4fadacd3\RtkAudUService64.exe <2>
(svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.6271.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.6271.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.22000.826_none_04caa12d4c727e47\TiWorker.exe
(svchost.exe ->) (Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.565.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_05fe713c4fadacd3\RtkAudUService64.exe [3477960 2022-04-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3071192 2022-08-31] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrotray.exe [6609176 2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-06-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [OnScreen Control] => C:\Program Files (x86)\LG Electronics\OnScreen Control\bin\OnScreenStartUpApp.exe [1820568 2020-10-19] (LG Electronics Inc. -> LG Electronics Inc.)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [122427152 2021-07-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [850208 2022-05-06] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKU\S-1-5-21-1079746126-3138819921-2173301284-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2630040 2022-09-01] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1079746126-3138819921-2173301284-1001\...\Run: [Spotify] => C:\Users\Enes\AppData\Roaming\Spotify\Spotify.exe [19926392 2022-09-02] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-1079746126-3138819921-2173301284-1001\...\Run: [Discord] => C:\Users\Enes\AppData\Local\Discord\Update.exe [1512616 2022-02-17] (Discord Inc. -> GitHub)
HKU\S-1-5-21-1079746126-3138819921-2173301284-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4234600 2022-08-20] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1079746126-3138819921-2173301284-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Enes\AppData\Local\Microsoft\Teams\Update.exe [2454240 2021-11-01] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1079746126-3138819921-2173301284-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32706512 2022-08-25] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1079746126-3138819921-2173301284-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [7097112 2022-04-07] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1079746126-3138819921-2173301284-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [146944768 2022-08-31] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-1079746126-3138819921-2173301284-1001\...\Run: [YandexDisk2] => C:\Users\Enes\AppData\Roaming\Yandex\YandexDisk2\3.2.16.4490\YandexDisk2.exe -autostart (No File)
HKU\S-1-5-21-1079746126-3138819921-2173301284-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1802584 2022-08-04] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-1079746126-3138819921-2173301284-1001\...\Run: [FACEIT] => C:\Users\Enes\AppData\Local\FACEIT\update.exe [2278576 2022-08-18] (FACE IT LIMITED -> )
HKU\S-1-5-21-1079746126-3138819921-2173301284-1001\...\Run: [Voicemod] => C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe [7395712 2022-07-15] (Voicemod Sociedad Limitada -> Voicemod)
HKU\S-1-5-21-1079746126-3138819921-2173301284-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3532928 2022-05-24] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-1079746126-3138819921-2173301284-1001\...\Run: [MicrosoftEdgeAutoLaunch_7BC23ECC99A81123E80D9637058F485E] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3795360 2022-09-02] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3532928 2022-05-24] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-18\...\Run: [RzAppEngine] => C:\Program Files\Razer\RzAppEngine\rzappengine.exe [1641840 2021-10-06] (Razer USA Ltd. -> Razer Inc.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: c:\windows\system32\AdobePDF.dll [203936 2022-04-07] (Adobe Inc. -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{7D2B3E1D-D096-4594-9D8F-A6667F12E0AC}] -> C:\Program Files\Razer\RzAppEngine\1.49.0.0\Installer\chrmstp.exe [2022-06-30] (Razer USA Ltd. -> Razer Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\105.0.5195.102\Installer\chrmstp.exe [2022-09-04] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02DB2515-8AB7-43A8-9484-29EFB3E3817B} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4164504 2022-09-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {0564E05A-E530-4A07-AF70-464CA79E8095} - System32\Tasks\CLToastRun => C:\Program Files (x86)\CyberLink\Shared files\CLToast.exe [2322552 2022-07-19] (CyberLink Corp. -> )
Task: {0DA47EB2-5015-4EB2-A494-BD4FEE7DC854} - System32\Tasks\Adobe Uninstaller => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [421664 2022-05-06] (Adobe Inc. -> Adobe Inc.)
Task: {179A27A2-DB23-4F8A-987A-C6FEFF66C706} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.5-0\MpCmdRun.exe [1335968 2022-08-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1BC27BF6-1A78-46AD-A613-2A03F9AAFC5D} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1147440 2022-04-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {1FCF9625-47D5-49F7-9CFA-939123A84319} - System32\Tasks\CLToast => C:\Program Files (x86)\CyberLink\Shared files\CLToast.exe [2322552 2022-07-19] (CyberLink Corp. -> )
Task: {23E81257-5C4F-4DC2-ACB9-A9A0C14B51FC} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [67472 2022-07-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {2864E0FF-AD83-41C3-98EC-15D39CBA20C7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {2D4E561B-CCEE-4D56-BC9B-13B4C73D6F5F} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144768 2022-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {2D7C1125-6730-493A-B4C6-A69EE3165E67} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task
Task: {3D7175E0-5040-414B-B13E-D677792EA84F} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1079746126-3138819921-2173301284-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4164504 2022-09-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {4A6778CA-966C-430E-A887-EE7F4929B50E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23247304 2022-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {5BC409BA-022E-4097-ABDB-1614E6924D1A} - System32\Tasks\GPU Tweak III => C:\Program Files (x86)\ASUS\GPUTweakIII\GPU Tweak III.exe (No File)
Task: {74E82A81-0B09-41DD-A396-A0595B0F2A59} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.5-0\MpCmdRun.exe [1335968 2022-08-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7601ADEA-CF50-479A-9261-508E72B5334B} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2577752 2022-08-04] (Overwolf Ltd -> Overwolf LTD)
Task: {7AFCEC54-A9F2-4100-90F4-0D6083C9F93D} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1147440 2022-04-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {80664E40-7914-4ED9-9691-C100F06A702E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-05] (Google LLC -> Google LLC)
Task: {8726FE87-BDDA-4CED-86B9-1CB18723A928} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8305656 2022-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {89982AD2-617C-4B56-B7AB-DF6C7CAD7D1E} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [56368 2022-04-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {90A4D221-27CD-49DF-A0FA-F324A8C32B34} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4105880 2022-07-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {99FD5CD2-D7F0-48FC-A538-86D24685D496} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-05] (Google LLC -> Google LLC)
Task: {9C138984-C19E-4B7C-8E70-9EC98EDD19C6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8305656 2022-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {9F8FCFA1-FFCE-4FD2-ACF6-1C498E338AE1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.5-0\MpCmdRun.exe [1335968 2022-08-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AA4149CF-CAA0-4777-A365-C9F29CA03D10} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1907712 2021-09-17] () [File not signed]
Task: {AF4251A4-73C5-448A-9930-314E88FF0979} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.5-0\MpCmdRun.exe [1335968 2022-08-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D3CAB4C3-98A1-42FF-B3F9-08AF01F4026C} - System32\Tasks\Opera scheduled Autoupdate 1644417543 => C:\Users\Enes\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {D883B6BB-D5AB-49BA-B10C-706E8A274DF4} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1147440 2022-04-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {E658104A-CF14-4DD6-AB1B-FB16A23A0537} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [261680 2022-04-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {E6CCD882-6834-4831-9D66-B800331E805C} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144768 2022-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {EC0F710E-840B-4DA6-8948-B1AF4FF8AB95} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23247304 2022-08-11] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 178.233.140.110 46.197.15.60 46.196.235.35
Tcpip\..\Interfaces\{4fca1abb-4282-40d6-a0f1-6939b5613535}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{4fca1abb-4282-40d6-a0f1-6939b5613535}: [DhcpNameServer] 178.233.140.110 46.197.15.60 46.196.235.35

Edge: 
=======
Edge HomeButtonPage: HKU\S-1-5-21-1079746126-3138819921-2173301284-1001 -> hxxps://www.yandex.com.tr/?win=531&clid=2226668
Edge DefaultProfile: Default
Edge Profile: C:\Users\Enes\AppData\Local\Microsoft\Edge\User Data\Default [2022-09-04]
Edge HKU\S-1-5-21-1079746126-3138819921-2173301284-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx <not found>

FireFox:
========
FF DefaultProfile: nahd6ha2.default
FF ProfilePath: C:\Users\Enes\AppData\Roaming\Mozilla\Firefox\Profiles\3t4lqysp.default-esr-1 [2022-04-04]
FF ProfilePath: C:\Users\Enes\AppData\Roaming\Mozilla\Firefox\Profiles\32l03amx.default-esr [2022-04-01]
FF ProfilePath: C:\Users\Enes\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default [2022-03-01]
FF Homepage: Mozilla\Firefox\Profiles\nahd6ha2.default -> hxxps://www.yandex.com.tr/?win=531&clid=2226668
FF SearchPlugin: C:\Users\Enes\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\yandex.com.tr-20221001.xml [2022-03-01]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-02-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-05-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2022-05-06] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.301.2 -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\dtplugin\npDeployJava1.dll [2021-10-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.301.2 -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\plugin2\npjp2.dll [2021-10-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-04-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-04-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2022-05-06] (Adobe Inc. -> Adobe Systems)

Chrome: 
=======
CHR DefaultProfile: Profile 3
CHR Profile: C:\Users\Enes\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-05-02]
CHR Profile: C:\Users\Enes\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-06-26]
CHR Extension: (Adobe Acrobat: PDF düzenleme, dönüştürme, imzalama araçları) - C:\Users\Enes\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-06-26]
CHR Extension: (Chrome Web Mağazası Ödemeleri) - C:\Users\Enes\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-05]
CHR Profile: C:\Users\Enes\AppData\Local\Google\Chrome\User Data\Profile 3 [2022-09-04]
CHR DownloadDir: E:\indirilenler
CHR Notifications: Profile 3 -> hxxps://aternos.org
CHR Extension: (RoPro - Roblox Deneyiminizi Geliştirin) - C:\Users\Enes\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\adbacgifemdbhdkfppmeilbgppmhaobf [2022-08-12]
CHR Extension: (Honey: Automatic Coupons & Rewards) - C:\Users\Enes\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2022-09-04]
CHR Extension: (uBlock Origin) - C:\Users\Enes\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-08-25]
CHR Extension: (Quick Copy Roblox IDs) - C:\Users\Enes\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gdhnniabnphencplancldglaflfafmfj [2021-10-05]
CHR Extension: (YouTube Dislike Sayısını Geri Getir) - C:\Users\Enes\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gebbhagfogifgggkldgodflihgfeippi [2022-09-04]
CHR Extension: (BTRoblox - Making Roblox Better) - C:\Users\Enes\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\hbkpclpemjeibhioopcebchdmohaieln [2022-08-10]
CHR Extension: (Roblox+) - C:\Users\Enes\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\jfbnmfgkohlfclfnplnlenbalpppohkm [2022-03-14]
CHR Extension: (Chrome Web Mağazası Ödemeleri) - C:\Users\Enes\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-05]
CHR Profile: C:\Users\Enes\AppData\Local\Google\Chrome\User Data\Profile 5 [2022-05-09]
CHR Extension: (Chrome Web Mağazası Ödemeleri) - C:\Users\Enes\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-22]
CHR Profile: C:\Users\Enes\AppData\Local\Google\Chrome\User Data\Profile 6 [2022-08-12]
CHR Extension: (uBlock Origin) - C:\Users\Enes\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-08-12]
CHR Extension: (Windscribe - Free Proxy and Ad Blocker) - C:\Users\Enes\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\hnmpcagpplmpfojmgmnngilcnanddlhb [2022-02-05]
CHR Extension: (Chrome Web Mağazası Ödemeleri) - C:\Users\Enes\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-26]
CHR Profile: C:\Users\Enes\AppData\Local\Google\Chrome\User Data\Profile 7 [2022-08-05]
CHR Extension: (Adobe Acrobat: PDF düzenleme, dönüştürme, imzalama araçları) - C:\Users\Enes\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-08-05]
CHR Extension: (Chrome Web Mağazası Ödemeleri) - C:\Users\Enes\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-02-08]
CHR Profile: C:\Users\Enes\AppData\Local\Google\Chrome\User Data\System Profile [2022-03-08]
CHR HKLM-x32\...\Chrome\Extension: [ablpcikjmhamjanpibkccdmpoekjigja]
CHR HKLM-x32\...\Chrome\Extension: [cpegcopcfajiiibidlaelhjjblpefbjk]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [jkfblcbjfojmgagikhldeppgmgdpjkpl]
CHR HKLM-x32\...\Chrome\Extension: [ojmcefcpojnkmmblchnllkaphlpdobgd] - C:\Joygame\Wolfteam Turkiye\Joygame\JoyTemp\ChromeEklenti\homepage_extension_1_5.crx <not found>

Yandex: 
=======
YAN Profile: C:\Users\Enes\AppData\Local\Yandex\YandexBrowser\User Data\Default [2022-03-01]
YAN DownloadDir: E:\indirilenler
YAN Extension: (Quick Copy Roblox IDs) - C:\Users\Enes\AppData\Local\Yandex\YandexBrowser\User Data\Default\Extensions\gdhnniabnphencplancldglaflfafmfj [2022-03-01]
YAN Extension: (Yandex Search Helper) - C:\Users\Enes\AppData\Local\Yandex\YandexBrowser\User Data\Default\Extensions\mpcbmpfijbigjiflmkdpbnnpnjgkpdij [2022-03-01] [UpdateUrl:hxxps://browser-api.store.yandex.net/crx/v1/update] <==== ATTENTION

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
S4 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [919328 2022-05-06] (Adobe Inc. -> Adobe Inc.)
S3 AntiCheatExpert Service; C:\Program Files\AntiCheatExpert\SGuard\x64\SGuardSvc64.exe [2703960 2022-08-29] (PUBG CORPORATION -> )
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8885112 2022-05-22] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11988896 2022-08-11] (Microsoft Corporation -> Microsoft Corporation)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [9158752 2022-08-25] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2022-07-24] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [584680 2022-08-15] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2022-07-24] (Epic Games Inc. -> Epic Games, Inc.)
S3 EQU8_36; C:\ProgramData\EQU8\Splitgate\bin\anticheat.x64.equ8.exe [8344720 2022-08-27] (Int3 Software AB -> Int3 Software AB)
S3 FACEITService; C:\Program Files\FACEIT AC\faceitservice.exe [24913296 2022-08-12] (FACE IT LIMITED -> )
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.171.0814.0003\FileSyncHelper.exe [3382664 2022-09-01] (Microsoft Corporation -> Microsoft Corporation)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10068736 2022-08-31] (Logitech Inc -> Logitech, Inc.)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8765464 2022-09-04] (Malwarebytes Inc. -> Malwarebytes)
S3 OfficeSvcManagerAddons; C:\Windows\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [45368 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.171.0814.0003\OneDriveUpdaterService.exe [3803008 2022-09-01] (Microsoft Corporation -> Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2579272 2022-08-27] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3497808 2022-08-27] (Electronic Arts, Inc. -> Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2577752 2022-08-04] (Overwolf Ltd -> Overwolf LTD)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [2030624 2022-05-17] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [464416 2022-05-17] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1351744 2022-06-03] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [254224 2021-11-16] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [299136 2022-05-24] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Update Service; C:\Program Files (x86)\Razer\RzUpdateEngineService\RzUpdateEngineService.exe [408912 2020-04-02] (Razer USA Ltd. -> Razer)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [534440 2022-04-28] (Razer USA Ltd. -> Razer Inc.)
S3 ucldr_battlegrounds_gl; C:\Program Files\Common Files\UNCHEATER\ucldr_battlegrounds_gl.exe [6020336 2022-05-22] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10420944 2022-08-31] (Riot Games, Inc. -> Riot Games, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.5-0\NisSrv.exe [3125128 2022-08-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.5-0\MsMpEng.exe [133560 2022-08-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 zksvc; C:\Program Files\Common Files\PUBG\zksvc.exe [9959072 2022-08-29] (PUBG CORPORATION -> KRAFTON, Inc)
S4 asComSvc; "C:\Program Files (x86)\ASUS\AXSP\4.02.03\atkexComSvc.exe" [X]
S2 AsusCertService; "C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACE-BASE; C:\Windows\system32\drivers\ACE-BASE.sys [2231936 2022-08-29] (PUBG CORPORATION -> ANTICHEATEXPERT.COM)
S3 ACE-GAME; C:\Windows\system32\drivers\ACE-GAME.sys [952960 2022-08-29] (PUBG CORPORATION -> ANTICHEATEXPERT.COM)
R3 amdfendrmgr; C:\Windows\System32\drivers\amdfendrmgr.sys [33728 2021-12-13] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDSAFD; C:\Windows\System32\DriverStore\FileRepository\amdsafd.inf_amd64_edd3335a4253bf6d\amdsafd.sys [109520 2021-11-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 amdwddmg; C:\Windows\System32\DriverStore\FileRepository\u0379219.inf_amd64_3649648678001de4\B378972\amdkmdag.sys [90165704 2022-05-09] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R1 Asusgio3; C:\Windows\system32\drivers\AsIO3.sys [43168 2021-09-30] (ASUSTeK Computer Inc. -> )
S3 cpuz154; C:\Windows\temp\cpuz154\cpuz154_x64.sys [40960 2022-09-04] (Microsoft Windows Hardware Compatibility Publisher -> CPUID)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 FACEIT; C:\Windows\System32\Drivers\FACEIT.sys [16521232 2022-08-18] (Microsoft Windows Hardware Compatibility Publisher -> )
R0 fse; C:\Windows\System32\drivers\fse.sys [193888 2022-05-10] (Microsoft Windows -> Microsoft Corporation)
S3 logi_audio_surround; C:\Windows\system32\drivers\logi_audio_surround.sys [44488 2022-06-08] (Logitech Inc -> Logitech)
R3 logi_joy_bus_enum; C:\Windows\system32\drivers\logi_joy_bus_enum.sys [33528 2022-03-23] (WDKTestCert builder,132743893872553407 -> Logitech)
R3 logi_joy_vir_hid; C:\Windows\system32\drivers\logi_joy_vir_hid.sys [21704 2022-03-23] (WDKTestCert builder,132743893872553407 -> Logitech)
R3 logi_joy_xlcore; C:\Windows\system32\drivers\logi_joy_xlcore.sys [62904 2022-03-23] (WDKTestCert builder,132743893872553407 -> Logitech)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2022-09-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2022-09-04] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsl85b20276; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{44C2979C-D450-4822-83B9-103788441610}\MpKslDrv.sys [141576 2022-09-04] (Microsoft Windows -> Microsoft Corporation)
U5 PROCMON24; C:\Windows\System32\Drivers\PROCMON24.sys [95632 2022-05-06] (Microsoft Windows Hardware Compatibility Publisher -> Sysinternals - www.sysinternals.com)
S3 rt68cx21; C:\Windows\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_17b0987cc485ce8a\rt68cx21x64.sys [458152 2021-08-12] (Microsoft Windows Hardware Compatibility Publisher -> Realtek)
S3 rtcx21; C:\Windows\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_d2a498d51a4f7bec\rtcx21x64.sys [409000 2021-06-01] (Realtek Semiconductor Corp. -> Realtek)
R3 RzCommon; C:\Windows\System32\drivers\RzCommon.sys [54632 2021-03-30] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0085; C:\Windows\System32\drivers\RzDev_0085.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
S2 SSGDIO; C:\Windows\SysWOW64\DRIVERS\ssgdio64.sys [14608 2021-11-11] (ATI Technologies, Inc -> ATI Technologies Inc.)
S3 tap0901; C:\Windows\System32\drivers\tap0901.sys [39920 2021-09-13] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 tapprotonvpn; C:\Windows\System32\drivers\tapprotonvpn.sys [49024 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8736232 2022-08-30] (Riot Games, Inc. -> Riot Games, Inc.)
S3 vmbusproxy; C:\Windows\system32\drivers\vmbusproxy.sys [90112 2021-12-26] (Microsoft Windows -> )
R3 VOICEMOD_Driver; C:\Windows\system32\drivers\mvvad.sys [48144 2022-07-04] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49576 2022-08-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [453904 2022-08-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [94456 2022-08-16] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\Windows\xhunter1.sys [1431256 2022-05-22] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 equ8_helper; \??\C:\Windows\system32\DRIVERS\equ8_helper.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-09-04 21:06 - 2022-09-04 21:06 - 000038500 _____ C:\Users\Enes\Downloads\FRST.txt
2022-09-04 21:06 - 2022-09-04 21:06 - 000000000 ____D C:\FRST
2022-09-04 19:30 - 2022-09-04 19:31 - 002371072 _____ (Farbar) C:\Users\Enes\Downloads\FRST64.exe
2022-09-04 19:10 - 2022-09-04 19:10 - 000001381 _____ C:\Users\Enes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2022-09-04 19:10 - 2022-09-04 19:10 - 000001275 _____ C:\Users\Enes\Desktop\ESET Online Scanner.lnk
2022-09-04 19:10 - 2022-09-04 19:10 - 000000000 ____D C:\Users\Enes\AppData\Local\ESET
2022-09-04 18:10 - 2022-09-04 18:10 - 000006790 _____ C:\Users\Enes\Desktop\1111111111111111111111.txt
2022-09-04 18:04 - 2022-09-04 19:40 - 000000000 ____D C:\Users\DefaultAppPool
2022-09-04 18:04 - 2022-09-04 18:04 - 000000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2022-09-04 18:04 - 2022-09-04 18:04 - 000000000 _SHDL C:\Users\DefaultAppPool\Documents\Videolarım
2022-09-04 18:04 - 2022-09-04 18:04 - 000000000 _SHDL C:\Users\DefaultAppPool\Documents\Resimlerim
2022-09-04 18:04 - 2022-09-04 18:04 - 000000000 _SHDL C:\Users\DefaultAppPool\Documents\Müziğim
2022-09-04 18:04 - 2022-09-04 18:04 - 000000000 _SHDL C:\Users\DefaultAppPool\Belgelerim
2022-09-04 18:04 - 2022-09-04 18:04 - 000000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programlar
2022-09-04 18:04 - 2021-10-31 19:37 - 000000000 ___RD C:\Users\DefaultAppPool\OneDrive
2022-09-04 18:04 - 2021-06-05 15:04 - 000001281 _____ C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk
2022-09-04 18:04 - 2021-06-05 15:04 - 000000407 _____ C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk
2022-09-04 18:03 - 2022-09-04 18:03 - 000239544 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2022-09-04 18:03 - 2022-09-04 18:03 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-09-04 18:03 - 2022-09-04 18:03 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-09-04 18:03 - 2022-09-04 18:03 - 000000000 ____D C:\Users\Enes\AppData\Local\mbam
2022-09-04 18:03 - 2022-09-04 18:02 - 000158640 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2022-09-04 18:03 - 2022-09-04 18:02 - 000021480 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2022-09-04 18:02 - 2022-09-04 18:02 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-09-04 18:02 - 2022-09-04 18:02 - 000000000 ____D C:\Program Files\Malwarebytes
2022-09-04 17:46 - 2022-09-04 17:46 - 013884680 _____ (NortonLifeLock Inc.) C:\Users\Enes\Downloads\NPE.exe
2022-09-04 15:16 - 2022-09-04 15:16 - 000000000 ____D C:\Users\Enes\AppData\Local\NBTExplorer
2022-09-04 15:16 - 2022-09-04 15:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NBTExplorer
2022-09-04 05:04 - 2022-09-04 05:08 - 000000000 ____D C:\Users\Enes\Documents\The Witcher 3 Mod Manager
2022-09-03 08:59 - 2022-09-03 08:59 - 000000000 ____D C:\Users\Enes\MCreatorWorkspaces
2022-09-03 08:37 - 2022-09-03 09:04 - 000000000 ____D C:\Users\Enes\.mcreator
2022-09-03 08:35 - 2022-09-03 08:35 - 000000684 _____ C:\Users\Enes\Desktop\MCreator.lnk
2022-09-03 08:35 - 2022-09-03 08:35 - 000000000 ____D C:\Users\Enes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pylo
2022-09-03 00:47 - 2022-09-03 00:47 - 000000916 _____ C:\Users\Public\Desktop\Cyberpunk 2077.lnk
2022-09-03 00:47 - 2022-09-03 00:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cyberpunk 2077
2022-09-02 23:08 - 2022-09-02 23:08 - 000000650 _____ C:\Users\Public\Desktop\Logitech G HUB.lnk
2022-09-02 23:08 - 2022-09-02 23:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2022-09-02 18:55 - 2022-09-02 19:21 - 000000000 ____D C:\Users\Enes\Desktop\DesktopGoose v0.3
2022-09-02 17:43 - 2022-09-02 17:43 - 000000000 ____D C:\Users\Enes\Documents\CyberLink
2022-09-02 17:28 - 2022-09-02 17:28 - 000000000 ____D C:\Users\Enes\AppData\Roaming\CyberLink
2022-09-02 17:27 - 2022-09-02 17:27 - 000003586 _____ C:\Windows\system32\Tasks\CLToast
2022-09-02 17:27 - 2022-09-02 17:27 - 000003412 _____ C:\Windows\system32\Tasks\CLToastRun
2022-09-02 17:27 - 2022-09-02 17:27 - 000001293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Notification Center.lnk
2022-09-02 17:27 - 2022-09-02 17:27 - 000001112 _____ C:\Users\Public\Desktop\CyberLink PhotoDirector 365.lnk
2022-09-02 17:27 - 2022-09-02 17:27 - 000001112 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PhotoDirector 365.lnk
2022-09-02 17:27 - 2022-09-02 17:27 - 000000000 ____D C:\Users\Enes\AppData\Local\Cyberlink
2022-09-02 17:27 - 2022-09-02 17:27 - 000000000 ____D C:\Program Files (x86)\NSIS Uninstall Information
2022-09-02 17:27 - 2022-09-02 17:27 - 000000000 ____D C:\Program Files (x86)\CyberLink
2022-09-02 17:23 - 2022-09-02 17:27 - 000000000 ____D C:\ProgramData\CLSK
2022-09-02 17:23 - 2022-09-02 17:23 - 000000000 ____D C:\ProgramData\install_clap
2022-09-02 17:23 - 2022-09-02 17:23 - 000000000 ____D C:\ProgramData\install_backup
2022-09-02 17:21 - 2022-09-02 23:07 - 000000000 ___HD C:\ProgramData\CyberLink
2022-09-02 11:43 - 2022-09-02 11:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\win-capture-audio
2022-09-02 06:19 - 2022-09-02 06:19 - 000000000 ____D C:\Users\Enes\AppData\Roaming\RapidCRC
2022-09-01 23:52 - 2022-09-01 23:53 - 000000000 ____D C:\Users\Enes\Desktop\Yeni klasör (2)
2022-08-31 07:00 - 2022-08-31 07:00 - 002061336 _____ (Logitech) C:\Windows\system32\logi_audio_hx2e_render_apo.dll
2022-08-31 07:00 - 2022-08-31 07:00 - 001927544 _____ (Logitech) C:\Windows\system32\logi_audio_dts_studio_capture_apo.dll
2022-08-29 06:32 - 2022-09-04 17:45 - 000000000 _____ C:\ProgramData\sldh.dat
2022-08-29 04:04 - 2022-08-29 04:04 - 000000000 ____D C:\Users\Enes\AppData\LocalLow\Hasbro, Inc_
2022-08-29 04:02 - 2022-08-29 04:02 - 000000223 _____ C:\Users\Enes\Desktop\RISK Global Domination.url
2022-08-29 03:41 - 2022-08-29 04:01 - 000000000 ____D C:\ProgramData\AntiCheatExpert
2022-08-29 03:41 - 2022-08-29 03:43 - 000000000 ____D C:\Program Files\AntiCheatExpert
2022-08-29 03:41 - 2022-08-29 03:41 - 002231936 _____ (ANTICHEATEXPERT.COM) C:\Windows\system32\Drivers\ACE-BASE.sys
2022-08-29 03:41 - 2022-08-29 03:41 - 000952960 _____ (ANTICHEATEXPERT.COM) C:\Windows\system32\Drivers\ACE-GAME.sys
2022-08-28 07:08 - 2022-08-28 08:27 - 000000000 ____D C:\ProgramData\EQU8
2022-08-28 07:08 - 2022-08-28 07:08 - 000000000 ____D C:\Users\Enes\AppData\Local\PortalWars
2022-08-27 23:24 - 2022-08-27 23:24 - 000000222 _____ C:\Users\Enes\Desktop\Splitgate.url
2022-08-27 23:20 - 2022-08-27 23:20 - 000001066 _____ C:\Users\Public\Desktop\Origin.lnk
2022-08-27 23:20 - 2022-08-27 23:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2022-08-27 23:20 - 2022-08-27 23:20 - 000000000 ____D C:\Program Files (x86)\Origin
2022-08-27 16:13 - 2022-08-27 16:13 - 000000000 _____ C:\Users\Enes\Desktop\EVENTI KAZANANLAR.txt
2022-08-26 17:22 - 2022-08-26 17:22 - 000000000 ____D C:\Users\Enes\AppData\Roaming\Blender Foundation
2022-08-26 17:21 - 2022-08-26 17:21 - 000000000 ____D C:\Users\Enes\.thumbnails
2022-08-26 17:19 - 2022-08-26 17:19 - 000000601 _____ C:\Users\Enes\Desktop\Blender.lnk
2022-08-26 17:19 - 2022-08-26 17:19 - 000000000 ____D C:\Users\Enes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\blender
2022-08-25 16:20 - 2022-08-26 11:10 - 000000679 _____ C:\Users\Enes\Desktop\BUILD ISLANDS GEAR KOD.txt
2022-08-25 15:30 - 2022-08-25 15:30 - 000000848 _____ C:\Users\Enes\Desktop\Music Keeper.lnk
2022-08-25 15:30 - 2022-08-25 15:30 - 000000000 ____D C:\Users\Enes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Music Keeper
2022-08-25 15:30 - 2022-08-25 15:30 - 000000000 ____D C:\Users\Enes\AppData\Local\MusicKeeper
2022-08-25 15:30 - 2022-08-25 15:30 - 000000000 ____D C:\Program Files (x86)\Music Keeper
2022-08-25 04:43 - 2022-08-25 04:59 - 000000000 ____D C:\Users\Enes\Downloads\Compressed
2022-08-25 04:43 - 2022-08-25 04:43 - 000000000 ____D C:\Users\Enes\Downloads\Video
2022-08-24 18:22 - 2022-08-24 18:22 - 000072344 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2022-08-24 18:22 - 2022-08-24 18:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2022-08-24 18:22 - 2022-08-24 18:22 - 000000000 ____D C:\Program Files\Java
2022-08-24 18:22 - 2022-08-24 18:22 - 000000000 ____D C:\Program Files\Common Files\Oracle
2022-08-22 04:43 - 2022-08-22 04:43 - 000000000 ____D C:\Users\Enes\AppData\Local\Haze1
2022-08-21 21:46 - 2022-08-21 21:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2019
2022-08-21 21:42 - 2022-08-21 21:44 - 000000000 ____D C:\ProgramData\chocolatey
2022-08-21 21:42 - 2022-08-21 21:42 - 000000000 ____D C:\Users\Enes\AppData\Local\NuGet
2022-08-21 21:42 - 2022-08-21 21:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js
2022-08-21 20:48 - 2022-08-21 20:48 - 000000000 ____D C:\Users\Enes\AppData\Local\checkpoint-nodejs
2022-08-21 20:38 - 2021-06-04 19:20 - 000397312 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\DXCpl.exe
2022-08-21 20:38 - 2021-06-04 18:43 - 000353792 _____ (Windows (R) Win 7 DDK provider) C:\Windows\SysWOW64\DXCpl.exe
2022-08-21 20:37 - 2022-08-21 20:37 - 000000000 ____D C:\ProgramData\Windows App Certification Kit
2022-08-21 20:37 - 2022-08-21 20:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2022-08-21 20:37 - 2022-08-21 20:37 - 000000000 ____D C:\Program Files\Application Verifier
2022-08-21 20:37 - 2022-08-21 20:37 - 000000000 ____D C:\Program Files (x86)\Application Verifier
2022-08-21 20:30 - 2022-08-21 21:46 - 000001433 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk
2022-08-21 20:30 - 2022-08-21 20:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2017
2022-08-21 20:29 - 2022-08-21 21:57 - 000000000 ____D C:\Users\Enes\.windows-build-tools
2022-08-21 20:29 - 2022-08-21 21:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
2022-08-21 20:29 - 2022-08-21 21:46 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2022-08-21 20:29 - 2022-08-21 20:29 - 000000000 ____D C:\Users\Enes\AppData\Roaming\Visual Studio Setup
2022-08-21 20:29 - 2022-08-21 20:29 - 000000000 ____D C:\ProgramData\Microsoft Visual Studio
2022-08-21 19:40 - 2022-08-21 19:40 - 000000000 ____D C:\Users\Enes\AppData\Local\node-gyp
2022-08-21 19:38 - 2022-08-21 19:38 - 000000000 ____D C:\Users\Enes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.10
2022-08-21 19:38 - 2022-08-21 19:38 - 000000000 ____D C:\Users\Enes\AppData\Local\Package Cache
2022-08-21 19:26 - 2022-08-21 20:01 - 000000000 ____D C:\Users\Enes\Desktop\Muse
2022-08-21 18:35 - 2022-08-21 21:42 - 000000000 ____D C:\Program Files\nodejs
2022-08-21 08:11 - 2022-08-21 10:37 - 000000862 _____ C:\Users\Enes\Desktop\PLS DONATE KOD.txt
2022-08-19 19:01 - 2022-08-19 19:01 - 000000222 _____ C:\Users\Enes\Desktop\Castle Crashers Demo.url
2022-08-19 16:06 - 2022-08-19 16:06 - 000000000 ____D C:\Users\Public\Documents\OnlineFix
2022-08-18 22:40 - 2022-08-18 22:40 - 000000000 ____D C:\Users\Enes\AppData\Local\log
2022-08-18 22:27 - 2022-08-18 22:27 - 016521232 _____ C:\Windows\system32\Drivers\FACEIT.sys
2022-08-18 22:15 - 2022-08-18 22:15 - 000000000 ___HD C:\$WinREAgent
2022-08-18 22:02 - 2022-08-23 04:21 - 000000000 ____D C:\Program Files\FACEIT AC
2022-08-18 22:02 - 2022-08-18 22:02 - 000000892 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FACEIT AC.lnk
2022-08-18 22:02 - 2022-08-18 22:02 - 000000880 _____ C:\Users\Public\Desktop\FACEIT AC.lnk
2022-08-18 22:02 - 2022-08-18 22:02 - 000000000 ____D C:\Users\Enes\AppData\Local\FACEIT
2022-08-18 02:53 - 2022-08-18 02:53 - 000000000 ____D C:\Users\Enes\AppData\Roaming\JAM Software
2022-08-18 02:34 - 2022-08-18 02:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HeavyLoad
2022-08-18 02:34 - 2022-08-18 02:34 - 000000000 ____D C:\Program Files\JAM Software
2022-08-17 01:28 - 2022-08-17 01:28 - 000000000 ____D C:\Users\Enes\AppData\LocalLow\Beam Team Games
2022-08-15 22:26 - 2022-08-15 22:26 - 000000000 ____D C:\Users\Enes\AppData\Local\CD Projekt Red
2022-08-15 22:25 - 2022-08-30 18:21 - 000000000 ____D C:\Users\Enes\AppData\Local\REDEngine
2022-08-15 15:20 - 2022-08-15 15:42 - 000000000 ____D C:\Users\Enes\AppData\Local\MultiVersus
2022-08-15 14:56 - 2022-08-15 14:56 - 000000223 _____ C:\Users\Enes\Desktop\MultiVersus.url
2022-08-13 20:57 - 2022-08-13 20:58 - 000000000 ____D C:\Users\Enes\AppData\Local\CSO
2022-08-13 20:57 - 2022-08-13 20:57 - 000000000 ____D C:\Users\Enes\Documents\Counter-Strike Nexon Studio
2022-08-13 20:57 - 2022-08-13 20:57 - 000000000 ____D C:\ProgramData\Nexon
2022-08-12 06:59 - 2022-02-28 02:06 - 011197472 _____ (AcClub) C:\Users\Enes\Desktop\AsettoCorsa.exe
2022-08-12 06:57 - 2022-08-13 14:34 - 000000000 ____D C:\Users\Enes\AppData\Local\AcTools Content Manager
2022-08-12 03:09 - 2022-08-12 03:09 - 000000000 ____D C:\Users\Enes\AppData\Local\ATI
2022-08-12 03:07 - 2022-09-04 19:36 - 000003076 _____ C:\Windows\system32\Tasks\AMDLinkUpdate
2022-08-12 03:07 - 2022-08-12 03:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2022-08-12 03:06 - 2022-08-12 03:06 - 000000000 ____D C:\Users\Enes\AppData\LocalLow\AMD
2022-08-12 03:06 - 2022-08-12 03:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Software꞉ Adrenalin Edition
2022-08-12 03:05 - 2022-08-12 03:07 - 000000000 ____D C:\Windows\system32\AMD
2022-08-12 03:05 - 2022-08-12 03:07 - 000000000 ____D C:\ProgramData\AMD
2022-08-12 03:05 - 2022-08-12 03:06 - 000000000 ____D C:\Program Files\AMD
2022-08-12 03:04 - 2022-08-12 03:04 - 000000000 ____D C:\AMD
2022-08-12 03:03 - 2022-09-04 16:44 - 000000000 ____D C:\Users\Enes\AppData\Local\D3DSCache
2022-08-12 00:52 - 2022-08-12 00:52 - 000000000 ____D C:\Windows\SysWOW64\BestPractices
2022-08-12 00:52 - 2022-08-12 00:52 - 000000000 ____D C:\Windows\system32\BestPractices
2022-08-12 00:52 - 2022-08-12 00:52 - 000000000 ____D C:\inetpub
2022-08-11 23:42 - 2022-08-11 23:42 - 001907756 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2022-08-11 20:04 - 2022-09-03 18:58 - 000001041 _____ C:\Users\Enes\Desktop\CraftRiseLauncher.exe - Kısayol.lnk
2022-08-11 19:46 - 2022-08-14 08:32 - 000000000 ____D C:\Users\Enes\Documents\Image-Line
2022-08-11 19:09 - 2021-10-05 02:10 - 000000000 ____D C:\Users\Enes\Desktop\LocalCache
2022-08-11 14:07 - 2022-08-11 14:07 - 000000789 _____ C:\Users\Enes\Desktop\ASIO4ALL v2 Instruction Manual.lnk
2022-08-11 14:07 - 2022-08-11 14:07 - 000000000 ____D C:\Users\Enes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2022-08-11 13:55 - 2022-08-11 14:07 - 000000000 ____D C:\Program Files\Image-Line
2022-08-11 13:55 - 2022-08-11 13:55 - 000000585 _____ C:\Users\Enes\Desktop\FL Studio 20.lnk
2022-08-11 13:55 - 2022-08-11 13:55 - 000000000 ____D C:\Users\Enes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2022-08-11 13:55 - 2022-08-11 13:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
2022-08-11 13:55 - 2022-08-11 13:55 - 000000000 ____D C:\Program Files\Common Files\VST2
2022-08-10 15:56 - 2022-08-10 15:56 - 000000000 ____D C:\ProgramData\Manticore Games
2022-08-10 01:13 - 2022-08-10 01:13 - 000335872 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2022-08-10 01:13 - 2022-08-10 01:13 - 000327680 _____ C:\Windows\system32\pnpdiag.dll
2022-08-10 01:13 - 2022-08-10 01:13 - 000069632 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2022-08-10 01:13 - 2022-08-10 01:13 - 000041472 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2022-08-10 01:13 - 2022-08-10 01:13 - 000015026 _____ C:\Windows\system32\DrtmAuthTxt.wim
2022-08-09 01:37 - 2022-08-09 01:39 - 000000000 ____D C:\Users\Enes\Documents\Need for Speed Heat
2022-08-08 23:00 - 2022-08-12 02:57 - 000000000 ____D C:\Users\Enes\Desktop\5645443
2022-08-08 18:29 - 2022-08-23 00:40 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2022-08-08 18:29 - 2022-08-08 18:29 - 000000915 _____ C:\Users\Public\Desktop\Need for Speed™ Heat.lnk
2022-08-08 18:29 - 2022-08-08 18:29 - 000000000 ____D C:\ProgramData\Electronic Arts
2022-08-08 15:16 - 2022-08-08 15:16 - 000000000 ____D C:\Users\Enes\AppData\LocalLow\Redbeet Interactive
2022-08-08 06:26 - 2022-08-08 06:26 - 000000000 ____D C:\Users\Enes\AppData\Local\EALaunchHelper
2022-08-08 01:41 - 2022-08-22 03:46 - 000000000 ____D C:\ProgramData\EA Desktop
2022-08-08 01:41 - 2022-08-08 01:41 - 000002138 _____ C:\Users\Public\Desktop\EA.lnk
2022-08-08 01:41 - 2022-08-08 01:41 - 000000000 ____D C:\Users\Enes\AppData\Local\Electronic Arts
2022-08-08 01:41 - 2022-08-08 01:41 - 000000000 ____D C:\Users\Enes\AppData\Local\EADesktop
2022-08-08 01:41 - 2022-08-08 01:41 - 000000000 ____D C:\Users\Enes\AppData\Local\EAConnect_microsoft
2022-08-08 01:41 - 2022-08-08 01:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
2022-08-08 01:41 - 2022-08-08 01:41 - 000000000 ____D C:\Program Files\Electronic Arts
2022-08-08 01:41 - 2022-08-08 01:41 - 000000000 ____D C:\Program Files\EA Games
2022-08-07 03:26 - 2022-08-07 03:26 - 000000219 _____ C:\Users\Enes\Desktop\Counter-Strike Global Offensive.url
2022-08-07 03:12 - 2022-08-07 03:12 - 000000222 _____ C:\Users\Enes\Desktop\Raft.url
2022-08-07 02:48 - 2022-08-27 23:24 - 000000000 ____D C:\ProgramData\Origin
2022-08-07 02:48 - 2022-08-27 23:20 - 000000000 ____D C:\Users\Enes\AppData\Roaming\Origin
2022-08-07 02:48 - 2022-08-07 02:48 - 000000000 ____D C:\Users\Enes\.QtWebEngineProcess
2022-08-07 02:48 - 2022-08-07 02:48 - 000000000 ____D C:\Users\Enes\.Origin
2022-08-06 13:34 - 2022-08-06 13:34 - 000001659 _____ C:\Users\Enes\Desktop\DaVinci Resolve.lnk
2022-08-06 13:33 - 2022-08-06 13:34 - 000000000 ____D C:\Users\Enes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2022-08-06 09:23 - 2022-08-06 09:23 - 000000000 ____D C:\Users\Enes\Documents\MGR
2022-08-06 09:23 - 2022-08-06 09:23 - 000000000 ____D C:\ProgramData\Steam
2022-08-06 09:16 - 2022-08-06 09:16 - 000000673 _____ C:\Users\Public\Desktop\METAL GEAR RISING REVENGEANCE.lnk
2022-08-06 09:16 - 2022-08-06 09:16 - 000000673 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\METAL GEAR RISING REVENGEANCE.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-09-04 20:25 - 2021-06-05 15:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-09-04 20:17 - 2021-06-05 15:10 - 000000000 ____D C:\Windows\SystemTemp
2022-09-04 20:13 - 2021-10-05 01:58 - 000000000 ____D C:\Program Files (x86)\Google
2022-09-04 20:03 - 2021-10-05 01:58 - 000002243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-09-04 20:03 - 2021-10-05 01:58 - 000002202 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-09-04 19:39 - 2021-10-05 02:27 - 000000001 _____ C:\Windows\vgkbootstatus.dat
2022-09-04 19:38 - 2022-01-15 00:59 - 000000000 ____D C:\Users\Enes\AppData\Local\LGHUB
2022-09-04 19:37 - 2022-01-15 00:59 - 000000000 ____D C:\Users\Enes\AppData\Roaming\LGHUB
2022-09-04 19:36 - 2022-03-17 16:10 - 000003102 _____ C:\Windows\system32\Tasks\AMDInstallLauncher
2022-09-04 19:36 - 2021-10-05 01:54 - 000000000 ____D C:\Users\Enes
2022-09-04 19:36 - 2021-10-05 01:39 - 000012288 ___SH C:\DumpStack.log.tmp
2022-09-04 19:36 - 2021-10-05 01:39 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-09-04 19:36 - 2021-10-05 01:39 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-09-04 19:36 - 2021-06-05 15:10 - 000000000 ____D C:\Windows\ServiceState
2022-09-04 19:10 - 2021-10-05 05:42 - 000000000 ____D C:\Users\Enes\AppData\Roaming\discord
2022-09-04 19:08 - 2022-03-09 07:32 - 000000000 ____D C:\Users\Enes\AppData\Local\Discord
2022-09-04 18:59 - 2021-06-05 15:10 - 000000000 ___HD C:\Program Files\WindowsApps
2022-09-04 18:59 - 2021-06-05 15:10 - 000000000 ____D C:\Windows\AppReadiness
2022-09-04 18:51 - 2021-10-05 01:39 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-09-04 18:51 - 2021-10-05 01:39 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-09-04 18:03 - 2021-06-05 15:10 - 000000000 ___HD C:\Windows\ELAMBKUP
2022-09-04 17:51 - 2022-06-27 18:02 - 000000000 ____D C:\KVRT2020_Data
2022-09-04 17:45 - 2022-06-05 21:59 - 000001250 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects 2022.lnk
2022-09-04 17:45 - 2022-06-05 21:27 - 000002084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2022-09-04 17:45 - 2022-06-05 21:27 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-09-04 17:45 - 2022-06-05 21:18 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator 2022.lnk
2022-09-04 17:45 - 2022-06-05 21:14 - 000001064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2022.lnk
2022-09-04 17:45 - 2022-05-06 20:12 - 000001386 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2022-09-04 17:45 - 2022-04-09 02:38 - 000000196 _____ C:\ProgramData\drop_msp2.cfg
2022-09-04 17:45 - 2021-12-24 02:40 - 000000144 _____ C:\ProgramData\profile.rwa
2022-09-04 17:45 - 2021-10-31 19:36 - 000002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2022-09-04 17:45 - 2021-10-30 10:22 - 000000865 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2022-09-04 17:44 - 2021-10-05 03:40 - 000000000 ____D C:\Users\Enes\AppData\Local\Spotify
2022-09-04 17:44 - 2021-10-05 02:03 - 000000000 ____D C:\ProgramData\Riot Games
2022-09-04 17:42 - 2022-06-05 21:45 - 000001130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2022.lnk
2022-09-04 17:42 - 2022-06-05 21:38 - 000001050 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom.lnk
2022-09-04 17:42 - 2022-04-09 05:07 - 000000196 _____ C:\ProgramData\drop_msp22.cfg
2022-09-04 17:42 - 2021-10-05 03:39 - 000000000 ____D C:\Users\Enes\AppData\Roaming\Spotify
2022-09-04 17:41 - 2021-10-05 05:45 - 000000000 ____D C:\Users\Enes\AppData\Local\CrashDumps
2022-09-04 17:39 - 2021-11-28 12:35 - 000000000 ____D C:\Users\Enes\AppData\Roaming\obs-studio
2022-09-04 17:24 - 2022-02-09 17:39 - 000000000 ____D C:\Users\Enes\AppData\Roaming\.minecraft
2022-09-04 09:38 - 2022-02-28 18:45 - 000000000 ____D C:\Users\Enes\AppData\Roaming\.tlauncher
2022-09-04 09:08 - 2021-06-05 15:10 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2022-09-04 09:07 - 2021-10-05 16:45 - 000000000 ____D C:\Program Files (x86)\Steam
2022-09-04 09:07 - 2021-06-05 15:01 - 000524288 _____ C:\Windows\system32\config\BBI
2022-09-04 08:22 - 2022-06-05 21:32 - 000001052 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign 2022.lnk
2022-09-04 08:22 - 2022-02-20 18:33 - 000000016 _____ C:\ProgramData\mntemp
2022-09-04 07:04 - 2022-03-19 03:13 - 000000000 ____D C:\Users\Enes\Documents\The Witcher 3
2022-09-04 03:37 - 2021-06-05 15:10 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2022-09-04 03:37 - 2021-06-05 15:01 - 000000000 ____D C:\Windows\CbsTemp
2022-09-04 01:14 - 2021-10-08 06:11 - 000000000 ____D C:\Users\Enes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2022-09-04 01:14 - 2021-06-05 15:09 - 000000000 ____D C:\Windows\INF
2022-09-03 18:58 - 2022-07-15 15:19 - 000000000 ____D C:\Users\Enes\AppData\Roaming\.craftrise
2022-09-03 17:03 - 2021-12-26 20:38 - 000000000 ____D C:\Users\Enes\AppData\Roaming\Code
2022-09-03 12:02 - 2022-06-11 00:41 - 000000285 _____ C:\Users\Enes\Desktop\Yeni Metin Belgesi.txt
2022-09-03 03:48 - 2021-11-23 07:53 - 000153040 _____ (Microsoft Corporation) C:\Windows\system32\gamelaunchhelper.dll
2022-09-03 03:48 - 2021-10-05 05:42 - 002835920 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll
2022-09-03 03:48 - 2021-10-05 05:42 - 000443856 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll
2022-09-03 03:48 - 2021-10-05 05:42 - 000234984 _____ (Microsoft Corporation) C:\Windows\system32\gamingservicesproxy.dll
2022-09-03 03:48 - 2021-10-05 05:42 - 000198120 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll
2022-09-03 03:48 - 2021-10-05 05:42 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
2022-09-03 03:48 - 2021-10-05 05:42 - 000067024 _____ (Microsoft Corporation) C:\Windows\system32\gamemodcontrol.exe
2022-09-03 00:14 - 2022-02-05 19:05 - 000000000 ____D C:\Users\Enes\AppData\Local\AMD_Common
2022-09-02 23:08 - 2022-01-14 20:29 - 000000000 ____D C:\Program Files\LGHUB
2022-09-02 23:07 - 2022-03-21 15:48 - 000000000 ____D C:\Program Files\Riot Vanguard
2022-09-02 23:07 - 2021-11-03 22:31 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2022-09-02 17:27 - 2021-10-05 02:48 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2022-09-02 11:43 - 2021-11-28 12:35 - 000000000 ____D C:\Program Files\obs-studio
2022-09-01 19:47 - 2022-03-01 19:07 - 000000000 ____D C:\Users\Enes\curseforge
2022-09-01 18:17 - 2021-12-13 07:28 - 000003596 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1079746126-3138819921-2173301284-1001
2022-09-01 18:17 - 2021-10-31 19:37 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2022-09-01 18:17 - 2021-10-31 19:37 - 000002106 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-09-01 17:07 - 2022-07-01 17:15 - 000001247 _____ C:\Users\Enes\Desktop\Roblox Studio.lnk
2022-09-01 17:07 - 2021-10-05 18:50 - 000000000 ____D C:\Users\Enes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2022-08-30 19:34 - 2021-06-05 15:10 - 000000000 ____D C:\Windows\system32\SecurityHealth
2022-08-30 17:08 - 2021-10-05 01:58 - 000003542 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2022-08-30 17:08 - 2021-10-05 01:58 - 000003418 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2022-08-29 04:01 - 2022-05-22 04:33 - 000000000 ____D C:\Program Files\Common Files\PUBG
2022-08-29 03:41 - 2021-10-05 02:07 - 000000000 ____D C:\ProgramData\Package Cache
2022-08-29 03:41 - 2021-06-05 15:10 - 000000000 ____D C:\Windows\tracing
2022-08-28 07:08 - 2021-10-05 02:07 - 000000000 ____D C:\Users\Enes\AppData\Local\NVIDIA Corporation
2022-08-27 23:20 - 2022-03-11 00:44 - 000000000 ____D C:\Users\Enes\AppData\Local\Origin
2022-08-27 17:48 - 2021-10-05 01:56 - 000000000 ___RD C:\Users\Enes\OneDrive
2022-08-27 17:07 - 2022-03-01 19:04 - 000000000 ____D C:\Users\Enes\AppData\Local\Overwolf
2022-08-27 16:03 - 2022-07-27 14:26 - 000002420 _____ C:\Users\Enes\Desktop\OBBY CREATOR MUZIK.txt
2022-08-25 21:50 - 2021-10-31 08:19 - 000000000 ____D C:\Users\Enes\Documents\My Games
2022-08-25 15:30 - 2021-10-16 12:11 - 000000000 ____D C:\Users\Enes\AppData\Local\cache
2022-08-24 18:22 - 2021-10-06 17:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2022-08-24 17:52 - 2022-03-01 19:06 - 000000000 ____D C:\Program Files (x86)\Overwolf
2022-08-23 20:35 - 2021-10-16 07:29 - 000007588 _____ C:\Users\Enes\AppData\Local\Resmon.ResmonCfg
2022-08-23 08:46 - 2021-10-05 01:39 - 000003622 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-08-23 08:46 - 2021-10-05 01:39 - 000003498 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-08-23 05:43 - 2022-03-09 20:46 - 000000000 ____D C:\Users\Enes\AppData\Roaming\FACEIT
2022-08-22 13:47 - 2021-10-05 18:50 - 000000256 _____ C:\Users\Enes\AppData\LocalLow\rbxcsettings.rbx
2022-08-22 04:43 - 2021-10-05 03:45 - 000000000 ____D C:\Users\Enes\AppData\Local\UnrealEngine
2022-08-21 21:58 - 2021-06-05 15:10 - 000000000 ____D C:\Windows\LiveKernelReports
2022-08-21 21:57 - 2021-12-26 20:17 - 000000000 ____D C:\Users\Enes\AppData\Roaming\npm
2022-08-21 21:46 - 2021-10-05 06:09 - 000000000 ____D C:\Program Files (x86)\MSBuild
2022-08-21 20:38 - 2021-10-22 05:35 - 000000000 ____D C:\Program Files (x86)\Microsoft SDKs
2022-08-21 20:14 - 2021-12-26 21:38 - 000000628 _____ C:\Users\Enes\.node_repl_history
2022-08-19 18:56 - 2022-05-06 20:16 - 000000000 ___RD C:\Users\Enes\Creative Cloud Files
2022-08-19 16:05 - 2022-06-05 21:25 - 000000000 ____D C:\Users\Enes\Desktop\EOyun
2022-08-18 22:02 - 2022-03-09 20:46 - 000002174 _____ C:\Users\Enes\Desktop\FACEIT.lnk
2022-08-18 22:02 - 2022-03-09 20:46 - 000000000 ____D C:\Users\Enes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FACEIT Ltd
2022-08-18 22:02 - 2021-10-05 05:42 - 000000000 ____D C:\Users\Enes\AppData\Local\SquirrelTemp
2022-08-16 07:03 - 2021-12-26 22:34 - 000001607 _____ C:\Windows\system32\config\VSMIDK
2022-08-16 03:00 - 2021-10-05 01:39 - 000000000 ____D C:\Windows\system32\Drivers\wd
2022-08-15 15:20 - 2021-12-19 21:47 - 000000000 ____D C:\Users\Enes\AppData\Roaming\EasyAntiCheat
2022-08-15 00:01 - 2022-06-27 17:30 - 000000000 ____D C:\Users\Enes\Desktop\1
2022-08-13 20:08 - 2021-10-05 01:55 - 000000000 ____D C:\Users\Enes\AppData\Local\PlaceholderTileLogoFolder
2022-08-13 20:08 - 2021-10-05 01:54 - 000000000 ____D C:\Users\Enes\AppData\Local\Packages
2022-08-13 20:08 - 2021-10-05 01:54 - 000000000 ____D C:\ProgramData\Packages
2022-08-13 14:32 - 2021-10-29 03:39 - 000000000 ____D C:\Users\Enes\Documents\Assetto Corsa
2022-08-12 03:07 - 2022-02-05 17:27 - 000000000 ____D C:\Users\Enes\AppData\Local\AMD
2022-08-12 03:07 - 2022-02-05 16:42 - 000003488 _____ C:\Windows\system32\Tasks\ModifyLinkUpdate
2022-08-12 03:06 - 2022-02-05 16:42 - 000003160 _____ C:\Windows\system32\Tasks\StartCN
2022-08-12 03:06 - 2022-02-05 16:42 - 000003080 _____ C:\Windows\system32\Tasks\StartDVR
2022-08-12 00:52 - 2021-06-05 20:50 - 000838878 _____ C:\Windows\system32\perfh01F.dat
2022-08-12 00:52 - 2021-06-05 20:50 - 000197496 _____ C:\Windows\system32\perfc01F.dat
2022-08-12 00:52 - 2021-06-05 15:10 - 000000000 ____D C:\Windows\SysWOW64\inetsrv
2022-08-12 00:52 - 2021-06-05 15:10 - 000000000 ____D C:\Windows\system32\inetsrv
2022-08-12 00:38 - 2021-10-05 02:26 - 000000000 ____D C:\Program Files\Intel
2022-08-12 00:20 - 2021-10-05 07:36 - 000000000 ____D C:\Users\Enes\AppData\Local\ElevatedDiagnostics
2022-08-12 00:11 - 2021-10-05 02:03 - 000000000 ____D C:\Riot Games
2022-08-12 00:11 - 2021-10-05 02:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2022-08-11 23:42 - 2021-10-05 01:44 - 001952428 _____ C:\Windows\system32\PerfStringBackup.INI
2022-08-11 21:21 - 2021-10-31 19:27 - 000000000 ____D C:\Program Files\Microsoft Office
2022-08-11 19:38 - 2022-07-15 15:32 - 000000000 ___HD C:\WindowsProperties
2022-08-11 14:51 - 2022-03-09 07:33 - 000002226 _____ C:\Users\Enes\Desktop\Discord.lnk
2022-08-10 06:27 - 2021-10-05 01:39 - 000495168 _____ C:\Windows\system32\FNTCACHE.DAT
2022-08-10 06:27 - 2021-06-05 15:10 - 000000000 ___SD C:\Windows\system32\lxss
2022-08-10 06:27 - 2021-06-05 15:10 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2022-08-10 06:27 - 2021-06-05 15:10 - 000000000 ____D C:\Windows\SysWOW64\Dism
2022-08-10 06:27 - 2021-06-05 15:10 - 000000000 ____D C:\Windows\SystemResources
2022-08-10 06:27 - 2021-06-05 15:10 - 000000000 ____D C:\Windows\system32\WinMetadata
2022-08-10 06:27 - 2021-06-05 15:10 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2022-08-10 06:27 - 2021-06-05 15:10 - 000000000 ____D C:\Windows\system32\Sysprep
2022-08-10 06:27 - 2021-06-05 15:10 - 000000000 ____D C:\Windows\system32\oobe
2022-08-10 06:27 - 2021-06-05 15:10 - 000000000 ____D C:\Windows\system32\es-MX
2022-08-10 06:27 - 2021-06-05 15:10 - 000000000 ____D C:\Windows\system32\Dism
2022-08-10 06:27 - 2021-06-05 15:10 - 000000000 ____D C:\Windows\ShellExperiences
2022-08-10 06:27 - 2021-06-05 15:10 - 000000000 ____D C:\Windows\Provisioning
2022-08-10 06:27 - 2021-06-05 15:10 - 000000000 ____D C:\Windows\bcastdvr
2022-08-10 01:13 - 2021-10-05 01:41 - 003103744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2022-08-10 01:07 - 2021-10-05 03:59 - 000000000 ____D C:\Windows\system32\MRT
2022-08-10 01:05 - 2021-10-05 03:59 - 144534560 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-08-08 08:06 - 2022-03-09 15:15 - 000000000 ____D C:\Users\Enes\AppData\Local\Ubisoft Game Launcher
2022-08-08 01:26 - 2022-08-03 13:23 - 000003142 _____ C:\Windows\system32\Tasks\GPU Tweak III
2022-08-07 19:53 - 2021-10-05 01:54 - 000000000 ____D C:\Users\Enes\AppData\Local\ConnectedDevicesPlatform
2022-08-06 13:31 - 2022-07-12 16:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2022-08-06 13:31 - 2022-07-12 16:36 - 000000000 ____D C:\Program Files (x86)\Blackmagic Design

==================== Files in the root of some directories ========

2022-08-29 06:32 - 2022-09-04 17:45 - 000000000 _____ () C:\ProgramData\sldh.dat
2022-01-24 15:18 - 2022-01-24 15:24 - 000000063 _____ () C:\Users\Enes\AppData\Local\Autosofted License.txt
2021-10-23 15:39 - 2022-02-20 10:46 - 000002554 _____ () C:\Users\Enes\AppData\Local\krita-sysinfo.log
2021-10-23 15:39 - 2022-02-20 10:47 - 000003037 _____ () C:\Users\Enes\AppData\Local\krita.log
2022-02-20 10:47 - 2022-02-20 10:47 - 000000039 _____ () C:\Users\Enes\AppData\Local\kritadisplayrc
2021-10-23 15:39 - 2022-02-20 10:47 - 000016882 _____ () C:\Users\Enes\AppData\Local\kritarc
2021-10-16 07:29 - 2022-08-23 20:35 - 000007588 _____ () C:\Users\Enes\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Addition.txt:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-08-2022
Ran by Enes (04-09-2022 21:07:30)
Running from C:\Users\Enes\Downloads
Microsoft Windows 11 Home Version 21H2 22000.856 (X64) (2021-10-04 22:40:32)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1079746126-3138819921-2173301284-500 - Administrator - Disabled)
Enes (S-1-5-21-1079746126-3138819921-2173301284-1001 - Administrator - Enabled) => C:\Users\Enes
Guest (S-1-5-21-1079746126-3138819921-2173301284-501 - Limited - Disabled)
VarsayılanHesap (S-1-5-21-1079746126-3138819921-2173301284-503 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1079746126-3138819921-2173301284-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Disabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (HKLM-x32\...\7-Zip) (Version: 19.00 - Igor Pavlov)
7-Zip 22.01 (x64) (HKLM\...\7-Zip) (Version: 22.01 - Igor Pavlov)
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1033-FFFF-7760-BC15014EA700}) (Version: 22.001.20117 - Adobe)
Adobe After Effects 2022 (HKLM-x32\...\AEFT_22_4) (Version: 22.4 - Adobe Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.7.1.1 - Adobe Inc.)
Adobe Dimension (HKLM-x32\...\ESHR_3_4_5) (Version: 3.4.5 - Adobe Inc.)
Adobe Illustrator 2022 (HKLM-x32\...\ILST_26_3_1) (Version: 26.3.1 - Adobe Inc.)
Adobe InDesign 2022 (HKLM-x32\...\IDSN_17_2_1) (Version: 17.2.1 - Adobe Inc.)
Adobe Lightroom (HKLM-x32\...\LRCC_5_3) (Version: 5.3 - Adobe Inc.)
Adobe Photoshop 2022 (HKLM-x32\...\PHSP_23_3_2) (Version: 23.3.2.458 - Adobe Inc.)
Adobe Premiere Pro 2022 (HKLM-x32\...\PPRO_22_4) (Version: 22.4 - Adobe Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 22.5.1 - Advanced Micro Devices, Inc.)
Application Verifier x64 External Package (HKLM\...\{B27BC1FC-8474-9E32-73C2-6F7CD58AD1E3}) (Version: 10.1.17763.132 - Microsoft) Hidden
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Audacity 3.1.0 (HKLM\...\Audacity_is1) (Version: 3.1.0 - Audacity Team)
Bandicam (HKLM-x32\...\Bandicam) (Version: 5.4.0.1907 - Bandicam.com)
Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandicam.com)
Blackmagic RAW Common Components (HKLM\...\{EA2A465C-C315-4C71-B3C2-87589F000DFE}) (Version: 2.6 - Blackmagic Design)
blender (HKLM\...\{820DFD48-DAE3-478D-B9BF-2CA912F40742}) (Version: 3.2.2 - Blender Foundation)
Bloody7 (HKLM-x32\...\Bloody3) (Version: 21.07.0005 - Bloody)
Branding64 (HKLM\...\{2AF42320-5ECF-4BCA-B756-8F3677262D55}) (Version: 1.00.0009 - Advanced Micro Devices, Inc.) Hidden
Clownfish Voice Changer (HKLM\...\ClownfishVoiceChanger) (Version:  - )
Core Installer (HKLM-x32\...\{469578af-4b42-482f-89a5-26c37d74f162}) (Version: 1.3.0.0 - Manticore Games) Hidden
CPUID CPU-Z 1.98 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.98 - CPUID, Inc.)
CPUID HWMonitor 1.46 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.46 - CPUID, Inc.)
Crysis 3 MULTi8 - ElAmigos 14.03.2021 sürümü (HKLM-x32\...\{B49CAEBF-2E56-4A95-96B7-11E0BBCB45C9}_is1) (Version: 14.03.2021 - EA Games)
CrystalDiskInfo 8.16.4 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.16.4 - Crystal Dew World)
CurseForge (HKU\S-1-5-21-1079746126-3138819921-2173301284-1001\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 0.206.2.6004 - Overwolf app)
CyberLink PhotoDirector 13 (HKLM-x32\...\{BD28DD40-B65B-4ED9-9429-ED9DCBCB959C}) (Version: 13.6.2926.0 - CyberLink Corp.)
Cyberpunk 2077 MULTi18 - ElAmigos 1.50 sürümü (HKLM-x32\...\{8A985B76-8BB5-4325-92DB-E3B9F8A62D1F}_is1) (Version: 1.50 - CD PROJEKT RED)
DaVinci Resolve (HKLM\...\{FB7E3D36-D727-40EA-823A-3207802871FE}) (Version: 18.0.10003 - Blackmagic Design)
DaVinci Resolve Control Panels (HKLM\...\{7667C543-084F-47F7-BC60-175FC25E9D6F}) (Version: 2.0.1.0 - Blackmagic Design)
Discord (HKU\S-1-5-21-1079746126-3138819921-2173301284-1001\...\Discord) (Version: 1.0.9004 - Discord Inc.)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 12.0.244.5244 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{efa408bf-495e-44b3-9734-936286364f56}) (Version: 12.0.244.5244 - Electronic Arts)
Epic Games Launcher (HKLM-x32\...\{4069833E-A559-4B02-BC8E-48E453595CCC}) (Version: 1.3.0.0 - Epic Games, Inc.)
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
FACEIT (HKU\S-1-5-21-1079746126-3138819921-2173301284-1001\...\FACEIT) (Version: 1.31.7 - FACEIT Ltd.)
FACEIT Anti-Cheat (HKLM\...\{1419E44C-0EF4-4822-9194-9F1A4D43973D}_is1) (Version: 2.1 - FACEIT LTD)
FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
GameMaker Studio 2 (HKU\S-1-5-21-1079746126-3138819921-2173301284-1001\...\GameMakerStudio2) (Version:  - )
Geeks3D FurMark 1.30.0.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: 1.30.0.0 - Geeks3D)
Git (HKLM\...\Git_is1) (Version: 2.34.1 - The Git Development Community)
God of War MULTi19 - ElAmigos 1.0.1 sürümü (HKLM-x32\...\{E7D0066F-240B-41A8-86EE-4306BE2F4F4A}_is1) (Version: 1.0.1 - PlayStation PC LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 105.0.5195.102 - Google LLC)
GPU Tweak III (HKLM-x32\...\{D5133EE3-D0BF-4A88-B8D8-6ED94617CC45}) (Version: 1.5.0.0 - ASUS) Hidden
HeavyLoad V3.7 (64 bit) (HKLM\...\HeavyLoad_is1) (Version: 3.7 - JAM Software)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM\...\{783DBEAB-DC48-436C-A8C7-C0E33F240DD4}) (Version: 10.1.18793.8276 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{8fd77154-9595-4dc2-9a8d-145cd53b5105}) (Version: 10.1.18793.8276 - Intel(R) Corporation)
Java 8 Update 301 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180301F0}) (Version: 8.0.3010.9 - Oracle Corporation)
Java(TM) SE Development Kit 18.0.2.1 (64-bit) (HKLM\...\{F3A2A837-F83B-5732-97F2-309BE0F51E0C}) (Version: 18.0.2.1 - Oracle Corporation)
Kits Configuration Installer (HKLM-x32\...\{29B915AE-013F-151F-3E61-67F7363C3A09}) (Version: 10.1.17763.132 - Microsoft) Hidden
K-Lite Codec Pack 16.4.6 Standard (HKLM-x32\...\KLiteCodecPack_is1) (Version: 16.4.6 - KLCP)
Krita (x64) 4.4.8 (HKLM\...\Krita_x64) (Version: 4.4.8.0 - Krita Foundation)
Kurumlar için Microsoft 365 Uygulamaları - tr-tr (HKLM\...\O365ProPlusRetail - tr-tr) (Version: 16.0.15225.20394 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-1079746126-3138819921-2173301284-1001\...\Riot Game league_of_legends.live) (Version:  - Riot Games, Inc)
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2022.8.302942 - Logitech)
Magic Bullet Suite (HKLM\...\Magic Bullet Suite v15.1.0) (Version:  - Maxon Computer GmbH)
Malwarebytes version 4.5.14.210 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.14.210 - Malwarebytes)
Maxon Cinema 4D 25 (HKLM\...\Maxon Cinema 4D R25) (Version: R25 - Maxon)
MCreator 2020.2 (HKLM-x32\...\MCreator) (Version:  - Pylo)
METAL GEAR RISING: REVENGEANCE (HKLM-x32\...\TUVUQUxHRUFSUklTSU5HUkVWRU5HRUFOQ0U=_is1) (Version: 1 - )
Microsoft .NET Framework 4.6.2 Developer Pack (HKLM-x32\...\{ed7373e5-d579-4663-83e1-28d41ada77fe}) (Version: 4.6.1590 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.2 SDK (HKLM-x32\...\{5F01B3C4-9BEC-465D-9C68-BB97D381FFAD}) (Version: 4.6.01590 - Microsoft Corporation)
Microsoft .NET Framework 4.6.2 Targeting Pack (ENU) (HKLM-x32\...\{C80951BD-6904-474F-BBC5-03A6C777F37C}) (Version: 4.6.01590 - Microsoft Corporation)
Microsoft .NET Framework 4.6.2 Targeting Pack (HKLM-x32\...\{A18D4C2A-07A8-40E4-9797-DD324E6EA4FC}) (Version: 4.6.01590 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 105.0.1343.27 - Microsoft Corporation)
Microsoft Edge WebView2 Çalışma Zamanı (HKLM-x32\...\Microsoft EdgeWebView) (Version: 105.0.1343.25 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{A9CFD6A1-C0D3-7F37-C220-8B104867EF15}) (Version: 10.1.22621.1011 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.171.0814.0003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1079746126-3138819921-2173301284-1001\...\Teams) (Version: 1.4.00.19572 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{6A2A8076-135F-4F55-BB02-DED67C8C6934}) (Version: 4.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{15580bf9-74e2-4c18-8140-ae5057c41eff}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{f7aa3388-cbef-449d-b95d-7b9ac1ef971f}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31332 (HKLM-x32\...\{3746f21b-c990-4045-bb33-1cf98cff7a68}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Debug Runtime - 14.29.30139 (HKLM\...\{A6BCA173-4218-4099-B36C-E12B3EE27B5D}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Debug Runtime - 14.29.30139 (HKLM-x32\...\{3521C75E-6E25-47A6-9831-17EE6AAF01E2}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31332 (HKLM\...\{F4499EE3-A166-496C-81BB-51D1BCDC70A9}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31332 (HKLM\...\{3407B900-37F5-4CC2-B612-5CD5D580A163}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version:  - Microsoft Corporation)
Microsoft Visual Studio Code (HKLM\...\{EA457B21-F73E-494C-ACAB-524FDE069978}_is1) (Version: 1.63.2 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 2.11.69.53063 - Microsoft Corporation)
Microsoft Visual Studio Setup Configuration (HKLM-x32\...\{F1CFD19B-3ED9-4ABC-8BCE-B08B63BA9E12}) (Version: 2.11.65.22356 - Microsoft Corporation) Hidden
Microsoft Visual Studio Setup WMI Provider (HKLM-x32\...\{07B8F241-1C3A-46D4-942F-01EA7E66CF68}) (Version: 2.11.65.22356 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 78.11.0 ESR (x86 en-US) (HKLM-x32\...\Mozilla Firefox 78.11.0 ESR (x86 en-US)) (Version: 78.11.0 - Mozilla)
MSI Afterburner 4.6.4 (HKLM-x32\...\Afterburner) (Version: 4.6.4 - MSI Co., LTD)
MSI Development Tools (HKLM-x32\...\{6C961B30-A670-8A05-3BFE-3947E84DD4E4}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Music Keeper 10.0.0 (HKLM-x32\...\Music Keeper) (Version: 10.0.0 - Ace Thinker)
NBTExplorer (HKLM-x32\...\{DC1E9E1A-86BE-491B-8DF9-A86045902F48}) (Version: 2.8.0.0 - Justin Aquadro)
Need for Speed™ Heat (HKLM-x32\...\{8DA46384-7F54-4265-B90F-69BBC08DC3A1}) (Version: 1.0.60.7040 - Electronic Arts)
Node.js (HKLM\...\{F55EB18F-3933-4530-90D4-4075D19AF3E7}) (Version: 16.17.0 - Node.js Foundation)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.1.5 - Notepad++ Team)
NVIDIA GeForce NOW 2.0.35.124 (HKU\S-1-5-21-1079746126-3138819921-2173301284-1001\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GeforceNOW) (Version: 2.0.35.124 - NVIDIA Corporation)
NVIDIA PhysX Sistem Yazılımı 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 27.1.3 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15225.20150 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15225.20394 - Microsoft Corporation) Hidden
OnScreen Control (HKLM-x32\...\{E5C1B339-0E4E-49A5-859E-5E1DE1938706}) (Version: 7.21.0 - LG Electronics Inc)
OpenShot Video Editor 2.6.1 sürümü (HKLM\...\{4BB0DCDC-BC24-49EC-8937-72956C33A470}_is1) (Version: 2.6.1 - OpenShot Studios, LLC)
OptaneDowngradeGuard (HKLM\...\{86B0E6C1-32E0-42CC-BC4F-BF3C0730CECB}) (Version: 18.0.0.0 - Intel Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.115.51547 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{ab7adef0-15c3-4335-9547-c74a9d57155c}) (Version: latest - ppy Pty Ltd)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.204.0.1 - Overwolf Ltd.)
Pivot Animator v5 version 5.1.22 (HKLM-x32\...\Pivot Animator v5_is1) (Version: 5.1.22 - Motus Software Ltd)
Python 2.7.14 (64-bit) (HKLM\...\{0398A685-FD8D-46B3-9816-C47319B0CF5f}) (Version: 2.7.14150 - Python Software Foundation)
Python 2.7.15 (64-bit) (HKLM\...\{16CD92A4-0152-4CB7-8FD6-9788D3363617}) (Version: 2.7.15150 - Python Software Foundation)
Python 3.10.6 (64-bit) (HKU\S-1-5-21-1079746126-3138819921-2173301284-1001\...\{1fab56ed-b241-47a3-9abc-d51dc01b8dff}) (Version: 3.10.6150.0 - Python Software Foundation)
Python 3.10.6 Core Interpreter (64-bit) (HKLM\...\{C91F8E4B-F9C1-4FD1-BCF3-4A91CDAD4B72}) (Version: 3.10.6150.0 - Python Software Foundation) Hidden
Python 3.10.6 Development Libraries (64-bit) (HKLM\...\{07CDAC2C-737C-4D8A-AF42-6BCE111699AE}) (Version: 3.10.6150.0 - Python Software Foundation) Hidden
Python 3.10.6 Documentation (64-bit) (HKLM\...\{4306E3B9-B285-4747-B84D-9FAF08AA412D}) (Version: 3.10.6150.0 - Python Software Foundation) Hidden
Python 3.10.6 Executables (64-bit) (HKLM\...\{750538B5-3E77-4F94-A64A-D3F09E608CA2}) (Version: 3.10.6150.0 - Python Software Foundation) Hidden
Python 3.10.6 pip Bootstrap (64-bit) (HKLM\...\{3983F17E-1088-46F9-BB00-53B888FF3835}) (Version: 3.10.6150.0 - Python Software Foundation) Hidden
Python 3.10.6 Standard Library (64-bit) (HKLM\...\{C3A057F3-209B-4244-9697-D69031B81AAB}) (Version: 3.10.6150.0 - Python Software Foundation) Hidden
Python 3.10.6 Tcl/Tk Support (64-bit) (HKLM\...\{A551B92B-102D-45DC-8050-5CE10DE81CD0}) (Version: 3.10.6150.0 - Python Software Foundation) Hidden
Python 3.10.6 Test Suite (64-bit) (HKLM\...\{1204E654-144E-4FBA-ACA0-558F6E54FC5A}) (Version: 3.10.6150.0 - Python Software Foundation) Hidden
Python 3.10.6 Utility Scripts (64-bit) (HKLM\...\{1D60E386-848D-45D1-BB0A-7E26A3E32011}) (Version: 3.10.6150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{7805B176-9059-45BD-8C4A-5B9EB0C2C387}) (Version: 3.10.7882.0 - Python Software Foundation)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.7.0531.052416 - Razer Inc.)
Razer Virtual Ring Light (HKLM-x32\...\Razer Virtual Ring Light) (Version: 2.0.0.23 - Razer Inc.)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9210.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.46.1231.2020 - Realtek)
Red Dead Redemption 2 MULTi13 - ElAmigos version 1311.23 (HKLM-x32\...\{FB7FE500-D70E-46E4-948A-0976F4D20BD2}_is1) (Version: 1311.23 - Rockstar Games)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version:  - Riot Games, Inc.)
RivaTuner Statistics Server 7.3.3 (HKLM-x32\...\RTSS) (Version: 7.3.3 - Unwinder)
Roblox Player for Enes (HKU\S-1-5-21-1079746126-3138819921-2173301284-1001\...\roblox-player) (Version:  - Roblox Corporation)
Roblox Studio for Enes (HKU\S-1-5-21-1079746126-3138819921-2173301284-1001\...\roblox-studio) (Version:  - Roblox Corporation)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.7.5 - Rockstar Games)
RstDowngradeGuard (HKLM\...\{13C2A26E-7AD4-4D82-BB4F-DEA6E871B958}) (Version: 18.0.0.0 - Intel Corporation) Hidden
SDK ARM Additions (HKLM-x32\...\{0B5D6FB7-05A5-271B-5B99-82384219A471}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
SDK ARM Redistributables (HKLM-x32\...\{4A5F6E94-7967-A333-8231-CA9AF35E03BD}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Shadow Warrior 3 (HKLM-x32\...\1650413893_is1) (Version: 1.025 - GOG.com)
Spotify (HKU\S-1-5-21-1079746126-3138819921-2173301284-1001\...\Spotify) (Version: 1.1.93.896.g3ae3b4f3 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stray MULTi16 - ElAmigos 1.2.210 sürümü (HKLM-x32\...\{D7A65100-16CE-4AD5-86C7-08A24D442865}_is1) (Version: 1.2.210 - Annapurna Interactive)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.4.0.19572 - Microsoft Corporation)
TLauncher (HKLM-x32\...\TLauncher) (Version: 2.841 - TLauncher Inc.)
Tomb Raider 2013 Türkçe Yama v1.00 (HKLM-x32\...\Tomb Raider 2013 TR) (Version: 1.00 - OyunCeviri.com)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 130.0.10655 - Ubisoft)
UE4 Prerequisites (x64) (HKLM\...\{FEB1CF24-B1FA-4D99-B0C4-5DD502CB92F2}) (Version: 1.2.0.0 - Epic Games, Inc.) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{7D225043-6CC5-7B56-11DD-AFF90E4C1C0C}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{CB19DBA2-C210-5646-9522-695A1317CD34}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{0460C87B-7F4C-3170-FAC9-B7A6AE5CE4E9}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{5F577A45-3C65-352B-061D-D6A57F05402C}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{3B588BBE-EB02-D1B2-5CD5-7DB85AD8A3E7}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{D2DC1EDF-EE04-9B5F-BDD7-06645D859EC3}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{CE83D0BD-418A-F3D1-D6CE-687E96D1EBD0}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
VALORANT (HKU\S-1-5-21-1079746126-3138819921-2173301284-1001\...\Riot Game valorant.live) (Version:  - Riot Games, Inc)
vcpp_crt.redist.clickonce (HKLM-x32\...\{3C4EA300-76C6-4E88-BA50-43F7DD866235}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
vcpp_crt.redist.clickonce (HKLM-x32\...\{DBAD7CE8-2580-429F-BA98-23DE1C083283}) (Version: 14.16.27033 - Microsoft Corporation) Hidden
Visual Studio Derleme Araçları 2017 (HKLM-x32\...\e1895caf) (Version: 15.9.50 - Microsoft Corporation)
Visual Studio Derleme Araçları 2019 (HKLM-x32\...\e91c3936) (Version: 16.11.18 - Microsoft Corporation)
Voicemod (HKLM\...\{8435A407-F778-4647-9CDB-46E5EC50BAD0}_is1) (Version: 2.34.2.0 - Voicemod S.L.)
vs_FileTracker_Singleton (HKLM-x32\...\{05CA3463-0B45-425D-9AF2-E1964AB85CBB}) (Version: 16.10.31303 - Microsoft Corporation) Hidden
WinAppDeploy (HKLM-x32\...\{716AE8F2-1BE3-7657-DF6B-F23DEEC75AF9}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
win-capture-audio version 2.2.3 (HKLM-x32\...\{406FD363-BC38-47EE-AF53-7F6FB4D56ECE}_is1) (Version: 2.2.3 - bozbez)
Windows 11 Kurulum Asistanı (HKLM-x32\...\{115DF11E-4B4C-4EA9-9A79-00DB0C7EF02D}) (Version: 1.4.19041.1401 - Microsoft Corporation)
Windows App Certification Kit Native Components (HKLM\...\{398B9866-66DD-753F-761B-E74A270435CC}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows App Certification Kit SupportedApiList x86 (HKLM-x32\...\{4FC3E9F0-8B10-DBFB-EA4B-FCA87274FC59}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows App Certification Kit x64 (HKLM-x32\...\{7718961C-5622-0714-906E-89E9751FA8F4}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows Desktop Extension SDK (HKLM-x32\...\{EC74C9E5-A88F-D4DF-1DD0-FA42FFBB298D}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows Desktop Extension SDK Contracts (HKLM-x32\...\{942262C5-DA88-830D-7140-C5BCC896DD60}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows IoT Extension SDK (HKLM-x32\...\{110B5402-97D4-DDA2-7B42-665D8325A44F}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows IoT Extension SDK Contracts (HKLM-x32\...\{AC8F20B3-36BB-DE22-CA37-43BC967B3F47}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows Mobile Extension SDK (HKLM-x32\...\{B38CF8FF-C0D9-B11D-6484-B95A81C72DDC}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows Mobile Extension SDK Contracts (HKLM-x32\...\{6FF4EDB8-56EA-640C-47CA-54C845F7D273}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK (HKLM-x32\...\{ED060DBD-1A21-7554-F2E1-06A0EE45900D}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK AddOn (HKLM-x32\...\{1E76DFA7-96F3-4281-8E41-8A226C3E42EE}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows SDK ARM Desktop Tools (HKLM-x32\...\{EA15DC17-4379-6850-16FA-D6527641A8DD}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers arm (HKLM-x32\...\{BFC2CA21-326B-90D1-B0E5-F1327411D4A5}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers arm64 (HKLM-x32\...\{441FA049-A2AB-7E8D-375D-5C9720CD3325}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers x64 (HKLM-x32\...\{492AAE4A-619E-64BF-6173-DB4E25D67533}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers x86 (HKLM-x32\...\{C971A14A-F045-BD6A-C670-05C7B74A37FE}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs arm (HKLM-x32\...\{323350A8-D3DC-2F8C-2976-E59E2C132B74}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs arm64 (HKLM-x32\...\{51ACC3C5-D131-0916-3F0C-59455F32E6B0}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs x64 (HKLM-x32\...\{AE5CE40F-6C6D-C95F-FD37-D9EF7093CA99}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs x86 (HKLM-x32\...\{D5B8B2F7-680B-B6D4-6353-377C73C0F8A8}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools arm64 (HKLM-x32\...\{9D5486B4-7458-1A53-E92F-8CFD4AF85D4B}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools x64 (HKLM-x32\...\{8308EFA9-D647-6BF4-6525-349091FBD528}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools x86 (HKLM-x32\...\{F770E8F3-139B-0373-8692-BF619445B8C2}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK DirectX x64 Remote (HKLM\...\{90B0B603-7728-F869-3927-73232379BA5B}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK DirectX x86 Remote (HKLM-x32\...\{F84F82F2-4D6F-7EE7-A5EC-C57ECBAB3513}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK EULA (HKLM-x32\...\{2DD06060-C61D-7C3A-AA55-6E3FD9493D61}) (Version: 10.1.17763.132 - Microsoft Corporations) Hidden
Windows SDK Facade Windows WinMD Versioned (HKLM-x32\...\{CA7A8A65-AB2E-43AA-4110-10C50115E211}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps (HKLM-x32\...\{1B278824-7541-EA8F-FFA1-8B73EC7146D5}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Contracts (HKLM-x32\...\{36AA7E63-76E9-E591-C985-272415268810}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps DirectX x86 Remote (HKLM-x32\...\{929C5E30-584A-9E44-2C03-08AA27927317}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Headers (HKLM-x32\...\{785711EA-DD49-D232-BB29-D48350CC458F}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Libs (HKLM-x32\...\{DAED8629-A799-B67F-9751-F3A1C60EE335}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Metadata (HKLM-x32\...\{A128C4CE-88C8-8BDF-FBE9-A517979E0BDD}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Tools (HKLM-x32\...\{BA610F2C-C1FA-0A65-2B4D-8272223AC061}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Managed Apps Libs (HKLM-x32\...\{9A0DC6A1-E91D-EB94-FB4D-41DDDE8A225D}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Modern Non-Versioned Developer Tools (HKLM-x32\...\{FBA500B3-235D-41E5-D748-F9FFD2C881FD}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Modern Versioned Developer Tools (HKLM-x32\...\{C1C8121A-6BDE-478E-3685-C09F9287D6F0}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Redistributables (HKLM-x32\...\{70DB40AD-109B-C0CB-9DBF-8B1EDAEBFF61}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Signing Tools (HKLM-x32\...\{58770E7F-37C0-70F9-6CBF-2B18503B0EE0}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows Software Development Kit - Windows 10.0.17763.132 (HKLM-x32\...\{5fe95b9d-9219-4d8b-a031-71323ae48a81}) (Version: 10.1.17763.132 - Microsoft Corporation)
Windows Subsystem for Linux Update (HKLM\...\{36EF257E-21D5-44F7-8451-07923A8C465E}) (Version: 5.10.16 - Microsoft Corporation)
Windows Team Extension SDK (HKLM-x32\...\{A8B548F5-D495-BB71-F673-2D48FD7E764C}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows Team Extension SDK Contracts (HKLM-x32\...\{F57D8118-1428-ECB8-0729-A577A9A1DEA8}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinMerge 2.16.14.0 x64 (HKLM\...\WinMerge_is1) (Version: 2.16.14.0 - Thingamahoochie Software)
WinMerge 2.16.16.0 (HKLM-x32\...\WinMerge_is1) (Version: 2.16.16.0 - Thingamahoochie Software)
WinRAR 6.11 (64 bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{00B12DF9-5428-9406-DE2C-8E8A1A062B05}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{E82A4A6C-C21C-35FE-B805-3E44318F6D63}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{7E898893-9C42-A572-7F57-FDE55CE812F7}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{E8B1CB29-5C24-D882-3CEF-F8A7263BC63D}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{F6F11150-93DE-0507-FCA0-F746E0207017}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{8329C3A0-8582-D1C2-67FF-800654BFDF45}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{771C9DEF-7C0B-85DA-6426-7A20F06BEC94}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{B047C746-63E8-41C7-A5C0-7ABD390CF3E6}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{0063AF94-397B-9C64-1C71-D404B27C5D96}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden

Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2022-07-24] (Adobe Systems Incorporated)
Adobe Acrobat DC -> C:\Program Files\Adobe\Acrobat DC [2022-07-24] (0)
Adobe Lightroom -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobeLightroom_5.4.21325.0_x64__ynb6jyjzte8ga [2022-08-13] (Adobe Inc.)
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc [2022-05-06] (Adobe Systems Incorporated)
Adobe XD -> C:\Program Files\WindowsApps\Adobe.XD_51.0.12.6_x64__pc75e8sa7ep4e [2022-06-05] (Adobe Inc.)
AMD Link -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDLink_10.22.20002.0_x64__0a9344xs7nr4m [2022-08-12] (Advanced Micro Devices Inc.)
Aragami 2 -> C:\Program Files\WindowsApps\34421DavidLen.Aragami2_1.0.28649.0_x64__ad789ek20a95w [2021-12-18] (0)
Clipchamp -> C:\Program Files\WindowsApps\Clipchamp.Clipchamp_2.4.5.0_neutral__yxz26nhyzhsrt [2022-08-05] (Microsoft Corp.)
CrystalDiskMark -> C:\Program Files\WindowsApps\45313CrystalDewWorld.CrystalDiskMark5_8.0.11.0_x64__kfjz01bcdaj9c [2022-07-20] (Crystal Dew World)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.14.67.0_x64__rz1tebttyb220 [2022-09-02] (Dolby Laboratories)
DTS Sound Unbound -> C:\Program Files\WindowsApps\DTSInc.DTSSoundUnbound_2022.3.2.0_x64__t5j2fzbtdg37r [2022-08-22] (DTS, Inc.)
Fotoğraflar Eklentisi -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2022-07-31] (Microsoft Corporation)
Fotoğraflar Medya Altyapısı Eklentisi -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-07-30] (Microsoft Corporation)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1026.0_x64__8j3eq9eme6ctt [2022-04-02] (INTEL CORP)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.7180.0_x64__8wekyb3d8bbwe [2022-08-02] (Microsoft Studios) [MS Ad]
Picsart - Photo Studio -> C:\Program Files\WindowsApps\2FE3CB00.PICSART-PHOTOSTUDIO_10.2.3.0_x64__crhqpqs3x1ygc [2022-08-02] (PicsArt Inc.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.35.271.0_x64__dt26b99r8h8gj [2022-05-31] (Realtek Semiconductor Corp)
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.536.458.0_x86__55nm5eh3cm0pr [2022-07-29] (ROBLOX Corporation)
WinRAR -> C:\Program Files\WinRAR [2022-03-22] (0)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1079746126-3138819921-2173301284-1001_Classes\CLSID\{04271989-C4D2-6475-550D-57335FA53EB7} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-1079746126-3138819921-2173301284-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-F653BD9B5DAE} -> [Creative Cloud Files] => C:\Users\Enes\Creative Cloud Files [2022-05-06 20:16]
CustomCLSID: HKU\S-1-5-21-1079746126-3138819921-2173301284-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Enes\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21105.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1079746126-3138819921-2173301284-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-1079746126-3138819921-2173301284-1001_Classes\CLSID\{89b2b650-c4dd-d68b-46e7-3176f1973c8b}\localserver32 -> C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (Voicemod Sociedad Limitada -> Voicemod)
CustomCLSID: HKU\S-1-5-21-1079746126-3138819921-2173301284-1001_Classes\CLSID\{d936918b-9c4b-555e-074a-c79314be04e1}\localserver32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1079746126-3138819921-2173301284-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [    OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.171.0814.0003\FileSyncShell64.dll [2022-09-01] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [    OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.171.0814.0003\FileSyncShell64.dll [2022-09-01] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [    OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.171.0814.0003\FileSyncShell64.dll [2022-09-01] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [    OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.171.0814.0003\FileSyncShell64.dll [2022-09-01] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [    OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.171.0814.0003\FileSyncShell64.dll [2022-09-01] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [    OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.171.0814.0003\FileSyncShell64.dll [2022-09-01] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [    OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.171.0814.0003\FileSyncShell64.dll [2022-09-01] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-04-27] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-04-27] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-04-27] (Adobe Inc. -> )
ShellIconOverlayIdentifiers-x32: [    OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.171.0814.0003\FileSyncShell64.dll [2022-09-01] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [    OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.171.0814.0003\FileSyncShell64.dll [2022-09-01] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [    OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.171.0814.0003\FileSyncShell64.dll [2022-09-01] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [    OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.171.0814.0003\FileSyncShell64.dll [2022-09-01] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [    OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.171.0814.0003\FileSyncShell64.dll [2022-09-01] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [    OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.171.0814.0003\FileSyncShell64.dll [2022-09-01] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [    OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.171.0814.0003\FileSyncShell64.dll [2022-09-01] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.171.0814.0003\FileSyncShell64.dll [2022-09-01] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-04-27] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2021-09-26] (Notepad++ -> )
ContextMenuHandlers1: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files (x86)\WinMerge\ShellExtensionX64.dll [2021-10-01] (Takashi Sawanaka -> hxxps://winmerge.org)
ContextMenuHandlers2: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files (x86)\WinMerge\ShellExtensionX64.dll [2021-10-01] (Takashi Sawanaka -> hxxps://winmerge.org)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-09-04] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.171.0814.0003\FileSyncShell64.dll [2022-09-01] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files (x86)\WinMerge\ShellExtensionX64.dll [2021-10-01] (Takashi Sawanaka -> hxxps://winmerge.org)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.171.0814.0003\FileSyncShell64.dll [2022-09-01] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Windows\System32\atiacm64.dll [2022-05-09] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files (x86)\WinMerge\ShellExtensionX64.dll [2021-10-01] (Takashi Sawanaka -> hxxps://winmerge.org)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-04-27] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-09-04] (Malwarebytes Inc. -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.mjpg] => c:\windows\system32\bdmjpeg64.dll [75248 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => c:\windows\system32\bdmpegv64.dll [75272 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => c:\windows\system32\bdmpega64.acm [75784 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [VIDC.RTV1] => c:\windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [71152 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [71176 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [71176 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Enes\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\225bb61db2f318c1\Flameerr - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 3"

==================== Loaded Modules (Whitelisted) =============

2022-09-02 23:08 - 2022-08-31 07:01 - 000151040 _____ () [File not signed] \\?\C:\Program Files\LGHUB\resources\app.asar.unpacked\node_modules\keytar\build\Release\keytar.node
2021-02-01 21:49 - 2021-02-01 21:49 - 000010240 _____ () [File not signed] C:\Program Files\Adobe\Acrobat DC\Acrobat\locale\tr_tr\AcroTray.tur
2022-04-28 03:26 - 2022-04-28 03:26 - 018143744 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\avcodec-58.dll
2021-04-21 03:48 - 2021-04-21 03:48 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2021-04-21 03:48 - 2021-04-21 03:48 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2022-04-07 10:02 - 2022-04-07 10:02 - 000021504 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files\Adobe\Acrobat DC\Acrobat\locale\tr_tr\Acrobat Elements\ContextMenuShim64.tur
2022-04-28 03:25 - 2022-04-28 03:25 - 001751552 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\WVR\OpenVR\bin\win64\driver_amdwvr.dll
2021-10-13 21:36 - 2022-07-15 17:00 - 000094720 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2017-09-05 00:15 - 2017-09-05 00:15 - 004396032 _____ (Microsoft Corporation) [File not signed] C:\Program Files\AMD\CNext\CNext\D3DCOMPILER_47.dll
2022-08-27 23:20 - 2022-08-27 23:20 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2022-08-27 23:20 - 2022-08-27 23:20 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2022-08-27 23:20 - 2022-08-27 23:20 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2022-08-27 23:20 - 2022-08-27 23:20 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2022-08-27 23:20 - 2022-08-27 23:20 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2022-08-27 23:20 - 2022-08-27 23:20 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2022-08-27 23:20 - 2022-08-27 23:20 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2022-08-27 23:20 - 2022-08-27 23:20 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2022-08-27 23:20 - 2022-08-27 23:20 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2021-04-21 03:48 - 2021-04-21 03:48 - 000057856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\audio\qtaudio_windows.dll
2021-04-21 03:48 - 2021-04-21 03:48 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2021-04-21 03:48 - 2021-04-21 03:48 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2021-04-21 03:48 - 2021-04-21 03:48 - 000031232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2021-04-21 03:48 - 2021-04-21 03:48 - 000415232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2021-04-21 03:48 - 2021-04-21 03:48 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2021-04-21 03:48 - 2021-04-21 03:48 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2021-04-21 03:48 - 2021-04-21 03:48 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2021-04-21 03:48 - 2021-04-21 03:48 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2021-04-21 03:48 - 2021-04-21 03:48 - 001455104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2021-04-21 03:48 - 2021-04-21 03:48 - 001227776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2021-04-21 03:48 - 2021-04-21 03:48 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2021-04-21 03:48 - 2021-04-21 03:48 - 006270976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2021-04-21 03:48 - 2021-04-21 03:48 - 006947328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2021-04-21 03:48 - 2021-04-21 03:48 - 000740352 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Multimedia.dll
2021-04-21 03:48 - 2021-04-21 03:48 - 000123392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5MultimediaQuick.dll
2021-04-21 03:48 - 2021-04-21 03:48 - 001110528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2021-04-21 03:48 - 2021-04-21 03:48 - 000326656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2021-04-21 03:48 - 2021-04-21 03:48 - 003798528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2021-04-21 03:48 - 2021-04-21 03:48 - 000440832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlModels.dll
2021-04-21 03:48 - 2021-04-21 03:48 - 000054784 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlWorkerScript.dll
2021-04-21 03:48 - 2021-04-21 03:48 - 004255744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2021-04-21 03:48 - 2021-04-21 03:48 - 000171520 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2021-04-21 03:48 - 2021-04-21 03:48 - 001128448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2021-04-21 03:48 - 2021-04-21 03:48 - 000206336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2021-04-21 03:48 - 2021-04-21 03:48 - 000334336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2021-04-21 03:48 - 2021-04-21 03:48 - 000133120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2021-04-21 03:48 - 2021-04-21 03:48 - 000396800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2021-04-21 03:48 - 2021-04-21 03:48 - 102854656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2021-04-21 03:48 - 2021-04-21 03:48 - 005611008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2021-04-21 03:48 - 2021-04-21 03:48 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2021-04-21 03:48 - 2021-04-21 03:48 - 000210432 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2021-04-21 03:48 - 2021-04-21 03:48 - 002877440 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2021-04-21 03:48 - 2021-04-21 03:48 - 000056832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2021-04-21 03:48 - 2021-04-21 03:48 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2021-04-21 03:48 - 2021-04-21 03:48 - 000267776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtMultimedia\declarative_multimedia.dll
2021-04-21 03:48 - 2021-04-21 03:48 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQml\qmlplugin.dll
2021-04-21 03:48 - 2021-04-21 03:48 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2021-04-21 03:48 - 2021-04-21 03:48 - 000290816 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2021-04-21 03:48 - 2021-04-21 03:48 - 000336896 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2021-04-21 03:48 - 2021-04-21 03:48 - 000134144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2021-04-21 03:48 - 2021-04-21 03:48 - 000106496 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2021-04-21 03:48 - 2021-04-21 03:48 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2021-04-21 03:48 - 2021-04-21 03:48 - 000045568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2021-04-21 03:48 - 2021-04-21 03:48 - 000093184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows\tracing:? [16]
AlternateDataStreams: C:\ProgramData\drop_msp2.cfg:54F24BC993 [3442]
AlternateDataStreams: C:\ProgramData\drop_msp22.cfg:D133393261 [3442]
AlternateDataStreams: C:\ProgramData\mntemp:8EAD8B3507 [3442]
AlternateDataStreams: C:\ProgramData\profile.rwa:455F729C14 [3442]
AlternateDataStreams: C:\ProgramData\sldh.dat:136096DD5B [3442]
AlternateDataStreams: C:\ProgramData\sldh.dat:F3D162C601 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk:A1B76439FE [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk:1069064143 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk:9185529B88 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects 2022.lnk:F7B133A22A [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk:7661CCE9BF [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator 2022.lnk:0BBB729577 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign 2022.lnk:79AC8C9738 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom.lnk:BCD3E320D4 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2022.lnk:638138415C [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2022.lnk:C56174E6CE [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk:09A0A90EF3 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [3314]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [3314]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [3314]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk:980850BA8A [3314]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk:159ADC9AA1 [3314]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk:60EC9648C0 [3314]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WolfTeam Turkiye.lnk:AB14900D6D [10]
AlternateDataStreams: C:\Users\Enes\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Enes\Desktop\Adobe After Effects 2022.lnk:F7B133A22A [3314]
AlternateDataStreams: C:\Users\Enes\Desktop\Adobe Illustrator 2022.lnk:0BBB729577 [3314]
AlternateDataStreams: C:\Users\Enes\Desktop\Adobe Premiere Pro 2022.lnk:C56174E6CE [3314]
AlternateDataStreams: C:\Users\Enes\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => " "="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-1079746126-3138819921-2173301284-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yandex.com.tr/?win=531&clid=2226668
SearchScopes: HKU\S-1-5-21-1079746126-3138819921-2173301284-1001 -> DefaultScope 6a9034da-9969-11ec-bfe3-2cf05d96a946 URL = hxxps://yandex.com.tr/search/?win=531&clid=2226669&text={searchTerms}
SearchScopes: HKU\S-1-5-21-1079746126-3138819921-2173301284-1001 -> 6a9034da-9969-11ec-bfe3-2cf05d96a946 URL = hxxps://yandex.com.tr/search/?win=531&clid=2226669&text={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2022-05-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-04-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\ssv.dll [2021-10-06] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\jp2ssv.dll [2021-10-06] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-07-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-07-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-07-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-07-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-07-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-07-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-07-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-07-18] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1079746126-3138819921-2173301284-1001\...\sharepoint.com -> hxxps://aofanadoluedu-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2021-06-05 15:08 - 2021-12-26 22:35 - 000001058 _____ C:\Windows\system32\drivers\etc\hosts
192.168.0.16 host.docker.internal
192.168.0.16 gateway.docker.internal
127.0.0.1 kubernetes.docker.internal

2021-12-26 22:35 - 2021-12-29 16:26 - 000000436 _____ C:\Windows\system32\drivers\etc\hosts.ics
172.22.64.1 Hitokiri.mshome.net # 2026 12 1 28 13 26 37 594

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;c:\program files (x86)\common files\intel\shared libraries\redist\intel64\compiler;c:\program files (x86)\common files\oracle\java\javapath;c:\windows\system32;c:\windows;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;c:\windows\system32\openssh\;c:\program files\microsoft vs code\bin;c:\program files\git\cmd;c:\program files\nvidia corporation\nvidia nvdlisr;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;C:\Program Files\nodejs\;C:\ProgramData\chocolatey\bin;
HKU\S-1-5-21-1079746126-3138819921-2173301284-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Enes\Pictures\R6_live_Y5S2_IMG_Teaser.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "OnScreen Control"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-1079746126-3138819921-2173301284-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1079746126-3138819921-2173301284-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1079746126-3138819921-2173301284-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1079746126-3138819921-2173301284-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1079746126-3138819921-2173301284-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-1079746126-3138819921-2173301284-1001\...\StartupApproved\Run: => "Docker Desktop"
HKU\S-1-5-21-1079746126-3138819921-2173301284-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-1079746126-3138819921-2173301284-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-1079746126-3138819921-2173301284-1001\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-1079746126-3138819921-2173301284-1001\...\StartupApproved\Run: => "YandexDisk2"
HKU\S-1-5-21-1079746126-3138819921-2173301284-1001\...\StartupApproved\Run: => "FACEIT"
HKU\S-1-5-21-1079746126-3138819921-2173301284-1001\...\StartupApproved\Run: => "Voicemod"
HKU\S-1-5-21-1079746126-3138819921-2173301284-1001\...\StartupApproved\Run: => "Synapse3"
HKU\S-1-5-21-1079746126-3138819921-2173301284-1001\...\StartupApproved\Run: => "IDMan"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{D00863AE-A99C-46EE-B92B-83EC7ABFC30C}C:\users\enes\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\enes\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{DD89931A-07EC-41E6-9219-5377762F5A88}C:\users\enes\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\enes\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{76B375B7-78B6-4245-8A14-74EA2990E9E3}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{7FD7B376-46E2-4DBF-AD61-748F27F3A4E5}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{9362CE96-E9A4-4FCE-8B43-872CCAADA243}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{DFA7BBC7-D39A-4C97-A107-E67C4FD3158B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{77D1E831-D45D-42E8-B203-B00D44B69B1C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{F6C114BE-FFF7-481D-8221-627BFA271C8F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{44861CF8-1D51-43C6-94E3-764AB8DFA4FC}] => (Block) D:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV - Complete Edition\GTAIV\gta4Browser.exe => No File
FirewallRules: [{4B439306-9DB1-4095-94AF-25971663BA04}] => (Block) D:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV - Complete Edition\GTAIV\gtaEncoder.exe => No File
FirewallRules: [{7E4A8ACD-585B-41CA-B537-74CD10E11B61}] => (Block) D:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV - Complete Edition\GTAIV\GTAIV.exe => No File
FirewallRules: [{04B808F4-C5A5-489B-8393-DFFFB107DA9F}] => (Block) D:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV - Complete Edition\GTAIV\LaunchGTAIV.exe => No File
FirewallRules: [{6F63E10E-0C38-43BD-A77F-96406B2C8194}] => (Block) D:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV - Complete Edition\EFLC\EFLC.exe => No File
FirewallRules: [{51A3BDF7-D7D0-470F-A5D8-A24E722C8BF1}] => (Block) D:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV - Complete Edition\EFLC\gta4Browser.exe => No File
FirewallRules: [{E8075DCC-75AA-4E29-B976-5B629FC9714E}] => (Block) D:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV - Complete Edition\EFLC\gtaEncoder.exe => No File
FirewallRules: [{0EF7A7A8-3B4F-41DC-91C5-19996B0D2453}] => (Block) D:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV - Complete Edition\EFLC\LaunchEFLC.exe => No File
FirewallRules: [TCP Query User{EB721012-D840-4986-8DFF-7F3B2CEA4683}D:\steamlibrary\steamapps\common\assettocorsa\acs.exe] => (Block) D:\steamlibrary\steamapps\common\assettocorsa\acs.exe => No File
FirewallRules: [UDP Query User{1B9015A2-162F-49A6-976A-EC2383FAEA78}D:\steamlibrary\steamapps\common\assettocorsa\acs.exe] => (Block) D:\steamlibrary\steamapps\common\assettocorsa\acs.exe => No File
FirewallRules: [TCP Query User{74432D4B-5195-4396-9C92-A44C76CF4B33}C:\users\enes\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Block) C:\users\enes\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{19F48530-AEC6-41CC-B01C-6381B8549358}C:\users\enes\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Block) C:\users\enes\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{4EE92A29-D627-4A01-8FDA-275B62922FDE}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B62CFBA8-3C75-42A6-A24E-80B66D3BB96D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E19EC1C5-2856-4ACB-85FE-C1C62030618D}] => (Block) D:\Program Files (x86)\Activision\Spider-Man(TM) - Shattered Dimensions\Game.exe => No File
FirewallRules: [{07DC4DA1-43A2-4F7B-B9F0-17FD56175B3B}] => (Block) D:\Program Files (x86)\Activision\Spider-Man(TM) - Shattered Dimensions\Launcher.exe => No File
FirewallRules: [{2FC173D5-F70A-449D-A17B-590E38F9B5FD}] => (Block) D:\Program Files (x86)\Activision\Spider-Man(TM) - Shattered Dimensions\Launcher_MC.exe => No File
FirewallRules: [TCP Query User{5747CCF4-F714-46A3-A73E-8027E13EBA40}C:\gog games\ruined king\ruinedking.exe] => (Block) C:\gog games\ruined king\ruinedking.exe => No File
FirewallRules: [UDP Query User{1B69CF51-4241-4B4A-B0C0-8A8E37CE9483}C:\gog games\ruined king\ruinedking.exe] => (Block) C:\gog games\ruined king\ruinedking.exe => No File
FirewallRules: [{CC49970C-04F3-42B1-8543-DE5ED5C5429E}] => (Allow) D:\SteamLibrary\steamapps\common\dont_starve\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{D47FEEF0-6016-41B3-872F-F5C190EA34A9}] => (Allow) D:\SteamLibrary\steamapps\common\dont_starve\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [TCP Query User{E3B8CC79-D3F1-4DD9-83FF-D313D3FB10DA}D:\steamlibrary\steamapps\common\don't starve together\bin64\dontstarve_dedicated_server_nullrenderer_x64.exe] => (Block) D:\steamlibrary\steamapps\common\don't starve together\bin64\dontstarve_dedicated_server_nullrenderer_x64.exe () [File not signed]
FirewallRules: [UDP Query User{ADB487C5-5FDF-466F-ABD7-87F74ADB21FD}D:\steamlibrary\steamapps\common\don't starve together\bin64\dontstarve_dedicated_server_nullrenderer_x64.exe] => (Block) D:\steamlibrary\steamapps\common\don't starve together\bin64\dontstarve_dedicated_server_nullrenderer_x64.exe () [File not signed]
FirewallRules: [TCP Query User{69975C0A-B9A4-4CC4-AF3C-BE4B718D7ADB}C:\program files\epic games\neonabyss\neonabyss.exe] => (Block) C:\program files\epic games\neonabyss\neonabyss.exe => No File
FirewallRules: [UDP Query User{2B92467B-66BD-4EC6-8902-2A86481393DE}C:\program files\epic games\neonabyss\neonabyss.exe] => (Block) C:\program files\epic games\neonabyss\neonabyss.exe => No File
FirewallRules: [{8E2F851E-3822-4271-B7E7-68231331ADA8}] => (Block) D:\Program Files (x86)\Electronic Arts\Need For Speed - Hot Pursuit\NFS11.exe => No File
FirewallRules: [{190719B2-4678-499B-BBAE-FC5B8B157EE5}] => (Allow) C:\Users\Enes\AppData\Roaming\Wooduan\SSJJ-tk\WDlauncher.exe => No File
FirewallRules: [{4601838C-0AF1-4F22-9E68-966A138838A9}] => (Allow) C:\Users\Enes\AppData\Roaming\Wooduan\SSJJ-tk\WDlauncher.exe => No File
FirewallRules: [TCP Query User{9ADEB98B-29B3-47C9-8411-C9436B6C48F6}C:\joygame\wolfteam turkiye\wolfteam.bin] => (Block) C:\joygame\wolfteam turkiye\wolfteam.bin => No File
FirewallRules: [UDP Query User{33E1628C-859D-438D-94AE-7348A86C0166}C:\joygame\wolfteam turkiye\wolfteam.bin] => (Block) C:\joygame\wolfteam turkiye\wolfteam.bin => No File
FirewallRules: [{EF6117DD-B7C4-4BC3-A2FE-FE5021F767EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bloons TD Battles 2\btdb2_game.exe (Ninja Kiwi Ltd.) [File not signed]
FirewallRules: [{7658CAA0-9B12-461E-87DF-8EFB5A2E4C22}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bloons TD Battles 2\btdb2_game.exe (Ninja Kiwi Ltd.) [File not signed]
FirewallRules: [TCP Query User{B9729EFA-AED0-4670-B132-F18B9B870849}C:\program files\docker\docker\resources\com.docker.backend.exe] => (Block) C:\program files\docker\docker\resources\com.docker.backend.exe => No File
FirewallRules: [UDP Query User{3DD88A23-0585-4E40-AAEC-AD6D884CDFB1}C:\program files\docker\docker\resources\com.docker.backend.exe] => (Block) C:\program files\docker\docker\resources\com.docker.backend.exe => No File
FirewallRules: [TCP Query User{C6DC1865-1B92-42BE-BDD9-FF9A3B12A48D}C:\users\enes\appdata\local\turbo.net\sandbox\1.0.0.0\local\stubexe\0xdb2693216f17e54c\chrome.exe] => (Block) C:\users\enes\appdata\local\turbo.net\sandbox\1.0.0.0\local\stubexe\0xdb2693216f17e54c\chrome.exe => No File
FirewallRules: [UDP Query User{2B75A568-8622-41C1-AF2B-4575EEFC9BA8}C:\users\enes\appdata\local\turbo.net\sandbox\1.0.0.0\local\stubexe\0xdb2693216f17e54c\chrome.exe] => (Block) C:\users\enes\appdata\local\turbo.net\sandbox\1.0.0.0\local\stubexe\0xdb2693216f17e54c\chrome.exe => No File
FirewallRules: [{9C6D1255-1831-44C2-A4AD-E3DB339B3738}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BloonsTD6\BloonsTD6.exe () [File not signed]
FirewallRules: [{7171E213-AA9B-4526-9271-DE3CEB564B39}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BloonsTD6\BloonsTD6.exe () [File not signed]
FirewallRules: [TCP Query User{15443E21-DAEF-4089-97C3-5B1161AE3622}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{E557578E-0F41-431E-ADEF-2CFF7FA70389}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{AF127176-E307-4F48-98B6-F71FE2C1EF59}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DDraceNetwork\ddnet\DDNet.exe () [File not signed]
FirewallRules: [{ABD10E1D-9765-4F8F-A5CF-6B2782E51485}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DDraceNetwork\ddnet\DDNet.exe () [File not signed]
FirewallRules: [{1E6CF505-8E18-47D5-A1F3-9E1DD236E67B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MakerKing\MakerKing.exe () [File not signed]
FirewallRules: [{30EFCFF1-CEED-4A91-89D1-E695B91A8F3E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MakerKing\MakerKing.exe () [File not signed]
FirewallRules: [TCP Query User{27DCEF4D-44E6-4BC5-A4B3-884AF9EF2716}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Block) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{1EED6656-1073-4B62-9DF5-A560C00453E6}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Block) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{CB009392-4F3D-46D5-B43A-FE671EC7ACDB}E:\program files\epic games\arksurvivalevolved\shootergame\binaries\win64\shootergame.exe] => (Block) E:\program files\epic games\arksurvivalevolved\shootergame\binaries\win64\shootergame.exe (Wildcard Properties LLC -> Epic Games, Inc.)
FirewallRules: [UDP Query User{D7E23EAE-8440-473A-9531-11149AC702CB}E:\program files\epic games\arksurvivalevolved\shootergame\binaries\win64\shootergame.exe] => (Block) E:\program files\epic games\arksurvivalevolved\shootergame\binaries\win64\shootergame.exe (Wildcard Properties LLC -> Epic Games, Inc.)
FirewallRules: [{F8FFB767-3473-4075-AF0B-D0C6537E8789}] => (Allow) D:\Games\Red Dead Redemption 2\RDR2.exe (Rockstar Games) [File not signed]
FirewallRules: [{048AC9AD-0E17-45F3-BAA2-7460D275DDBA}] => (Allow) D:\Games\Red Dead Redemption 2\RDR2.exe (Rockstar Games) [File not signed]
FirewallRules: [TCP Query User{F02F26D2-E0E6-4678-9808-66AC2AE1460D}C:\users\enes\appdata\local\discord\app-1.0.9003\discord.exe] => (Block) C:\users\enes\appdata\local\discord\app-1.0.9003\discord.exe => No File
FirewallRules: [UDP Query User{4362D934-28F6-4C6A-B210-4044B566B5CB}C:\users\enes\appdata\local\discord\app-1.0.9003\discord.exe] => (Block) C:\users\enes\appdata\local\discord\app-1.0.9003\discord.exe => No File
FirewallRules: [{5BB77DC0-E4E9-4C3E-AB48-323434CF0371}] => (Allow) C:\Users\Enes\AppData\Local\Programs\Opera\83.0.4254.54\opera.exe => No File
FirewallRules: [TCP Query User{EAACDDCA-4E55-4D80-8A2C-A168F89AEDA7}C:\users\enes\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Block) C:\users\enes\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [UDP Query User{C776C6F3-6020-4250-BCB7-6E68857D64C5}C:\users\enes\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Block) C:\users\enes\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [TCP Query User{E1B9A2CB-5FF7-4C51-8036-B9B45AC4FA92}C:\users\enes\appdata\roaming\.minecraft\runtime\java-runtime-beta\wındows\java-runtime-beta\bin\javaw.exe] => (Block) C:\users\enes\appdata\roaming\.minecraft\runtime\java-runtime-beta\wındows\java-runtime-beta\bin\javaw.exe
FirewallRules: [UDP Query User{96BB9ECF-66FB-4921-B4D2-19DC382DE76B}C:\users\enes\appdata\roaming\.minecraft\runtime\java-runtime-beta\wındows\java-runtime-beta\bin\javaw.exe] => (Block) C:\users\enes\appdata\roaming\.minecraft\runtime\java-runtime-beta\wındows\java-runtime-beta\bin\javaw.exe
FirewallRules: [{2B3113E4-ED58-4F8C-B52C-75C895DFAEA6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D1A79048-CF9E-46DF-98F3-8759C479CD94}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{37715AE1-216E-4EEB-A914-33A1F3E7B1BC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1074BBFC-99C5-4018-A15A-1CB244DB6AEA}] => (Allow) E:\SteamLibrary\steamapps\common\Lost Ark\Binaries\Win64\Launch_Game.exe => No File
FirewallRules: [{5963B6F5-85B6-44FD-990A-34EDA9D86471}] => (Allow) E:\SteamLibrary\steamapps\common\Lost Ark\Binaries\Win64\Launch_Game.exe => No File
FirewallRules: [{615FDBBC-B7B0-4FD8-92E6-87CF4A163691}] => (Allow) E:\SteamLibrary\steamapps\common\SCP Secret Laboratory\SCPSL.exe (Hubert Moszka Northwood -> )
FirewallRules: [{D37CA07D-CE9D-41C8-982A-5FBBCBF5E9ED}] => (Allow) E:\SteamLibrary\steamapps\common\SCP Secret Laboratory\SCPSL.exe (Hubert Moszka Northwood -> )
FirewallRules: [{CB1466C6-743C-45DC-A5E2-66297F336685}] => (Allow) E:\SteamLibrary\steamapps\common\Muck\Muck.exe () [File not signed]
FirewallRules: [{21D22712-5968-4149-B1AD-108231DCA7E8}] => (Allow) E:\SteamLibrary\steamapps\common\Muck\Muck.exe () [File not signed]
FirewallRules: [{29AE03A1-162E-4DD2-B943-1AFBA2B8CA96}] => (Allow) E:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exe (Valve -> )
FirewallRules: [{9A095329-52B4-45F1-92E7-67C9A491FD07}] => (Allow) E:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exe (Valve -> )
FirewallRules: [{F6B0344B-D5C0-4AB6-B31D-DAC246E62C0D}] => (Block) D:\Games\Red Dead Redemption 2\RDR2.exe (Rockstar Games) [File not signed]
FirewallRules: [{D6D662A3-4959-4DAE-B535-3E2F10DDD456}] => (Block) %SystemDrive%\Games\Sekiro Shadows Die Twice GOTY Edition\sekiro.exe => No File
FirewallRules: [{6D44C4F0-870D-4A06-844F-79A47099A645}] => (Block) %SystemDrive%\Games\Sekiro Shadows Die Twice GOTY Edition\sekiro.exe => No File
FirewallRules: [{8256B73A-B335-49CF-8DB4-A41BEEF99B3E}] => (Block) %SystemDrive%\Games\Sekiro Shadows Die Twice GOTY Edition\sekiro.exe => No File
FirewallRules: [TCP Query User{E97E3847-37C5-4EE7-B440-2ADD99571FC3}C:\users\enes\appdata\roaming\.minecraft\runtime\jre-legacy\wındows\jre-legacy\bin\javaw.exe] => (Block) C:\users\enes\appdata\roaming\.minecraft\runtime\jre-legacy\wındows\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{37E4D84A-E857-41DE-A150-0680F52F5E99}C:\users\enes\appdata\roaming\.minecraft\runtime\jre-legacy\wındows\jre-legacy\bin\javaw.exe] => (Block) C:\users\enes\appdata\roaming\.minecraft\runtime\jre-legacy\wındows\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{23DC9049-2E50-4661-91D0-0374A1524345}E:\program files\epic games\amongus\among us.exe] => (Allow) E:\program files\epic games\amongus\among us.exe () [File not signed]
FirewallRules: [UDP Query User{91BAFD3B-8FD3-404F-BAEE-027CEC824E96}E:\program files\epic games\amongus\among us.exe] => (Allow) E:\program files\epic games\amongus\among us.exe () [File not signed]
FirewallRules: [TCP Query User{2B0B7B61-606E-4205-9D50-D9390C8B3BFE}C:\users\enes\runtime\so-x64\1.8.0_51\bin\javaw.exe] => (Block) C:\users\enes\runtime\so-x64\1.8.0_51\bin\javaw.exe => No File
FirewallRules: [UDP Query User{6542547C-948C-4A43-AE1A-D0CF8A85AB40}C:\users\enes\runtime\so-x64\1.8.0_51\bin\javaw.exe] => (Block) C:\users\enes\runtime\so-x64\1.8.0_51\bin\javaw.exe => No File
FirewallRules: [TCP Query User{3C5A064D-BC0E-42C4-ABAA-E96447B563D2}C:\users\enes\appdata\local\faceit\app-1.31.5\faceit.exe] => (Allow) C:\users\enes\appdata\local\faceit\app-1.31.5\faceit.exe => No File
FirewallRules: [UDP Query User{56846837-30D1-41D9-BB1E-5890EEC73535}C:\users\enes\appdata\local\faceit\app-1.31.5\faceit.exe] => (Allow) C:\users\enes\appdata\local\faceit\app-1.31.5\faceit.exe => No File
FirewallRules: [TCP Query User{06087FAA-088E-4EB3-AAC7-63AA371DA533}E:\games\assassins creed ii\assassinscreediigame.exe] => (Block) E:\games\assassins creed ii\assassinscreediigame.exe => No File
FirewallRules: [UDP Query User{29F33972-978F-409F-832A-98E5A57EC185}E:\games\assassins creed ii\assassinscreediigame.exe] => (Block) E:\games\assassins creed ii\assassinscreediigame.exe => No File
FirewallRules: [{50CFE322-9C74-4171-82D6-446E313A25D4}] => (Block) %SystemDrive%\Games\Need for Speed Heat\NeedForSpeedHeat.exe => No File
FirewallRules: [{329EE01D-B3C4-4833-9DC9-D6BB3957417B}] => (Allow) E:\SteamLibrary\steamapps\common\Ultimate Custom Night\Ultimate Custom Night.exe () [File not signed]
FirewallRules: [{21F38FE2-B4E5-4A88-AB08-566C34B4AAC1}] => (Allow) E:\SteamLibrary\steamapps\common\Ultimate Custom Night\Ultimate Custom Night.exe () [File not signed]
FirewallRules: [TCP Query User{E966B2B3-CB62-43AC-87AF-2ADB83D01105}E:\games\crysis 2\bin32\crysis2.exe] => (Block) E:\games\crysis 2\bin32\crysis2.exe => No File
FirewallRules: [UDP Query User{22C2223A-B143-4837-800D-6B843ABD722B}E:\games\crysis 2\bin32\crysis2.exe] => (Block) E:\games\crysis 2\bin32\crysis2.exe => No File
FirewallRules: [{60BA9F7F-CC42-42C8-8CAF-154D17625E15}] => (Allow) E:\SteamLibrary\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{BDC09808-B8C0-460A-A174-36D7419F9215}] => (Allow) E:\SteamLibrary\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{FF926575-4482-46E5-AB78-92596E2860A0}] => (Allow) E:\SteamLibrary\steamapps\common\Super Auto Pets\Super Auto Pets.exe () [File not signed]
FirewallRules: [{3EA7BB60-4FC7-4426-8BF7-61B867FF64EF}] => (Allow) E:\SteamLibrary\steamapps\common\Super Auto Pets\Super Auto Pets.exe () [File not signed]
FirewallRules: [TCP Query User{68DE5F7A-AD6A-49CC-9F6B-A5F1D43DC11E}C:\users\enes\runtime\so-x64\465d7906386d62ec65ab1a91a881655f769e8e29\bin\javaw.exe] => (Block) C:\users\enes\runtime\so-x64\465d7906386d62ec65ab1a91a881655f769e8e29\bin\javaw.exe => No File
FirewallRules: [UDP Query User{3C748D28-541D-4369-A9B8-0F5C05EBB2D1}C:\users\enes\runtime\so-x64\465d7906386d62ec65ab1a91a881655f769e8e29\bin\javaw.exe] => (Block) C:\users\enes\runtime\so-x64\465d7906386d62ec65ab1a91a881655f769e8e29\bin\javaw.exe => No File
FirewallRules: [{CDC606AD-3A9B-4E45-9E0F-02C0DFC94AB5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{291D3909-87BB-4731-91E3-3715842A7E6A}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (Voicemod Sociedad Limitada -> Voicemod)
FirewallRules: [TCP Query User{F77832B7-1DCB-4782-94DE-0E6DD0427AB7}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Block) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe => No File
FirewallRules: [UDP Query User{469A24CA-A383-4D2C-ADCD-C48E60430B0A}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Block) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe => No File
FirewallRules: [{93DD0A0C-A227-40B4-AA64-3F44835A3023}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe => No File
FirewallRules: [{0434642C-6BF5-43DB-8538-F0985ED4538C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe => No File
FirewallRules: [{160DC996-73AA-4DE5-A4F7-78BAA746007D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{E8B3483A-753F-4521-A76B-ABFF3DBDB905}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [TCP Query User{45FC4ED0-A249-4705-80D3-F89F49ECD788}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Block) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [UDP Query User{6B5CFF20-40B3-407F-9E9A-D45764BC79A5}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Block) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [{82BA3E6F-0003-4334-92AF-9C2DB8A4CA71}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Apex Legends\EasyAntiCheat_launcher.exe => No File
FirewallRules: [{5D68B631-FA46-4912-8083-9ED0E8893ED6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Apex Legends\EasyAntiCheat_launcher.exe => No File
FirewallRules: [{EEC66742-F3BE-4E4B-B52C-CDFFD41449A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe (Blue Mammoth Games) [File not signed]
FirewallRules: [{DC55D70A-6032-44EA-B962-A0E166A580D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe (Blue Mammoth Games) [File not signed]
FirewallRules: [{3169AD48-ADF7-4ACE-A307-0C4814E20F6C}] => (Allow) E:\SteamLibrary\steamapps\common\Terraria\Terraria.exe (Re-Logic) [File not signed]
FirewallRules: [{F47CD6D0-5E30-4A4B-88DF-88C9780A4EA6}] => (Allow) E:\SteamLibrary\steamapps\common\Terraria\Terraria.exe (Re-Logic) [File not signed]
FirewallRules: [{A82416CB-D2B0-4E34-A38A-269622029ABC}] => (Allow) E:\SteamLibrary\steamapps\common\tModLoader\tModLoader.exe => No File
FirewallRules: [{6DF13A7A-D7E3-425D-99FD-65156098A5E1}] => (Allow) E:\SteamLibrary\steamapps\common\tModLoader\tModLoader.exe => No File
FirewallRules: [TCP Query User{4A09BE25-8544-4E52-8846-F0DAC77F6586}E:\steamlibrary\steamapps\common\terraria\terrariaserver.exe] => (Block) E:\steamlibrary\steamapps\common\terraria\terrariaserver.exe (Re-Logic) [File not signed]
FirewallRules: [UDP Query User{6B478890-7192-4379-98BC-CBE8D97EBA0C}E:\steamlibrary\steamapps\common\terraria\terrariaserver.exe] => (Block) E:\steamlibrary\steamapps\common\terraria\terrariaserver.exe (Re-Logic) [File not signed]
FirewallRules: [TCP Query User{9F645A35-156D-4B2B-B518-3AB3B891BB73}C:\program files (x86)\steam\steamapps\common\trine 2\trine2_32bit.exe] => (Block) C:\program files (x86)\steam\steamapps\common\trine 2\trine2_32bit.exe => No File
FirewallRules: [UDP Query User{081653AF-C26E-42E7-A5DA-6C0324E5D624}C:\program files (x86)\steam\steamapps\common\trine 2\trine2_32bit.exe] => (Block) C:\program files (x86)\steam\steamapps\common\trine 2\trine2_32bit.exe => No File
FirewallRules: [{FF09929C-87A0-4DFD-9386-2E7B39622A04}] => (Allow) E:\Emre\OpenShot Video Editor\openshot-qt.exe (OpenShot Studios, LLC) [File not signed]
FirewallRules: [{45A7CBC2-C2E7-46E8-91D7-D9CA1BC24E4F}] => (Allow) E:\SteamLibrary\steamapps\common\Apex Legends\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{46295963-2147-40AB-9368-C76F13AA8040}] => (Allow) E:\SteamLibrary\steamapps\common\Apex Legends\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [TCP Query User{803BB4FF-765F-4105-9653-4C26A81CF277}E:\steamlibrary\steamapps\common\tmodloader\dotnet\6.0.0\dotnet.exe] => (Allow) E:\steamlibrary\steamapps\common\tmodloader\dotnet\6.0.0\dotnet.exe (.NET -> Microsoft Corporation)
FirewallRules: [UDP Query User{BC7D27AC-67A6-42D6-923A-3FD8ECDBC292}E:\steamlibrary\steamapps\common\tmodloader\dotnet\6.0.0\dotnet.exe] => (Allow) E:\steamlibrary\steamapps\common\tmodloader\dotnet\6.0.0\dotnet.exe (.NET -> Microsoft Corporation)
FirewallRules: [{DEFF6D31-887C-48E6-8CD2-DD3A7DABAA5B}] => (Block) E:\steamlibrary\steamapps\common\tmodloader\dotnet\6.0.0\dotnet.exe (.NET -> Microsoft Corporation)
FirewallRules: [{0D23AE44-91C2-4DE9-AE74-2FB26FDA9F81}] => (Block) E:\steamlibrary\steamapps\common\tmodloader\dotnet\6.0.0\dotnet.exe (.NET -> Microsoft Corporation)
FirewallRules: [{E93A4527-05A7-4916-A560-2A888285F704}] => (Allow) E:\SteamLibrary\steamapps\common\Crab Game\Crab Game.exe () [File not signed]
FirewallRules: [{B1CBFDAC-330D-4541-893A-73377AB8D38E}] => (Allow) E:\SteamLibrary\steamapps\common\Crab Game\Crab Game.exe () [File not signed]
FirewallRules: [{38B0C667-AAEA-4463-9CB6-E409CE60C326}] => (Allow) E:\SteamLibrary\steamapps\common\the witcher 2\Launcher.exe (CD Projekt RED) [File not signed]
FirewallRules: [{5A9AF751-EA57-4C05-B686-D00D0B3F0B66}] => (Allow) E:\SteamLibrary\steamapps\common\the witcher 2\Launcher.exe (CD Projekt RED) [File not signed]
FirewallRules: [TCP Query User{88D22CEA-9B38-4971-9F4B-619193099B4B}E:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe] => (Block) E:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe () [File not signed]
FirewallRules: [UDP Query User{C84D11BD-F925-4485-A683-2B89B768D3CE}E:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe] => (Block) E:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe () [File not signed]
FirewallRules: [{944B5F22-7E07-49C3-A087-C18F4A554E85}] => (Allow) C:\Program Files\Razer\RzAppEngine\rzappengine.exe (Razer USA Ltd. -> Razer Inc.)
FirewallRules: [{81183F13-93BF-4E6B-9327-655FADD285C5}] => (Allow) E:\SteamLibrary\steamapps\common\worldbox\worldbox.exe () [File not signed]
FirewallRules: [{05D1D343-BDC7-414A-B3AF-400FA6F601F3}] => (Allow) E:\SteamLibrary\steamapps\common\worldbox\worldbox.exe () [File not signed]
FirewallRules: [TCP Query User{5FC25A30-0385-4EFE-8197-789C849A43F9}E:\emre\resolve.exe] => (Allow) E:\emre\resolve.exe => No File
FirewallRules: [UDP Query User{0D430A93-B1D4-4EFD-A3DE-95531660A129}E:\emre\resolve.exe] => (Allow) E:\emre\resolve.exe => No File
FirewallRules: [TCP Query User{D07C9605-BFA9-4953-9BC2-EF049800AE9D}E:\emre\fuscript.exe] => (Block) E:\emre\fuscript.exe => No File
FirewallRules: [UDP Query User{4A440771-81AA-4797-920F-D4283FA5DA27}E:\emre\fuscript.exe] => (Block) E:\emre\fuscript.exe => No File
FirewallRules: [{F6E09E8F-2D51-4C64-AA1E-EA1C3C1B216E}] => (Allow) E:\SteamLibrary\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
FirewallRules: [{B04360D7-885D-478B-9713-990E217DE6EB}] => (Allow) E:\SteamLibrary\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
FirewallRules: [TCP Query User{977618DB-0A58-4780-A192-8F2AC220FE17}C:\users\enes\appdata\local\discord\app-1.0.9005\discord.exe] => (Allow) C:\users\enes\appdata\local\discord\app-1.0.9005\discord.exe => No File
FirewallRules: [UDP Query User{B494A0ED-BDC3-46E8-91BF-3C0A430D967F}C:\users\enes\appdata\local\discord\app-1.0.9005\discord.exe] => (Allow) C:\users\enes\appdata\local\discord\app-1.0.9005\discord.exe => No File
FirewallRules: [{AF0394F9-F8A7-43F4-8E0A-4B929309B450}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (Voicemod Sociedad Limitada -> Voicemod)
FirewallRules: [{D67E62E0-8370-4646-9F52-56D7881055A1}] => (Block) C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe (Adobe Inc. -> Adobe Systems Incorporated)
FirewallRules: [{111A2DD8-DDB0-4321-A3CA-1AE3E18F4AF3}] => (Block) C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe (Adobe Inc. -> Adobe Systems Incorporated)
FirewallRules: [TCP Query User{F8A298EE-568A-4A82-8F1C-755B0C183950}C:\users\enes\appdata\roaming\.minecraft\runtime\java-runtime-gamma\wındows\java-runtime-gamma\bin\javaw.exe] => (Block) C:\users\enes\appdata\roaming\.minecraft\runtime\java-runtime-gamma\wındows\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{BC820A79-CDF1-4E0A-8741-F7918B0F4ECF}C:\users\enes\appdata\roaming\.minecraft\runtime\java-runtime-gamma\wındows\java-runtime-gamma\bin\javaw.exe] => (Block) C:\users\enes\appdata\roaming\.minecraft\runtime\java-runtime-gamma\wındows\java-runtime-gamma\bin\javaw.exe
FirewallRules: [{26E9ABBC-822F-4E27-846C-C6DAB033BD42}] => (Block) E:\Games\Crysis 3\Bin32\Crysis3.exe (Crytek GmbH) [File not signed]
FirewallRules: [{E10E66FC-A70F-4B65-A303-9A55A64C280A}] => (Block) E:\Games\NieR Replicant ver 1.22474487139\NieR Replicant ver.1.22474487139.exe => No File
FirewallRules: [{BFDB182D-A099-43A3-B308-5E0B5D04B9C7}] => (Block) E:\Games\Stray\Stray.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{2D333E2A-31FE-4DE8-805D-F0DC72B17EFF}] => (Block) E:\Program Files (x86)\METAL GEAR RISING REVENGEANCE\METAL GEAR RISING REVENGEANCE.exe () [File not signed]
FirewallRules: [{547513E3-51AD-4156-8C49-48D4F7E91FDB}] => (Allow) E:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{4608571F-60BE-47D0-8B13-D19285A87582}] => (Allow) E:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{1C721485-21FE-41F7-B5B7-BE59A80A5988}] => (Allow) E:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{68B9C67F-94B0-41B9-A93B-33A9BA058FFD}] => (Allow) E:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{C2C1B53A-20F7-45E2-86BD-E390A06E2F38}] => (Allow) E:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{4709BC66-63FA-4C66-A3F2-620EA23B3064}] => (Allow) E:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{4F8063B2-AD0A-4D63-B0C7-3BDA2A14D1C4}] => (Allow) E:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [{94B4F30C-47F0-4443-ABE0-4BC043B0246F}] => (Allow) E:\Program Files\Blackmagic Design\DaVinci Resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{6A77A9FF-10A4-4C20-9B9B-10715D308BBD}E:\program files\blackmagic design\davinci resolve\resolve.exe] => (Block) E:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{C85ABE05-6552-478A-BDB1-74F70281A4B3}E:\program files\blackmagic design\davinci resolve\resolve.exe] => (Block) E:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{6C84EE73-8949-49F1-8D5B-E10A2427D9CC}E:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) E:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{B6BD945A-31C0-497F-A9FC-7C251BFC1494}E:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) E:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{6E302A33-F8EF-4A04-BA5C-70051017CC7F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Raft\Raft.exe () [File not signed]
FirewallRules: [{D8F3E71E-B9AE-4037-99A1-06CCBE6313CB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Raft\Raft.exe () [File not signed]
FirewallRules: [{FC278FF2-056A-48BA-AEC7-5B657EAC6672}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{63B501F5-484E-4828-A743-997966B6DF37}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{08FE0281-C0D3-4A24-AAC5-E37A24097398}] => (Allow) E:\Program Files\EA\Need For Speed Heat\NeedForSpeedHeatTrial.exe (Electronic Arts) [File not signed]
FirewallRules: [{8FEF858E-DD4E-45F0-9FD9-5279163BF617}] => (Allow) E:\Program Files\EA\Need For Speed Heat\NeedForSpeedHeatTrial.exe (Electronic Arts) [File not signed]
FirewallRules: [{1D07FE18-5EDF-4278-91CE-860F36DB579E}] => (Allow) E:\Program Files\EA\Need For Speed Heat\NeedForSpeedHeat.exe (Electronic Arts) [File not signed]
FirewallRules: [{67289456-A5DE-4743-85DD-821EDA9B5B5E}] => (Allow) E:\Program Files\EA\Need For Speed Heat\NeedForSpeedHeat.exe (Electronic Arts) [File not signed]
FirewallRules: [TCP Query User{F7A78483-E86A-469C-958F-A20040E09A94}E:\emre\core\platform\binaries\win64\platform-win64-shipping.exe] => (Block) E:\emre\core\platform\binaries\win64\platform-win64-shipping.exe => No File
FirewallRules: [UDP Query User{B6B3264D-7022-420C-90F1-8730AA24E6D6}E:\emre\core\platform\binaries\win64\platform-win64-shipping.exe] => (Block) E:\emre\core\platform\binaries\win64\platform-win64-shipping.exe => No File
FirewallRules: [TCP Query User{A8A24676-03A9-4D84-9E46-857D9E8589DA}E:\steamlibrary\steamapps\common\assettocorsa\acs.exe] => (Block) E:\steamlibrary\steamapps\common\assettocorsa\acs.exe => No File
FirewallRules: [UDP Query User{6EED5C26-4DDF-4AF3-9952-76F04CE516B4}E:\steamlibrary\steamapps\common\assettocorsa\acs.exe] => (Block) E:\steamlibrary\steamapps\common\assettocorsa\acs.exe => No File
FirewallRules: [{41854F98-3E10-4D67-BC44-9DD8A89E48A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CSNZ\Bin\cstrike-online.exe => No File
FirewallRules: [{5FEBCEEA-28D0-4B62-B75E-059FF119756F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CSNZ\Bin\cstrike-online.exe => No File
FirewallRules: [{152F9FA5-39D4-409C-AA0D-2E2C6DF7DD4E}] => (Allow) C:\Program Files (x86)\Overwolf\0.203.1.12\OverwolfBrowser.exe => No File
FirewallRules: [{C8F4F17C-B5A3-46F3-A150-939F5A6FF771}] => (Allow) C:\Program Files (x86)\Overwolf\0.203.1.12\OverwolfBrowser.exe => No File
FirewallRules: [{654AD514-997B-4EFA-9AA5-407BB5A7215D}] => (Block) C:\Program Files (x86)\Overwolf\0.203.1.12\OverwolfBrowser.exe => No File
FirewallRules: [{24C2834C-4686-4A87-99A5-7B916D7DD0E6}] => (Block) C:\Program Files (x86)\Overwolf\0.203.1.12\OverwolfBrowser.exe => No File
FirewallRules: [{F4482871-D4C2-4F94-849E-43B32047DA0A}] => (Allow) C:\Program Files (x86)\Overwolf\0.201.0.23\OverwolfBrowser.exe => No File
FirewallRules: [{45A210DB-EEF8-4052-A9E2-575D335AEAB5}] => (Allow) C:\Program Files (x86)\Overwolf\0.201.0.23\OverwolfBrowser.exe => No File
FirewallRules: [{84B2B4D2-1613-413C-8600-DF4748642C90}] => (Block) C:\Program Files (x86)\Overwolf\0.201.0.23\OverwolfBrowser.exe => No File
FirewallRules: [{0EC73AF1-20B3-475A-9DC0-10C51AB5544D}] => (Block) C:\Program Files (x86)\Overwolf\0.201.0.23\OverwolfBrowser.exe => No File
FirewallRules: [{2992222A-0F52-4197-ACE1-DD219ACF4F0A}] => (Allow) C:\Program Files (x86)\Overwolf\0.204.0.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{262382B6-61A9-47B7-AEB3-6B2BFF90B5A2}] => (Allow) C:\Program Files (x86)\Overwolf\0.204.0.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{76B8C87A-F0DC-4A11-A9CB-F269452E6B07}] => (Allow) E:\SteamLibrary\steamapps\common\MultiVersus\start_protected_game.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{6617AEAD-93E9-4D12-9F62-C9EA08A83622}] => (Allow) E:\SteamLibrary\steamapps\common\MultiVersus\start_protected_game.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{1D4F091E-033E-4F6A-9E41-2A6F8A849C71}] => (Block) E:\Games\Cyberpunk 2077\bin\x64\Cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [{41545971-F9B6-467C-AF07-0C0E7FC798C4}] => (Allow) E:\Games\Cyberpunk 2077\bin\x64\Cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [TCP Query User{FCCA74AB-FFEC-4833-AA45-C6C9BFCE00AA}C:\users\enes\appdata\local\faceit\app-1.31.7\faceit.exe] => (Block) C:\users\enes\appdata\local\faceit\app-1.31.7\faceit.exe (FACE IT LIMITED -> FACEIT Ltd.)
FirewallRules: [UDP Query User{BF330480-3B6A-48C6-B2A4-12D9272E6F4E}C:\users\enes\appdata\local\faceit\app-1.31.7\faceit.exe] => (Block) C:\users\enes\appdata\local\faceit\app-1.31.7\faceit.exe (FACE IT LIMITED -> FACEIT Ltd.)
FirewallRules: [{0DA1C7FA-18B7-4862-B936-F910DFE77C77}] => (Allow) E:\SteamLibrary\steamapps\common\CastleCrashersDemo\castle.exe () [File not signed]
FirewallRules: [{A701B202-0169-4B1C-8856-2E0671630593}] => (Allow) E:\SteamLibrary\steamapps\common\CastleCrashersDemo\castle.exe () [File not signed]
FirewallRules: [{A688CEB1-73D5-4DE0-8333-CBE9DFEAEB24}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Splitgate\equ8-launcher.exe (Int3 Software AB -> Int3 Software AB)
FirewallRules: [{B5D5DE2C-E8C4-4702-A091-81F3C4F2404E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Splitgate\equ8-launcher.exe (Int3 Software AB -> Int3 Software AB)
FirewallRules: [{82B56167-CE83-4A54-BC9C-E90B995AEB01}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Splitgate\PortalWars\Binaries\Win64\PortalWars-Win64-Shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{B005A5E2-98FA-42C1-A447-EBB7372A6925}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Splitgate\PortalWars\Binaries\Win64\PortalWars-Win64-Shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{C148734E-1B01-4201-978E-B4267645DAC8}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Block) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [UDP Query User{9313BBFB-3B8F-42FA-957D-00105BAD73E2}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Block) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [{F9EA4F4E-2F76-46EE-A8E3-EB3AF9CF2E48}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RISK Global Domination\RISK.exe () [File not signed]
FirewallRules: [{C3A3D4D1-8D82-4087-96B4-E4853124387C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RISK Global Domination\RISK.exe () [File not signed]
FirewallRules: [{2784D636-5A9C-4AA4-9E22-3577BAABD628}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22227.300.1508.3394_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1B6620F2-4532-44D5-A2F0-B7391171AD74}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22227.300.1508.3394_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{8D09F4ED-758E-4778-A797-82BFBF4512EA}E:\emre\mcreator\jdk\bin\java.exe] => (Allow) E:\emre\mcreator\jdk\bin\java.exe
FirewallRules: [UDP Query User{D1E4A4CC-D5E1-45C2-A7C2-B20B4AAB47B4}E:\emre\mcreator\jdk\bin\java.exe] => (Allow) E:\emre\mcreator\jdk\bin\java.exe
FirewallRules: [TCP Query User{041F1350-045F-4902-AEA5-9BFAC222F991}C:\users\enes\appdata\local\discord\app-1.0.9006\discord.exe] => (Block) C:\users\enes\appdata\local\discord\app-1.0.9006\discord.exe (Discord Inc. -> Discord Inc.)
FirewallRules: [UDP Query User{9DF313B6-C9B5-44A2-A5F7-2F3C905A7BBC}C:\users\enes\appdata\local\discord\app-1.0.9006\discord.exe] => (Block) C:\users\enes\appdata\local\discord\app-1.0.9006\discord.exe (Discord Inc. -> Discord Inc.)
FirewallRules: [{2FD4E866-B9C8-440D-B779-5BA8704CBF8B}] => (Allow) E:\Games\Cyberpunk 2077\bin\x64\Cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [{8241A265-22EA-4136-8365-3E871F408325}] => (Allow) E:\Games\Cyberpunk 2077\bin\x64\Cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [{C956A1FE-BBFE-4A27-8988-FE268FBBB5E1}] => (Allow) E:\Games\Cyberpunk 2077\bin\x64\Cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [{9DCF0F5C-CA74-40EF-9689-3BA8C9A56E05}] => (Allow) E:\Games\Cyberpunk 2077\bin\x64\Cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [{AF85D576-F879-4EF5-B4C5-F8F8FB0758A8}] => (Allow) D:\SteamLibrary\steamapps\common\Don't Starve Together\bin64\dontstarve_steam_x64.exe () [File not signed]
FirewallRules: [{3A9C8FFA-D97B-4687-A9E5-A93533BDFABD}] => (Allow) D:\SteamLibrary\steamapps\common\Don't Starve Together\bin64\dontstarve_steam_x64.exe () [File not signed]
FirewallRules: [{170D332C-E189-465E-84E9-E8BD0AA17EE3}] => (Allow) D:\SteamLibrary\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{4370F98D-1C8B-4881-AA17-F68120FB87C4}] => (Allow) D:\SteamLibrary\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{4BE6DA62-EF2A-4CC7-943F-A349531F0D33}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\105.0.1343.25\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F610A8FB-88E1-45F6-BF37-FF5BBB8B0060}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (09/04/2022 05:41:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Hatalı uygulama adı: javaw.exe, sürüm: 8.0.2810.9, zaman damgası: 0x5fd0dac0
Hatalı modül adı: ucrtbase.dll, sürüm: 10.0.22000.1, zaman damgası: 0x00e78ce9
Özel durum kodu: 0xc0000409
Hata uzaklığı 0x000000000007dd7e
Hatalı işlem kimliği: 0x39cc
Uygulama başlangıç zamanı: 0x01d8c028df47661c
Hatalı uygulama yolu: C:\Users\Enes\AppData\Roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
Hatalı modül yolu: C:\Windows\System32\ucrtbase.dll
Rapor kimliği: fbe6d469-795b-449e-8f52-729efa969009
Hatalı paket tam adı: 
Hatalı paketle ilgili uygulama kimliği:

Error: (09/04/2022 05:23:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Hatalı uygulama adı: GameBar.exe, sürüm: 5.822.6271.0, zaman damgası: 0x62b9e0ef
Hatalı modül adı: Windows.UI.Xaml.dll, sürüm: 10.0.22000.832, zaman damgası: 0x9e96a54a
Özel durum kodu: 0xc00001ad
Hata uzaklığı 0x000000000045b499
Hatalı işlem kimliği: 0x425c
Uygulama başlangıç zamanı: 0x01d8c0054a74fb49
Hatalı uygulama yolu: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.6271.0_x64__8wekyb3d8bbwe\GameBar.exe
Hatalı modül yolu: C:\Windows\System32\Windows.UI.Xaml.dll
Rapor kimliği: 8fe444c8-82cb-4a82-8504-d791449a8e57
Hatalı paket tam adı: Microsoft.XboxGamingOverlay_5.822.6271.0_x64__8wekyb3d8bbwe
Hatalı paketle ilgili uygulama kimliği: App

Error: (09/04/2022 05:23:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Hatalı uygulama adı: dwm.exe, sürüm: 10.0.22000.1, zaman damgası: 0x7cbe2305
Hatalı modül adı: udwm.dll, sürüm: 10.0.22000.832, zaman damgası: 0x965ad2c0
Özel durum kodu: 0xc00001ad
Hata uzaklığı 0x0000000000107943
Hatalı işlem kimliği: 0x1380
Uygulama başlangıç zamanı: 0x01d8c0054d76b03f
Hatalı uygulama yolu: C:\Windows\system32\dwm.exe
Hatalı modül yolu: C:\Windows\SYSTEM32\udwm.dll
Rapor kimliği: 40436f0d-0395-4642-8d7d-180ebdac21de
Hatalı paket tam adı: 
Hatalı paketle ilgili uygulama kimliği:

Error: (09/04/2022 05:23:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Hatalı uygulama adı: dwm.exe, sürüm: 10.0.22000.1, zaman damgası: 0x7cbe2305
Hatalı modül adı: dwmcore.dll, sürüm: 10.0.22000.832, zaman damgası: 0x3f5d7ed5
Özel durum kodu: 0xc00001ad
Hata uzaklığı 0x0000000000267224
Hatalı işlem kimliği: 0x5d8
Uygulama başlangıç zamanı: 0x01d8bf07a06d32ef
Hatalı uygulama yolu: C:\Windows\system32\dwm.exe
Hatalı modül yolu: C:\Windows\system32\dwmcore.dll
Rapor kimliği: 2a3be988-dacc-4529-bdc6-57c2178186fc
Hatalı paket tam adı: 
Hatalı paketle ilgili uygulama kimliği:

Error: (09/04/2022 05:17:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Hatalı uygulama adı: GameBar.exe, sürüm: 5.822.6271.0, zaman damgası: 0x62b9e0ef
Hatalı modül adı: GameBar.exe, sürüm: 5.822.6271.0, zaman damgası: 0x62b9e0ef
Özel durum kodu: 0xc0000409
Hata uzaklığı 0x0000000000c86620
Hatalı işlem kimliği: 0x3dc8
Uygulama başlangıç zamanı: 0x01d8c004662fe165
Hatalı uygulama yolu: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.6271.0_x64__8wekyb3d8bbwe\GameBar.exe
Hatalı modül yolu: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.6271.0_x64__8wekyb3d8bbwe\GameBar.exe
Rapor kimliği: 965b8860-8b88-4dd2-b43c-c38209cde9b3
Hatalı paket tam adı: Microsoft.XboxGamingOverlay_5.822.6271.0_x64__8wekyb3d8bbwe
Hatalı paketle ilgili uygulama kimliği: App

Error: (09/04/2022 05:12:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Hatalı uygulama adı: StartMenuExperienceHost.exe, sürüm: 0.0.0.0, zaman damgası: 0x36fcc2bb
Hatalı modül adı: Windows.UI.Xaml.dll, sürüm: 10.0.22000.832, zaman damgası: 0x9e96a54a
Özel durum kodu: 0xc000027b
Hata uzaklığı 0x0000000000550cdc
Hatalı işlem kimliği: 0x2238
Uygulama başlangıç zamanı: 0x01d8bf07a8ab8882
Hatalı uygulama yolu: C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
Hatalı modül yolu: C:\Windows\System32\Windows.UI.Xaml.dll
Rapor kimliği: ce30ff9b-d22a-4e86-9c8e-aa23db7c4488
Hatalı paket tam adı: Microsoft.Windows.StartMenuExperienceHost_10.0.22000.778_neutral_neutral_cw5n1h2txyewy
Hatalı paketle ilgili uygulama kimliği: App

Error: (09/02/2022 07:00:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Hatalı uygulama adı: Funny_Gaem.exe, sürüm: 1.0.0.0, zaman damgası: 0x5e430bb6
Hatalı modül adı: KERNELBASE.dll, sürüm: 10.0.22000.856, zaman damgası: 0x280da275
Özel durum kodu: 0xe0434352
Hata uzaklığı 0x001409d2
Hatalı işlem kimliği: 0x4cc8
Uygulama başlangıç zamanı: 0x01d8bee52a6dfc2d
Hatalı uygulama yolu: E:\indirilenler\Funny_Gaem.exe
Hatalı modül yolu: C:\Windows\System32\KERNELBASE.dll
Rapor kimliği: 3966496b-7ef2-4179-8bd0-3148ff32c605
Hatalı paket tam adı: 
Hatalı paketle ilgili uygulama kimliği:

Error: (09/02/2022 07:00:47 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Uygulama: Funny_Gaem.exe
Framework Sürümü: v4.0.30319
Açıklama: İşlenmeyen bir özel durum nedeniyle işlem sonlandırıldı.
Özel Durum Bilgisi: System.IO.FileNotFoundException
   konum: GooseDesktop.Refactor.MainGame.Init()
   konum: GooseDesktop.Program.Main()


System errors:
=============
Error: (09/04/2022 09:09:17 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Gaming Services hizmet şu hata ile sona erdi: 
Belirtilen hizmet, yüklü bir hizmet olarak yok.

Error: (09/04/2022 09:09:16 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {3E8C9ABE-9226-4609-BF5B-60288A391DEE} sunucusu belirtilen zaman aşımı süresi içinde DCOM'a kayıt yaptıramadı.

Error: (09/04/2022 09:07:17 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Gaming Services hizmet şu hata ile sona erdi: 
Belirtilen hizmet, yüklü bir hizmet olarak yok.

Error: (09/04/2022 09:07:16 PM) (Source: DCOM) (EventID: 10010) (User: Hitokiri)
Description: {3E8C9ABE-9226-4609-BF5B-60288A391DEE} sunucusu belirtilen zaman aşımı süresi içinde DCOM'a kayıt yaptıramadı.

Error: (09/04/2022 09:05:17 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Gaming Services hizmet şu hata ile sona erdi: 
Belirtilen hizmet, yüklü bir hizmet olarak yok.

Error: (09/04/2022 09:05:16 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {3E8C9ABE-9226-4609-BF5B-60288A391DEE} sunucusu belirtilen zaman aşımı süresi içinde DCOM'a kayıt yaptıramadı.

Error: (09/04/2022 09:03:17 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Gaming Services hizmet şu hata ile sona erdi: 
Belirtilen hizmet, yüklü bir hizmet olarak yok.

Error: (09/04/2022 09:03:16 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {3E8C9ABE-9226-4609-BF5B-60288A391DEE} sunucusu belirtilen zaman aşımı süresi içinde DCOM'a kayıt yaptıramadı.


Windows Defender:
================
Date: 2022-09-04 21:09:11
Description: 
Microsoft Defender Virüsten Koruma kötü amaçlı yazılım veya istenmeyebilecek başka bir yazılım algıladı.
Daha fazla bilgi için lütfen aşağıdakilere bakın:
https://go.microsoft.com/fwlink/?linkid=37020&name=Behavior:Win32/Hive.ZY&threatid=2147830806&enterprise=0
Ad: Behavior:Win32/Hive.ZY
Kimlik: 2147830806
Önem Derecesi: Ciddi
Kategori: Şüpheli Davranış
Yol: behavior:_pid:4612:74439979291537
Algılama Başlangıç Noktası: Bilinmiyor
Algılama Türü: Somut
Algılama Kaynağı: Sistem
Kullanıcı: NT AUTHORITY\SYSTEM
İşlem Adı: Unknown
Güvenlik bilgileri Sürümü: AV: 1.373.1524.0, AS: 1.373.1524.0, NIS: 1.373.1524.0
Altyapı Sürümü: AM: 1.1.19500.2, NIS: 1.1.19500.2

Date: 2022-09-04 21:07:05
Description: 
Microsoft Defender Virüsten Koruma kötü amaçlı yazılım veya istenmeyebilecek başka bir yazılım algıladı.
Daha fazla bilgi için lütfen aşağıdakilere bakın:
https://go.microsoft.com/fwlink/?linkid=37020&name=Behavior:Win32/Hive.ZY&threatid=2147830806&enterprise=0
Ad: Behavior:Win32/Hive.ZY
Kimlik: 2147830806
Önem Derecesi: Ciddi
Kategori: Şüpheli Davranış
Yol: behavior:_pid:13660:74439979291537
Algılama Başlangıç Noktası: Bilinmiyor
Algılama Türü: Somut
Algılama Kaynağı: Sistem
Kullanıcı: NT AUTHORITY\SYSTEM
İşlem Adı: Unknown
Güvenlik bilgileri Sürümü: AV: 1.373.1524.0, AS: 1.373.1524.0, NIS: 1.373.1524.0
Altyapı Sürümü: AM: 1.1.19500.2, NIS: 1.1.19500.2

Date: 2022-09-04 21:06:59
Description: 
Microsoft Defender Virüsten Koruma kötü amaçlı yazılım veya istenmeyebilecek başka bir yazılım algıladı.
Daha fazla bilgi için lütfen aşağıdakilere bakın:
https://go.microsoft.com/fwlink/?linkid=37020&name=Behavior:Win32/Hive.ZY&threatid=2147830806&enterprise=0
Ad: Behavior:Win32/Hive.ZY
Kimlik: 2147830806
Önem Derecesi: Ciddi
Kategori: Şüpheli Davranış
Yol: behavior:_pid:14044:74439979291537
Algılama Başlangıç Noktası: Bilinmiyor
Algılama Türü: Somut
Algılama Kaynağı: Sistem
Kullanıcı: NT AUTHORITY\SYSTEM
İşlem Adı: Unknown
Güvenlik bilgileri Sürümü: AV: 1.373.1524.0, AS: 1.373.1524.0, NIS: 1.373.1524.0
Altyapı Sürümü: AM: 1.1.19500.2, NIS: 1.1.19500.2

Date: 2022-09-04 21:02:55
Description: 
Microsoft Defender Virüsten Koruma kötü amaçlı yazılım veya istenmeyebilecek başka bir yazılım algıladı.
Daha fazla bilgi için lütfen aşağıdakilere bakın:
https://go.microsoft.com/fwlink/?linkid=37020&name=Behavior:Win32/Hive.ZY&threatid=2147830806&enterprise=0
Ad: Behavior:Win32/Hive.ZY
Kimlik: 2147830806
Önem Derecesi: Ciddi
Kategori: Şüpheli Davranış
Yol: behavior:_pid:1092:74439979291537
Algılama Başlangıç Noktası: Bilinmiyor
Algılama Türü: Somut
Algılama Kaynağı: Sistem
Kullanıcı: NT AUTHORITY\SYSTEM
İşlem Adı: Unknown
Güvenlik bilgileri Sürümü: AV: 1.373.1524.0, AS: 1.373.1524.0, NIS: 1.373.1524.0
Altyapı Sürümü: AM: 1.1.19500.2, NIS: 1.1.19500.2

Date: 2022-09-04 20:51:59
Description: 
Microsoft Defender Virüsten Koruma kötü amaçlı yazılım veya istenmeyebilecek başka bir yazılım algıladı.
Daha fazla bilgi için lütfen aşağıdakilere bakın:
https://go.microsoft.com/fwlink/?linkid=37020&name=Behavior:Win32/Hive.ZY&threatid=2147830806&enterprise=0
Ad: Behavior:Win32/Hive.ZY
Kimlik: 2147830806
Önem Derecesi: Ciddi
Kategori: Şüpheli Davranış
Yol: behavior:_pid:14044:74439979291537
Algılama Başlangıç Noktası: Bilinmiyor
Algılama Türü: Somut
Algılama Kaynağı: Sistem
Kullanıcı: NT AUTHORITY\SYSTEM
İşlem Adı: Unknown
Güvenlik bilgileri Sürümü: AV: 1.373.1524.0, AS: 1.373.1524.0, NIS: 1.373.1524.0
Altyapı Sürümü: AM: 1.1.19500.2, NIS: 1.1.19500.2

CodeIntegrity:
===============
Date: 2022-09-04 20:16:43
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume6\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-09-04 20:06:00
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2022-09-04 20:05:06
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume6\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

BIOS: American Megatrends Inc. 1.70 10/22/2021
Motherboard: Micro-Star International Co., Ltd. B460M-A PRO (MS-7C88)
Processor: Intel(R) Core(TM) i3-10100F CPU @ 3.60GHz
Percentage of memory in use: 39%
Total physical RAM: 16322.01 MB
Available physical RAM: 9934.98 MB
Total Virtual: 23234.01 MB
Available Virtual: 13983.56 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.19 GB) (Free:11.47 GB) (Model: PNY CS3030 250GB SSD) NTFS
Drive d: () (Fixed) (Total:244.97 GB) (Free:52.22 GB) (Model: ST31000524AS) NTFS
Drive e: (Yerel Disk) (Fixed) (Total:686.52 GB) (Free:91.1 GB) (Model: ST31000524AS) NTFS

\\?\Volume{5b375c5c-2813-4019-ad56-075c1a08cdd2}\ () (Fixed) (Total:0.58 GB) (Free:0.08 GB) NTFS
\\?\Volume{d25e922b-09f9-415b-86a9-b2bd9e8bafa7}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: BA629FDF)

Partition: GPT.

==================== End of Addition.txt =======================

 

Link to post
Share on other sites

  • Root Admin

Hello  and  :welcome:      @HitokiriBattousai

 

My screen name is AdvancedSetup and I will assist you with your system issues.
 

Let's keep these principles as we proceed. Make sure to read the entire post below first.

  • Please follow all steps in the provided order and post back all requested logs
  • Please attach all log files to your post, unless otherwise requested
  • Temporarily disable your antivirus or other security software first. Make sure to turn it back on once the scans have been completed.
  • Temporarily disable Microsoft SmartScreen to download the software below if needed. Make sure to turn it back on once the scans are completed.
  • Searching, detecting, and removing malware isn't instantaneous and there is no guarantee to repair every system.
  • Before we start, please make sure that you have an external backup, not connected to this system, of all private data.
  • Do not run online games while the case is ongoing. Do not do any free-wheeling or risky web-surfing.
  • Only run the tools I guide you to use. Please don't run any other scans, download, install or uninstall any programs while I'm working with you.
  • Cracked, Hacked, or Pirated programs are not only illegal but also can make a computer a malware victim. Having such programs installed is the easiest way to get infected. It is the leading cause of ransomware encryption. It is at times also a big source of current Trojan infections. If there are any on the system you should uninstall them before we proceed.
  • Please be patient and stick with me until I give you the "all clear". We don't want to waste your time, please don't waste ours.
  • If your system is running Discord, please be sure to Exit it while this case is ongoing.

 

As you can see here from a quick, basic search on Google there are only 187 topics about your plugin that Malwarebytes is flagging. With over a billion computers and double that amount of phones on the Internet anything that only has 187 posts for an extension is probably not a good  extension to have installed.

image.png

 

Let me review your logs and get back to you.

 

  • Like 1
Link to post
Share on other sites

  • Root Admin

You have Java launching with an older version of Java in an obscure folder. I see you do the Java developer software installed so maybe it is valid for you, but it is faulting as well.
Please double-check this is valid for your system.

Application errors:
==================
Error: (09/04/2022 05:41:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Hatalı uygulama adı: javaw.exe, sürüm: 8.0.2810.9, zaman damgası: 0x5fd0dac0
Hatalı modül adı: ucrtbase.dll, sürüm: 10.0.22000.1, zaman damgası: 0x00e78ce9
Özel durum kodu: 0xc0000409
Hata uzaklığı 0x000000000007dd7e
Hatalı işlem kimliği: 0x39cc
Uygulama başlangıç zamanı: 0x01d8c028df47661c
Hatalı uygulama yolu: C:\Users\Enes\AppData\Roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
Hatalı modül yolu: C:\Windows\System32\ucrtbase.dll
Rapor kimliÄŸi: fbe6d469-795b-449e-8f52-729efa969009
Hatalı paket tam adı:
Hatalı paketle ilgili uygulama kimliği:

 

Your system is also having multiple other faulting applications.

Windows Defender is also detecting "something" generic in nature that does not look right. They just don't have a specific threat entry for it yet.

image.png

https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?name=Behavior%3aWin32%2fHive.ZY&threatid=2147830806&enterprise=0

 

 

I would highly recommend that you remove all of your Google Chrome extensions. Then reinstall them, but only ones that you absolutely want and you know they're well documented and supported from the Google Chrome Web store.

 

Once you have cleaned up Google Chrome, please run the following fix.

 

Please download the attached fixlist.txt file and save it to the Desktop or location where you ran FRST from.
NOTE. It's important that both files, FRST or FRST64, and fixlist.txt are in the same location or the fix will not work.

Please make sure you disable any real-time antivirus or security software before running this script. Once completed, make sure you re-enable it.

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system that cannot be undone.

Run FRST or FRST64 and press the Fix button just once and wait.
If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.
The tool will make a log on the Desktop (Fixlog.txt) or wherever you ran FRST from. Please attach or post it to your next reply.

Note: If the tool warned you about an outdated version please download and run the updated version.

NOTE-1:  This fix will run a scan to check that all Microsoft operating system files are valid and not corrupt and attempt to correct any invalid files. It will also run a disk check on the restart to ensure disk integrity. Depending on the speed of your computer this fix may take 30 minutes or more.

NOTE-2: As part of this fix all temporary files will be removed. If you have any open web pages that have not been bookmarked please make sure you bookmark them now as all open applications will be automatically closed. Also, make sure you know the passwords for all websites as cookies will also be removed. The use of an external password manager is highly recommended instead of using your browser to store passwords.

NOTE-3: As part of this fix it will also reset the network to default settings including the firewall. If you have custom firewall rules you need to save please export or save them first before running this fix.

The following directories are emptied:

  • Windows Temp
  • Users Temp folders
  • Edge, IE, FF, Chrome, and Opera caches, HTML5 storages, Cookies and History
  • Recently opened files cache
  • Discord cache
  • Java cache
  • Steam HTML cache
  • Explorer thumbnail and icon cache
  • BITS transfer queue (qmgr*.dat files)
  • Recycle Bin

Important: items are permanently deleted. They are not moved to quarantine. If you have any questions or concerns please ask before running this fix.

The system will be rebooted after the fix has run.

fixlist.txt

Thanks

 

  • Like 1
Link to post
Share on other sites

  • Root Admin

Looks like there may be a False Positive?

Please see if this applies for you.

https://www.bleepingcomputer.com/news/microsoft/microsoft-defender-falsely-detects-win32-hivezy-in-google-chrome-electron-apps/

Though I still say cleaning up Google Chrome is a good thing 😃

  • Like 1
Link to post
Share on other sites

On 9/4/2022 at 3:43 PM, AdvancedSetup said:

Yanlış Pozitif olabilir gibi görünüyor?

Lütfen bunun sizin için geçerli olup olmadığına bakın.

https://www.bleepingcomputer.com/news/microsoft/microsoft-defender-falsely-detects-win32-hivezy-in-google-chrome-electron-apps/

Yine de Google Chrome'u temizlemenin iyi bir şey olduğunu söylesem de 😃

Hello, thank you for your answer. The file you want is here:

 

what worries me is this line in the registry cpegcopcfajiiibidlaelhjjblpefbjk
do you know what this is? Norton, eset nod32 and kaspersky are clean but malwarebytyes cpegcopcfajiiibidlaelhjjblpefbjk says it's a trojan, there is no such plugin anyway, just the registry but my computer also makes me worry because I use a credit card.

Edited by AdvancedSetup
Logs removed per request
Link to post
Share on other sites

1 hour ago, AdvancedSetup said:

You have Java launching with an older version of Java in an obscure folder. I see you do the Java developer software installed so maybe it is valid for you, but it is faulting as well.
Please double-check this is valid for your system.

Application errors:
==================
Error: (09/04/2022 05:41:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Hatalı uygulama adı: javaw.exe, sürüm: 8.0.2810.9, zaman damgası: 0x5fd0dac0
Hatalı modül adı: ucrtbase.dll, sürüm: 10.0.22000.1, zaman damgası: 0x00e78ce9
Özel durum kodu: 0xc0000409
Hata uzaklığı 0x000000000007dd7e
Hatalı işlem kimliği: 0x39cc
Uygulama başlangıç zamanı: 0x01d8c028df47661c
Hatalı uygulama yolu: C:\Users\Enes\AppData\Roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
Hatalı modül yolu: C:\Windows\System32\ucrtbase.dll
Rapor kimliÄŸi: fbe6d469-795b-449e-8f52-729efa969009
Hatalı paket tam adı:
Hatalı paketle ilgili uygulama kimliği:

 

Your system is also having multiple other faulting applications.

Windows Defender is also detecting "something" generic in nature that does not look right. They just don't have a specific threat entry for it yet.

image.png

https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?name=Behavior%3aWin32%2fHive.ZY&threatid=2147830806&enterprise=0

 

 

I would highly recommend that you remove all of your Google Chrome extensions. Then reinstall them, but only ones that you absolutely want and you know they're well documented and supported from the Google Chrome Web store.

 

Once you have cleaned up Google Chrome, please run the following fix.

 

Please download the attached fixlist.txt file and save it to the Desktop or location where you ran FRST from.
NOTE. It's important that both files, FRST or FRST64, and fixlist.txt are in the same location or the fix will not work.

Please make sure you disable any real-time antivirus or security software before running this script. Once completed, make sure you re-enable it.

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system that cannot be undone.

Run FRST or FRST64 and press the Fix button just once and wait.
If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.
The tool will make a log on the Desktop (Fixlog.txt) or wherever you ran FRST from. Please attach or post it to your next reply.

Note: If the tool warned you about an outdated version please download and run the updated version.

NOTE-1:  This fix will run a scan to check that all Microsoft operating system files are valid and not corrupt and attempt to correct any invalid files. It will also run a disk check on the restart to ensure disk integrity. Depending on the speed of your computer this fix may take 30 minutes or more.

NOTE-2: As part of this fix all temporary files will be removed. If you have any open web pages that have not been bookmarked please make sure you bookmark them now as all open applications will be automatically closed. Also, make sure you know the passwords for all websites as cookies will also be removed. The use of an external password manager is highly recommended instead of using your browser to store passwords.

NOTE-3: As part of this fix it will also reset the network to default settings including the firewall. If you have custom firewall rules you need to save please export or save them first before running this fix.

The following directories are emptied:

  • Windows Temp
  • Users Temp folders
  • Edge, IE, FF, Chrome, and Opera caches, HTML5 storages, Cookies and History
  • Recently opened files cache
  • Discord cache
  • Java cache
  • Steam HTML cache
  • Explorer thumbnail and icon cache
  • BITS transfer queue (qmgr*.dat files)
  • Recycle Bin

Important: items are permanently deleted. They are not moved to quarantine. If you have any questions or concerns please ask before running this fix.

The system will be rebooted after the fix has run.

fixlist.txt 20.82 kB · 1 download

Thanks

 

I honestly don't feel a problem with the others, I know the windows defender warning is also wrong, many people were experiencing it today. CPEGCOPCFAJIIIBIDLAELHJJBLPEFBJK This is exactly what the code looks like in the registry. update_url=http://clients2.google.com/service/update2/crx install_parameter=clid=2226668&win=531 can we figure out what it is and my fixnote also looks ok? Thanks already for your help.

Link to post
Share on other sites

  • Root Admin

Please start an elevated admin command prompt. Then copy and paste the following into the Window line by line and press the Enter key after each line.

cd %ProgramFiles%\Windows Defender
MpCmdRun.exe -removedefinitions -dynamicsignatures
MpCmdRun.exe -SignatureUpdate

Then wait a couple of minutes and restart the computer.

Then click on Start and type in PowerShell and when it shows on the menu, right-click or look on the menu option and run it with Admin rights.

Then copy and paste each entry line by line and press the Enter key after each line.  Then highlight the results using your mouse and press the Enter key and it will copy the results into the clipboard.

Post back the results of each line.

 

Get-MpComputerStatus

Get-MpPreference

Get-MpThreatDetection

Thank you, @HitokiriBattousai

  • Like 1
Link to post
Share on other sites

37 minutes ago, AdvancedSetup said:

Please start an elevated admin command prompt. Then copy and paste the following into the Window line by line and press the Enter key after each line.

cd %ProgramFiles%\Windows Defender
MpCmdRun.exe -removedefinitions -dynamicsignatures
MpCmdRun.exe -SignatureUpdate

Then wait a couple of minutes and restart the computer.

Then click on Start and type in PowerShell and when it shows on the menu, right-click or look on the menu option and run it with Admin rights.

Then copy and paste each entry line by line and press the Enter key after each line.  Then highlight the results using your mouse and press the Enter key and it will copy the results into the clipboard.

Post back the results of each line.

 

Get-MpComputerStatus

Get-MpPreference

Get-MpThreatDetection

Thank you, @HitokiriBattousai

MpComputerStatus:

AMEngineVersion                  : 0.0.0.0
AMProductVersion                 : 4.18.2207.5
AMRunningMode                    : Not running
AMServiceEnabled                 : False
AMServiceVersion                 : 0.0.0.0
AntispywareEnabled               : False
AntispywareSignatureAge          : 4294967295
AntispywareSignatureLastUpdated  :
AntispywareSignatureVersion      : 0.0.0.0
AntivirusEnabled                 : False
AntivirusSignatureAge            : 4294967295
AntivirusSignatureLastUpdated    :
AntivirusSignatureVersion        : 0.0.0.0
BehaviorMonitorEnabled           : False
ComputerState                    : 0
DefenderSignaturesOutOfDate      : False
DeviceControlDefaultEnforcement  : N/A
DeviceControlPoliciesLastUpdated : 1.01.1601 02:00:00
DeviceControlState               : N/A
FullScanAge                      : 4294967295
FullScanEndTime                  :
FullScanOverdue                  : False
FullScanRequired                 : False
FullScanSignatureVersion         :
FullScanStartTime                :
IoavProtectionEnabled            : False
IsTamperProtected                : False
IsVirtualMachine                 : False
LastFullScanSource               : 0
LastQuickScanSource              : 0
NISEnabled                       : False
NISEngineVersion                 : 0.0.0.0
NISSignatureAge                  : 4294967295
NISSignatureLastUpdated          :
NISSignatureVersion              : 0.0.0.0
OnAccessProtectionEnabled        : False
ProductStatus                    : 1
QuickScanAge                     : 4294967295
QuickScanEndTime                 :
QuickScanOverdue                 : False
QuickScanSignatureVersion        :
QuickScanStartTime               :
RealTimeProtectionEnabled        : False
RealTimeScanDirection            : 0
RebootRequired                   : False
TamperProtectionSource           : UI
TDTMode                          : N/A
TDTStatus                        : N/A
TDTTelemetry                     : N/A
TroubleShootingDailyMaxQuota     :
TroubleShootingDailyQuotaLeft    :
TroubleShootingEndTime           :
TroubleShootingExpirationLeft    :
TroubleShootingMode              :
TroubleShootingModeSource        :
TroubleShootingQuotaResetTime    :
TroubleShootingStartTime         :
PSComputerName                   :

MpPreference:

AllowDatagramProcessingOnWinServer            : False
AllowNetworkProtectionDownLevel               : False
AllowNetworkProtectionOnWinServer             : False
AllowSwitchToAsyncInspection                  : False
AttackSurfaceReductionOnlyExclusions          :
AttackSurfaceReductionRules_Actions           :
AttackSurfaceReductionRules_Ids               :
CheckForSignaturesBeforeRunningScan           : True
CloudBlockLevel                               : 1
CloudExtendedTimeout                          : 1
ControlledFolderAccessAllowedApplications     : {E:\Emre\FL64 (scaled).exe, E:\Emre\FL64.exe, E:\Emre\System\Tools\Brid
                                                ge\32bit\ilbridge.exe, E:\Emre\System\Tools\Bridge\64bit\ilbridge.exe..
                                                .}
ControlledFolderAccessProtectedFolders        :
DefinitionUpdatesChannel                      : 0
DisableArchiveScanning                        : False
DisableAutoExclusions                         : True
DisableBehaviorMonitoring                     : False
DisableBlockAtFirstSeen                       : False
DisableCatchupFullScan                        : True
DisableCatchupQuickScan                       : True
DisableCpuThrottleOnIdleScans                 : True
DisableDatagramProcessing                     : False
DisableDnsOverTcpParsing                      : False
DisableDnsParsing                             : False
DisableEmailScanning                          : False
DisableFtpParsing                             : False
DisableGradualRelease                         : False
DisableHttpParsing                            : False
DisableInboundConnectionFiltering             : False
DisableIOAVProtection                         : False
DisableNetworkProtectionPerfTelemetry         : False
DisablePrivacyMode                            : False
DisableRdpParsing                             : False
DisableRealtimeMonitoring                     : False
DisableRemovableDriveScanning                 : False
DisableRestorePoint                           : True
DisableScanningMappedNetworkDrivesForFullScan : True
DisableScanningNetworkFiles                   : False
DisableScriptScanning                         : False
DisableSshParsing                             : False
DisableTDTFeature                             : False
DisableTlsParsing                             : False
EnableControlledFolderAccess                  : 0
EnableDnsSinkhole                             : True
EnableFileHashComputation                     : False
EnableFullScanOnBatteryPower                  : False
EnableLowCpuPriority                          : False
EnableNetworkProtection                       : 0
EngineUpdatesChannel                          : 0
ExclusionExtension                            :
ExclusionIpAddress                            :
ExclusionPath                                 :
ExclusionProcess                              :
ForceUseProxyOnly                             : False
HighThreatDefaultAction                       : 0
LowThreatDefaultAction                        : 0
MAPSReporting                                 : 2
MeteredConnectionUpdates                      : False
ModerateThreatDefaultAction                   : 0
PlatformUpdatesChannel                        : 0
ProxyBypass                                   :
ProxyPacUrl                                   :
ProxyServer                                   :
PUAProtection                                 : 1
QuarantinePurgeItemsAfterDelay                : 90
RandomizeScheduleTaskTimes                    : True
RealTimeScanDirection                         : 0
RemediationScheduleDay                        : 0
RemediationScheduleTime                       : 02:00:00
ReportDynamicSignatureDroppedEvent            : False
ReportingAdditionalActionTimeOut              : 10080
ReportingCriticalFailureTimeOut               : 10080
ReportingNonCriticalTimeOut                   : 1440
ScanAvgCPULoadFactor                          : 50
ScanOnlyIfIdleEnabled                         : True
ScanParameters                                : 1
ScanPurgeItemsAfterDelay                      : 15
ScanScheduleDay                               : 0
ScanScheduleOffset                            : 120
ScanScheduleQuickScanTime                     : 00:00:00
ScanScheduleTime                              : 02:00:00
SchedulerRandomizationTime                    : 4
ServiceHealthReportInterval                   : 60
SevereThreatDefaultAction                     : 0
SharedSignaturesPath                          :
SignatureAuGracePeriod                        : 0
SignatureBlobFileSharesSources                :
SignatureBlobUpdateInterval                   : 60
SignatureDefinitionUpdateFileSharesSources    :
SignatureDisableUpdateOnStartupWithoutEngine  : False
SignatureFallbackOrder                        : MicrosoftUpdateServer|MMPC
SignatureFirstAuGracePeriod                   : 120
SignatureScheduleDay                          : 0
SignatureScheduleTime                         : 01:45:00
SignatureUpdateCatchupInterval                : 1
SignatureUpdateInterval                       : 0
SubmitSamplesConsent                          : 1
ThreatIDDefaultAction_Actions                 :
ThreatIDDefaultAction_Ids                     :
ThrottleForScheduledScanOnly                  : True
TrustLabelProtectionStatus                    : 0
UILockdown                                    : False
UnknownThreatDefaultAction                    : 0
PSComputerName                                :

Get-MpThreatDetection didn't give any output

Link to post
Share on other sites

9 hours ago, AdvancedSetup said:

That is what I already told you. I do not know, but if it's on your machine and less than 200 other people in the entire world have it too, then remove it. It does not belong.

How are things going otherwise?

 

frankly there is no problem and all other malware tests stubbornly say i'm safe, but the fact that malwarebytes warns me is making me worry about my information being stolen.

Link to post
Share on other sites

  • Root Admin

We can run some other scans, and then provide further methods to help protect your system.

 

 

Please download and run the following Kaspersky Virus Removal Tool 2020 and save it to your Desktop.

(Kaspersky Virus Removal Tool version 20.0.10.0 was released on November 9, 2021)

Download: Kaspersky Virus Removal Tool

How to run a scan with Kaspersky Virus Removal Tool 2020
https://support.kaspersky.com/15674

How to run Kaspersky Virus Removal Tool 2020 in the advanced mode
https://support.kaspersky.com/15680

How to restore a file removed during Kaspersky Virus Removal Tool 2020 scan
https://support.kaspersky.com/15681

 


Select the  image.png  Windows Key and R Key together, the "Run" box should open.

user posted image

Drag and Drop KVRT.exe into the Run Box.

user posted image

C:\Users\{your user name}\DESKTOP\KVRT.exe will now show in the run box.

image.png

add -dontencrypt   Note the space between KVRT.exe and -dontencrypt

C:\Users\{your user name}\DESKTOP\KVRT.exe -dontencrypt should now show in the Run box.
 
image.png


That addendum to the run command is very important, when the scan does eventually complete the resultant report is normally encrypted, with the extra command it is saved as a readable file.

Reports are saved here C:\KVRT2020_Data\Reports and look similar to this report_20210123_113021.klr
Right-click direct onto that report, select > open with > Notepad. Save that file and attach it to your reply.

To start the scan select OK in the "Run" box.

A EULA window will open, tick all confirmation boxes then select "Accept"

image.png

In the new window select "Change Parameters"

image.png

In the new window ensure all selection boxes are ticked, then select "OK" The scan should now start...

user posted image

When complete if entries are found there will be options, if "Cure" is offered leave as is. For any other options change to "Delete" then select "Continue"

user posted image

When complete, or if nothing was found select "Close"

image.png

Attach the report information as previously instructed...
 
Thank you
 
 

 

 

Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Tips to help protect from infection

Thanks

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.