Bilgisayara Bulaşan Virüs

eminilhan · 9 Nisan 2018

Pekala.

Kod:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018

Ran by Baykuş Official (09-04-2018 17:52:01)

Running from C:\Users\Baykuş Official\Downloads

Windows 8.1 Single Language (Update) (X64) (2017-05-15 18:38:13)

Boot Mode: Normal

==========================================================





==================== Accounts: =============================



Administrator (S-1-5-21-1999643376-2077949471-4288443404-500 - Administrator - Disabled)

Baykuş Official (S-1-5-21-1999643376-2077949471-4288443404-1002 - Administrator - Enabled) => C:\Users\Baykuş Official

Guest (S-1-5-21-1999643376-2077949471-4288443404-501 - Limited - Disabled)



==================== Security Center ========================



(If an entry is included in the fixlist, it will be removed.)



AV: Norton AntiVirus (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Norton AntiVirus (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}



==================== Installed Programs ======================



(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)



µTorrent (HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\uTorrent) (Version: 3.5.3.44358 - BitTorrent Inc.)

Adobe Flash Player 29 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 29.0.0.113 - Adobe Systems Incorporated)

Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)

Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)

Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 384.76 - NVIDIA Corporation) Hidden

AnyToISO (HKLM-x32\...\AnyToISO_is1) (Version: 3.4.2 - CrystalIdea Software, Inc.)

ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)

AuthenTec TrueAPI 64-bit (HKLM\...\{EBC0CC3F-B7A1-4FC8-8014-4C7BFD3925E8}) (Version: 1.6.0.87 - AuthenTec, Inc.) Hidden

Bandicam (HKLM-x32\...\Bandicam) (Version: 2.3.3.860 - Bandisoft.com)

Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)

BlueStacks 3 (HKLM-x32\...\BlueStacks) (Version: 3.7.44.1625 - BlueStack Systems, Inc.)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Call of Duty 4 - Modern Warfare Türkçe Yama (HKLM-x32\...\Call of Duty 4 - Modern Warfare Türkçe Yama_is1) (Version:  - )

Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision) Hidden

Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision)

Camtasia 9 (HKLM\...\{5B345FC0-9E6D-4D22-9718-682DB0CF2414}) (Version: 9.0.0.1306 - TechSmith Corporation) Hidden

Camtasia 9 (HKLM-x32\...\{357abfe9-0513-4326-9e53-3b7654e9819d}) (Version: 9.0.0.1306 - TechSmith Corporation)

Clownfish for Skype (HKLM-x32\...\Clownfish) (Version:  - )

Connected Music powered by Universal Music Group version 1.0 (HKLM-x32\...\{46037DC7-F927-46DF-935F-D6F122BDD34B}_is1) (Version: 1.0 - Snowite)

Core Temp 1.9 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.9 - ALCPU)

CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3.5901 - CyberLink Corp.)

CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.5.3606 - CyberLink Corp.)

CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.2.3317 - CyberLink Corp.)

CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.3.2527 - CyberLink Corp.)

CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)

CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4319 - CyberLink Corp.)

CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)

D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden

DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.6.0.0283 - Disc Soft Ltd)

Discord (HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\Discord) (Version: 0.0.300 - Discord Inc.)

DiskInternals Partition Recovery (HKLM-x32\...\DiskInternals Partition Recovery) (Version: 6.3 - DiskInternals Research)

EaseUS Partition Master 12.9 Trial Edition (HKLM-x32\...\EaseUS Partition Master Trial Edition_is1) (Version:  - EaseUS)

Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)

f.lux (HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\Flux) (Version:  - f.lux Software LLC)

Facebook Gameroom 1.20.6618.42311 (HKLM-x32\...\{CF2C7CB9-1009-4EAA-9033-317F4C4C9DA2}) (Version: 1.20.6618.42311 - Facebook)

FileZilla Client 3.26.2 (HKLM-x32\...\FileZilla Client) (Version: 3.26.2 - Tim Kosse)

Free FLV to MP4 Converter 1.0 (HKLM-x32\...\{EE698DD0-BA36-405C-8F34-B0C64C562344}_is1) (Version:  - PolySoft Solutions)

Free PNG to PDF Converter (HKLM-x32\...\{538A6098-0618-4338-BEC4-B3268A1FDCAF}) (Version: 1.0.0 - Free PDF Solutions)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 65.0.3325.181 - Google Inc.)

Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden

Görev panelinde butonu "Yandex" butonu (HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\YaPinLancher) (Version: 2.0.2.2143 - Yandex)

HandBrake 1.0.7 (HKLM-x32\...\HandBrake) (Version: 1.0.7 - )

Hewlett-Packard ACLM.NET v1.2.0.0 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden

HP 3D DriveGuard (HKLM\...\{24B6AB7D-3EB6-48DD-89D2-75DD544D21E1}) (Version: 4.2.9.1 - Hewlett-Packard Company)

HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)

HP CoolSense (HKLM-x32\...\{11AF9A96-6D83-4C3B-8DCB-16EA2A358E3F}) (Version: 2.10.51 - Hewlett-Packard Company)

HP Documentation (HKLM-x32\...\{92524C67-A99D-44C6-8995-04F5E76486AF}) (Version: 1.1.0.0 - Hewlett-Packard)

HP Quick Launch (HKLM-x32\...\{E5823036-6F09-4D0A-B05C-E2BAA129288A}) (Version: 3.0.6 - Hewlett-Packard Company)

HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)

HP SimplePass (HKLM-x32\...\{4BACA3B8-F63A-44ED-9A8D-48B4D02AD268}) (Version: 6.0.100.276 - Hewlett-Packard)

HP Software Framework (HKLM-x32\...\{258D9C00-076D-4A10-950D-AFCC9A74F852}) (Version: 4.6.8.1 - Hewlett-Packard Company)

HP Support Assistant (HKLM-x32\...\{05F81C27-62A5-4A0C-8519-60CB66CF87C6}) (Version: 8.4.14.41 - HP Inc.)

HP Support Solutions Framework (HKLM-x32\...\{77A8586B-10CF-476E-9DE1-88EF5C9B331D}) (Version: 12.8.47.1 - HP Inc.)

HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.7 - Hewlett-Packard)

HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.6.1 - Hewlett-Packard Company)

IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6425.0 - IDT)

Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)

Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)

Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)

Intel(R) Processor Identification Utility (HKLM-x32\...\{A92A4DB0-CD37-42D1-BE1D-603D53C24328}) (Version: 1.0.0.0 - Intel Corporation)

Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1303-148929CC1385}) (Version: 3.0.1303.0326 - Intel Corporation)

Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)

Intel(R) WiDi (HKLM\...\{EDBA2433-0910-4C72-8C5B-8FEDAE3EF18E}) (Version: 3.5.34.0 - Intel Corporation)

Intel® PROSet/Kablosuz Yazılımı (HKLM-x32\...\{8e41467d-297e-496d-8b0f-e771b6c87c06}) (Version: 16.11.0 - Intel Corporation)

Java 8 Update 144 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)

League of Legends (HKLM-x32\...\{50D6FC64-F1D9-4D0E-98DC-32E24FE3239D}) (Version: 4.2.0 - Riot Games) Hidden

League of Legends (HKLM-x32\...\League of Legends 4.2.0) (Version: 4.2.0 - Riot Games)

LG AirDrive (HKLM-x32\...\{101E5DB3-07FA-4E52-8923-05068C94CF43}) (Version: 1.2.60617.11 - LG Electronics)

LG Bridge (HKLM-x32\...\LG Bridge) (Version: 1.2.40 - LG Electronics)

LG Mobile Drivers (HKLM-x32\...\{C3C008A7-D4A5-4E19-B0D6-72043D6EFE34}) (Version: 4.2.0 - LG Electronics)

LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.3.25.20150529 - LG Electronics)

Logitech Gaming Software 8.94 (HKLM\...\Logitech Gaming Software) (Version: 8.94.104 - Logitech Inc.)

Macro Recorder 5.8.0 (HKLM-x32\...\Macro Recorder_is1) (Version: 5.8.0 - Jitbit Software)

Microsoft Office Professional Plus 2016 (HKLM-x32\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)

Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)

Mount&Blade Warband (HKLM-x32\...\Mount&Blade Warband) (Version:  - )

Mount&Blade With Fire and Sword (HKLM-x32\...\Mount&Blade With Fire and Sword) (Version:  - )

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.5.2.6564 - Mozilla)

Mozilla Thunderbird 52.5.2 (x86 tr) (HKLM-x32\...\Mozilla Thunderbird 52.5.2 (x86 tr)) (Version: 52.5.2 - Mozilla)

NordVPN (HKLM-x32\...\{399A1E19-38E5-40C5-8ACD-BF007782F59A}) (Version: 6.6.11 - NordVPN) Hidden

NordVPN (HKLM-x32\...\NordVPN 6.6.11) (Version: 6.6.11 - NordVPN)

Norton AntiVirus (HKLM-x32\...\NAV) (Version: 22.8.1.14 - Symantec Corporation)

NVIDIA GeForce Experience 3.7.0.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.7.0.81 - NVIDIA Corporation)

NVIDIA Grafik Sürücüsü 384.76 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 384.76 - NVIDIA Corporation)

NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)

NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.7.0.81 - NVIDIA Corporation) Hidden

NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.6.1.0 - NVIDIA Corporation) Hidden

NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden

OBS Studio (HKLM-x32\...\OBS Studio) (Version: 21.0.1 - OBS Project)

Oracle VM VirtualBox 5.2.2 (HKLM\...\{9F5D10F9-A372-4B1E-BEB3-001B47E0C325}) (Version: 5.2.2 - Oracle Corporation)

Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM-x32\...\{90160000-001F-040C-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden

Overwolf (HKLM-x32\...\Overwolf) (Version: 0.112.1.23 - Overwolf Ltd.)

PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden

Pinegrow Web Designer version 2.9 (HKLM-x32\...\Pinegrow Web Designer_is1) (Version: 2.9 - )

Quick Screen Recorder 1.5 (HKLM-x32\...\Quick Screen Recorder 1.5_is1) (Version: 1.5 - Etru Software Development)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)

Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.29025 - Realtek Semiconductor Corp.)

Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.3.8 - Rockstar Games)

SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0380 - NVIDIA Corporation) Hidden

Skype 8.15 sürümü (HKLM-x32\...\Skype_is1) (Version: 8.15 - Skype Technologies S.A.)

Spotify (HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\Spotify) (Version: 1.0.74.380.g1fcff12a - Spotify AB)

Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)

Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)

swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.12 - Synaptics Incorporated)

TAP-NordVPN 9.21.2 (HKLM\...\TAP-NordVPN) (Version: 9.21.2 - NordVPN.com)

Tarayıcı Yöneticisi (HKLM-x32\...\{FABA89D9-D588-4770-9F85-F6FF9F064257}) (Version: 3.0.6.829 - Yandex) Hidden

Tarayıcı Yöneticisi (HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\{266ffbe5-ef18-468c-8acd-bc00ce6761f6}) (Version: 3.0.6.829 - Yandex LLC)

TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.4.2 - TeamSpeak Systems GmbH)

TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.82216 - TeamViewer)

Tivibu - İndir İzle v3.1 (HKLM-x32\...\{8C74D665-9379-402D-BC73-DEA4847C454B}_is1) (Version: 3.1 - TTNET)

Tivibu Web Tarayıcı Eklentisi v3.1 (HKLM-x32\...\{7390F194-BC8B-45BA-B854-F41A7A2830B9}) (Version: 3.1 - TTNET)

Update for Skype for Business 2016 (KB4011725) 32-Bit Edition (HKLM-x32\...\{90160000-0011-0000-0000-0000000FF1CE}_Office16.PROPLUS_{11E20712-ADEB-4577-A35E-57C64972174F}) (Version:  - Microsoft)

Update for Skype for Business 2016 (KB4011725) 32-Bit Edition (HKLM-x32\...\{90160000-002A-0000-1000-0000000FF1CE}_Office16.PROPLUS_{11E20712-ADEB-4577-A35E-57C64972174F}) (Version:  - Microsoft)

Update for Skype for Business 2016 (KB4011725) 32-Bit Edition (HKLM-x32\...\{90160000-012B-041F-0000-0000000FF1CE}_Office16.PROPLUS_{11E20712-ADEB-4577-A35E-57C64972174F}) (Version:  - Microsoft)

Uplay (HKLM-x32\...\Uplay) (Version: 37.0 - Ubisoft)

Validity WBF DDK (HKLM\...\{1F91C200-8F0F-4009-A75E-DB6CE151BD4E}) (Version: 4.4.234.0 - Validity Sensors, Inc.)

VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)

Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)

WD Drive Utilities (HKLM-x32\...\{48996CDD-DD81-4197-93FE-0971E73C5CA7}) (Version: 1.3.2.2 - Western Digital Technologies, Inc.) Hidden

WD Drive Utilities (HKLM-x32\...\{eab1fb93-61fb-48de-b815-b4e9b68d2ef1}) (Version: 1.3.2.2 - Western Digital Technologies, Inc.)

WD Quick View (HKLM-x32\...\{7CDA46F1-F5E4-4AAB-AFFE-780BDC284271}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)

WD Security (HKLM-x32\...\{D2BEFFF0-3848-4BDF-8A63-2231F26DC1D4}) (Version: 1.0.6.3 - Western Digital Technologies, Inc.)

WD SmartWare (HKLM\...\{4367B701-675E-46F2-A7FB-689671000955}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)

WD SmartWare Installer (HKLM-x32\...\{4555885d-a64c-4234-9aac-72a8a6b5590b}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)

WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

Yandex.Disk (HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\YandexDisk) (Version: 1.4.19.5465 - Yandex)

Я.Браузер (HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\YandexBrowser) (Version: 18.1.1.839 - ООО «ЯНДЕКС»)



==================== Custom CLSID (Whitelisted): ==========================



(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)



CustomCLSID: HKU\S-1-5-21-1999643376-2077949471-4288443404-1002_Classes\CLSID\{19170A69-A883-40D5-AF97-F6DC41495F15}\InprocServer32 -> C:\Users\Baykuş Official\AppData\Roaming\Yandex\YandexDisk\YandexDiskShellExt-4724.dll (Yandex)

CustomCLSID: HKU\S-1-5-21-1999643376-2077949471-4288443404-1002_Classes\CLSID\{2D6BD2F0-5F84-4a06-924F-AEE0598B6272}\InprocServer32 -> C:\Users\Baykuş Official\AppData\Roaming\Yandex\YandexDisk\YandexDiskShellExt-4724.dll (Yandex)

CustomCLSID: HKU\S-1-5-21-1999643376-2077949471-4288443404-1002_Classes\CLSID\{33A431BB-FF15-4047-8FEC-F82FD3523A00}\localserver32 -> C:\Users\Baykuş Official\AppData\Roaming\Yandex\YandexDisk\YandexDisk.exe (Yandex)

CustomCLSID: HKU\S-1-5-21-1999643376-2077949471-4288443404-1002_Classes\CLSID\{63D48440-63AB-44D0-B323-4731DFCDE9E9}\InprocServer32 -> C:\Users\Baykuş Official\AppData\Roaming\Yandex\YandexDisk\YandexDiskOverlays-2398.dll (Yandex)

CustomCLSID: HKU\S-1-5-21-1999643376-2077949471-4288443404-1002_Classes\CLSID\{7E7DC279-E6BE-4D57-9DEC-14FA0339DBC0}\InprocServer32 -> C:\Users\Baykuş Official\AppData\Roaming\Yandex\YandexDisk\YandexDiskOverlays-2398.dll (Yandex)

CustomCLSID: HKU\S-1-5-21-1999643376-2077949471-4288443404-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

CustomCLSID: HKU\S-1-5-21-1999643376-2077949471-4288443404-1002_Classes\CLSID\{97836AB9-12C5-4C30-A128-B75196DD1787}\InprocServer32 -> C:\Users\Baykuş Official\AppData\Roaming\Yandex\YandexDisk\YandexDiskShellExt-4724.dll (Yandex)

CustomCLSID: HKU\S-1-5-21-1999643376-2077949471-4288443404-1002_Classes\CLSID\{AF8D197E-7022-4c3d-BD88-68AD35C9C169}\InprocServer32 -> C:\Users\Baykuş Official\AppData\Roaming\Yandex\YandexDisk\YandexDiskOverlays-2398.dll (Yandex)

CustomCLSID: HKU\S-1-5-21-1999643376-2077949471-4288443404-1002_Classes\CLSID\{E36606FE-036A-4dd0-ABA9-A58F409803F0}\InprocServer32 -> C:\Users\Baykuş Official\AppData\Roaming\Yandex\YandexDisk\YandexDiskShellExt-4724.dll (Yandex)

CustomCLSID: HKU\S-1-5-21-1999643376-2077949471-4288443404-1002_Classes\CLSID\{FB2FE984-05F5-4512-9D9B-69D3DE61F6D9}\InprocServer32 -> C:\Users\Baykuş Official\AppData\Roaming\Yandex\YandexDisk\YandexDiskOverlays-2398.dll (Yandex)

ShellIconOverlayIdentifiers: [    YndCase0Sync] -> {63D48440-63AB-44D0-B323-4731DFCDE9E9} => C:\Users\Baykuş Official\AppData\Roaming\Yandex\YandexDisk\YandexDiskOverlays-2398.dll [2018-02-20] (Yandex)

ShellIconOverlayIdentifiers: [    YndCase1Modified] -> {7E7DC279-E6BE-4D57-9DEC-14FA0339DBC0} => C:\Users\Baykuş Official\AppData\Roaming\Yandex\YandexDisk\YandexDiskOverlays-2398.dll [2018-02-20] (Yandex)

ShellIconOverlayIdentifiers: [    YndCase2Error] -> {FB2FE984-05F5-4512-9D9B-69D3DE61F6D9} => C:\Users\Baykuş Official\AppData\Roaming\Yandex\YandexDisk\YandexDiskOverlays-2398.dll [2018-02-20] (Yandex)

ShellIconOverlayIdentifiers: [    YndCase3Shared] -> {AF8D197E-7022-4c3d-BD88-68AD35C9C169} => C:\Users\Baykuş Official\AppData\Roaming\Yandex\YandexDisk\YandexDiskOverlays-2398.dll [2018-02-20] (Yandex)

ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton AntiVirus\Engine64\22.8.1.14\buShell.dll [2016-11-12] (Symantec Corporation)

ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton AntiVirus\Engine64\22.8.1.14\buShell.dll [2016-11-12] (Symantec Corporation)

ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton AntiVirus\Engine64\22.8.1.14\buShell.dll [2016-11-12] (Symantec Corporation)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File

ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton AntiVirus\Engine64\22.8.1.14\buShell.dll [2016-11-12] (Symantec Corporation)

ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt_20170501_15_00_28.dll [2017-05-01] (Cyberlink)

ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton AntiVirus\Engine64\22.8.1.14\NavShExt.dll [2016-11-12] (Symantec Corporation)

ContextMenuHandlers1: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (Western Digital Technologies, Inc.)

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)

ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)

ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt_20170501_15_00_28.dll [2017-05-01] (Cyberlink)

ContextMenuHandlers2: [CWDDriveMenuHandler] -> {CCEFA845-DCDB-4A2F-8BED-DBE87CD198EC} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (Western Digital Technologies, Inc.)

ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton AntiVirus\Engine64\22.8.1.14\NavShExt.dll [2016-11-12] (Symantec Corporation)

ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File

ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-08-27] (Intel Corporation)

ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-06-28] (NVIDIA Corporation)

ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton AntiVirus\Engine64\22.8.1.14\buShell.dll [2016-11-12] (Symantec Corporation)

ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton AntiVirus\Engine64\22.8.1.14\NavShExt.dll [2016-11-12] (Symantec Corporation)

ContextMenuHandlers6: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (Western Digital Technologies, Inc.)

ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)

ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)

ContextMenuHandlers1_S-1-5-21-1999643376-2077949471-4288443404-1002: [Yandex.Disk] -> {97836AB9-12C5-4C30-A128-B75196DD1787} => C:\Users\Baykuş Official\AppData\Roaming\Yandex\YandexDisk\YandexDiskShellExt-4724.dll [2018-02-20] (Yandex)

ContextMenuHandlers4_S-1-5-21-1999643376-2077949471-4288443404-1002: [Yandex.Disk] -> {97836AB9-12C5-4C30-A128-B75196DD1787} => C:\Users\Baykuş Official\AppData\Roaming\Yandex\YandexDisk\YandexDiskShellExt-4724.dll [2018-02-20] (Yandex)



==================== Scheduled Tasks (Whitelisted) =============



(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)



Task: {09D0EE59-ABB7-44CB-831E-3D72F28B968A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-28] (NVIDIA Corporation)

Task: {0D162B7A-09E8-47F1-8E92-EC2A8A07A9B9} - \Microsoft\Windows\Shell\FamilySafetyUpload -> No File <==== ATTENTION

Task: {19D924F5-FDAF-4D2C-94B2-52D997B1854A} - System32\Tasks\Uninstaller_SkipUac_Baykuş_Official => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

Task: {1D363192-87CD-44A9-BBD7-03B8C545DEAA} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08] (CyberLink)

Task: {22472F05-35C9-4C81-B063-AE741121242E} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Uploader => C:\WINDOWS\system32\WSqmCons.exe

Task: {2BC666B2-C77B-492D-A698-30536C6C4D42} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator => C:\WINDOWS\System32\wsqmcons.exe

Task: {34946D56-A8FF-4198-BD85-43FA91981A0F} - \Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents -> No File <==== ATTENTION

Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - \Microsoft\Windows\Time Zone\SynchronizeTimeZone -> No File <==== ATTENTION

Task: {3BA591FD-B9C6-4614-A043-4B240D129258} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-06-28] (NVIDIA Corporation)

Task: {3CB3EBF3-8FB7-4884-BF7D-B8EC645D063F} - \Microsoft\Office\OfficeTelemetryAgentFallBack2016 -> No File <==== ATTENTION

Task: {5B9EA03D-A633-4994-874C-2AEA39754D7F} - \Microsoft\Office\OfficeTelemetryAgentLogOn2016 -> No File <==== ATTENTION

Task: {5E346D03-E5EA-48BB-9626-94E3AB87ACB7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)

Task: {657D741A-37CD-4CE2-BE8A-BF9276198C8B} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)

Task: {69ECFFF9-E733-43AB-A9EC-E132D0E5375F} - System32\Tasks\Synaptics TouchPad Enhancements => Program Files\Synaptics\SynTP\SynTPEnh.exe

Task: {72435FA8-A67F-4CCB-96FF-26023E340215} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-15] (Google Inc.)

Task: {734FE3ED-335D-4522-9905-BE8024670FEE} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton AntiVirus\Upgrade.exe [2016-11-12] (Symantec Corporation)

Task: {787BA451-9C27-4319-86D3-BF8C40FDFA1D} - System32\Tasks\ASC10_PerformanceMonitor => C:\Users\BAYKUO~1\AppData\Local\Temp\Rar$EXa0.996\App\AdvancedSystemCare\Monitor.exe <==== ATTENTION

Task: {7A1CA63A-3611-4E61-AAFA-1B56F8746F3A} - System32\Tasks\Microsoft\Windows\AppID\PolicyConverter => C:\WINDOWS\system32\appidpolicyconverter.exe

Task: {7BE48F88-AEB3-4C8A-B93C-0D14E9324676} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\WINDOWS\system32\cleanmgr.exe

Task: {7D341E99-9EAB-4D56-9B11-9CC3AB8F0CD7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)

Task: {7DA4F0B3-1048-4D97-B216-77F91620AA5D} - System32\Tasks\Norton AntiVirus\Norton Error Analyzer => C:\Program Files (x86)\Norton AntiVirus\Engine\22.8.1.14\SymErr.exe [2016-11-12] (Symantec Corporation)

Task: {807BB6A4-D0D3-4D6A-ABD6-954300DE4350} - System32\Tasks\ASC10_SkipUac_Baykuş Official => C:\Users\BAYKUO~1\AppData\Local\Temp\Rar$EXa0.996\App\AdvancedSystemCare\ASC.exe <==== ATTENTION

Task: {80A83F0D-0898-4D48-B2CB-FD8FB9429C5A} - \Microsoft\Windows\Setup\EOSNotify -> No File <==== ATTENTION

Task: {81933186-032C-4307-BCCD-BB28C336F786} - System32\Tasks\Norton AntiVirus\Norton Error Processor => C:\Program Files (x86)\Norton AntiVirus\Engine\22.8.1.14\SymErr.exe [2016-11-12] (Symantec Corporation)

Task: {8D3C798E-2E4B-43AF-AC56-E50AA0DBBA15} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-28] (NVIDIA Corporation)

Task: {906BDB5B-0F4A-4C9E-A630-2435CAAC5E8B} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-03-13] (Adobe Systems Incorporated)

Task: {961BC8C9-295E-48D0-8D7B-F04D6E2C1517} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-28] (NVIDIA Corporation)

Task: {9C8E21C9-6AB1-4D66-8DF5-73AF5359B24E} - \Microsoft\Windows\WS\Sync Licenses -> No File <==== ATTENTION

Task: {A5480E25-AF71-4B88-A76E-C9C3BA1588EE} - \Microsoft\Windows\FileHistory\File History (maintenance mode) -> No File <==== ATTENTION

Task: {AE39B550-94FD-44AF-B8E7-69338204C591} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)

Task: {CD5B361C-450C-456E-AF2C-B490D5AD4938} - \Microsoft\Windows\Chkdsk\ProactiveScan -> No File <==== ATTENTION

Task: {D61194C8-D089-449D-AA6E-3C8B2A993CBE} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-06-28] (NVIDIA Corporation)

Task: {DC9857FF-D944-45B5-9D7D-7212161D7110} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-06-28] (NVIDIA Corporation)

Task: {E075AC73-7FC0-4ACD-9F28-DD590C391C1C} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting => C:\WINDOWS\system32\wermgr.exe

Task: {E4E3A482-9B9E-4AF2-AFAD-366C5C2ADFCB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-15] (Google Inc.)

Task: {E529EDA0-EA0B-4418-A9B4-AAA105EC4843} - \Microsoft\Windows\Shell\FamilySafetyRefresh -> No File <==== ATTENTION

Task: {E733547A-FAB2-4235-BF03-59EC534BFCD0} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2018-04-02] (Overwolf LTD)

Task: {E7A30BED-F885-4C93-B82D-4EDE5348EA76} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_113_pepper.exe [2018-03-13] (Adobe Systems Incorporated)

Task: {E8ED0904-4D8C-44C8-9106-85146FBD2F7C} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-06-28] (NVIDIA Corporation)

Task: {EA269DC4-BFD1-4A1D-81A5-1E58766E2988} - System32\Tasks\Обновление Браузера Яндекс => C:\Users\Baykuş Official\AppData\Local\Yandex\YandexBrowser\Application\browser.exe [2018-02-20] (YANDEX LLC)

Task: {ED2505F8-75E9-444B-A890-6405E2650486} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-28] (NVIDIA Corporation)

Task: {EF1AE294-A550-49BA-80C0-57A1AF435AD4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-04-07] (HP Inc.)

Task: {F64A25AF-7C98-41AC-B176-2495788F7FC8} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe

Task: {F6D9141D-4000-4CE5-BEF8-81DBC780C8CF} - System32\Tasks\Yandex Browser'ın sistem güncellemesi => C:\Program Files (x86)\Yandex\YandexBrowser\18.1.1.839\service_update.exe [2018-02-20] (YANDEX LLC)

Task: {FC4CE73B-C553-4504-8A68-D757B32CE87F} - System32\Tasks\Yandex Browser güncellemesi => C:\Users\Baykuş Official\AppData\Local\Yandex\YandexBrowser\Application\browser.exe [2018-02-20] (YANDEX LLC)



(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)



Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Baykuş_Official.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

Task: C:\WINDOWS\Tasks\Yandex Browser güncellemesi.job => C:\Users\Baykuş Official\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

Task: C:\WINDOWS\Tasks\Yandex Browser'ın sistem güncellemesi.job => C:\Program Files (x86)\Yandex\YandexBrowser\18.1.1.839\service_update.exe

Task: C:\WINDOWS\Tasks\Обновление Браузера Яндекс.job => C:\Users\Baykuş Official\AppData\Local\Yandex\YandexBrowser\Application\browser.exe



==================== Shortcuts & WMI ========================



(The entries could be listed to be restored or removed.)





Shortcut: C:\Users\Baykuş Official\Links\Яндекс.Диск.lnk -> C:\Users\Baykuş Official\AppData\Roaming\Yandex\YandexDisk\YandexDisk.exe (Yandex) <==== Cyrillic

Shortcut: C:\Users\Baykuş Official\AppData\Local\Microsoft\Windows\FileHistory\Data\8783\C\Users\Baykuş Official\Desktop\Yeni klasör\Скриншоты в Яндекс.Диске.lnk -> C:\Users\Baykuş Official\AppData\Roaming\Yandex\YandexDisk\YandexDiskScreenshotEditor.exe (Yandex) <==== Cyrillic



ShortcutWithArgument: C:\Users\Baykuş Official\AppData\Local\Microsoft\Windows\FileHistory\Data\8783\C\Users\Baykuş Official\Desktop\Yeni klasör\Яндекс.Диск.lnk -> C:\Users\Baykuş Official\AppData\Roaming\Yandex\YandexDisk\YandexDiskStarter.exe (Yandex) -> -desktop <==== Cyrillic

ShortcutWithArgument: C:\Users\Baykuş Official\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"



==================== Loaded Modules (Whitelisted) ==============



2017-05-15 16:51 - 2017-06-28 00:03 - 000133568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2017-08-23 12:58 - 2017-08-23 12:58 - 000417456 _____ () C:\Program Files (x86)\NordVPN\nordvpn-service.exe

2017-07-01 18:45 - 2017-06-28 01:38 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll

2017-07-01 13:55 - 2017-07-02 21:36 - 000066872 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe

2017-07-01 13:55 - 2017-07-02 21:36 - 000103736 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe

2012-09-06 01:47 - 2012-09-06 01:47 - 000028160 _____ () C:\Windows\system32\valWBFPolicyService.exe

2014-04-23 05:58 - 2014-04-23 05:58 - 001656416 _____ () C:\Program Files (x86)\My WIFI Router\bmser.exe

2017-06-12 20:48 - 2017-06-12 20:48 - 000052392 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll

2013-06-07 05:16 - 2013-06-07 05:16 - 004073768 _____ () C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe

2015-03-07 03:07 - 2015-03-07 03:07 - 000908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll

2017-06-27 03:33 - 2017-06-27 03:33 - 001096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll

2015-03-07 03:07 - 2015-03-07 03:07 - 000060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll

2017-06-27 03:33 - 2017-06-27 03:33 - 000241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll

2018-03-12 22:57 - 2018-02-20 07:52 - 000302944 _____ () C:\Users\Baykuş Official\AppData\Roaming\Yandex\YandexDisk\libpng14-14-x64.dll

2018-03-12 22:57 - 2018-02-20 07:52 - 000187744 _____ () C:\Users\Baykuş Official\AppData\Roaming\Yandex\YandexDisk\zlib1-x64.dll

2018-04-07 17:23 - 2014-11-18 14:44 - 000255072 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.9\bin\TrayPopupE\TrayTipAgentE.exe

2017-05-16 17:55 - 2017-05-16 18:00 - 000183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\ErrorReporting.dll

2018-03-23 00:36 - 2018-03-20 09:00 - 004435288 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\libglesv2.dll

2018-03-23 00:36 - 2018-03-20 09:00 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\libegl.dll

2014-04-23 05:58 - 2014-04-23 05:58 - 000193392 _____ () C:\Program Files (x86)\My WIFI Router\bmupdex.dll

2017-04-15 18:14 - 2012-06-25 21:41 - 001198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

2017-07-01 18:45 - 2017-06-28 01:38 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll

2017-05-01 14:59 - 2012-06-08 06:34 - 000627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll

2012-06-08 11:34 - 2012-06-08 11:34 - 000016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll

2018-04-07 17:23 - 2014-02-13 15:27 - 000222792 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.9\bin\TrayPopupE\traynet.dll

2018-04-07 17:23 - 2014-02-13 15:27 - 000275528 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.9\bin\TrayPopupE\libcurl.dll

2018-04-07 17:23 - 2014-02-13 15:27 - 000113166 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.9\bin\TrayPopupE\zlib1.dll

2018-04-07 17:23 - 2014-02-13 15:27 - 000249928 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.9\bin\TrayPopupE\uexper.dll

2013-06-07 05:16 - 2013-06-07 05:16 - 000019240 _____ () C:\Program Files (x86)\HP SimplePass\DownloadManager.dll



==================== Alternate Data Streams (Whitelisted) =========



(If an entry is included in the fixlist, only the ADS will be removed.)



AlternateDataStreams: C:\WINDOWS\system32\Drivers\btmhsf.sys:Microsoft_Appcompat_ReinstallUpgrade [0]

AlternateDataStreams: C:\ProgramData\Temp:792D4CF1 [129]



==================== Safe Mode (Whitelisted) ===================



(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)



HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"



==================== Association (Whitelisted) ===============



(If an entry is included in the fixlist, the registry item will be restored to default or removed.)





==================== Internet Explorer trusted/restricted ===============



(If an entry is included in the fixlist, it will be removed from the registry.)



IE restricted site: HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\008i.com -> 008i.com

IE restricted site: HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\008k.com -> 008k.com

IE restricted site: HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\00hq.com -> 00hq.com

IE restricted site: HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\0190-dialers.com -> 0190-dialers.com

IE restricted site: HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\01i.info -> 01i.info

IE restricted site: HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com

IE restricted site: HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\05p.com -> 05p.com

IE restricted site: HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com

IE restricted site: HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com

IE restricted site: HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com

IE restricted site: HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\0calories.net -> 0calories.net

IE restricted site: HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\0cj.net -> 0cj.net

IE restricted site: HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\0scan.com -> 0scan.com

IE restricted site: HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com

IE restricted site: HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\1-domains-registrations.com -> 1-domains-registrations.com

IE restricted site: HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\1-se.com -> 1-se.com

IE restricted site: HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\1001movie.com -> 1001movie.com

IE restricted site: HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\1001night.biz -> 1001night.biz

IE restricted site: HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\100gal.net -> 100gal.net

IE restricted site: HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\100sexlinks.com -> 100sexlinks.com



There are 4788 more sites.





==================== Hosts content: ==========================



(If needed Hosts: directive could be included in the fixlist to reset Hosts.)



2012-07-26 08:26 - 2017-06-20 18:53 - 000001261 ____N C:\WINDOWS\system32\Drivers\etc\hosts



127.0.0.1 www.techsmith.com

127.0.0.1 activation.cloud.techsmith.com

127.0.0.1 oscount.techsmith.com

127.0.0.1 updater.techsmith.com

127.0.0.1 camtasiatudi.techsmith.com

127.0.0.1 tsccloud.cloudapp.net

127.0.0.1 assets.cloud.techsmith.com

127.0.0.1 CSGOFAST.COM - TRY YOUR LUCK!

127.0.0.1 CSGOFAST.COM - TRY YOUR LUCK!

127.0.0.1 skinkings.com

127.0.0.1 skinup.gg

127.0.0.1 Everything You Need for Online Games is Here - ByNoGame

127.0.0.1 https://csgotune.com/#/roulette



==================== Other Areas ============================



(Currently there is no automatic fix for this section.)



HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Baykuş Official\Desktop\e054fa89-3f19-40f5-8e0b-c6e99419b454.jpg

DNS Servers: 192.168.1.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)

Windows Firewall is enabled.



==================== MSCONFIG/TASK MANAGER disabled items ==



HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"

HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"

HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\StartupApproved\StartupFolder: => "Facebook Gameroom.lnk"

HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\StartupApproved\Run: => "Clownfish"

HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_BE603A42683D95E6BA576C145088D1F0"

HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\StartupApproved\Run: => "Skype"

HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\StartupApproved\Run: => "Steam"

HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\StartupApproved\Run: => "Lync"

HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"

HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\StartupApproved\Run: => "Power2GoExpress8"

HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\StartupApproved\Run: => "Discord"

HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\StartupApproved\Run: => "BlueStacks Agent"

HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\StartupApproved\Run: => "Overwolf"

HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\StartupApproved\Run: => "Spotify"

HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\StartupApproved\Run: => "NordVPN"



==================== FirewallRules (Whitelisted) ===============



(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)



FirewallRules: [{06785C28-273F-4408-8740-23E1D6DC7171}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe

FirewallRules: [{5D91C1A4-D76A-4732-B6FD-54EB76C5012D}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe

FirewallRules: [{46F50177-3646-4523-BB26-0FD9BECE8775}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe

FirewallRules: [{359FC094-F2CF-426A-A612-A7026CAC72B0}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe

FirewallRules: [UDP Query User{D5A4A56E-2CFF-41C7-83D8-A186B4D1923B}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe

FirewallRules: [TCP Query User{2FD56631-C1EF-41AA-B140-71F1D9F51DF8}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe

FirewallRules: [UDP Query User{32305A53-4B99-4363-A5DC-6D31933B9690}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe

FirewallRules: [TCP Query User{BF2F2452-B89C-4F90-B8DA-5EABA2352F76}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe

FirewallRules: [{1ED033B4-46AE-48F1-8374-7A497C892C57}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe

FirewallRules: [{ABE6509C-C6B1-4871-AF71-BA631D43DFC1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe

FirewallRules: [{2AA34990-2DF0-46B8-88A7-5923E34ABF42}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

FirewallRules: [{F0BA479A-7584-4E54-B492-CF9A5D2BFA52}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe

FirewallRules: [{1928C580-F43C-4DF8-BBEE-8D0A62812FD7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe

FirewallRules: [{F79B363F-FDC2-40BE-8684-E49606C959FB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{7BCA8656-31FB-43B7-9F9E-4C141417073C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{F8F7C7B4-02AB-415D-AB79-92EFE58A834F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE

FirewallRules: [{58C8FA51-0A4B-4B28-AA63-39B888C8F84D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE

FirewallRules: [{3D9D5B4D-CF0C-4A25-B555-658190AA2F89}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe

FirewallRules: [{1382B94D-4A05-4B58-A1CC-88AFE3B7C688}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{CDB77C55-BAEA-480A-8053-6CF0B951E2E7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{15F576E7-714D-4E7F-A87F-27346E708340}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{C98C6ACA-45D6-49D8-8885-A60CF0821CEF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{5FDD8385-4BC6-46D9-98DC-B09698141952}] => (Allow) LPort=1900

FirewallRules: [{2456781A-9FFB-43B5-A1FE-C6A9526AAA74}] => (Allow) LPort=2869

FirewallRules: [{E26E977B-3738-4F7A-92E1-2F3496B3F3E6}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

FirewallRules: [{6BF2C7C7-B092-4BE5-BCF9-394D8A2E5699}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe

FirewallRules: [{F1600041-1C8B-4D65-97AD-97D91C24BE1D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe

FirewallRules: [{B0E32683-EEFF-4BDE-ABC9-C13E1843DAE2}] => (Allow) LPort=8318

FirewallRules: [{A6F96CF2-B1D5-44AD-9DCE-BDD6DA0A8DF4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

FirewallRules: [{9DC59AAB-0068-4454-9CC9-624CABCF03ED}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

FirewallRules: [{6EACBB56-3AB7-4483-9922-2E1CBFABDCA6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe

FirewallRules: [{2209A045-B20B-4920-9F7C-B89594BF2883}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [{C4651C4C-4298-4FC5-BFB8-CF0ABB8361C3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [TCP Query User{7E1BEB3C-8C44-4A5F-96FA-A2DD58E09C4A}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe

FirewallRules: [UDP Query User{5A160B16-8AA5-4A3E-93D7-A3E19ABC1150}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe

FirewallRules: [{96989F2B-C273-4BE9-A8B2-01DEC602E0ED}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe

FirewallRules: [{0CAC8896-8EFE-4180-A61C-EBFDBD86748B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe

FirewallRules: [{38C1950E-5984-4706-97E2-4AFE2B8F0138}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe

FirewallRules: [{0D75CA04-AA91-447B-9923-F25C62BF19F6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe

FirewallRules: [{0766BDAB-C81B-43FE-9CF7-11ABAE512375}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe

FirewallRules: [{6495A18F-010E-4D71-B33B-064230E6A805}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe

FirewallRules: [TCP Query User{0666A3F3-454A-41C2-9924-254700CCCAFB}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe

FirewallRules: [TCP Query User{1377F5E9-E081-4CC4-BC2C-3AACF863681F}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe

FirewallRules: [UDP Query User{9773098F-8E60-4D6B-887B-D53F544ACF74}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe

FirewallRules: [{FBECDC88-3641-4629-BE9A-34BAA823DF6A}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe

FirewallRules: [{A341BD59-4BD0-4EAD-8EB6-1FDCAD29A335}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe

FirewallRules: [{170C9DB0-47D0-4769-AA8D-0CBB87AD6486}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe

FirewallRules: [{3ACB8208-FD17-48B5-86CB-3F66A2C2B29C}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe

FirewallRules: [TCP Query User{2322CBB9-0CEF-4C94-9584-B7857B6CB011}C:\users\baykuş official\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\baykuş official\appdata\roaming\spotify\spotify.exe

FirewallRules: [UDP Query User{8D09012C-498C-4142-892A-C9ECFEDFC1A0}C:\users\baykuş official\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\baykuş official\appdata\roaming\spotify\spotify.exe

FirewallRules: [TCP Query User{11A1E5F8-61EC-478D-BFAA-1F4841A16EE2}C:\users\baykuş official\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\baykuş official\appdata\roaming\spotify\spotify.exe

FirewallRules: [UDP Query User{EED280A5-D363-4C01-B781-F4C022AC41C9}C:\users\baykuş official\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\baykuş official\appdata\roaming\spotify\spotify.exe

FirewallRules: [TCP Query User{E57086A9-D766-4752-B97B-5F02F4864784}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe

FirewallRules: [UDP Query User{C54EE607-D586-4F0C-AFAB-CB047BEA086B}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe

FirewallRules: [{86C0CBB8-881B-4040-9F3C-643FDD43C888}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Town of Salem\TownOfSalem.exe

FirewallRules: [{BAB80FFA-20E0-4F45-B478-DA5E32B9CFB7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Town of Salem\TownOfSalem.exe

FirewallRules: [{6B9A0909-8D0F-4FE0-A694-998B1D0F9927}] => (Allow) C:\Program Files (x86)\My WIFI Router\My WIFI Router.exe

FirewallRules: [{C5A81285-40A0-4C2F-819B-ED8721D3E62B}] => (Allow) C:\Program Files (x86)\My WIFI Router\My WIFI Router.exe

FirewallRules: [{030802B5-8489-4B0C-957C-85A1AD0F8D07}] => (Allow) C:\Program Files (x86)\My WIFI Router\My WIFI Router.exe

FirewallRules: [{BC8C8521-75FE-49CE-B251-1CF673A14C4B}] => (Allow) C:\Program Files (x86)\My WIFI Router\My WIFI Router.exe

FirewallRules: [{2B690E26-F1C4-409B-BF9F-D39422D8A0A2}] => (Allow) C:\Program Files (x86)\My WIFI Router\My WIFI Router.exe

FirewallRules: [{848FB961-2F03-4190-8178-07A3729B9C71}] => (Allow) C:\Program Files (x86)\My WIFI Router\My WIFI Router.exe

FirewallRules: [TCP Query User{44B30DF3-7A5A-4D87-A0B6-B459F6752AFB}C:\program files (x86)\pinegrow web designer\pinegrowwebdesigner.exe] => (Allow) C:\program files (x86)\pinegrow web designer\pinegrowwebdesigner.exe

FirewallRules: [UDP Query User{2C9554D2-5F93-473E-AD0D-2A8336FDFFBB}C:\program files (x86)\pinegrow web designer\pinegrowwebdesigner.exe] => (Allow) C:\program files (x86)\pinegrow web designer\pinegrowwebdesigner.exe

FirewallRules: [{36BDE034-15BA-405C-99BB-0A13A165A61F}] => (Allow) C:\Users\Baykuş Official\AppData\Roaming\uTorrent\uTorrent.exe

FirewallRules: [{4102748E-9A4D-4242-9610-01D73E94A5D6}] => (Allow) C:\Users\Baykuş Official\AppData\Roaming\uTorrent\uTorrent.exe

FirewallRules: [{A80A08FB-46B5-4F18-BF21-259F6852AEA8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe

FirewallRules: [{65CB98C6-4607-4BA1-954B-DA67132E8C2D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe

FirewallRules: [{63326A3B-B10C-402F-BB47-9E05060E9971}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

FirewallRules: [{C7AEDA05-4030-4844-9033-B803A382DE30}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

FirewallRules: [TCP Query User{AC93DE81-9A88-48C9-A922-68C4111C8A44}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe

FirewallRules: [UDP Query User{CF632FE6-FE47-49FA-8A14-85D12A8A78D1}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe

FirewallRules: [{FBC5DD79-57A5-4788-BD0B-CFD6E11AA558}] => (Allow) C:\Users\Baykuş Official\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

FirewallRules: [{DA71AD01-CA82-48A2-809F-BDD19B3C0EFD}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe

FirewallRules: [{3CB7828C-C001-4911-B452-6E075F185F58}] => (Allow) C:\Program Files (x86)\DroidCam\DroidCamApp.exe

FirewallRules: [{3104CBBE-D0C3-4DD3-89B3-0DF446C72819}] => (Allow) C:\Program Files (x86)\DroidCam\DroidCamApp.exe

FirewallRules: [TCP Query User{8DC8CE38-097B-4DAF-990E-2A86533EB5A3}C:\program files (x86)\lg electronics\lg bridge\lgbridge.exe] => (Allow) C:\program files (x86)\lg electronics\lg bridge\lgbridge.exe

FirewallRules: [UDP Query User{EDA982C0-84E4-4397-A291-3D7131A7BBCE}C:\program files (x86)\lg electronics\lg bridge\lgbridge.exe] => (Allow) C:\program files (x86)\lg electronics\lg bridge\lgbridge.exe

FirewallRules: [{33C7495B-8D1B-47FA-88DD-F8F7A2E558E1}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe

FirewallRules: [{606EAE47-F5B6-404C-A34E-84F03419DDA2}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe

FirewallRules: [{862B0AD6-AA40-4804-8125-07DAB93CF0EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe

FirewallRules: [{852A4A2D-A172-48C6-9EB9-AD353565B045}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe

FirewallRules: [{3F8E460F-2BC7-4EE3-B7DB-34A5D5F6ADB4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe



==================== Restore Points =========================





==================== Faulty Device Manager Devices =============



Name: TAP-NordVPN Windows Adapter V9

Description: TAP-NordVPN Windows Adapter V9

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: TAP-NordVPN Windows Provider V9

Service: tapnordvpn

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.



Name: VirtualBox Host-Only Ethernet Adapter

Description: VirtualBox Host-Only Ethernet Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Oracle Corporation

Service: VBoxNetAdp

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.



Name: Realtek PCIe GBE Ailesi Denetleyici

Description: Realtek PCIe GBE Ailesi Denetleyici

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Realtek

Service: RTL8168

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.



Name: Intel(R) Centrino(R) Wireless-N 2230

Description: Intel(R) Centrino(R) Wireless-N 2230

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Intel Corporation

Service: NETwNe64

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.





==================== Event log errors: =========================



Application errors:

==================

Error: (04/08/2018 09:26:51 PM) (Source: MsiInstaller) (EventID: 11500) (User: BaykusOfficial)

Description: Ürün: Microsoft Word MUI (Turkish) 2016 -- Hata 1500. Başka bir yükleme sürüyor. Bu yüklemeyi devam ettirebilmek için önce devam eden yüklemeyi tamamlamanız gerekir.



Error: (04/08/2018 09:26:50 PM) (Source: MsiInstaller) (EventID: 11500) (User: BaykusOfficial)

Description: Ürün: Microsoft Word MUI (Turkish) 2016 -- Hata 1500. Başka bir yükleme sürüyor. Bu yüklemeyi devam ettirebilmek için önce devam eden yüklemeyi tamamlamanız gerekir.



Error: (04/08/2018 09:26:49 PM) (Source: MsiInstaller) (EventID: 11500) (User: BaykusOfficial)

Description: Ürün: Microsoft Word MUI (Turkish) 2016 -- Hata 1500. Başka bir yükleme sürüyor. Bu yüklemeyi devam ettirebilmek için önce devam eden yüklemeyi tamamlamanız gerekir.



Error: (04/08/2018 09:26:49 PM) (Source: MsiInstaller) (EventID: 11500) (User: BaykusOfficial)

Description: Ürün: Microsoft Word MUI (Turkish) 2016 -- Hata 1500. Başka bir yükleme sürüyor. Bu yüklemeyi devam ettirebilmek için önce devam eden yüklemeyi tamamlamanız gerekir.



Error: (04/08/2018 09:26:47 PM) (Source: MsiInstaller) (EventID: 11500) (User: BaykusOfficial)

Description: Ürün: Microsoft Word MUI (Turkish) 2016 -- Hata 1500. Başka bir yükleme sürüyor. Bu yüklemeyi devam ettirebilmek için önce devam eden yüklemeyi tamamlamanız gerekir.



Error: (04/08/2018 09:13:45 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

Description: Şifreleme Hizmetleri, Sistem Yazıcısı Nesnesi'nde OnIdentity() çağrısını işlerken başarısız oldu.



Details:

AddCoreCsiFiles : GetNextFileMapContent() failed.



System Error:

Sistem belirtilen dosyayı bulamıyor.

.



Error: (04/08/2018 09:13:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

Description: Şifreleme Hizmetleri, Sistem Yazıcısı Nesnesi'nde OnIdentity() çağrısını işlerken başarısız oldu.



Details:

AddCoreCsiFiles : GetNextFileMapContent() failed.



System Error:

Sistem belirtilen dosyayı bulamıyor.

.



Error: (04/08/2018 04:55:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 20235





System errors:

=============

Error: (04/09/2018 05:52:59 PM) (Source: disk) (EventID: 7) (User: )

Description: \Device\Harddisk0\DR0 aygıtında bozuk bir blok oluştu.



Error: (04/09/2018 05:51:58 PM) (Source: disk) (EventID: 7) (User: )

Description: \Device\Harddisk0\DR0 aygıtında bozuk bir blok oluştu.



Error: (04/09/2018 05:51:50 PM) (Source: volsnap) (EventID: 14) (User: )

Description: C: biriminin gölge kopyaları D: birimindeki bir GÇ hatası nedeniyle iptal edildi.



Error: (04/09/2018 05:51:10 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)

Description: C: birimindeki dosya sistemi yapısında bir bozulma bulundu.



Bozulmanın tam yapısı bilinmiyor.  Dosya sistemi yapılarının çevrimiçi taranması gerekiyor.



Error: (04/09/2018 05:51:10 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)

Description: C: birimindeki dosya sistemi yapısında bir bozulma bulundu.



Bozulmanın tam yapısı bilinmiyor.  Dosya sistemi yapılarının çevrimiçi taranması gerekiyor.



Error: (04/09/2018 05:51:10 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)

Description: C: birimindeki dosya sistemi yapısında bir bozulma bulundu.



Bozulmanın tam yapısı bilinmiyor.  Dosya sistemi yapılarının çevrimiçi taranması gerekiyor.



Error: (04/09/2018 05:51:10 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)

Description: C: birimindeki dosya sistemi yapısında bir bozulma bulundu.



Bozulmanın tam yapısı bilinmiyor.  Dosya sistemi yapılarının çevrimiçi taranması gerekiyor.



Error: (04/09/2018 05:51:10 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)

Description: C: birimindeki dosya sistemi yapısında bir bozulma bulundu.



Bozulmanın tam yapısı bilinmiyor.  Dosya sistemi yapılarının çevrimiçi taranması gerekiyor.





Windows Defender:

===================================

Date: 2017-09-23 17:26:38.667

Description:

Windows Defender taraması tamamlanmadan durduruldu.

Tarama Kimliği: {B9051F93-0E96-4389-A472-9408AF79D73A}

Tarama Türü: Kötü Amaçlı Yazılımdan Koruma

Tarama Parametreleri: Hızlı Tarama

Kullanıcı: NT AUTHORITY\SYSTEM



Date: 2017-09-23 14:58:46.449

Description:

Windows Defender taraması tamamlanmadan durduruldu.

Tarama Kimliği: {4BC854B1-7E01-418B-A7A9-13313BCBF30B}

Tarama Türü: Kötü Amaçlı Yazılımdan Koruma

Tarama Parametreleri: Hızlı Tarama

Kullanıcı: NT AUTHORITY\SYSTEM



Date: 2017-09-23 12:04:08.667

Description:

Windows Defender taraması tamamlanmadan durduruldu.

Tarama Kimliği: {C19052CD-A4E5-497C-B3D8-21A28A20D6F2}

Tarama Türü: Kötü Amaçlı Yazılımdan Koruma

Tarama Parametreleri: Hızlı Tarama

Kullanıcı: NT AUTHORITY\SYSTEM



Date: 2017-09-23 11:11:03.535

Description:

Windows Defender taraması tamamlanmadan durduruldu.

Tarama Kimliği: {A790EFE4-A009-4C3D-A216-E89E3C20896D}

Tarama Türü: Kötü Amaçlı Yazılımdan Koruma

Tarama Parametreleri: Hızlı Tarama

Kullanıcı: NT AUTHORITY\SYSTEM



Date: 2017-09-23 10:57:04.331

Description:

Windows Defender taraması tamamlanmadan durduruldu.

Tarama Kimliği: {48E53829-75AB-45A0-BA46-9E15B6D2B6AB}

Tarama Türü: Kötü Amaçlı Yazılımdan Koruma

Tarama Parametreleri: Hızlı Tarama

Kullanıcı: NT AUTHORITY\SYSTEM



Date: 2017-09-22 23:46:25.074

Description:

Windows Defender imzaları güncelleştirmeye çalışırken bir hatayla karşılaştı.

Yeni İmza Sürümü:

Önceki İmza Sürümü: 117.12.0.0

Güncelleştirme Kaynağı: Microsoft Kötü Amaçlı Yazılımdan Koruma Merkezi

İmza Türü: Ağ İnceleme Sistemi

Güncelleştirme Türü: Tam

Kullanıcı: NT AUTHORITY\NETWORK SERVICE

Geçerli Altyapı Sürümü:

Önceki Altyapı Sürümü: 2.1.13804.0

Hata kodu: 0x80072ee7

Hata açıklaması: Sunucu adı veya adresi çözümlenemedi



Date: 2017-09-22 23:46:25.064

Description:

Windows Defender imzaları güncelleştirmeye çalışırken bir hatayla karşılaştı.

Yeni İmza Sürümü:

Önceki İmza Sürümü: 1.251.1225.0

Güncelleştirme Kaynağı: Microsoft Kötü Amaçlı Yazılımdan Koruma Merkezi

İmza Türü: Casus Yazılım Önleme

Güncelleştirme Türü: Tam

Kullanıcı: NT AUTHORITY\NETWORK SERVICE

Geçerli Altyapı Sürümü:

Önceki Altyapı Sürümü: 1.1.14104.0

Hata kodu: 0x80072ee7

Hata açıklaması: Sunucu adı veya adresi çözümlenemedi



Date: 2017-09-22 23:46:25.064

Description:

Windows Defender imzaları güncelleştirmeye çalışırken bir hatayla karşılaştı.

Yeni İmza Sürümü:

Önceki İmza Sürümü: 1.251.1225.0

Güncelleştirme Kaynağı: Microsoft Kötü Amaçlı Yazılımdan Koruma Merkezi

İmza Türü: Virüsten Koruma

Güncelleştirme Türü: Tam

Kullanıcı: NT AUTHORITY\NETWORK SERVICE

Geçerli Altyapı Sürümü:

Önceki Altyapı Sürümü: 1.1.14104.0

Hata kodu: 0x80072ee7

Hata açıklaması: Sunucu adı veya adresi çözümlenemedi



Date: 2017-09-22 23:46:24.918

Description:

Windows Defender imzaları güncelleştirmeye çalışırken bir hatayla karşılaştı.

Yeni İmza Sürümü:

Önceki İmza Sürümü: 1.251.1225.0

Güncelleştirme Kaynağı: Microsoft Update Sunucusu

İmza Türü: Virüsten Koruma

Güncelleştirme Türü: Tam

Kullanıcı: NT AUTHORITY\SYSTEM

Geçerli Altyapı Sürümü:

Önceki Altyapı Sürümü: 1.1.14104.0

Hata kodu: 0x8024402c

Hata açıklaması: Güncelleştirmeler denetlenirken beklenmeyen bir sorun oluştu. Güncelleştirmeleri yüklemek veya güncelleştirme sorunlarını gidermek için Yardım ve Destek'e bakın.



Date: 2017-09-22 17:53:00.579

Description:

Windows Defender imzaları güncelleştirmeye çalışırken bir hatayla karşılaştı.

Yeni İmza Sürümü:

Önceki İmza Sürümü: 117.12.0.0

Güncelleştirme Kaynağı: Microsoft Kötü Amaçlı Yazılımdan Koruma Merkezi

İmza Türü: Ağ İnceleme Sistemi

Güncelleştirme Türü: Tam

Kullanıcı: NT AUTHORITY\NETWORK SERVICE

Geçerli Altyapı Sürümü:

Önceki Altyapı Sürümü: 2.1.13804.0

Hata kodu: 0x80072ee7

Hata açıklaması: Sunucu adı veya adresi çözümlenemedi



==================== Memory info ===========================



Processor: Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz

Percentage of memory in use: 30%

Total physical RAM: 16273.27 MB

Available physical RAM: 11297.86 MB

Total Virtual: 32657.27 MB

Available Virtual: 27291.65 MB



==================== Drives ================================



Drive c: () (Fixed) (Total:911.44 GB) (Free:498.32 GB) NTFS ==>[system with boot components (obtained from drive)]

Drive d: (RECOVERY) (Fixed) (Total:18.86 GB) (Free:2.34 GB) NTFS ==>[system with boot components (obtained from drive)]



\\?\Volume{79ff3b31-71f2-4e69-b50b-b221e6e68a90}\ (WINRE) (Fixed) (Total:0.39 GB) (Free:0.13 GB) NTFS

\\?\Volume{0ee35ec7-0987-446f-b77c-2c691b7bbcb8}\ () (Fixed) (Total:0.44 GB) (Free:0.1 GB) NTFS



==================== MBR & Partition Table ==================



========================================================

Disk: 0 (Size: 931.5 GB) (Disk ID: 0D10199D)



Partition: GPT.



==================== End of Addition.txt ============================



Buda FRST



Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018

Ran by Baykuş Official (administrator) on BAYKUSOFFICIAL (09-04-2018 17:49:49)

Running from C:\Users\Baykuş Official\Downloads

Loaded Profiles: Baykuş Official (Available Profiles: Baykuş Official)

Platform: Windows 8.1 Single Language (Update) (X64) Language: Türkçe (Türkiye)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials



==================== Processes (Whitelisted) =================



(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)



(HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe

(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe

(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe

(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe

() C:\Program Files (x86)\NordVPN\nordvpn-service.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe

() C:\Windows\SysWOW64\PnkBstrA.exe

() C:\Windows\SysWOW64\PnkBstrB.exe

(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

() C:\Windows\System32\valWBFPolicyService.exe

(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe

() C:\Program Files (x86)\My WIFI Router\bmser.exe

(YANDEX LLC) C:\Program Files (x86)\Yandex\YandexBrowser\18.1.1.839\service_update.exe

(YANDEX LLC) C:\Program Files (x86)\Yandex\YandexBrowser\18.1.1.839\service_update.exe

(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe

(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

() C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe

(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe

(Intel Corporation) C:\Windows\System32\igfxTray.exe

(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(BitTorrent Inc.) C:\Users\Baykuş Official\AppData\Roaming\uTorrent\uTorrent.exe

(Intel Corporation) C:\Windows\System32\igfxEM.exe

(© 2015 Microsoft Corporation) C:\Users\Baykuş Official\AppData\Local\Microsoft\BingSvc\BingSvc.exe

(f.lux Software LLC) C:\Users\Baykuş Official\AppData\Local\FluxSoftware\Flux\flux.exe

(Intel Corporation) C:\Windows\System32\igfxHK.exe

(BitTorrent Inc.) C:\Users\Baykuş Official\AppData\Roaming\uTorrent\updates\3.5.3_44358\utorrentie.exe

(BitTorrent Inc.) C:\Users\Baykuş Official\AppData\Roaming\uTorrent\updates\3.5.3_44358\utorrentie.exe

(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe

(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Logitech Inc.) C:\Program Files\Logitech Gaming Software\ArxApplets\Discord\logitechg_discord.exe

(Spotify Ltd) C:\Users\Baykuş Official\AppData\Roaming\Spotify\SpotifyWebHelper.exe

(Yandex) C:\Users\Baykuş Official\AppData\Roaming\Yandex\YandexDisk\YandexDisk.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe

(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe

(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe

() C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.9\bin\TrayPopupE\TrayTipAgentE.exe

(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe

(Microsoft Corporation) C:\Windows\System32\WWAHost.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\22.8.1.14\nav.exe

(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\22.8.1.14\nav.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\22.8.1.14\symerr.exe

(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\22.8.1.14\symerr.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe



==================== Registry (Whitelisted) ===========================



(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)



HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2017-05-01] (IDT, Inc.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-24] (Synaptics Incorporated)

HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart

HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17652344 2017-06-27] (Logitech Inc.)

HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)

HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe

HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)

HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.)

HKLM-x32\...\Run: [My WIFI Router] => "C:\Program Files (x86)\My WIFI Router\My WIFI Router.exe"

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)

HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [492096 2013-01-27] (CyberLink Corp.)

HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694080 2013-07-10] (Western Digital Technologies, Inc.)

HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1890664 2016-01-14] (Western Digital Technologies, Inc.)

HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5571944 2016-04-19] (Western Digital Technologies, Inc.)

HKLM-x32\...\Run: [EaseUS EPM Tray Agent] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.9\bin\TrayPopupE\TrayTipAgentE.exe [255072 2014-11-18] ()

HKLM-x32\...\Winlogon: [Userinit] userinit.exe,

HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3199776 2018-04-03] (Valve Corporation)

HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\Run: [Clownfish] => C:\Program Files (x86)\Clownfish\Clownfish.exe [1764080 2017-10-09] (Bogdan Sharkov)

HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\Run: [Lync] => C:\Program Files (x86)\Microsoft Office\Office16\lync.exe [22616248 2018-02-14] (Microsoft Corporation)

HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1711680 2013-01-27] (CyberLink Corp.)

HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\Run: [Discord] => C:\Users\Baykuş Official\AppData\Local\Discord\app-0.0.300\Discord.exe [57821176 2018-01-08] (Discord Inc.)

HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [161336 2017-09-05] (BlueStack Systems, Inc.)

HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\Run: [Spotify] => C:\Users\Baykuş Official\AppData\Roaming\Spotify\Spotify.exe [21325200 2018-03-04] (Spotify Ltd)

HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1208648 2018-04-02] ()

HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\Run: [uTorrent] => C:\Users\Baykuş Official\AppData\Roaming\uTorrent\uTorrent.exe [2148024 2018-02-28] (BitTorrent Inc.)

HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\Run: [GoogleChromeAutoLaunch_BE603A42683D95E6BA576C145088D1F0] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1589592 2018-03-20] (Google Inc.)

HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\Run: [CyberGhost] => "C:\Program Files\CyberGhost 6\CyberGhost.exe" /autostart /min

HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\Run: [NordVPN] => C:\Program Files (x86)\NordVPN\NordVPN.exe [15671472 2017-08-23] (NordVPN)

HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\Run: [BingSvc] => C:\Users\Baykuş Official\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)

HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\Run: [f.lux] => C:\Users\Baykuş Official\AppData\Local\FluxSoftware\Flux\flux.exe [1678840 2017-10-10] (f.lux Software LLC)

HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [58899912 2018-02-02] (Skype Technologies S.A.)

HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4836032 2017-08-17] (Disc Soft Ltd)

HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\Run: [Spotify Web Helper] => C:\Users\Baykuş Official\AppData\Roaming\Spotify\SpotifyWebHelper.exe [780688 2018-03-04] (Spotify Ltd)

HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\Run: [SyncManPath] => C:\Users\Baykuş Official\AppData\Roaming\Yandex\YandexDisk\YandexDisk.exe [23778296 2018-02-20] (Yandex)

HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\Run: [Browser Manager] => C:\Users\Baykuş Official\AppData\Local\Yandex\BrowserManager\MBLauncher.exe [129896 2018-04-07] (Yandex LLC)

HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\Run: [ADVANCED SYSTEMCARE 10] => "C:\Users\BAYKUO~1\AppData\Local\Temp\Rar$EXa0.996\App\AdvancedSystemCare\ASCTray.exe" /auto <==== ATTENTION

HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\RunOnce: [Application Restart #1] => C:\Users\Baykuş Official\AppData\Local\Yandex\YandexBrowser\Application\browser.exe [2466808 2018-02-20] (YANDEX LLC)

HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\Policies\Explorer: [NolowDiskSpaceChecks] 1

HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\Policies\Explorer: [TaskbarNoNotification] 1

HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\MountPoints2: {0a333a49-29b7-11e7-be86-84a6c8f44b14} - "F:\Setup.exe"

HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\MountPoints2: {26cad000-7d25-11e7-beb1-84a6c8f44b14} - "G:\RTK_NIC_DRIVER_INSTALLER.sfx.exe"

HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\MountPoints2: {5cc2da2b-21f9-11e7-be74-84a6c8f44b14} - "F:\WD Drive Unlock.exe" autoplay=true

HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\MountPoints2: {67c8aaeb-8fb4-11e7-beb9-84a6c8f44b14} - "F:\HiSuiteDownLoader.exe"

HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\MountPoints2: {67c8ab45-8fb4-11e7-beb9-84a6c8f44b14} - "G:\HiSuiteDownLoader.exe"

HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\MountPoints2: {67c8ab50-8fb4-11e7-beb9-84a6c8f44b14} - "G:\HiSuiteDownLoader.exe"

HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\MountPoints2: {9e8fcecb-d695-11e7-bf4c-00e04c690582} - "F:\Setup.exe"

HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\MountPoints2: {c147e00a-63e9-11e7-be9f-84a6c8f44b14} - "F:\HiSuiteDownLoader.exe"

HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\...\MountPoints2: {d4d4e956-8fc2-11e7-beba-806e6f6e6963} - "G:\HiSuiteDownLoader.exe"

AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [171384 2017-06-28] (NVIDIA Corporation)

AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [171384 2017-06-28] (NVIDIA Corporation)

AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [149224 2017-06-28] (NVIDIA Corporation)

Startup: C:\Users\Baykuş Official\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2018-02-23]

ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\Baykuş Official\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook)



==================== Internet (Whitelisted) ====================



(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)



ProxyServer: [S-1-5-21-1999643376-2077949471-4288443404-1002] => 134.35.207.22:8080

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Tcpip\..\Interfaces\{3C0A3D19-80A1-4A09-9880-F7597D1A1DC0}: [DhcpNameServer] 192.168.1.1



Internet Explorer:

==================

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPALL13/41

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPALL13/41

HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yandex.com.tr/?win=309&clid=2255963

HKU\S-1-5-21-1999643376-2077949471-4288443404-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPALL13/41

SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://tr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF

SearchScopes: HKLM -> {FD28264C-5469-4B05-BB83-770625228B9F} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}

SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://tr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF

SearchScopes: HKLM-x32 -> {FD28264C-5469-4B05-BB83-770625228B9F} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}

SearchScopes: HKU\S-1-5-21-1999643376-2077949471-4288443404-1002 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://tr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF

SearchScopes: HKU\S-1-5-21-1999643376-2077949471-4288443404-1002 -> {FD28264C-5469-4B05-BB83-770625228B9F} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2018-02-14] (Microsoft Corporation)

BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton AntiVirus\Engine64\22.8.1.14\coIEPlg.dll [2016-11-12] (Symantec Corporation)

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-08-19] (Oracle Corporation)

BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-11] (Microsoft Corporation)

BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-08-19] (Oracle Corporation)

BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-04-07] (HP Inc.)

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2018-02-14] (Microsoft Corporation)

BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton AntiVirus\Engine\22.8.1.14\coIEPlg.dll [2016-11-12] (Symantec Corporation)

BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2018-04-07] (IObit)

BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-11] (Microsoft Corporation)

BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-04-07] (HP Inc.)

Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton AntiVirus\Engine64\22.8.1.14\coIEPlg.dll [2016-11-12] (Symantec Corporation)

Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton AntiVirus\Engine\22.8.1.14\coIEPlg.dll [2016-11-12] (Symantec Corporation)

Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2018-02-14] (Microsoft Corporation)

Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2018-02-14] (Microsoft Corporation)



FireFox:

========

FF ProfilePath: C:\Users\Baykuş Official\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default [2017-12-01]

FF Homepage: Mozilla\Firefox\Profiles\nahd6ha2.default -> hxxps://www.yandex.com.tr/?win=297&clid=2226560

FF SearchPlugin: C:\Users\Baykuş Official\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\yandex.com.tr-20174204.xml [2017-09-04]

FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_22.7.1.32\coFFAddon

FF Extension: (Norton Security Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_22.7.1.32\coFFAddon [2018-04-08] [Legacy]

FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_22.7.1.32\coFFAddon

FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-08-19] (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-08-19] (Oracle Corporation)

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw.dll [2012-04-26] (Adobe Systems, Inc.)

FF Plugin-x32: @authentec.com/ffwloplugin -> C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll [2013-06-07] ( HP)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)

FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-02-14] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)

FF Plugin-x32: visualon.com/VisualOnBrowserPlugin -> C:\ProgramData\VisualOn\BrowserPlugin\npvoBrowserPlugin.dll [2016-11-29] ()



Chrome:

=======

CHR DefaultProfile: Profile 1

CHR HomePage: Profile 1 -> yandex.com.tr

CHR DefaultSearchURL: Profile 1 -> hxxps://yandex.com.tr/search/?__PARAM__from=chromesearch&text={searchTerms}

CHR DefaultSearchKeyword: Profile 1 -> yandex.com.tr

CHR DefaultSuggestURL: Profile 1 -> hxxps://suggest.yandex.net/suggest-ff.cgi?uil=com.tr&part={searchTerms}

CHR Profile: C:\Users\Baykuş Official\AppData\Local\Google\Chrome\User Data\Profile 1 [2018-04-09]

CHR Extension: (Norton Identity Safe) - C:\Users\Baykuş Official\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\admmjipmmciaobhojoghlmleefbicajg [2018-04-05]

CHR Extension: (Flash Video Downloader) - C:\Users\Baykuş Official\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2018-02-25]

CHR Extension: (Yandex) - C:\Users\Baykuş Official\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bhjcgomkanpkpblokebecknhahgkcmoo [2018-04-08]

CHR Extension: (Adblock Plus) - C:\Users\Baykuş Official\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-01-27]

CHR Extension: (vidIQ for Chrome) - C:\Users\Baykuş Official\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cppnjmdljhemhdachecffocboniemifa [2017-04-15]

CHR Extension: (ZenMate - IP & Browser Check) - C:\Users\Baykuş Official\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dchhalahcjpkabdgonjhoogdcipienhf [2017-04-15]

CHR Extension: (Artıway) - C:\Users\Baykuş Official\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fepmcbinlbgdkegnjjnpcclhcpbjcgoa [2018-01-30]

CHR Extension: (Ana sayfa — Yandex) - C:\Users\Baykuş Official\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gbjeiekahklbgbfccohipinhgaadijad [2017-09-04]

CHR Extension: (Yandex) - C:\Users\Baykuş Official\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jdfonankhfnhihdcpaagpabbaoclnjfp [2018-04-08]

CHR Extension: (Chrome Web Mağazası Ödemeleri) - C:\Users\Baykuş Official\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]

CHR Extension: (Browsec VPN - Free and Unlimited VPN) - C:\Users\Baykuş Official\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\omghfjlpggmjjaagoclmmobgdodcjboh [2018-04-07]

CHR Extension: (vidIQ Vision for YouTube) - C:\Users\Baykuş Official\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pachckjkecffpdphbpmfolblodfkgbhl [2018-04-07]

CHR Extension: (Chrome Media Router) - C:\Users\Baykuş Official\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-27]

CHR Profile: C:\Users\Baykuş Official\AppData\Local\Google\Chrome\User Data\System Profile [2018-03-06]

CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton AntiVirus\Engine\22.8.1.14\Exts\Chrome.crx [2018-04-08]

CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [BHJCGOMKANPKPBLOKEBECKNHAHGKCMOO] - hxxp://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton AntiVirus\Engine\22.8.1.14\Exts\Chrome.crx [2018-04-08]

CHR HKLM-x32\...\Chrome\Extension: [gbjeiekahklbgbfccohipinhgaadijad] - hxxp://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [JDFONANKHFNHIHDCPAAGPABBAOCLNJFP] - hxxp://clients2.google.com/service/update2/crx



Opera:

=======

OPR StartupUrls: "hxxps:\/\/www.yandex.com.tr\/?win=297&clid=2226560"



==================== Services (Whitelisted) ====================



(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)



S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [387128 2017-09-05] (BlueStack Systems, Inc.)

S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [369720 2017-09-05] (BlueStack Systems, Inc.)

S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [244752 2012-07-16] (CyberLink)

S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291392 2017-08-17] (Disc Soft Ltd)

R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [1641768 2013-06-07] (HP)

S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP)

R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332144 2017-11-21] (HP Inc.)

R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)

R2 Intel(R) Bluetooth Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [160712 2013-03-11] (Intel Corporation)

R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)

R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-06-27] (Logitech Inc.)

S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()

R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\22.9.3.13\NAV.exe [326160 2017-05-11] (Symantec Corporation)

R2 nordvpn-service; C:\Program Files (x86)\NordVPN\nordvpn-service.exe [417456 2017-08-23] ()

S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1453384 2018-04-02] (Overwolf LTD)

R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [66872 2017-07-02] ()

R2 PnkBstrB; C:\WINDOWS\SysWOW64\PnkBstrB.exe [103736 2017-07-02] ()

S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-17] (TeamViewer GmbH)

S3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401856 2013-01-07] (AuthenTec, Inc.)

R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [28160 2012-09-06] () [File not signed]

R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1049464 2016-04-19] (Western Digital Technologies, Inc.)

R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [314744 2016-04-19] (Western Digital Technologies, Inc.)

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-05-15] (Microsoft Corporation)

R2 WIFIGXENDHCPSER; C:\Program Files (x86)\My WIFI Router\bmser.exe [1656416 2014-04-23] ()

S3 workfolderssvc; C:\WINDOWS\system32\workfolderssvc.dll [1673728 2017-05-15] (Microsoft Corporation) [File not signed]

R2 YandexBrowserService; C:\Program Files (x86)\Yandex\YandexBrowser\18.1.1.839\service_update.exe [1062392 2018-02-20] (YANDEX LLC)

S2 ADVANCEDSYSTEMCARESERVICE10; C:\Users\BAYKUO~1\AppData\Local\Temp\Rar$EXa0.996\App\AdvancedSystemCare\ASCService.exe [X] <==== ATTENTION

S3 Fax; %systemroot%\system32\fxssvc.exe [X]

S2 HuaweiHiSuiteService64.exe; "C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service [X]

R2 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000

S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000

R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"

S3 WinDefend; "%ProgramFiles%\Windows Defender\MsMpEng.exe" [X]



===================== Drivers (Whitelisted) ======================



(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)



S3 AndnetBus; C:\WINDOWS\System32\drivers\lgandnetbus64.sys [30208 2016-08-31] (LG Electronics Inc.)

S3 AndNetDiag; C:\WINDOWS\system32\DRIVERS\lgandnetdiag64.sys [30720 2016-08-24] (LG Electronics Inc.)

S3 ANDNetModem; C:\WINDOWS\system32\DRIVERS\lgandnetmodem64.sys [37376 2016-08-24] (LG Electronics Inc.)

S3 AppleUSBEthernet; C:\WINDOWS\system32\DRIVERS\AppleUSBEthernet.sys [50688 2017-04-15] (Apple Inc.) [File not signed]

R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\22.7.1.32\Definitions\BASHDefs\20180404.001\BHDrvx64.sys [1879632 2018-04-04] (Symantec Corporation)

S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2017-06-21] (Bluestack System Inc. )

R3 btmhsf; C:\WINDOWS\system32\DRIVERS\btmhsf.sys [1362232 2013-02-14] (Motorola Solutions, Inc.)

R1 ccSet_NAV; C:\WINDOWS\system32\drivers\NAVx64\1609030.00D\ccSetx64.sys [174232 2017-05-11] (Symantec Corporation)

R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)

R3 DroidCam; C:\WINDOWS\system32\DRIVERS\droidcam.sys [33592 2017-12-02] (Dev47Apps)

R3 DroidCamVideo; C:\WINDOWS\system32\DRIVERS\droidcamvideo.sys [230712 2017-12-02] (Windows (R) Win 7 DDK provider)

R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-04-27] (Disc Soft Ltd)

R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-04-27] (Disc Soft Ltd)

R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [507984 2018-04-07] (Symantec Corporation)

S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [25032 2018-01-17] ()

R0 EPMVolFlt; C:\WINDOWS\System32\drivers\EPMVolFlt.sys [20936 2017-11-23] (Windows (R) Codename Longhorn DDK provider)

R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153168 2018-04-08] (Symantec Corporation)

S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10848 2016-07-11] () [File not signed]

U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-07-26] (Huawei Technologies Co., Ltd.)

R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\22.7.1.32\Definitions\IPSDefs\20180405.001_d81\IDSvia64.sys [1299024 2018-04-05] (Symantec Corporation)

R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)

R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-01-24] (Logitech Inc.)

R3 LGSHidFilt; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [64280 2017-01-24] (Logitech Inc.)

S3 NETwNe64; C:\WINDOWS\system32\DRIVERS\Netwew00.sys [3349984 2014-04-17] (Intel Corporation)

R2 npf; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)

S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-06-28] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48064 2017-06-28] (NVIDIA Corporation)

R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-06-28] (NVIDIA Corporation)

S3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [266896 2012-06-14] (Realtek Semiconductor Corp.)

R3 RTLU3E8023-W8-64; C:\WINDOWS\system32\DRIVERS\rtu30x64w8.sys [92376 2013-10-11] (Realtek )

S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated)

R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-24] (Synaptics Incorporated)

R3 SRTSP; C:\WINDOWS\System32\Drivers\NAVx64\1608010.00E\SRTSP64.SYS [784624 2016-11-12] (Symantec Corporation)

R1 SRTSPX; C:\WINDOWS\system32\drivers\NAVx64\1609030.00D\SRTSPX64.SYS [49304 2017-05-11] (Symantec Corporation)

S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)

R0 SymEFASI; C:\WINDOWS\System32\drivers\NAVx64\1609030.00D\SYMEFASI64.SYS [1714328 2017-05-11] (Symantec Corporation)

S0 SymELAM; C:\WINDOWS\System32\drivers\NAVx64\1609030.00D\SymELAM.sys [24608 2017-05-11] (Symantec Corporation)

R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [102608 2018-04-08] (Symantec Corporation)

R1 SymIRON; C:\WINDOWS\system32\drivers\NAVx64\1609030.00D\Ironx64.SYS [291480 2017-05-11] (Symantec Corporation)

R3 SymNetS; C:\WINDOWS\System32\Drivers\NAVx64\1608010.00E\SYMNETS.SYS [567512 2016-11-12] (Symantec Corporation)

S3 tapnordvpn; C:\WINDOWS\system32\DRIVERS\tapnordvpn.sys [75088 2017-03-29] (The OpenVPN Project)

S3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [200832 2017-11-22] (Oracle Corporation)

R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [211704 2017-11-22] (Oracle Corporation)

S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-05-15] (Microsoft Corporation)

S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-05-15] (Microsoft Corporation)

S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-05-15] (Microsoft Corporation)

R3 WirelessButtonDriver; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)

S3 XHCIPort; C:\WINDOWS\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows (R) Win 7 DDK provider)

S3 AcpiPmi; \SystemRoot\System32\drivers\acpipmi.sys [X]

S3 ALSysIO; \??\C:\Users\BAYKUO~1\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION

S3 HidIr; \SystemRoot\System32\drivers\hidir.sys [X]

S3 IPMIDRV; \SystemRoot\System32\drivers\IPMIDrv.sys [X]

S3 Modem; system32\drivers\modem.sys [X]

S3 NAVENG; \??\C:\Program Files (x86)\Norton AntiVirus\NortonData\22.7.1.32\Definitions\SDSDefs\20180407.002\ENG64.SYS [X]

S3 NAVEX15; \??\C:\Program Files (x86)\Norton AntiVirus\NortonData\22.7.1.32\Definitions\SDSDefs\20180407.002\EX64.SYS [X]

S3 RdpVideoMiniport; System32\drivers\rdpvideominiport.sys [X]

S3 SerCx2; system32\drivers\SerCx2.sys [X]

S3 terminpt; \SystemRoot\System32\drivers\terminpt.sys [X]

S3 TsUsbFlt; system32\drivers\tsusbflt.sys [X]

S3 TsUsbGD; \SystemRoot\System32\drivers\TsUsbGD.sys [X]

S3 usbaudio; \SystemRoot\system32\drivers\usbaudio.sys [X]



==================== NetSvcs (Whitelisted) ===================



(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)





==================== One Month Created files and folders ========



(If an entry is included in the fixlist, the file/folder will be moved.)



Error(1) reading file: "C:\WINDOWS\SysWOW64\xpssvcs.dll"

Error(1) reading file: "C:\WINDOWS\SysWOW64\xpsservices.dll"

Error(1) reading file: "C:\WINDOWS\SysWOW64\XpsRasterService.dll"

Error(1) reading file: "C:\WINDOWS\SysWOW64\XpsPrint.dll"

Error(1) reading file: "C:\WINDOWS\SysWOW64\XpsFilt.dll"

Error(1) reading file: "C:\WINDOWS\SysWOW64\XInput9_1_0.dll"

Error(1) reading file: "C:\WINDOWS\SysWOW64\wwapi.dll"

Error(1) reading file: "C:\WINDOWS\SysWOW64\w32tm.exe"

Error(1) reading file: "C:\WINDOWS\SysWOW64\vssadmin.exe"

Error(1) reading file: "C:\WINDOWS\SysWOW64\verclsid.exe"

Error(1) reading file: "C:\WINDOWS\SysWOW64\timeout.exe"

Error(1) reading file: "C:\WINDOWS\SysWOW64\takeown.exe"

Error(1) reading file: "C:\WINDOWS\SysWOW64\systray.exe"

Error(1) reading file: "C:\WINDOWS\SysWOW64\SystemPropertiesRemote.exe"

Error(1) reading file: "C:\WINDOWS\SysWOW64\SystemPropertiesPerformance.exe"

Error(1) reading file: "C:\WINDOWS\SysWOW64\SystemPropertiesHardware.exe"

Error(1) reading file: "C:\WINDOWS\SysWOW64\SystemPropertiesDataExecutionPrevention.exe"

Error(1) reading file: "C:\WINDOWS\SysWOW64\SystemPropertiesComputerName.exe"

Error(1) reading file: "C:\WINDOWS\SysWOW64\systeminfo.exe"

Error(1) reading file: "C:\WINDOWS\SysWOW64\rgb9rast.dll"

Error(1) reading file: "C:\WINDOWS\SysWOW64\pku2u.dll"

Error(1) reading file: "C:\WINDOWS\SysWOW64\PerfStringBackup.INI"

Error(1) reading file: "C:\WINDOWS\SysWOW64\Fondue.exe"

Error(1) reading file: "C:\WINDOWS\SysWOW64\fltMC.exe"

Error(1) reading file: "C:\WINDOWS\SysWOW64\findstr.exe"

Error(1) reading file: "C:\WINDOWS\SysWOW64\expand.exe"

Error(1) reading file: "C:\WINDOWS\SysWOW64\eventvwr.exe"

Error(1) reading file: "C:\WINDOWS\SysWOW64\EventViewer_EventDetails.xsl"

Error(1) reading file: "C:\WINDOWS\SysWOW64\EhStorAuthn.exe"

Error(1) reading file: "C:\WINDOWS\SysWOW64\efsui.exe"

Error(1) reading file: "C:\WINDOWS\SysWOW64\eapphost.dll"

Error(1) reading file: "C:\WINDOWS\SysWOW64\eappgnui.dll"

Error(1) reading file: "C:\WINDOWS\SysWOW64\eappcfg.dll"

Error(1) reading file: "C:\WINDOWS\SysWOW64\eapp3hst.dll"

Error(1) reading file: "C:\WINDOWS\SysWOW64\drvinst.exe"

Error(1) reading file: "C:\WINDOWS\SysWOW64\driverquery.exe"

Error(1) reading file: "C:\WINDOWS\SysWOW64\CPFilters.dll"

Error(1) reading file: "C:\WINDOWS\SysWOW64\AppxProvisioning.xml"

Error(1) reading file: "C:\WINDOWS\system32\xwtpw32.dll"

Error(1) reading file: "C:\WINDOWS\system32\xpssvcs.dll"

Error(1) reading file: "C:\WINDOWS\system32\XInput9_1_0.dll"

Error(1) reading file: "C:\WINDOWS\system32\WwanRadioManager.dll"

Error(1) reading file: "C:\WINDOWS\system32\wwanprotdim.dll"

Error(1) reading file: "C:\WINDOWS\system32\Wwanpref.dll"

Error(1) reading file: "C:\WINDOWS\system32\WindowsAnytimeUpgradeResults.exe"

Error(1) reading file: "C:\WINDOWS\system32\vssadmin.exe"

Error(1) reading file: "C:\WINDOWS\system32\timeout.exe"

Error(1) reading file: "C:\WINDOWS\system32\systray.exe"

Error(1) reading file: "C:\WINDOWS\system32\SystemSettingsRemoveDevice.exe"

Error(1) reading file: "C:\WINDOWS\system32\systemreset.exe"

Error(1) reading file: "C:\WINDOWS\system32\SystemPropertiesRemote.exe"

Error(1) reading file: "C:\WINDOWS\system32\SystemPropertiesProtection.exe"

Error(1) reading file: "C:\WINDOWS\system32\SystemPropertiesHardware.exe"

Error(1) reading file: "C:\WINDOWS\system32\SystemPropertiesDataExecutionPrevention.exe"

Error(1) reading file: "C:\WINDOWS\system32\SystemPropertiesComputerName.exe"

Error(1) reading file: "C:\WINDOWS\system32\systeminfo.exe"

Error(1) reading file: "C:\WINDOWS\system32\SysResetErr.exe"

Error(1) reading file: "C:\WINDOWS\system32\iisreset.exe"

Error(1) reading file: "C:\WINDOWS\system32\igfxcmrt64.dll"

Error(1) reading file: "C:\WINDOWS\system32\igfxcmjit64.dll"

Error(1) reading file: "C:\WINDOWS\system32\igfx11cmrt64.dll"

Error(1) reading file: "C:\WINDOWS\system32\igdmd64.dll"

Error(1) reading file: "C:\WINDOWS\system32\igdde64.dll"

Error(1) reading file: "C:\WINDOWS\system32\IccLibDll_x64.dll"

Error(1) reading file: "C:\WINDOWS\system32\FXSCOVER.exe"

Error(1) reading file: "C:\WINDOWS\system32\Fondue.exe"

Error(1) reading file: "C:\WINDOWS\system32\findstr.exe"

Error(1) reading file: "C:\WINDOWS\system32\EhStorAuthn.exe"

Error(1) reading file: "C:\WINDOWS\system32\efsui.exe"

Error(1) reading file: "C:\WINDOWS\system32\easinvoker.exe"

Error(1) reading file: "C:\WINDOWS\system32\eapp3hst.dll"

Error(1) reading file: "C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf"

Error(1) reading file: "C:\WINDOWS\system32\driverquery.exe"

Error(1) reading file: "C:\WINDOWS\system32\config\COMPONENTS{42b82173-0b2e-11e3-93f4-90b11c2eb9f2}.TMContainer00000000000000000002.regtrans-ms"

Error(1) reading file: "C:\WINDOWS\system32\config\COMPONENTS{42b82173-0b2e-11e3-93f4-90b11c2eb9f2}.TMContainer00000000000000000001.regtrans-ms"

Error(1) reading file: "C:\WINDOWS\system32\config\COMPONENTS{42b82173-0b2e-11e3-93f4-90b11c2eb9f2}.TM.blf"

Error(1) reading file: "C:\WINDOWS\system32\config\BCD-Template.LOG2"

Error(1) reading file: "C:\WINDOWS\diagwrn.xml"

Error(1) reading file: "C:\WINDOWS\diagerr.xml"

Error(1) reading file: "C:\WINDOWS\CoreSingleLanguage.xml"

Error(1) reading file: "C:\Users\Baykuş Official\AppData\Local\ElevatedDiagnostics"

2018-04-09 08:17 - 2018-04-09 08:16 - 124561194 _____ C:\Users\Baykuş Official\Desktop\9.Sınıf Tarih 2.Dönem 1.Yazılıya Hazırlık.mp4

2018-04-09 08:14 - 2018-04-09 08:16 - 124561194 _____ C:\Users\Baykuş Official\Downloads\9.Sınıf Tarih 2.Dönem 1.Yazılıya Hazırlık.mp4

2018-04-08 16:14 - 2018-04-08 16:14 - 000008192 _____ C:\WINDOWS\SysWOW64\WDPABKP.dat

2018-04-08 13:57 - 2018-04-08 13:57 - 000000000 ____D C:\WINDOWS\System32\Tasks\Western Digital

2018-04-08 12:58 - 2018-04-08 12:58 - 000000000 ____D C:\Users\Baykuş Official\AppData\Local\NPE

2018-04-08 12:56 - 2018-04-08 12:56 - 000000000 ____D C:\WINDOWS\System32\Tasks\Norton AntiVirus

2018-04-08 12:50 - 2018-04-08 12:50 - 000002343 _____ C:\Users\Public\Desktop\Norton AntiVirus.lnk

2018-04-08 11:57 - 2018-04-08 22:27 - 000102608 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS

2018-04-08 11:57 - 2018-04-08 22:27 - 000008339 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT

2018-04-08 11:57 - 2018-04-08 11:57 - 000000000 ____D C:\Program Files\Common Files\Symantec Shared

2018-04-08 11:50 - 2018-04-08 22:24 - 000000000 ____D C:\Program Files (x86)\Norton AntiVirus

2018-04-08 11:50 - 2018-04-08 12:50 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus

2018-04-08 11:43 - 2018-04-08 11:44 - 000494032 _____ C:\WINDOWS\Minidump\040818-54109-01.dmp

2018-04-07 22:47 - 2018-04-07 22:52 - 000067035 _____ C:\Users\Baykuş Official\Downloads\Addition.txt

2018-04-07 22:46 - 2018-04-09 17:50 - 000039939 _____ C:\Users\Baykuş Official\Downloads\FRST.txt

2018-04-07 22:46 - 2018-04-09 17:49 - 000000000 ____D C:\FRST

2018-04-07 22:45 - 2018-04-07 22:45 - 002403328 _____ (Farbar) C:\Users\Baykuş Official\Downloads\FRST64.exe

2018-04-07 18:04 - 2018-04-07 18:05 - 008540180 _____ C:\Users\Baykuş Official\Downloads\DiskInternals Partition Recovery 4.2.zip

2018-04-07 18:00 - 2018-04-07 18:00 - 000000000 ____D C:\Users\Baykuş Official\Documents\My Passport Emin

2018-04-07 17:25 - 2018-04-07 17:25 - 000000000 ____D C:\Users\Baykuş Official\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DiskInternals

2018-04-07 17:25 - 2018-04-07 17:25 - 000000000 ____D C:\Program Files (x86)\DiskInternals

2018-04-07 17:23 - 2018-04-07 17:23 - 000000000 ____D C:\ProgramData\SystemAcCrux

2018-04-07 17:23 - 2018-04-07 17:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 12.9

2018-04-07 17:23 - 2018-03-02 10:02 - 004622992 _____ C:\WINDOWS\system32\BootMan.exe

2018-04-07 17:23 - 2018-03-02 10:02 - 003291792 _____ C:\WINDOWS\SysWOW64\BootMan.exe

2018-04-07 17:23 - 2018-01-17 00:00 - 000025032 _____ C:\WINDOWS\system32\epmntdrv.sys

2018-04-07 17:23 - 2017-12-01 16:32 - 000131728 _____ C:\WINDOWS\system32\setupempdrvx64.exe

2018-04-07 17:23 - 2017-11-23 11:47 - 000020936 _____ (Windows (R) Codename Longhorn DDK provider) C:\WINDOWS\system32\EPMVolFlt.sys

2018-04-07 17:23 - 2017-11-23 11:47 - 000020936 _____ (Windows (R) Codename Longhorn DDK provider) C:\WINDOWS\system32\Drivers\EPMVolFlt.sys

2018-04-07 17:23 - 2016-07-11 10:01 - 000010848 _____ C:\WINDOWS\system32\EuGdiDrv.sys

2018-04-07 17:23 - 2014-11-18 14:46 - 000021088 _____ C:\WINDOWS\SysWOW64\EuEpmGdi.dll

2018-04-07 17:23 - 2014-11-18 14:46 - 000017504 _____ C:\WINDOWS\system32\EuEpmGdi.dll

2018-04-07 17:22 - 2018-04-07 17:22 - 000000000 ____D C:\Program Files (x86)\EaseUS

2018-04-07 17:21 - 2018-04-07 17:24 - 026868860 _____ (DiskInternals Research) C:\Users\Baykuş Official\Downloads\Partition_Recovery.exe

2018-04-07 17:21 - 2018-04-07 17:22 - 040265376 _____ (EaseUS ) C:\Users\Baykuş Official\Downloads\epm_trial.exe

2018-04-07 17:11 - 2018-04-07 17:11 - 000000000 ____D C:\ProgramData\PCSettings

2018-04-07 16:53 - 2018-04-07 17:01 - 160975344 _____ (Symantec Corporation) C:\Users\Baykuş Official\Downloads\NAV-PPOEM-Def-22.7.1.32.exe

2018-04-07 16:28 - 2018-04-07 16:28 - 000010788 _____ C:\Users\Baykuş Official\Downloads\osbaseln.zip

2018-04-07 16:25 - 2018-04-07 16:25 - 000003116 _____ C:\WINDOWS\System32\Tasks\ASC10_PerformanceMonitor

2018-04-07 16:25 - 2018-04-07 16:25 - 000002920 _____ C:\WINDOWS\System32\Tasks\ASC10_SkipUac_Baykuş Official

2018-04-07 16:06 - 2018-04-07 16:07 - 019622423 _____ C:\Users\Baykuş Official\Downloads\testdisk-7.1-WIP.win.zip

2018-04-07 15:52 - 2018-04-07 15:54 - 072543680 _____ (Malwarebytes ) C:\Users\Baykuş Official\Downloads\mb3-setup-consumer-3.4.5.2467-1.0.342-1.0.4638.exe

2018-04-07 13:09 - 2018-04-09 17:35 - 000000000 ____D C:\WINDOWS\System32\Tasks\Remediation

2018-04-02 20:58 - 2018-04-02 20:58 - 000000000 ____D C:\Users\Baykuş Official\Desktop\Yeni klasör (8)

2018-04-02 17:40 - 2018-04-02 17:40 - 000000000 __SHD C:\found.001

2018-04-01 23:13 - 2018-04-01 23:13 - 002521687 _____ C:\Users\Baykuş Official\Downloads\Çıplak Camdan Sarktı, Feci Şekilde Can Verdi!.mp4

2018-03-25 18:38 - 2018-03-25 18:36 - 000499476 _____ C:\Users\Baykuş Official\Desktop\Universal_Repeater_Ayarlari.pdf

2018-03-25 13:34 - 2018-03-25 13:34 - 000000000 __SHD C:\found.000

2018-03-25 00:17 - 2018-03-25 00:18 - 011041621 _____ C:\Users\Baykuş Official\Downloads\optimizilla (1).zip

2018-03-24 23:48 - 2018-03-25 00:22 - 000000000 ____D C:\Users\Baykuş Official\Desktop\Yeni klasör (6)

2018-03-20 17:30 - 2018-03-20 18:01 - 000000000 ____D C:\Users\Baykuş Official\Desktop\20.3.2018

2018-03-18 18:39 - 2018-03-18 18:41 - 104610656 ____R (obsproject.com) C:\Users\Baykuş Official\Downloads\OBS-Studio-21.0.1-Full-Installer.exe

2018-03-18 18:38 - 2018-03-18 18:38 - 000032262 _____ C:\Users\Baykuş Official\Downloads\OBS-Studio-21.0.1-Full-Installer.exe.torrent

2018-03-18 18:35 - 2018-03-18 18:39 - 000000000 ____D C:\Program Files (x86)\Quick Screen Recorder

2018-03-18 18:35 - 2018-03-18 18:35 - 000589918 _____ C:\Users\Baykuş Official\Downloads\qsr.exe

2018-03-18 18:35 - 2018-03-18 18:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quick Screen Recorder

2018-03-18 18:02 - 2018-03-18 18:02 - 000184573 _____ C:\Users\Baykuş Official\Downloads\Adsiz__17_ (2).wma

2018-03-18 17:59 - 2018-03-18 17:59 - 000184573 _____ C:\Users\Baykuş Official\Downloads\Adsiz__17_ (1).wma

2018-03-16 15:09 - 2018-03-02 21:55 - 000834552 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2018-03-16 15:09 - 2018-03-02 21:55 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2018-03-15 21:34 - 2018-03-15 21:31 - 002567094 _____ C:\Users\Baykuş Official\Desktop\ilovepdf_merged.compressed.pdf

2018-03-15 08:24 - 2018-03-15 08:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox

2018-03-15 08:19 - 2018-03-15 08:19 - 002996165 _____ C:\Users\Baykuş Official\Downloads\Liste (2).pdf

2018-03-15 08:16 - 2018-03-15 08:16 - 002996165 _____ C:\Users\Baykuş Official\Downloads\Liste (1).pdf

2018-03-15 08:15 - 2018-03-15 08:15 - 002996165 _____ C:\Users\Baykuş Official\Downloads\Liste.pdf

2018-03-15 08:05 - 2018-03-15 08:05 - 002996165 _____ C:\Users\Baykuş Official\Desktop\merged.compressed.pdf

2018-03-15 08:04 - 2018-03-15 08:05 - 045404304 _____ C:\Users\Baykuş Official\Downloads\merged.pdf

2018-03-15 00:57 - 2018-03-15 00:57 - 000000000 ____D C:\Users\Baykuş Official\AppData\Local\Free_PDF_Solutions

2018-03-15 00:53 - 2018-03-15 19:08 - 000000000 ____D C:\Users\Baykuş Official\Desktop\Yeni klasör (7)

2018-03-15 00:46 - 2018-03-15 00:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free PNG to PDF Converter

2018-03-15 00:46 - 2018-03-15 00:46 - 000000000 ____D C:\Program Files (x86)\Free PDF Solutions

2018-03-15 00:34 - 2018-03-15 00:34 - 000000000 ____D C:\Users\Baykuş Official\AppData\Roaming\Free PDF Solutions

2018-03-15 00:31 - 2018-03-15 00:32 - 018236928 _____ (Free PDF Solutions) C:\Users\Baykuş Official\Downloads\pngtopdf_setup.exe

2018-03-15 00:11 - 2018-03-15 00:11 - 027075873 _____ C:\Users\Baykuş Official\Downloads\png2pdf.pdf

2018-03-14 22:05 - 2018-03-14 22:05 - 000001067 _____ C:\Users\Public\Desktop\Tivibu - İndir İzle.lnk

2018-03-14 21:53 - 2018-03-14 21:55 - 033484936 _____ (TTNET ) C:\Users\Baykuş Official\Downloads\tivibusetup.exe

2018-03-14 18:05 - 2018-03-15 00:57 - 000000455 _____ C:\Users\Baykuş Official\Desktop\Yeni Metin Belgesi (4).txt

2018-03-14 16:15 - 2018-02-15 00:45 - 000145024 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe

2018-03-14 16:15 - 2018-02-13 17:20 - 001994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe

2018-03-14 16:15 - 2018-02-13 17:20 - 001560064 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll

2018-03-14 16:15 - 2018-02-13 17:20 - 000740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll

2018-03-14 16:15 - 2018-02-13 17:20 - 000655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll

2018-03-14 16:15 - 2018-02-13 17:20 - 000600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll

2018-03-14 16:15 - 2018-02-13 17:20 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll

2018-03-14 16:15 - 2018-02-13 17:20 - 000380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll

2018-03-14 16:15 - 2018-02-13 17:20 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll

2018-03-14 16:15 - 2018-02-13 17:20 - 000237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll

2018-03-14 16:14 - 2018-03-03 10:24 - 007407960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2018-03-14 16:14 - 2018-02-18 23:53 - 004168704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys

2018-03-14 16:14 - 2018-02-16 18:45 - 025742848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2018-03-14 16:14 - 2018-02-16 18:44 - 013678080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2018-03-14 16:14 - 2018-02-16 18:19 - 020286976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2018-03-14 16:14 - 2018-02-15 18:15 - 003241472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2018-03-14 16:14 - 2018-02-15 17:57 - 002767872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2018-03-14 16:14 - 2018-02-10 22:29 - 000274272 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys

2018-03-14 16:14 - 2018-02-10 22:25 - 000533856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys

2018-03-14 16:14 - 2018-02-10 22:08 - 001307328 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll

2018-03-14 16:14 - 2018-02-10 22:06 - 000356184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys

2018-03-14 16:14 - 2018-02-10 20:40 - 002901504 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2018-03-14 16:14 - 2018-02-10 20:37 - 005779968 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2018-03-14 16:14 - 2018-02-10 20:27 - 000817152 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll

2018-03-14 16:14 - 2018-02-10 20:10 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2018-03-14 16:14 - 2018-02-10 20:09 - 003757056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll

2018-03-14 16:14 - 2018-02-10 20:06 - 002295296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2018-03-14 16:14 - 2018-02-10 20:00 - 000661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll

2018-03-14 16:14 - 2018-02-10 19:57 - 015281664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2018-03-14 16:14 - 2018-02-10 19:50 - 000807936 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2018-03-14 16:14 - 2018-02-10 19:46 - 002412544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll

2018-03-14 16:14 - 2018-02-10 19:40 - 004496384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2018-03-14 16:14 - 2018-02-10 19:33 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll

2018-03-14 16:14 - 2018-02-10 19:23 - 001545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2018-03-14 16:14 - 2018-02-10 19:11 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2018-03-14 16:14 - 2018-02-08 20:37 - 002779648 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll

2018-03-14 16:14 - 2018-02-08 19:57 - 002464256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll

2018-03-14 16:14 - 2018-02-02 23:42 - 003320832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll

2018-03-14 16:14 - 2018-02-02 22:24 - 003610112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll

2018-03-14 16:14 - 2018-01-26 22:04 - 001115648 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll

2018-03-14 16:14 - 2018-01-12 21:18 - 000538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll

2018-03-14 16:14 - 2018-01-12 20:26 - 000393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll

2018-03-14 16:14 - 2018-01-11 21:28 - 001562624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe

2018-03-14 16:14 - 2018-01-11 21:19 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcndmgr.dll

2018-03-14 16:14 - 2018-01-11 20:55 - 002003456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe

2018-03-14 16:14 - 2018-01-11 20:42 - 002923520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcndmgr.dll

2018-03-14 16:14 - 2018-01-11 20:13 - 001695744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll

2018-03-14 16:14 - 2018-01-09 08:35 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll

2018-03-14 16:14 - 2018-01-09 08:19 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe

2018-03-14 16:14 - 2018-01-09 08:09 - 000367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll

2018-03-14 16:14 - 2018-01-09 07:59 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe

2018-03-14 16:14 - 2018-01-09 07:46 - 001096192 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll

2018-03-14 16:13 - 2018-03-03 10:24 - 000419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll

2018-03-14 16:13 - 2018-03-03 10:11 - 001737600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll

2018-03-14 16:13 - 2018-03-03 10:11 - 001676064 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi

2018-03-14 16:13 - 2018-03-03 10:11 - 001536120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe

2018-03-14 16:13 - 2018-03-03 10:11 - 001500432 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi

2018-03-14 16:13 - 2018-03-03 10:11 - 001371352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe

2018-03-14 16:13 - 2018-03-03 08:23 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll

2018-03-14 16:13 - 2018-03-03 08:22 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll

2018-03-14 16:13 - 2018-02-16 18:51 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll

2018-03-14 16:13 - 2018-02-16 18:51 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll

2018-03-14 16:13 - 2018-02-16 18:28 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll

2018-03-14 16:13 - 2018-02-16 18:24 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll

2018-03-14 16:13 - 2018-02-16 18:24 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll

2018-03-14 16:13 - 2018-02-16 17:37 - 000088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll

2018-03-14 16:13 - 2018-02-16 17:37 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll

2018-03-14 16:13 - 2018-02-10 23:24 - 000178008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys

2018-03-14 16:13 - 2018-02-10 22:29 - 000124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NV_AGP.SYS

2018-03-14 16:13 - 2018-02-10 22:29 - 000065888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ULIAGPKX.SYS

2018-03-14 16:13 - 2018-02-10 22:29 - 000062304 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AGP440.sys

2018-03-14 16:13 - 2018-02-10 22:29 - 000021856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\isapnp.sys

2018-03-14 16:13 - 2018-02-10 22:29 - 000017240 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msisadrv.sys

2018-03-14 16:13 - 2018-02-10 20:50 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys

2018-03-14 16:13 - 2018-02-10 20:40 - 000577536 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2018-03-14 16:13 - 2018-02-10 20:26 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll

2018-03-14 16:13 - 2018-02-10 20:20 - 000445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll

2018-03-14 16:13 - 2018-02-10 20:03 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll

2018-03-14 16:13 - 2018-02-10 20:01 - 000617472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe

2018-03-14 16:13 - 2018-02-10 19:59 - 000404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll

2018-03-14 16:13 - 2018-02-10 19:58 - 001033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll

2018-03-14 16:13 - 2018-02-10 19:54 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll

2018-03-14 16:13 - 2018-02-10 19:52 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll

2018-03-14 16:13 - 2018-02-10 19:50 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll

2018-03-14 16:13 - 2018-02-10 19:48 - 001436672 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll

2018-03-14 16:13 - 2018-02-10 19:47 - 002134016 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2018-03-14 16:13 - 2018-02-10 19:44 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll

2018-03-14 16:13 - 2018-02-10 19:43 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll

2018-03-14 16:13 - 2018-02-10 19:39 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll

2018-03-14 16:13 - 2018-02-10 19:35 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll

2018-03-14 16:13 - 2018-02-10 19:34 - 000694784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2018-03-14 16:13 - 2018-02-10 19:34 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll

2018-03-14 16:13 - 2018-02-10 19:33 - 002058240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2018-03-14 16:13 - 2018-02-10 19:30 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll

2018-03-14 16:13 - 2018-02-10 19:29 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll

2018-03-14 16:13 - 2018-02-10 19:12 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll

2018-03-14 16:13 - 2018-02-10 19:09 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

2018-03-14 16:13 - 2018-01-11 21:39 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cic.dll

2018-03-14 16:13 - 2018-01-11 21:39 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcshext.dll

2018-03-14 16:13 - 2018-01-11 21:34 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcbase.dll

2018-03-14 16:13 - 2018-01-11 21:10 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\cic.dll

2018-03-14 16:13 - 2018-01-11 21:10 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcshext.dll

2018-03-14 16:13 - 2018-01-11 21:04 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcbase.dll

2018-03-14 16:13 - 2018-01-10 17:48 - 000559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys

2018-03-14 16:13 - 2018-01-09 10:04 - 000276312 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys

2018-03-14 16:13 - 2018-01-09 09:09 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll

2018-03-14 16:13 - 2018-01-09 09:06 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\certenc.dll

2018-03-14 16:13 - 2018-01-09 08:35 - 000289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll

2018-03-14 16:13 - 2018-01-09 08:32 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certenc.dll

2018-03-14 16:13 - 2018-01-09 08:29 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll

2018-03-14 16:13 - 2018-01-09 08:05 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll

2018-03-14 16:13 - 2018-01-09 07:49 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll

2018-03-14 16:13 - 2018-01-09 07:39 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll

2018-03-14 15:05 - 2018-03-14 15:05 - 000000000 ____D C:\Users\Baykuş Official\Desktop\Liste

2018-03-13 18:00 - 2018-03-13 18:00 - 000011267 _____ C:\Users\Baykuş Official\Desktop\Ürünler Liste.xlsx

2018-03-13 18:00 - 2018-03-13 18:00 - 000000165 ____H C:\Users\Baykuş Official\Desktop\~$Ürünler Liste.xlsx

2018-03-12 22:57 - 2018-03-12 22:57 - 000000000 ____D C:\Users\Baykuş Official\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yandex.Disk

2018-03-11 18:15 - 2018-03-11 18:15 - 000000000 _____ C:\Users\Baykuş Official\Desktop\Yeni Metin Belgesi (2).txt

2018-03-11 16:35 - 2018-03-11 16:35 - 000190005 _____ C:\Users\Baykuş Official\Downloads\WhatsApp Image 2018-03-11 at 16.34.00.jpeg

2018-03-11 01:43 - 2018-03-11 01:43 - 000006617 _____ C:\Users\Baykuş Official\Desktop\Yeni Microsoft Excel Çalışma Sayfası.xlsx

2018-03-11 01:43 - 2018-03-11 01:43 - 000000165 ____H C:\Users\Baykuş Official\Desktop\~$Yeni Microsoft Excel Çalışma Sayfası.xlsx

2018-03-10 23:09 - 2018-03-10 23:09 - 001413058 _____ C:\Users\Baykuş Official\Downloads\optimizilla.zip

2018-03-10 21:04 - 2018-03-10 21:04 - 000000000 ____D C:\Program Files (x86)\AGEIA Technologies

2018-03-10 18:56 - 2018-03-10 21:06 - 000000000 ____D C:\Users\Baykuş Official\AppData\Local\PAYDAY 2

2018-03-10 16:22 - 2018-03-10 16:29 - 028099415 _____ C:\Users\Baykuş Official\Downloads\41517_youplay-324.zip

2018-03-10 00:16 - 2018-03-10 00:16 - 000000000 _____ C:\Users\Baykuş Official\Desktop\Yeni Metin Belgesi.txt



==================== One Month Modified files and folders ========



(If an entry is included in the fixlist, the file/folder will be moved.)



2018-04-09 17:48 - 2017-07-29 23:12 - 000000000 ____D C:\Users\Baykuş Official\AppData\Roaming\uTorrent

2018-04-09 17:44 - 2017-09-04 11:44 - 000000498 _____ C:\WINDOWS\Tasks\Обновление Браузера Яндекс.job

2018-04-09 17:43 - 2017-09-04 11:43 - 000000504 _____ C:\WINDOWS\Tasks\Yandex Browser'ın sistem güncellemesi.job

2018-04-09 17:43 - 2017-09-04 11:43 - 000000500 _____ C:\WINDOWS\Tasks\Yandex Browser güncellemesi.job

2018-04-09 17:24 - 2017-04-15 19:38 - 000000000 ____D C:\Users\Baykuş Official\AppData\LocalLow\AuthenTec

2018-04-09 17:22 - 2017-05-21 22:20 - 000004020 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{554B09F2-60A1-4B06-8CC6-67A059C4FCCA}

2018-04-09 17:21 - 2017-04-15 18:16 - 000000000 ____D C:\ProgramData\NVIDIA

2018-04-08 23:16 - 2017-04-15 18:32 - 000000000 ____D C:\Program Files (x86)\HP SimplePass

2018-04-08 22:24 - 2017-09-23 18:20 - 000000000 ____D C:\WINDOWS\system32\Drivers\NAVx64

2018-04-08 22:13 - 2014-11-22 02:08 - 001912418 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2018-04-08 22:13 - 2014-11-22 01:28 - 000784246 _____ C:\WINDOWS\system32\perfh01F.dat

2018-04-08 22:13 - 2014-11-22 01:28 - 000177808 _____ C:\WINDOWS\system32\perfc01F.dat

2018-04-08 22:13 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\Inf

2018-04-08 16:48 - 2017-04-15 19:44 - 000003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1999643376-2077949471-4288443404-1002

2018-04-08 16:30 - 2017-09-04 11:41 - 000000000 ___RD C:\Users\Baykuş Official\YandexDisk

2018-04-08 16:29 - 2018-02-28 01:49 - 000000000 ____D C:\Users\Baykuş Official\AppData\LocalLow\uTorrent

2018-04-08 16:29 - 2017-05-15 21:38 - 000000000 __SHD C:\Users\Baykuş Official\IntelGraphicsProfiles

2018-04-08 16:12 - 2017-05-15 17:00 - 000000000 ____D C:\Users\Baykuş Official

2018-04-08 16:12 - 2013-08-22 17:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT

2018-04-08 16:11 - 2012-07-26 11:12 - 000000000 ___HD C:\WINDOWS\ELAMBKUP

2018-04-08 14:23 - 2017-12-09 23:00 - 000000000 ____D C:\Users\Baykuş Official\.VirtualBox

2018-04-08 12:44 - 2013-08-22 16:25 - 001310720 ___SH C:\WINDOWS\system32\config\BBI

2018-04-08 12:43 - 2013-08-22 16:25 - 000262144 ___SH C:\WINDOWS\system32\config\ELAM

2018-04-08 11:50 - 2017-04-15 18:39 - 000000000 ____D C:\ProgramData\Norton

2018-04-08 11:48 - 2017-09-23 20:23 - 000000000 ____D C:\Program Files (x86)\NortonInstaller

2018-04-08 11:43 - 2017-11-20 17:33 - 000000000 ____D C:\WINDOWS\Minidump

2018-04-08 11:43 - 2017-11-20 17:32 - 1200677524 _____ C:\WINDOWS\MEMORY.DMP

2018-04-07 18:17 - 2017-04-16 19:16 - 000000000 ____D C:\ProgramData\Malwarebytes

2018-04-07 17:11 - 2017-09-23 20:23 - 000000000 ____D C:\ProgramData\NortonInstaller

2018-04-07 16:30 - 2017-04-27 15:17 - 000000000 ____D C:\Program Files (x86)\Mount&Blade Warband

2018-04-07 15:58 - 2017-04-15 20:19 - 000000000 ____D C:\Program Files (x86)\Steam

2018-04-06 22:12 - 2017-04-20 02:00 - 000000000 ____D C:\Users\Baykuş Official\AppData\Local\CrashDumps

2018-04-06 21:50 - 2017-09-01 19:14 - 000000000 ____D C:\Program Files (x86)\TeamViewer

2018-04-06 20:13 - 2017-07-04 16:13 - 000000000 ____D C:\Users\Baykuş Official\AppData\LocalLow\Mozilla

2018-04-06 20:12 - 2017-09-10 22:02 - 000000000 ____D C:\ProgramData\BlueStacksSetup

2018-04-03 23:34 - 2013-08-22 18:36 - 000000000 ____D C:\WINDOWS\system32\NDF

2018-04-03 00:16 - 2017-07-12 00:14 - 000000000 ____D C:\Program Files (x86)\Overwolf

2018-03-30 14:01 - 2017-07-20 22:44 - 000000000 ____D C:\Users\Baykuş Official\AppData\Roaming\vlc

2018-03-24 21:11 - 2017-05-19 20:48 - 000000000 ____D C:\Program Files\Rockstar Games

2018-03-24 21:11 - 2017-05-19 20:48 - 000000000 ____D C:\Program Files (x86)\Rockstar Games

2018-03-23 00:36 - 2017-04-15 20:14 - 000002240 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2018-03-23 00:36 - 2017-04-15 20:14 - 000002199 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2018-03-20 19:56 - 2017-04-19 01:46 - 000000000 ____D C:\Users\Baykuş Official\AppData\Local\Tivibu

2018-03-18 18:48 - 2017-07-01 15:58 - 000000000 ____D C:\Users\Baykuş Official\AppData\Roaming\obs-studio

2018-03-18 18:47 - 2017-10-01 21:12 - 000001224 _____ C:\Users\Public\Desktop\OBS Studio.lnk

2018-03-18 18:47 - 2017-10-01 21:12 - 000000000 ____D C:\Program Files (x86)\obs-studio

2018-03-18 18:47 - 2017-07-01 15:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio

2018-03-18 18:34 - 2017-06-15 00:10 - 000000000 ____D C:\Users\Baykuş Official\Documents\Bandicam

2018-03-16 23:26 - 2017-08-23 16:23 - 000000000 ____D C:\Program Files (x86)\BlueStacks

2018-03-16 20:06 - 2013-08-22 18:36 - 000000000 ____D C:\WINDOWS\rescache

2018-03-16 17:18 - 2017-04-15 19:38 - 000000000 ____D C:\Users\Baykuş Official\AppData\Local\Packages

2018-03-16 15:06 - 2013-08-22 17:44 - 005129528 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2018-03-16 14:54 - 2017-05-19 21:49 - 000000000 ____D C:\WINDOWS\system32\appraiser

2018-03-16 14:54 - 2013-08-22 18:36 - 000000000 ___RD C:\WINDOWS\ToastData

2018-03-15 16:49 - 2012-07-26 10:59 - 000000000 ____D C:\WINDOWS\CbsTemp

2018-03-15 08:30 - 2012-07-26 08:26 - 000000167 _____ C:\WINDOWS\win.ini

2018-03-15 08:21 - 2017-04-16 20:38 - 000000000 ____D C:\WINDOWS\system32\MRT

2018-03-15 08:17 - 2017-10-12 00:11 - 130364688 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe

2018-03-15 08:17 - 2017-04-16 20:38 - 130364688 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2018-03-14 23:58 - 2017-04-19 13:43 - 000000132 _____ C:\Users\Baykuş Official\AppData\Roaming\Adobe PNG Format CS6 Prefs

2018-03-14 22:05 - 2017-04-19 21:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tivibu

2018-03-14 22:05 - 2017-04-19 21:21 - 000000000 ____D C:\Program Files (x86)\Tivibu

2018-03-14 17:38 - 2018-01-27 13:49 - 000000000 ____D C:\Users\Baykuş Official\Desktop\Satılık Ürünler

2018-03-13 23:10 - 2017-11-19 01:00 - 000004490 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier

2018-03-13 23:10 - 2017-11-19 01:00 - 000004308 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater

2018-03-13 23:10 - 2013-08-22 18:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed

2018-03-13 23:10 - 2013-08-22 18:36 - 000000000 ____D C:\WINDOWS\system32\Macromed

2018-03-13 19:08 - 2017-04-18 13:40 - 000000000 ____D C:\Users\Baykuş Official\AppData\Local\Microsoft Help

2018-03-13 17:36 - 2012-07-26 11:12 - 000000000 ____D C:\WINDOWS\LiveKernelReports

2018-03-10 21:01 - 2017-04-15 20:39 - 000000000 ____D C:\ProgramData\Package Cache

2018-03-10 14:41 - 2017-04-19 01:22 - 000000000 ____D C:\Program Files\Common Files\AV



==================== Files in the root of some directories =======



2017-04-19 13:43 - 2018-03-14 23:58 - 000000132 _____ () C:\Users\Baykuş Official\AppData\Roaming\Adobe PNG Format CS6 Prefs

2017-04-19 02:12 - 2017-04-19 02:12 - 000001456 _____ () C:\Users\Baykuş Official\AppData\Local\Adobe Gem til web 13.0 Prefs

2017-09-29 17:17 - 2017-09-29 17:17 - 000000000 _____ () C:\Users\Baykuş Official\AppData\Local\{B3C6495C-01FB-456C-A3BC-AE20D4F8423E}



==================== Bamital & volsnap ======================



(There is no automatic fix for files that do not pass verification.)



C:\WINDOWS\system32\winlogon.exe => File is digitally signed

C:\WINDOWS\system32\wininit.exe => File is digitally signed

C:\WINDOWS\explorer.exe => File is digitally signed

C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed

C:\WINDOWS\system32\svchost.exe => File is digitally signed

C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed

C:\WINDOWS\system32\services.exe => File is digitally signed

C:\WINDOWS\system32\User32.dll => File is digitally signed

C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed

C:\WINDOWS\system32\userinit.exe => File is digitally signed

C:\WINDOWS\SysWOW64\userinit.exe IS MISSING <==== ATTENTION

C:\WINDOWS\system32\rpcss.dll => File is digitally signed

C:\WINDOWS\system32\dnsapi.dll => File is digitally signed

C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed

C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



LastRegBack: 2018-04-08 16:48



==================== End of FRST.txt ============================

Boztepe · 9 Nisan 2018

Logu inceleyip önerilerimi yazacağım. Biraz zaman alır.

eminilhan · 9 Nisan 2018

Peki ben beklemedeyim. Bu logların harddiskle bir ilgisi var mı ?

Boztepe · 9 Nisan 2018

Arkadaşım,şimdi olup biteni ayrıntılı yazarak zaman kaybetmeyelim. Kısaca; izin ve disk sorunlarınız var. Loglara yansıyan hatalardan da görülüyor zaten. Doğrudan yapılacaklara geçelim.

C:\Program Files (x86)\IObit
IObit\IObit Uninstaller,AdvancedSystemCare,Surfing Protection

IObit yazılımlarını ve klasörünü FreerevoUninstaller ile öncelikle kaldırmanız gerekiyor.

=============================================

İşletim sisteminizi güncelleyin. Bu konuda bilgilendirme yapın.

==================================================

Aşağıdaki işlemi yapın;

Güvenlik yazılımlarınızı (Norton + Windows firewall) geçici olarak kapatın.

Wikisend.com adresine yüklediğim Fixlist dosyasını masaüstüne indirin.
Wikisend: free file sharing service

Farbar yazılımınız da masaüstünde olsun.

Farbar yazılımına sağ tıklayıp yönetici olarak çalıştır deyin.

FİX butonuna sadece bir kez basın. İşlemlerin bitmesini bekleyin.........

İşlemler bittiğinde masaüstünde Fixlog dosyası oluşacaktır. O dosyayı wikisend.com sitesine upload ederek adresini paylaşın. (Sayfalarda log kalabalığı yapmayalım.)

Ayrıca işleme, sfc /scannow komutu ekledim. Dosya sisteminizde onarma yapmaya çalışacaktır. Sistemi yeniden başlatmak için izin isteyebilir ve sistem taraması yapabilir. Bilginiz olsun.

eminilhan · 9 Nisan 2018

Boztepe dedi:
Arkadaşım,şimdi olup biteni ayrıntılı yazarak zaman kaybetmeyelim. Kısaca; izin ve disk sorunlarınız var. Loglara yansıyan hatalardan da görülüyor zaten. Doğrudan yapılacaklara geçelim.

C:\Program Files (x86)\IObit
IObit\IObit Uninstaller,AdvancedSystemCare,Surfing Protection

IObit yazılımlarını ve klasörünü FreerevoUninstaller ile öncelikle kaldırmanız gerekiyor.

=============================================

İşletim sisteminizi güncelleyin. Bu konuda bilgilendirme yapın.

==================================================

Aşağıdaki işlemi yapın;

Güvenlik yazılımlarınızı (Norton + Windows firewall) geçici olarak kapatın.

Wikisend.com adresine yüklediğim Fixlist dosyasını masaüstüne indirin.
Wikisend: free file sharing service

Farbar yazılımınız da masaüstünde olsun.

Farbar yazılımına sağ tıklayıp yönetici olarak çalıştır deyin.

FİX butonuna sadece bir kez basın. İşlemlerin bitmesini bekleyin.........

İşlemler bittiğinde masaüstünde Fixlog dosyası oluşacaktır. O dosyayı wikisend.com sitesine upload ederek adresini paylaşın. (Sayfalarda log kalabalığı yapmayalım.)

Ayrıca işleme, sfc /scannow komutu ekledim. Dosya sisteminizde onarma yapmaya çalışacaktır. Sistemi yeniden başlatmak için izin isteyebilir ve sistem taraması yapabilir. Bilginiz olsun.

Müsait olur olmaz işlemleri yapacağım. Burada ki işlemlerin sonunda, harddiskte ki sorun hallolunacak mı ? Harddisk'in harici olduğunu belirttim mi hatırlamıyorum. Harici Harddiskte bir problem var.

Boztepe · 9 Nisan 2018

eminilhan dedi:
Müsait olur olmaz işlemleri yapacağım. Burada ki işlemlerin sonunda, harddiskte ki sorun hallolunacak mı ? Harddisk'in harici olduğunu belirttim mi hatırlamıyorum. Harici Harddiskte bir problem var.

Harici diskinizi de sistemde daima takılı olsun. Zarar verecek işlem yapmayız merak etme. Burada herkes bir birine yardımcı olmaya çalışıyor. Hiç bir şeyin garantisini de veremeyiz. Biz yapılması gerekenleri öncelikle yapmaya çalışalım. Bulanık suda balık avlamaya çalışmıyoruz. Loglardaki sorunlara göre işlem yapıyoruz.

eminilhan · 9 Nisan 2018

Boztepe dedi:
Harici diskinizi de sistemde daima takılı olsun. Zarar verecek işlem yapmayız merak etme. Burada herkes bir birine yardımcı olmaya çalışıyor. Hiç bir şeyin garantisini de veremeyiz. Biz yapılması gerekenleri öncelikle yapmaya çalışalım. Bulanık suda balık avlamaya çalışmıyoruz. Loglardaki sorunlara göre işlem yapıyoruz.

Ben az önce dediğiniz programdan, IOBIT Programlarını kaldırmayı denedim ama kaldırma tuşu çalışmıyor. Program ve Özellikler bölümüne de girilmiyor. Sadece fix işini yaptım fakat onu yaparken harici disk takılı değildi bilmiyordum. Acaba ne yapsam şuanda ?

Mesaj otomatik birleştirildi: 9 Nisan 2018

Boztepe dedi:
Harici diskinizi de sistemde daima takılı olsun. Zarar verecek işlem yapmayız merak etme. Burada herkes bir birine yardımcı olmaya çalışıyor. Hiç bir şeyin garantisini de veremeyiz. Biz yapılması gerekenleri öncelikle yapmaya çalışalım. Bulanık suda balık avlamaya çalışmıyoruz. Loglardaki sorunlara göre işlem yapıyoruz.

Buda Fixlog Wikisend: free file sharing service

Boztepe · 9 Nisan 2018

Harici disk takılı iken işlemleri tekrar yapabilirsiniz..

Sonra sistemi kontrol edin herhangi bir değişik durum var mı ? Ayrıca sistem sfc /scannow yaptı mı ? Sonuc logunu bulabilirsen gönder.

Düzeltme:
sfc /scannow yapılmış ama başarısız olmuş.

Windows Resource Protection could not start the repair service.
-----Windows Kaynak Koruması onarım hizmetini başlatamadı.

eminilhan · 9 Nisan 2018

Boztepe dedi:
Harici disk takılı iken işlemleri tekrar yapabilirsiniz..

Sonra sistemi kontrol edin herhangi bir değişik durum var mı ? Ayrıca sistem sfc /scannow yaptı mı ? Sonuc logunu bulabilirsen gönder.

Sonuç logunu yukarıda en altta yazdım. Linki var. Tekrar vereyim genede. Wikisend: free file sharing service

Mesaj otomatik birleştirildi: 10 Nisan 2018

Boztepe dedi:
Harici disk takılı iken işlemleri tekrar yapabilirsiniz..

Sonra sistemi kontrol edin herhangi bir değişik durum var mı ? Ayrıca sistem sfc /scannow yaptı mı ? Sonuc logunu bulabilirsen gönder.

Ya aslında ben sizden şöyle bir yardım istesem daha makbule geçer. Siz bana şu harici diskleri kurtarmamda yardım ederseniz, ben yedekleri alıp bilgisayara fabrikadan gelen recovery diskleriyle, kökten bir sıfırlama atayım, problem falan kalmaz.

Boztepe · 10 Nisan 2018

eminilhan dedi:
Sonuç logunu yukarıda en altta yazdım. Linki var. Tekrar vereyim genede. Wikisend: free file sharing service

Logu gördüm. daha önceki mesajımda düzeltme yaptım. sfc /scannow yapılmış ama başarısız olmuş.

Mesaj otomatik birleştirildi: 10 Nisan 2018

Ya aslında ben sizden şöyle bir yardım istesem daha makbule geçer. Siz bana şu harici diskleri kurtarmamda yardım ederseniz, ben yedekleri alıp bilgisayara fabrikadan gelen recovery diskleriyle, kökten bir sıfırlama atayım, problem falan kalmaz.

Bunun için çalışıyoruz. !!
Siz istiyorsunuz ki 2 adımda şip şak işi çözelim. Öyle bir çözüm yok. Varsa da ben bilmiyorum. Dünyada sorunlar böyle çözülüyor. Sorunlar araştırılıp çözülmeye çalışılıyor. Mücadele ve araştırma var.

Devam etmek istiyor musunuz ? Veya ben bu sorunu kısa yoldan çözerim diyen bir bilen varsa konuya müdahil olabilir.

Bilgisayara Bulaşan Virüs

Ayrıntılı düzenleme

eminilhan

Megapat

Boztepe

Hectopat

eminilhan

Megapat

Boztepe

Hectopat

eminilhan

Megapat

Boztepe

Hectopat

eminilhan

Megapat

Boztepe

Hectopat

eminilhan

Megapat

Boztepe

Hectopat

Benzer konular

Technopat Haberler

Yeni konular

Yeni mesajlar

Gizliliğinize önem veriyoruz