Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: WIndows 10: Kaspersky hat ein Virus gefunden, wahrscheinlich von einem Texturepack.

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Thema geschlossen
Alt 07.06.2021, 19:19   #1
amorte
 
WIndows 10: Kaspersky hat ein Virus gefunden, wahrscheinlich von einem Texturepack. - Standard

WIndows 10: Kaspersky hat ein Virus gefunden, wahrscheinlich von einem Texturepack.



Hallo,

seit einiger Zeit lief mein PC langsamer als gewöhnlich. Deshalb habe ich gestern mein PC mit Kaspersky untersuchen lassen. Es wurde ein Virus gefunden, wahrscheinlich von einem Texturepack für ein Online-Game. Ich habe mein PC formatiert und möchte sichergehen, dass sich keine Viren mehr darauf befinden.
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-06-2021 01
Ran by pc (administrator) on DESKTOP-SSB3C3R (empty empty) (07-06-2021 20:35:07)
Running from C:\Users\pc.DESKTOP-SSB3C3R\Downloads
Loaded Profiles: pc
Platform: Windows 10 Pro Version 20H2 19042.985 (X64) Language: Türkçe (Türkiye)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] B:\Riot Games\Riot Client\RiotClientCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <29>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksdeui.exe
(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1108979a670abe46\Display.NvContainer\NVDisplay.Container.exe <2>
(Riot Games, Inc. -> ) B:\Riot Games\League of Legends\LeagueCrashHandler.exe
(Riot Games, Inc. -> Riot Games, Inc.) B:\Riot Games\League of Legends\LeagueClient.exe
(Riot Games, Inc. -> Riot Games, Inc.) B:\Riot Games\League of Legends\LeagueClientUx.exe
(Riot Games, Inc. -> Riot Games, Inc.) B:\Riot Games\League of Legends\LeagueClientUxRender.exe <2>
(Riot Games, Inc. -> Riot Games, Inc.) B:\Riot Games\Riot Client\RiotClientServices.exe
(Spotify AB -> Spotify Ltd) C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Spotify\Spotify.exe <6>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD) [File not signed]
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5890504 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
HKU\S-1-5-21-2083803427-3784009630-4091105537-1001\...\Run: [Steam] => "B:\Steam\steam.exe" -silent
HKU\S-1-5-21-2083803427-3784009630-4091105537-1001\...\Run: [Discord] => C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Discord\Update.exe [1512040 2021-03-18] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2083803427-3784009630-4091105537-1001\...\Run: [GoogleChromeAutoLaunch_B95DBF8F51F526A2277EEAC12754CD8D] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-2083803427-3784009630-4091105537-1001\...\Run: [MicrosoftEdgeAutoLaunch_9A61B6E5303EB158C1519CE517410451] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-2083803427-3784009630-4091105537-1001\...\Run: [PreMiD] => C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\PreMiD\PreMiD.exe [126285312 2021-02-21] (GitHub, Inc.) [File not signed] <==== ATTENTION
HKU\S-1-5-21-2083803427-3784009630-4091105537-1001\...\Run: [Spotify] => C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Spotify\Spotify.exe [23976064 2021-06-04] (Spotify AB -> Spotify Ltd) <==== ATTENTION
HKU\S-1-5-21-2083803427-3784009630-4091105537-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33770112 2021-05-20] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.77\Installer\chrmstp.exe [2021-06-02] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Mediatek Wireless Utility.lnk [2019-03-13]
ShortcutTarget: Mediatek Wireless Utility.lnk -> C:\Program Files (x86)\MediatekWiFi\Common\RaUI.exe (MEDIATEK INC. -> Mediatek Inc.) [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {14E4556E-983D-4489-B938-0E96474E8973} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28158080 2021-05-20] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {20E4CCBF-8F18-415B-9EDE-294531359C8A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-13] (Google Inc -> Google Inc.)
Task: {4EE66E10-5CF1-4742-8A6A-05CA1C57FC73} - System32\Tasks\Microsoft\Windows\PLA\GPU => {FF679DA1-8FF2-4474-9C9E-52BBD409B557} C:\WINDOWS\system32\pla.dll [1493504 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {50D8409E-3B2A-4C30-82D4-704B849478DA} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {611BA789-D5EB-4480-A001-F1EA3E688BFE} - System32\Tasks\SmartGameBooster SkipUAC (pc) => C:\Program Files (x86)\PCGameBoost\Smart Game Booster\SgbMain.exe
Task: {6C1E1E5C-67F5-41BA-AFC1-4984F2C73319} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [743488 2021-06-05] (Kaspersky Lab JSC -> AO Kaspersky Lab)
Task: {718A7D89-7AF0-4369-8C23-A973A1670B79} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {73F6B16F-9012-4778-98A2-332BAF6396E4} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe
Task: {954CFD21-4D8F-4E27-8B7B-E9F527650324} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-13] (Google Inc -> Google Inc.)
Task: {9579BB9F-31EE-4034-91DD-8A891EAFDC25} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-05-20] (Piriform Software Ltd -> Piriform)
Task: {AC04D34F-8100-442E-8C11-598A08354834} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B2207797-4D6B-4183-A6F0-35BE64B36073} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3336560 2021-04-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B41B3A2E-BA46-4580-A9A7-9AED624A4BA2} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B91B9ACB-03AE-42AC-BC52-F7F4824A2932} - System32\Tasks\kpm_tray.exe => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_tray.exe [622168 2021-04-28] (Kaspersky Lab JSC -> AO Kaspersky Lab)
Task: {B988F599-67FB-412F-8B2C-2E54ED7C95DA} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-29] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {BFD5DA4F-72F0-4C74-A128-BB17679F1E1B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-29] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {C0521D1E-F682-415F-9421-118DB799DE1A} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DA7AE204-CE22-493F-B25B-A01FFEF3BDAD} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E221A119-382B-482C-9431-88EB39B23E4D} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{835ffd6d-cca6-4b64-abf0-e9cd0211821d}: [DhcpNameServer] 192.168.2.1

Edge: 
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-05]
Edge HomePage: Default -> hxxp://www.joygame.com/games.aspx?g=2001
Edge StartupUrls: Default -> "hxxps://go.microsoft.com/fwlink/?LinkId=625119&clcid=0x41F"
Edge Extension: (Hotspot Shield Free VPN Proxy - Unlimited VPN) - C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cdbkakmeogejmlpgioplhjkaablahbmj [2021-06-03]
Edge Extension: (MediaNewTab) - C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ddncgmfehaelaoifpbcjnfcnigflcplp [2020-09-07]
Edge Extension: (Stay secure with CyberGhost VPN Free Proxy) - C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ffbkglfijbcbgblgflchnbphjdllaogb [2021-01-29]
Edge Extension: (Adblock Plus - ücretsiz reklam engelleyici) - C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2021-06-03]
Edge Extension: (Touch VPN - Secure and unlimited VPN proxy) - C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ighhnpmaabelnfcbbkijikgghajbiaml [2020-11-10]
Edge Extension: (TopTVTab) - C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pmjnffbcmcmaeknmbhjlmafboaelhank [2020-09-07]
Edge HKU\S-1-5-21-2083803427-3784009630-4091105537-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]

FireFox:
========
FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF Plugin: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-04-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-04-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-04-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-04-26] (Oracle America, Inc. -> Oracle Corporation)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Google\Chrome\User Data\Default [2021-06-07]
CHR HomePage: Default -> hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlOcu-1jqKQlXDVV2fK-gI5TsorvtzK5f-A9_t6RrUmovEY0olbB8-dy2L4xnGy8gt4sQBEUGc70HWh70H5UFGoAvB9giACTm-F903NffYfxAi_phJQ8MC_DdOyXQNw2jHdKxDUo4ws,
CHR Extension: (YouTube) - C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnkijcaahngcdmfeangaknmldooml [2021-02-15]
CHR Extension: (PreMiD) - C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Google\Chrome\User Data\Default\Extensions\agjnjboanicjcpenljmaaigopkgdnihi [2021-01-22] [UpdateUrl:hxxps://api.premid.app/firefox/updates] <==== ATTENTION
CHR Extension: (Kaspersky Protection) - C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-06-05]
CHR Extension: (Touch VPN - Ücretsiz VPN ve Proxy) - C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Google\Chrome\User Data\Default\Extensions\bihmplhobchoageeokmgbdihknkjbknd [2020-10-13]
CHR Extension: (Adblock Plus - ücretsiz reklam engelleyici) - C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-05-19]
CHR Extension: (MediaNewTab) - C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddncgmfehaelaoifpbcjnfcnigflcplp [2019-05-30]
CHR Extension: (Stay secure with CyberGhost VPN Free Proxy) - C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffbkglfijbcbgblgflchnbphjdllaogb [2021-01-29]
CHR Extension: (Hotspot Shield Free VPN Proxy - Unlimited VPN) - C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbejmccbhkncgokjcmghpfloaajcffj [2020-10-09]
CHR Extension: (Chrome Web Mağazası Ödemeleri) - C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Chrome Media Router) - C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-04]
CHR Extension: (TopTVTab) - C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmjnffbcmcmaeknmbhjlmafboaelhank [2019-05-30]
CHR Profile: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-06-07]
CHR Profile: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-06-03]
CHR HomePage: Profile 1 -> hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlOcu-1jqKQlXDVV2fK-gI5TsorvtzK5f-A9_t6RrUmovEY0olbB8-dy2L4xnGy8gt4sQBEUGc70HWh70H5UFGoAvB9giACTm-F903NffYfxAi_phJQ8MC_DdOyXQNw2jHdKxDUo4ws,
CHR Extension: (Safe Torrent Scanner) - C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2021-02-10]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-06-01]
CHR Extension: (Iron Man-Material Design) - C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nekeenfmlfhgoaojceionblcpbbjmnpk [2020-10-19]
CHR Extension: (Hotspot Shield Free VPN Proxy - Unlimited VPN) - C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nlbejmccbhkncgokjcmghpfloaajcffj [2020-10-19]
CHR Extension: (Chrome Web Mağazası Ödemeleri) - C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-10]
CHR Extension: (Chrome Media Router) - C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-05-08]
CHR Profile: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Google\Chrome\User Data\Profile 2 [2021-02-23]
CHR Extension: (Safe Torrent Scanner) - C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2021-02-21]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-02-21]
CHR Extension: (Chrome Web Mağazası Ödemeleri) - C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-21]
CHR Extension: (Chrome Media Router) - C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-02-21]
CHR Profile: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Google\Chrome\User Data\Profile 3 [2021-03-18]
CHR Extension: (Safe Torrent Scanner) - C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2021-02-21]
CHR Extension: (Chrome Web Mağazası Ödemeleri) - C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-21]
CHR Extension: (Chrome Media Router) - C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-14]
CHR Profile: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Google\Chrome\User Data\System Profile [2021-06-07]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avp.exe [384280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8577760 2019-07-02] (BattlEye Innovations e.K. -> )
S4 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2021-01-06] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 kpm_launch_service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe [357272 2021-04-28] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 KSDE5.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe [646520 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
S4 Origin Web Helper Service; B:\Origin\OriginWebHelperService.exe [3474240 2020-10-22] (Electronic Arts, Inc. -> Electronic Arts)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5393288 2021-05-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13273104 2020-10-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S4 uncheater_bgl; C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe [2097008 2019-12-23] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\NisSrv.exe [2599328 2021-05-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe [128376 2021-05-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1108979a670abe46\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1108979a670abe46\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [250032 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-10-02] (Martin Malik - REALiX -> REALiX(tm))
R1 klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [110336 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [211704 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [126216 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-Malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [514840 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [657696 2021-05-08] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [1439456 2021-05-08] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [253736 2021-06-05] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1042712 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [98040 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [112392 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [112904 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [85256 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [96008 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [55592 2021-02-19] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [263888 2021-06-05] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [309104 2021-06-05] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [115744 2021-06-05] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [224880 2021-06-05] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [155912 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [327936 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [300808 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 NShield; C:\WINDOWS\system32\drivers\NShield.sys [3606064 2020-05-18] (SALTANAT OYUN BILISIM TEKNOLOJILERI YAY.SAN. VE TIC.LTD.STI. -> SALTANAT OYUN BILISIM TEKNOLOJILERI YAY.SAN. VE TIC.LTD.STI.)
S3 RvNetMP60; C:\WINDOWS\System32\drivers\RvNetMP60.sys [69048 2020-05-27] (Famatech Corp. -> Famatech Corp.)
S3 tesrsdt; C:\WINDOWS\system32\drivers\tesrsdt.sys [812208 2020-09-30] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 TesSafe; C:\WINDOWS\system32\TesSafe.sys [555064 2020-02-24] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 UniSafe; C:\WINDOWS\system32\drivers\UniSafe.sys [581912 2021-03-09] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49560 2021-05-14] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [421112 2021-05-14] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [73960 2021-05-14] (Microsoft Windows -> Microsoft Corporation)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (Noriyuki MIYAZAKI -> OpenLibSys.org)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [74552 2020-09-29] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 dg_ssudbus; \SystemRoot\system32\DRIVERS\ssudbus.sys [X]
S3 ssudmdm; \SystemRoot\system32\DRIVERS\ssudmdm.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-06-07 20:35 - 2021-06-07 20:38 - 000028257 _____ C:\Users\pc.DESKTOP-SSB3C3R\Downloads\FRST.txt
2021-06-07 20:33 - 2021-06-07 20:37 - 000000000 ____D C:\FRST
2021-06-07 20:32 - 2021-06-07 20:32 - 002300416 _____ (Farbar) C:\Users\pc.DESKTOP-SSB3C3R\Downloads\FRST64.exe
2021-06-06 03:34 - 2021-06-06 03:34 - 000000000 ____D C:\WINDOWS\LastGood
2021-06-06 03:19 - 2021-05-28 02:01 - 000037656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2021-06-06 03:14 - 2021-05-31 19:11 - 000626960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-06-06 03:14 - 2021-05-31 19:09 - 005678880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2021-06-06 03:13 - 2021-05-31 19:15 - 001855184 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-06-06 03:13 - 2021-05-31 19:15 - 001855184 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-06-06 03:13 - 2021-05-31 19:15 - 001453360 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-06-06 03:13 - 2021-05-31 19:15 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-06-06 03:13 - 2021-05-31 19:15 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-06-06 03:13 - 2021-05-31 19:15 - 001192752 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-06-06 03:13 - 2021-05-31 19:15 - 001094864 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-06-06 03:13 - 2021-05-31 19:15 - 001094864 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-06-06 03:13 - 2021-05-31 19:15 - 000948936 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-06-06 03:13 - 2021-05-31 19:15 - 000948936 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-06-06 03:13 - 2021-05-31 19:11 - 001514784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-06-06 03:13 - 2021-05-31 19:11 - 001166096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-06-06 03:13 - 2021-05-31 19:11 - 000715536 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-06-06 03:13 - 2021-05-31 19:11 - 000689952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-06-06 03:13 - 2021-05-31 19:11 - 000675104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-06-06 03:13 - 2021-05-31 19:11 - 000575760 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-06-06 03:13 - 2021-05-31 19:11 - 000563984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-06-06 03:13 - 2021-05-31 19:10 - 008317200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-06-06 03:13 - 2021-05-31 19:10 - 007434032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-06-06 03:13 - 2021-05-31 19:10 - 002823472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-06-06 03:13 - 2021-05-31 19:10 - 002106160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-06-06 03:13 - 2021-05-31 19:10 - 001590576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-06-06 03:13 - 2021-05-31 19:10 - 000811808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-06-06 03:13 - 2021-05-31 19:10 - 000656176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-06-06 03:13 - 2021-05-31 19:10 - 000445744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-06-06 03:13 - 2021-05-31 19:09 - 004795152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-06-06 03:13 - 2021-05-31 19:09 - 000848688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-06-06 03:13 - 2021-05-31 19:08 - 006159160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-06-06 03:13 - 2021-05-28 02:01 - 000087164 _____ C:\WINDOWS\system32\nvinfo.pb
2021-06-05 01:41 - 2021-06-05 01:41 - 000000000 ____D C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Kaspersky Lab
2021-06-05 01:07 - 2021-06-05 01:07 - 000309104 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
2021-06-05 01:00 - 2021-06-05 01:00 - 000003192 _____ C:\WINDOWS\system32\Tasks\kpm_tray.exe
2021-06-05 01:00 - 2021-06-05 01:00 - 000000000 ____D C:\Users\Default\AppData\Local\Kaspersky Lab
2021-06-05 01:00 - 2021-06-05 01:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Password Manager
2021-06-05 00:58 - 2021-06-05 00:58 - 000003392 _____ C:\WINDOWS\system32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2021-06-05 00:58 - 2021-06-05 00:58 - 000000000 ____D C:\Program Files\Common Files\AV
2021-06-05 00:57 - 2021-06-05 00:57 - 000263888 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2021-06-05 00:57 - 2021-06-05 00:57 - 000224880 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
2021-06-05 00:57 - 2021-06-05 00:57 - 000115744 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
2021-06-05 00:57 - 2021-06-05 00:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky VPN
2021-06-05 00:57 - 2021-06-05 00:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Cloud
2021-06-05 00:56 - 2021-06-05 00:59 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2021-06-05 00:56 - 2021-06-05 00:59 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2021-06-05 00:56 - 2021-02-19 21:09 - 000110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll
2021-06-05 00:56 - 2021-02-19 21:08 - 001042712 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2021-06-05 00:56 - 2021-02-19 21:08 - 000514840 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys
2021-06-05 00:32 - 2021-06-05 00:32 - 002810752 _____ (Kaspersky) C:\Users\pc.DESKTOP-SSB3C3R\Downloads\ks4.021.3.10.391en_es_25350.exe
2021-06-05 00:23 - 2021-06-05 00:23 - 000000000 ___HD C:\$SysReset
2021-06-04 21:14 - 2021-06-04 21:14 - 002278383 _____ C:\Users\pc.DESKTOP-SSB3C3R\Downloads\ModSkin_11.11.1.zip
2021-06-04 01:03 - 2021-06-04 01:03 - 000000000 ___HD C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\com.unusualsoft.ball3d
2021-06-03 00:35 - 2021-06-03 00:36 - 069072384 _____ (Riot Games, Inc.) C:\Users\pc.DESKTOP-SSB3C3R\Downloads\Install VALORANT (1).exe
2021-06-02 15:39 - 2021-06-02 15:50 - 000001583 _____ C:\Users\Public\Desktop\League of Legends.lnk
2021-06-02 15:39 - 2021-06-02 15:50 - 000001583 _____ C:\ProgramData\Desktop\League of Legends.lnk
2021-05-31 20:49 - 2021-05-31 20:49 - 000359124 _____ C:\Users\pc.DESKTOP-SSB3C3R\Downloads\VID-20210530-WA0003.mp4
2021-05-26 23:41 - 2021-05-26 23:41 - 000225382 _____ C:\Users\pc.DESKTOP-SSB3C3R\Downloads\186198087_132384722277722_5124019673388307673_n.mp4
2021-05-21 22:56 - 2021-05-24 18:15 - 000000000 ____D C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\LogMeIn Hamachi
2021-05-21 22:55 - 2021-05-21 22:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2021-05-21 22:55 - 2021-05-21 22:55 - 000000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2021-05-14 01:05 - 2021-05-14 01:05 - 000000000 ____D C:\Users\pc.DESKTOP-SSB3C3R\AppData\LocalLow\TuneTheDev
2021-05-12 19:58 - 2021-05-12 19:58 - 000000000 ____D C:\WINDOWS\Panther
2021-05-12 08:16 - 2021-05-12 08:16 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-05-12 08:16 - 2021-05-12 08:16 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-05-12 08:16 - 2021-05-12 08:16 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-05-12 08:16 - 2021-05-12 08:16 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-05-12 08:16 - 2021-05-12 08:16 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-05-12 08:16 - 2021-05-12 08:16 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll
2021-05-12 08:16 - 2021-05-12 08:16 - 000153600 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
2021-05-12 08:16 - 2021-05-12 08:16 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-05-12 08:15 - 2021-05-12 08:15 - 001823816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-05-12 08:15 - 2021-05-12 08:15 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-05-12 08:15 - 2021-05-12 08:15 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-05-12 08:15 - 2021-05-12 08:15 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-05-12 08:15 - 2021-05-12 08:15 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-05-12 08:15 - 2021-05-12 08:15 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-05-10 01:31 - 2021-05-10 01:31 - 003647658 _____ C:\Users\pc.DESKTOP-SSB3C3R\Downloads\buoyungirmicemicin.mp4
2021-05-10 01:12 - 2021-05-10 01:14 - 000000000 ____D C:\AdwCleaner
2021-05-10 00:51 - 2021-06-07 18:10 - 000000000 ____D C:\Program Files\CCleaner
2021-05-10 00:51 - 2021-05-25 18:10 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-05-10 00:51 - 2021-05-10 00:51 - 000002882 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-05-10 00:51 - 2021-05-10 00:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-06-07 20:42 - 2021-02-24 15:30 - 000000000 ____D C:\Users\pc.DESKTOP-SSB3C3R\Desktop\legendonline
2021-06-07 20:38 - 2019-12-07 12:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-06-07 20:26 - 2019-05-31 22:43 - 000000000 ____D C:\ProgramData\Riot Games
2021-06-07 20:24 - 2020-09-24 21:13 - 000000000 ____D C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Spotify
2021-06-07 20:09 - 2020-09-24 21:11 - 000000000 ____D C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Spotify
2021-06-07 19:33 - 2020-11-02 23:04 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-06-07 18:11 - 2021-01-01 23:47 - 000004192 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{A3631751-5718-4A6F-AB84-D7A2ACA3DC5C}
2021-06-07 12:25 - 2019-03-13 12:40 - 000000000 ____D C:\ProgramData\NVIDIA
2021-06-07 05:43 - 2019-12-07 12:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-06-07 05:43 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-06-07 03:20 - 2019-08-01 09:57 - 000000000 ____D C:\Fraps
2021-06-07 03:13 - 2019-05-30 16:43 - 000000000 ____D C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Discord
2021-06-07 02:17 - 2021-05-05 13:27 - 000000000 ____D C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Discord
2021-06-07 02:15 - 2019-12-07 12:13 - 000000000 ____D C:\WINDOWS\INF
2021-06-07 02:15 - 2019-03-13 12:36 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-06-07 01:52 - 2019-05-30 16:50 - 000000000 ____D C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-06-06 12:10 - 2019-06-05 17:07 - 000000000 ____D C:\Users\pc.DESKTOP-SSB3C3R\BrawlhallaReplays
2021-06-06 10:14 - 2021-04-17 02:43 - 000000000 ____D C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\lunarclient
2021-06-06 03:51 - 2019-05-31 14:05 - 000000000 ____D C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\NVIDIA
2021-06-06 03:34 - 2019-03-13 12:39 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2021-06-06 03:01 - 2019-05-31 20:50 - 000000000 ____D C:\ProgramData\Packages
2021-06-06 03:01 - 2019-05-30 16:40 - 000000000 ____D C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\PlaceholderTileLogoFolder
2021-06-06 03:01 - 2019-05-28 14:12 - 000000000 ____D C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Packages
2021-06-06 03:00 - 2019-03-13 18:55 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-06-06 02:59 - 2019-05-28 14:12 - 000000000 ____D C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\ConnectedDevicesPlatform
2021-06-05 20:35 - 2020-11-02 23:34 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-06-05 20:35 - 2020-11-02 23:04 - 000008192 ___SH C:\DumpStack.log.tmp
2021-06-05 20:12 - 2019-12-07 12:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-06-05 15:36 - 2020-09-07 00:53 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-06-05 00:57 - 2019-12-07 12:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-06-05 00:56 - 2019-12-07 12:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-06-05 00:46 - 2020-11-02 23:11 - 000000000 ____D C:\Users\pc.DESKTOP-SSB3C3R
2021-06-03 00:36 - 2019-10-10 14:10 - 000000000 ____D C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Riot Games
2021-06-02 15:39 - 2019-12-22 00:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2021-06-02 15:37 - 2020-06-05 02:47 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2021-06-02 02:06 - 2019-03-13 12:41 - 000002297 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-05-31 19:08 - 2020-10-05 00:00 - 007212232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-05-31 18:56 - 2021-04-29 17:23 - 000002380 _____ C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-05-31 18:56 - 2020-11-02 23:34 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2083803427-3784009630-4091105537-1001
2021-05-31 18:56 - 2019-05-28 14:17 - 000000000 ___RD C:\Users\pc.DESKTOP-SSB3C3R\OneDrive
2021-05-28 02:01 - 2020-10-05 00:00 - 000136472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2021-05-27 17:36 - 2019-05-30 17:31 - 000000000 ____D C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\D3DSCache
2021-05-25 19:42 - 2021-05-05 13:28 - 000002296 _____ C:\Users\pc.DESKTOP-SSB3C3R\Desktop\Discord.lnk
2021-05-24 14:54 - 2020-11-02 23:22 - 001679838 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-05-24 14:54 - 2019-12-07 17:43 - 000704162 _____ C:\WINDOWS\system32\perfh01F.dat
2021-05-24 14:54 - 2019-12-07 17:43 - 000144348 _____ C:\WINDOWS\system32\perfc01F.dat
2021-05-17 13:10 - 2021-04-17 02:43 - 000000000 ____D C:\Users\pc.DESKTOP-SSB3C3R\.lunarclient
2021-05-14 20:10 - 2019-03-13 18:52 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-05-14 06:21 - 2019-07-23 08:48 - 000000000 ____D C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\CrashDumps
2021-05-12 20:05 - 2019-12-07 12:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-05-12 19:59 - 2020-11-02 23:04 - 000257984 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-05-12 19:54 - 2019-12-07 17:45 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-05-12 19:54 - 2019-12-07 17:44 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-05-12 19:54 - 2019-12-07 12:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-05-12 19:54 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-05-12 19:54 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-05-12 19:54 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-05-12 19:54 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-05-12 19:54 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-05-12 19:54 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-05-12 19:54 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-05-12 19:54 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-05-12 19:54 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-05-12 19:54 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-05-12 19:54 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-05-12 19:54 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-05-12 19:54 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-05-12 19:54 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-05-12 19:54 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-05-12 19:54 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-05-12 08:23 - 2019-12-07 12:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-05-12 08:22 - 2019-12-07 17:45 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-05-12 07:47 - 2019-05-30 17:36 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-05-12 07:42 - 2019-05-30 17:36 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-05-10 01:08 - 2021-01-21 02:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\by.xatab
2021-05-10 01:08 - 2021-01-02 02:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macro Recorder
2021-05-10 01:08 - 2021-01-01 16:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GS Auto Clicker
2021-05-10 01:08 - 2020-10-03 21:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2021-05-10 01:08 - 2020-09-25 20:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TruckersMP Launcher
2021-05-10 01:08 - 2019-10-05 21:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6 Oyna
2021-05-10 01:08 - 2019-06-07 06:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2021-05-10 01:04 - 2020-05-05 19:14 - 000000000 ____D C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Roblox
2021-05-10 01:00 - 2019-10-30 16:08 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-05-10 00:53 - 2019-06-12 09:07 - 000000000 ____D C:\Temp
2021-05-08 18:05 - 2021-02-19 21:09 - 001439456 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys
2021-05-08 18:05 - 2021-02-19 21:09 - 000657696 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klgse.sys

==================== Files in the root of some directories ========

2019-10-28 10:41 - 2019-10-28 10:41 - 000000278 _____ () C:\ProgramData\fontcacheev1.dat
2019-12-04 05:18 - 2021-01-01 14:01 - 037931184 _____ () C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\gameboxsetup.exe
2020-06-22 02:43 - 2020-06-22 02:43 - 000000098 _____ () C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\LauncherSettings_live.cfg
2020-06-22 02:34 - 2020-06-22 02:34 - 000002513 _____ () C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\TheHunterSettings_live.bin
2020-06-22 02:37 - 2020-06-22 02:37 - 000000049 _____ () C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\TheHunterSettings_steam_live.cfg
2020-11-01 00:39 - 2020-11-01 00:39 - 000000017 _____ () C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\resmon.resmoncfg

==================== FCheck ================================

(If an entry is included in the fixlist, the file/folder will be moved.)

FCheck: C:\WINDOWS\SysWOW64\lastpass_1337.exe [2019-08-06] <==== ATTENTION (zero byte File/Folder)

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
         
Code:
ATTFilter
 Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-06-2021 01
Ran by pc (07-06-2021 20:43:00)
Running from C:\Users\pc.DESKTOP-SSB3C3R\Downloads
Windows 10 Pro Version 20H2 19042.985 (X64) (2020-11-02 20:35:24)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2083803427-3784009630-4091105537-500 - Administrator - Disabled)
defaultuser0 (S-1-5-21-2083803427-3784009630-4091105537-1000 - Limited - Disabled)
Guest (S-1-5-21-2083803427-3784009630-4091105537-501 - Limited - Disabled)
pc (S-1-5-21-2083803427-3784009630-4091105537-1001 - Administrator - Enabled) => C:\Users\pc.DESKTOP-SSB3C3R
VarsayılanHesap (S-1-5-21-2083803427-3784009630-4091105537-503 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2083803427-3784009630-4091105537-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Security Cloud (Disabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Security Cloud (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

CCleaner (HKLM\...\CCleaner) (Version: 5.80 - Piriform)
Discord (HKU\S-1-5-21-2083803427-3784009630-4091105537-1001\...\Discord) (Version: 1.0.9001 - Discord Inc.)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.77 - Google LLC)
Java 8 Update 291 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180291F0}) (Version: 8.0.2910.10 - Oracle Corporation)
Java 8 Update 291 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180291F0}) (Version: 8.0.2910.10 - Oracle Corporation)
Kaspersky Password Manager (HKLM-x32\...\{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab) Hidden
Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab)
Kaspersky Security Cloud (HKLM-x32\...\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky Security Cloud (HKLM-x32\...\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky)
Kaspersky VPN (HKLM-x32\...\{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky VPN (HKLM-x32\...\InstallWIX_{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2}) (Version: 21.3.10.391 - Kaspersky)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-2083803427-3784009630-4091105537-1001\...\Riot Game league_of_legends.live) (Version:  - Riot Games, Inc)
LogMeIn Hamachi (HKLM-x32\...\{ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7}) (Version: 2.2.0.633 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.633 - LogMeIn, Inc.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.41 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2083803427-3784009630-4091105537-1001\...\OneDriveSetup.exe) (Version: 21.083.0425.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30411 (HKLM\...\{D93AC9C8-B6CF-391E-BD2F-48AF4727476C}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29910 (HKLM-x32\...\{c65252bf-6d9a-40b9-baf9-27e4e23dfa2f}) (Version: 14.28.29910.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
NVIDIA FrameView SDK 1.1.4923.29781331 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29781331 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.22.0.32 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.22.0.32 - NVIDIA Corporation)
NVIDIA GeForce NOW 2.0.23.110 (HKU\S-1-5-21-2083803427-3784009630-4091105537-1001\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GeforceNOW) (Version: 2.0.23.110 - NVIDIA Corporation)
NVIDIA Grafik Sürücüsü 466.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 466.63 - NVIDIA Corporation)
NVIDIA HD Ses Sürücüsü 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{DEA314C4-0929-4250-BC92-98E4C105F28D}) (Version: 9.10.0129 - NVIDIA Corporation)
NVIDIA PhysX Sistem Yazılımı 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
paint.net (HKLM\...\{6FED3D93-C0FA-4BD7-A36F-7FC53698244F}) (Version: 4.2.15 - dotPDN LLC)
PreMiD (HKU\S-1-5-21-2083803427-3784009630-4091105537-1001\...\PreMiD latest) (Version: 2.2.0 - Timeraa)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Spotify (HKU\S-1-5-21-2083803427-3784009630-4091105537-1001\...\Spotify) (Version: 1.1.60.672.g6ad9c215 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamer Life Simulator (HKU\S-1-5-21-2083803427-3784009630-4091105537-1001\...\Streamer Life Simulator) (Version:  - HOODLUM)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.11.6 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{2E8B8BDD-03DF-4C1C-8C99-E6A4BCBF43CE}) (Version: 2.51.0.0 - Microsoft Corporation)
WhatsApp (HKU\S-1-5-21-2083803427-3784009630-4091105537-1001\...\WhatsApp) (Version: 2.2027.10 - WhatsApp)
WinRAR 5.91 (32 bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)

Packages:
=========
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.59.1.0_x86__kgqvnymyfvs32 [2021-06-03] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2030.2.0_x86__kgqvnymyfvs32 [2021-05-27] (king.com)
Fotoğraflar Medya Altyapısı Eklentisi -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-01-15] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-05-30] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-05-30] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5310.0_x64__8wekyb3d8bbwe [2021-06-07] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-06-06] (NVIDIA Corp.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-06-05] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2020-08-28] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2020-08-28] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-06-05] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers4: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-06-05] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1108979a670abe46\nvshext.dll [2021-05-31] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-06-05] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2020-08-28] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2020-08-28] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-04-26 21:33 - 2021-06-04 07:52 - 004329600 _____ (Mercer Road Corp -> Mercer Road Corp) [File not signed] B:\Riot Games\Riot Client\vivoxsdk_v4.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS\System32:tdsrset_i.gfc [1455]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-2083803427-3784009630-4091105537-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.joygame.com/games.aspx?g=2001
SearchScopes: HKU\S-1-5-21-2083803427-3784009630-4091105537-1001 -> DefaultScope {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = hxxps://yandex.com.tr/search/?text={searchTerms}&clid=2233630
SearchScopes: HKU\S-1-5-21-2083803427-3784009630-4091105537-1001 -> {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = hxxps://yandex.com.tr/search/?text={searchTerms}&clid=2233630
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_291\bin\ssv.dll [2021-04-26] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-04-26] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\ssv.dll [2021-04-26] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-04-26] (Oracle America, Inc. -> Oracle Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2083803427-3784009630-4091105537-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2083803427-3784009630-4091105537-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 02:38 - 2021-04-04 19:34 - 000000086 _____ C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0 masyaf.net
0.0.0.0 www.masyaf.net
0.0.0.0 masyaf.org
0.0.0.0 www.masyaf.org

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2083803427-3784009630-4091105537-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\pc.DESKTOP-SSB3C3R\Desktop\1018181.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: BEService => 3
MSCONFIG\Services: EasyAntiCheat => 3
MSCONFIG\Services: FvSvc => 3
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: McAfee WebAdvisor => 2
MSCONFIG\Services: NvContainerLocalSystem => 2
MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
MSCONFIG\Services: Origin Web Helper Service => 2
MSCONFIG\Services: QMEmulatorService => 2
MSCONFIG\Services: RvControlSvc => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: uncheater_bgl => 3
MSCONFIG\Services: vgc => 3
HKLM\...\StartupApproved\StartupFolder: => "Mediatek Wireless Utility.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "RadminVPN"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-2083803427-3784009630-4091105537-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2083803427-3784009630-4091105537-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2083803427-3784009630-4091105537-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2083803427-3784009630-4091105537-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-2083803427-3784009630-4091105537-1001\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-2083803427-3784009630-4091105537-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2083803427-3784009630-4091105537-1001\...\StartupApproved\Run: => "Chromium"
HKU\S-1-5-21-2083803427-3784009630-4091105537-1001\...\StartupApproved\Run: => "com.blitz.app"
HKU\S-1-5-21-2083803427-3784009630-4091105537-1001\...\StartupApproved\Run: => "Adguard"
HKU\S-1-5-21-2083803427-3784009630-4091105537-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-2083803427-3784009630-4091105537-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_B95DBF8F51F526A2277EEAC12754CD8D"
HKU\S-1-5-21-2083803427-3784009630-4091105537-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_9A61B6E5303EB158C1519CE517410451"
HKU\S-1-5-21-2083803427-3784009630-4091105537-1001\...\StartupApproved\Run: => "PreMiD"
HKU\S-1-5-21-2083803427-3784009630-4091105537-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{AA7A177F-DC18-407C-BD52-172C802AAF40}] => (Allow) B:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{A2F4E13D-54D6-4C53-9089-263CE346537A}] => (Allow) B:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{6877BABA-A470-490E-AE94-A2433F15B09E}] => (Allow) B:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{0F6AB391-D162-4B7A-8695-824790432BB6}] => (Allow) B:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{D2669BE2-4CBA-4860-9D5E-1CBF00B16541}] => (Allow) B:\APB\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe (WARNER BROS. ENTERTAINMENT INC. -> Rocksteady Studios Ltd.) [File not signed]
FirewallRules: [{495C38D0-DD42-47D6-B55F-1ED4003663DA}] => (Allow) B:\APB\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe (WARNER BROS. ENTERTAINMENT INC. -> Rocksteady Studios Ltd.) [File not signed]
FirewallRules: [{F449541A-3162-4294-B1C5-A7B51CE812A1}] => (Allow) B:\APB\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{052989D8-3BDD-4819-90D9-8B2ED82DB5AB}] => (Allow) B:\APB\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{4500F4AF-8220-42BB-BFD0-DBB721AAC95E}] => (Allow) B:\APB\steamapps\common\Brawlhalla\Brawlhalla.exe () [File not signed]
FirewallRules: [{62D235AD-A1E0-470A-89EA-2CD080B6348C}] => (Allow) B:\APB\steamapps\common\Brawlhalla\Brawlhalla.exe () [File not signed]
FirewallRules: [{4B1C3EC8-FE53-4A75-A6F3-773695BFAB92}] => (Allow) B:\APB\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{46B0BA3E-D554-46D8-9C5F-A8F0CF315E1F}] => (Allow) B:\APB\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [UDP Query User{20943B31-9092-4D69-BEAB-893F3783FF81}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{B690C6C2-5BD2-4433-BD85-4D736EB9FD76}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E7F2A157-CD4A-4A6E-A8F3-743C3FCC104D}] => (Allow) B:\APB\steamapps\common\The Forest\TheForestVR.exe () [File not signed]
FirewallRules: [{4541484A-2F67-4B91-A5E3-900AB89F6FD8}] => (Allow) B:\APB\steamapps\common\The Forest\TheForestVR.exe () [File not signed]
FirewallRules: [{1CE9B569-7055-4D68-BD4E-2578FB212247}] => (Allow) B:\APB\steamapps\common\The Forest\TheForest.exe () [File not signed]
FirewallRules: [{A8564911-AEE9-4DAA-85DA-511D65BF7928}] => (Allow) B:\APB\steamapps\common\The Forest\TheForest.exe () [File not signed]
FirewallRules: [{8CDCA4F8-8732-4DF2-8975-5BAAA16A4EB4}] => (Allow) B:\APB\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{337B3993-69C8-4CC4-9D37-91B898CEEF2C}] => (Allow) B:\APB\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{FEA9BCFE-3067-499E-BD94-9D0F19845AE5}] => (Allow) B:\APB\steamapps\common\Ball 3D\Ball 3D.exe () [File not signed]
FirewallRules: [{62658D4C-8D40-4279-A4E4-7D1F23ED31BE}] => (Allow) B:\APB\steamapps\common\Ball 3D\Ball 3D.exe () [File not signed]
FirewallRules: [UDP Query User{9931A72A-6A3F-46EC-8F49-CE8C599C8CCA}B:\apb\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) B:\apb\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [TCP Query User{73437F3E-95A6-452E-AD81-BEA1060588B8}B:\apb\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) B:\apb\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [{56626C03-127A-499F-9771-2593E2B41649}] => (Allow) B:\APB\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{BCF492EA-6337-4BBF-BE12-5F1225F675B6}] => (Allow) B:\APB\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{1E0768C6-F264-435A-A6E7-C44284B85822}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{EC7BBBFF-4145-4B1C-842B-51600CAFD86A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B7AB375D-31E2-42C8-8E76-091AFC7932D5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{141C4D0C-C338-4ED4-8045-6CCC2EF24CB7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{3E097490-7DD7-41C7-9B4D-21BE20DE7E32}C:\users\pc.desktop-ssb3c3r\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pc.desktop-ssb3c3r\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{2D2E38DF-1606-41BC-9C7C-FBAEABDA012F}C:\users\pc.desktop-ssb3c3r\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pc.desktop-ssb3c3r\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{B49AF519-4790-4328-BE9C-732BF353F082}C:\users\pc.desktop-ssb3c3r\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pc.desktop-ssb3c3r\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{55E0AE7F-0C3B-4097-88CE-5C7E43771F35}C:\users\pc.desktop-ssb3c3r\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pc.desktop-ssb3c3r\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9DA1DE23-DC6D-4EB5-B9A5-D8D0DA119452}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{49B0FB11-D112-4E95-BC3F-DAF6CE99B304}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C4D087C7-3CB4-41B4-ABA9-49B31C29A707}] => (Allow) B:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{2354487C-34EA-47D2-89AD-B08DE2926D76}] => (Allow) B:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{0EC6EBBE-6BEF-4915-8BEC-69468A5AC2FF}] => (Allow) B:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{6122C222-7CF7-4651-BD2C-666598EC16DA}] => (Allow) B:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{FF39D7B5-B9EC-4874-9BD7-8127877250F1}B:\riot games\league of legends\game\league of legends.exe] => (Allow) B:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{E2CEFCDE-2449-4F93-9636-6BC1CD45DAA6}B:\riot games\league of legends\game\league of legends.exe] => (Allow) B:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{8B04D666-4F39-40A7-80C4-467CEF6CDADA}] => (Block) B:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{08B097B8-1E61-4788-BA8E-65FCCDF2DC32}] => (Block) B:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{AC70C4FF-F9EB-477A-96C4-D141C0516D87}B:\yeni klasör\bin\javaw.exe] => (Allow) B:\yeni klasör\bin\javaw.exe
FirewallRules: [UDP Query User{05F4E920-DA01-4145-940C-E300CB77A776}B:\yeni klasör\bin\javaw.exe] => (Allow) B:\yeni klasör\bin\javaw.exe
FirewallRules: [{B8E19DF2-B420-48ED-A550-00C8738BDEAE}] => (Block) B:\yeni klasör\bin\javaw.exe
FirewallRules: [{FA465466-3F31-4636-B21B-32334C3FCD2D}] => (Block) B:\yeni klasör\bin\javaw.exe
FirewallRules: [{E805C747-D8D3-4F47-AE08-FAE27E02CE20}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{436079CB-DD0A-49CF-8607-FDB839C20146}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A2A40BB1-7F4A-4FC1-B62D-5FE27905471C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{15FD4DE8-E2AF-42E7-87E2-D814BBE982C6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{22225E42-4391-4401-8F54-391E51DC533E}C:\users\pc.desktop-ssb3c3r\appdata\roaming\premid\premid.exe] => (Allow) C:\users\pc.desktop-ssb3c3r\appdata\roaming\premid\premid.exe (GitHub, Inc.) [File not signed]
FirewallRules: [UDP Query User{0084D709-40B8-45E9-BD4A-F2CC4905B2CF}C:\users\pc.desktop-ssb3c3r\appdata\roaming\premid\premid.exe] => (Allow) C:\users\pc.desktop-ssb3c3r\appdata\roaming\premid\premid.exe (GitHub, Inc.) [File not signed]
FirewallRules: [{C0B28B10-C037-4296-BC96-0DED6DE6D1CF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B98E7E38-AEBA-4097-ABEB-98BDDF9D95DE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BC24A7ED-0255-49FC-AF1D-C0577882692F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5B816C65-E562-4F61-9F4A-9CBEF7A88E6B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B3001C85-5BA4-44E9-B5F2-BDC57B40117E}] => (Allow) B:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{0D65218C-E01B-4757-BFB4-F1B91A859440}] => (Allow) B:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{5ECB329E-05D8-4F70-850C-D31B6A356CB8}] => (Allow) B:\Steam\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [{384BADFB-7AC9-4BED-A248-076661B5ACCB}] => (Allow) B:\Steam\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [{6259A95B-5F56-4D52-9D1C-82EA774B40FB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CD972A3D-91E3-4122-8026-991A473A04E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F4610548-4621-4561-BE10-56315B920BAF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0B0805F7-2C76-4D0C-8DB3-AAFACC5B1101}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{7756C34B-5A09-402F-9026-D24E2B17BD96}C:\users\pc.desktop-ssb3c3r\.lunarclient\jre\zulu8.52.0.23-ca-fx-jre8.0.282-win_x64\bin\javaw.exe] => (Allow) C:\users\pc.desktop-ssb3c3r\.lunarclient\jre\zulu8.52.0.23-ca-fx-jre8.0.282-win_x64\bin\javaw.exe
FirewallRules: [UDP Query User{9203BDA6-49C1-4F22-BC01-77323E14FB63}C:\users\pc.desktop-ssb3c3r\.lunarclient\jre\zulu8.52.0.23-ca-fx-jre8.0.282-win_x64\bin\javaw.exe] => (Allow) C:\users\pc.desktop-ssb3c3r\.lunarclient\jre\zulu8.52.0.23-ca-fx-jre8.0.282-win_x64\bin\javaw.exe
FirewallRules: [TCP Query User{D1A2813D-9C6E-481F-945D-17A59D0184D7}B:\minecraft\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) B:\minecraft\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe => No File
FirewallRules: [UDP Query User{8A61D8CB-DFC7-42E0-82E3-F06949C8F8EC}B:\minecraft\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) B:\minecraft\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe => No File
FirewallRules: [{294E1B50-3113-49CE-9B74-FD6654E8AFD3}] => (Allow) B:\Steam\steamapps\common\Golf Galore\Golf Galore.exe () [File not signed]
FirewallRules: [{32BB35D3-73FE-4B91-84D9-374DA89BEAC6}] => (Allow) B:\Steam\steamapps\common\Golf Galore\Golf Galore.exe () [File not signed]
FirewallRules: [{C3BC9202-BFD8-4761-A954-069F27F771C4}] => (Allow) B:\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe () [File not signed]
FirewallRules: [{16307A26-7503-4540-8B8D-396569643B98}] => (Allow) B:\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe () [File not signed]
FirewallRules: [{5944B34C-CED5-40A4-83D0-1F6605F6E57F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{9FCD8826-2383-4F96-843B-9F4D4A57BCFA}] => (Allow) B:\Steam\steamapps\common\Ball 3D\Ball 3D.exe () [File not signed]
FirewallRules: [{ABEFDAA1-C87C-4676-9432-CCBB2E1A4F46}] => (Allow) B:\Steam\steamapps\common\Ball 3D\Ball 3D.exe () [File not signed]

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:110.75 GB) (Free:50.18 GB) (45%)

==================== Faulty Device Manager Devices ============

Name: Microsoft PS/2 Fare
Description: Microsoft PS/2 Fare
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Standart PS/2 Klavye
Description: Standart PS/2 Klavye
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standart klavyeler)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: ========================

Application errors:
==================
Error: (06/07/2021 08:38:33 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Lisans Etkinleştirme (slui.exe) şu hata koduyla başarısız oldu:
hr=0x803F7001
Komut satırı bağımsız değişkenleri:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=TimerEvent

Error: (06/06/2021 08:38:27 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Lisans Etkinleştirme (slui.exe) şu hata koduyla başarısız oldu:
hr=0x803F7001
Komut satırı bağımsız değişkenleri:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=TimerEvent

Error: (06/06/2021 03:35:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Hatalı uygulama adı: nvcontainer.exe, sürüm: 1.27.2835.6155, zaman damgası: 0x5eb2f12d
Hatalı modül adı: nvcontainer.exe, sürüm: 1.27.2835.6155, zaman damgası: 0x5eb2f12d
Özel durum kodu: 0xc0000409
Hata uzaklığı 0x000000000005d405
Hatalı işlem kimliği: 0xd7c
Uygulama başlangıç zamanı: 0x01d75a314dd661f2
Hatalı uygulama yolu: C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
Hatalı modül yolu: C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
Rapor kimliği: d5349222-15b4-4130-a1de-e8260909345e
Hatalı paket tam adı: 
Hatalı paketle ilgili uygulama kimliği:

Error: (06/06/2021 03:21:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Hatalı uygulama adı: NVDisplay.Container.exe, sürüm: 1.28.2851.9944, zaman damgası: 0x5edfa063
Hatalı modül adı: NVDisplay.Container.exe, sürüm: 1.28.2851.9944, zaman damgası: 0x5edfa063
Özel durum kodu: 0xc0000409
Hata uzaklığı 0x000000000005d975
Hatalı işlem kimliği: 0x1320
Uygulama başlangıç zamanı: 0x01d75a685dcf3b9b
Hatalı uygulama yolu: C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
Hatalı modül yolu: C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
Rapor kimliği: 7a4f50f3-851e-47cf-af3e-f1a1020d7e04
Hatalı paket tam adı: 
Hatalı paketle ilgili uygulama kimliği:

Error: (06/06/2021 01:02:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Hatalı uygulama adı: mousocoreworker.exe, sürüm: 10.0.19041.964, zaman damgası: 0x1c7141a7
Hatalı modül adı: mousocoreworker.exe, sürüm: 10.0.19041.964, zaman damgası: 0x1c7141a7
Özel durum kodu: 0xc0000005
Hata uzaklığı 0x00000000000252cd
Hatalı işlem kimliği: 0x280c
Uygulama başlangıç zamanı: 0x01d75a56644c1869
Hatalı uygulama yolu: C:\Windows\System32\mousocoreworker.exe
Hatalı modül yolu: C:\Windows\System32\mousocoreworker.exe
Rapor kimliği: 826cff98-a00d-4251-99d2-a02e64494615
Hatalı paket tam adı: 
Hatalı paketle ilgili uygulama kimliği:

Error: (06/05/2021 08:39:07 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Lisans Etkinleştirme (slui.exe) şu hata koduyla başarısız oldu:
hr=0x803F7001
Komut satırı bağımsız değişkenleri:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (06/05/2021 08:38:09 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Lisans Etkinleştirme (slui.exe) şu hata koduyla başarısız oldu:
hr=0x8007139F
Komut satırı bağımsız değişkenleri:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (06/05/2021 08:11:56 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Birim Gölge Kopyası Hizmeti hatası: CoCreateInstance yordamı çağrılırken beklenmeyen hata.  hr = 0x8007045b, Sistem kapatma işlemi sürüyor.
.


System errors:
=============
Error: (06/06/2021 03:45:06 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Kaspersky VPN Secure Connection Service 5.3 hizmeti beklenmedik şekilde sona erdi.  Bu durum 1 defa oluştu.  10000 milisaniye içinde şu düzeltme eylemi uygulanacak: Hizmeti yeniden başlat.

Error: (06/06/2021 03:36:12 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: NVIDIA LocalSystem Container hizmeti beklenmedik şekilde sona erdi.  Bu durum 1 defa oluştu.  6000 milisaniye içinde şu düzeltme eylemi uygulanacak: Hizmeti yeniden başlat.

Error: (06/05/2021 08:38:21 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Windows.Internal.StateRepository.ApplicationExtension sunucusu belirtilen zaman aşımı süresi içinde DCOM'a kayıt yaptıramadı.

Error: (06/05/2021 01:39:07 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Windows.Internal.StateRepository.ApplicationExtension sunucusu belirtilen zaman aşımı süresi içinde DCOM'a kayıt yaptıramadı.

Error: (06/05/2021 01:35:05 AM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: DCOM Sunucusu başlatılamadı: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}. Hata:
"2147942405"
Bu komut başlatılırken oluştu:
C:\WINDOWS\system32\wbem\wmiprvse.exe -secured -Embedding

Error: (06/05/2021 01:35:05 AM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: DCOM Sunucusu başlatılamadı: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}. Hata:
"2147942405"
Bu komut başlatılırken oluştu:
C:\WINDOWS\system32\wbem\wmiprvse.exe -secured -Embedding

Error: (06/05/2021 01:31:32 AM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: DCOM Sunucusu başlatılamadı: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}. Hata:
"2147942405"
Bu komut başlatılırken oluştu:
C:\WINDOWS\system32\wbem\wmiprvse.exe -secured -Embedding

Error: (06/05/2021 01:31:32 AM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: DCOM Sunucusu başlatılamadı: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}. Hata:
"2147942405"
Bu komut başlatılırken oluştu:
C:\WINDOWS\system32\wbem\wmiprvse.exe -secured -Embedding


Windows Defender:
================
Date: 2021-06-03 22:08:36
Description: 
Microsoft Defender Virüsten Koruma taraması tamamlanmadan durduruldu.
Tarama Kimliği: {F783695A-C3F2-44A1-9D54-89D953DE0B7F}
Tarama Türü: Kötü Amaçlı Yazılımdan Koruma
Tarama Parametreleri: Hızlı Tarama
Kullanıcı: NT AUTHORITY\SYSTEM

Date: 2021-06-02 20:25:56
Description: 
Microsoft Defender Virüsten Koruma taraması tamamlanmadan durduruldu.
Tarama Kimliği: {9C7ABA75-48D5-483B-A346-46202EF4D7A0}
Tarama Türü: Kötü Amaçlı Yazılımdan Koruma
Tarama Parametreleri: Hızlı Tarama
Kullanıcı: NT AUTHORITY\SYSTEM

Date: 2021-06-01 22:41:21
Description: 
Microsoft Defender Virüsten Koruma taraması tamamlanmadan durduruldu.
Tarama Kimliği: {C6D5C592-2C3A-484B-8E1E-EBD1E214B7EE}
Tarama Türü: Kötü Amaçlı Yazılımdan Koruma
Tarama Parametreleri: Hızlı Tarama
Kullanıcı: NT AUTHORITY\SYSTEM

Date: 2021-05-31 20:39:16
Description: 
Microsoft Defender Virüsten Koruma taraması tamamlanmadan durduruldu.
Tarama Kimliği: {E81B47B2-9419-41E1-A1E9-53DA66DC4B77}
Tarama Türü: Kötü Amaçlı Yazılımdan Koruma
Tarama Parametreleri: Hızlı Tarama
Kullanıcı: NT AUTHORITY\SYSTEM

Date: 2021-05-30 23:00:09
Description: 
Microsoft Defender Virüsten Koruma taraması tamamlanmadan durduruldu.
Tarama Kimliği: {C38A0F5F-95C3-40F9-BB13-D93DDEE0DDB9}
Tarama Türü: Kötü Amaçlı Yazılımdan Koruma
Tarama Parametreleri: Hızlı Tarama
Kullanıcı: NT AUTHORITY\SYSTEM

Date: 2021-06-04 05:30:05
Description: 
Microsoft Defender Virüsten Koruma güvenlik bilgilerini güncelleştirmeye çalışırken bir hatayla karşılaştı.
Yeni güvenlik bilgileri Sürümü: 
Önceki güvenlik bilgileri Sürümü: 1.339.1969.0
Güncelleştirme Kaynağı: Microsoft Update Sunucusu
Güvenlik bilgileri Türü: Virüsten Koruma
Güncelleştirme Türü: Tam
Kullanıcı: NT AUTHORITY\SYSTEM
Geçerli Altyapı Sürümü: 
Önceki Altyapı Sürümü: 1.1.18100.6
Hata Kodu: 0x80070643
Hata açıklaması: Yükleme sırasında önemli hata. 

Date: 2021-06-04 05:29:55
Description: 
Microsoft Defender Virüsten Koruma güvenlik bilgilerini güncelleştirmeye çalışırken bir hatayla karşılaştı.
Yeni güvenlik bilgileri Sürümü: 1.341.8.0
Önceki güvenlik bilgileri Sürümü: 1.339.1969.0
Güncelleştirme Kaynağı: Kullanıcı
Güvenlik bilgileri Türü: Casus Yazılım Önleme
Güncelleştirme Türü: Farklar
Kullanıcı: NT AUTHORITY\SYSTEM
Geçerli Altyapı Sürümü: 1.1.18200.4
Önceki Altyapı Sürümü: 1.1.18100.6
Hata Kodu: 0x80070666
Hata açıklaması: Bu ürünün başka bir sürümü zaten yüklü. Bu sürümün yüklenmesine devam edilemiyor. Bu ürünün varolan sürümünü yapılandırmak veya kaldırmak için Denetim Masası'nda Program Ekle/Kaldır'ı kullanın. 

Date: 2021-06-04 05:29:55
Description: 
Microsoft Defender Virüsten Koruma güvenlik bilgilerini güncelleştirmeye çalışırken bir hatayla karşılaştı.
Yeni güvenlik bilgileri Sürümü: 1.341.8.0
Önceki güvenlik bilgileri Sürümü: 1.339.1969.0
Güncelleştirme Kaynağı: Kullanıcı
Güvenlik bilgileri Türü: Virüsten Koruma
Güncelleştirme Türü: Farklar
Kullanıcı: NT AUTHORITY\SYSTEM
Geçerli Altyapı Sürümü: 1.1.18200.4
Önceki Altyapı Sürümü: 1.1.18100.6
Hata Kodu: 0x80070666
Hata açıklaması: Bu ürünün başka bir sürümü zaten yüklü. Bu sürümün yüklenmesine devam edilemiyor. Bu ürünün varolan sürümünü yapılandırmak veya kaldırmak için Denetim Masası'nda Program Ekle/Kaldır'ı kullanın. 

Date: 2021-06-04 05:29:55
Description: 
Microsoft Defender Virüsten Koruma altyapıyı güncelleştirmeye çalışırken bir hatayla karşılaştı.
Yeni Altyapı Sürümü: 1.1.18200.4
Önceki Altyapı Sürümü: 1.1.18100.6
Kullanıcı: NT AUTHORITY\SYSTEM
Hata Kodu: 0x80070666
Hata açıklaması: Bu ürünün başka bir sürümü zaten yüklü. Bu sürümün yüklenmesine devam edilemiyor. Bu ürünün varolan sürümünü yapılandırmak veya kaldırmak için Denetim Masası'nda Program Ekle/Kaldır'ı kullanın. 

CodeIntegrity:
===============
Date: 2021-06-07 08:36:25
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2021-06-07 05:43:02
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.


==================== Memory info =========================== 

BIOS: American Megatrends Inc. 4.6.5 09/07/2016
Processor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
Percentage of memory in use: 83%
Total physical RAM: 8160.53 MB
Available physical RAM: 1386.84 MB
Total Virtual: 16988.14 MB
Available Virtual: 7326.14 MB

==================== Drives ================================

Drive b: (Yeni Birim) (Fixed) (Total:353.97 GB) (Free:172.29 GB) NTFS
Drive c: () (Fixed) (Total:110.75 GB) (Free:51.19 GB) NTFS

\\?\Volume{be810436-0000-0000-0000-100000000000}\ (Sistem Ayrıldı) (Fixed) (Total:0.54 GB) (Free:0.5 GB) NTFS
\\?\Volume{be810436-0000-0000-0000-70d21b000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: BE810436)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=110.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=512 MB) - (Type=27)
Partition 4: (Not Active) - (Size=354 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================
         

Alt 07.06.2021, 19:24   #2
amorte
 
WIndows 10: Kaspersky hat ein Virus gefunden, wahrscheinlich von einem Texturepack. - Standard

WIndows 10: Kaspersky hat ein Virus gefunden, wahrscheinlich von einem Texturepack.



Code:
ATTFilter
 Users shortcut scan result (x64) Version: 06-06-2021 01
Ran by pc (07-06-2021 20:58:34)
Running from C:\Users\pc.DESKTOP-SSB3C3R\Downloads
Boot Mode: Normal

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)


Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk -> C:\Program Files\paint.net\PaintDotNet.exe (dotPDN LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Konsol RAR kılavuzu.lnk -> C:\Program Files (x86)\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR yardımı.lnk -> C:\Program Files (x86)\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files (x86)\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> B:\Steam\steam.exe (Valve Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva\Recuva.lnk -> C:\Program Files\Recuva\recuva64.exe (Piriform Software Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva\Uninstall Recuva.lnk -> C:\Program Files\Recuva\uninst.exe (Piriform Software Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk -> C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision Photo Viewer.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe (NVIDIA Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mediatek Wireless\Mediatek Wireless Utility.lnk -> C:\Program Files (x86)\MediatekWiFi\Common\RaUI.exe (Mediatek Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\LogMeIn Hamachi.lnk -> C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky VPN\End User License Agreement.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\Doc\KSDE\en-US-xnotgdpr\consumer_traditional_licensing_eula.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky VPN\Kaspersky VPN.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksdeui.exe (AO Kaspersky Lab)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky VPN\My Kaspersky.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\kl.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Cloud\Kaspersky Security Cloud.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avpui.exe (AO Kaspersky Lab)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Cloud\Visit Kaspersky on the Web.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\kl.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Password Manager\Go to My Kaspersky.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpc.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Password Manager\Kaspersky Password Manager Help.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\help.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Password Manager\Kaspersky Password Manager.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm.exe (AO Kaspersky Lab)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk -> C:\Program Files\Java\jre1.8.0_291\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Software Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -> C:\Windows\System32\printmanagement.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\RecoveryDrive.lnk -> C:\Windows\System32\RecoveryDrive.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Registry Editor.lnk -> C:\Windows\regedit.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Defender Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\Windows\System32\quickassist.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\defaultuser0\AppData\Local\Microsoft\OneDrive\OneDrive.exe (No File)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\pc\Links\Desktop.lnk -> C:\Users\pc\Desktop ()
Shortcut: C:\Users\pc\Links\Downloads.lnk -> C:\Users\pc\Downloads ()
Shortcut: C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\pc\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\internet explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\pc\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth Dosya Aktarımı.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\pc\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\pc\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\pc\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\pc\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\pc\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\pc\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\pc\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\pc\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\pc\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\pc.DESKTOP-SSB3C3R\OneDrive\Kişisel Kasa.lnk -> C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Microsoft\OneDrive\19.232.1124.0008\FileSync.Resources.dll (No File)
Shortcut: C:\Users\pc.DESKTOP-SSB3C3R\Links\Desktop.lnk -> C:\Users\pc.DESKTOP-SSB3C3R\Desktop ()
Shortcut: C:\Users\pc.DESKTOP-SSB3C3R\Links\Downloads.lnk -> C:\Users\pc.DESKTOP-SSB3C3R\Downloads ()
Shortcut: C:\Users\pc.DESKTOP-SSB3C3R\Documents\Euro Truck Simulator 2\readme.rtf.lnk -> C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\readme.rtf (No File)
Shortcut: C:\Users\pc.DESKTOP-SSB3C3R\Desktop\Yeni klasör (2)\Spotify.lnk -> C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
Shortcut: C:\Users\pc.DESKTOP-SSB3C3R\Desktop\Yeni klasör (2)\Yeni klasör\GeForce Experience.lnk -> C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation)
Shortcut: C:\Users\pc.DESKTOP-SSB3C3R\Desktop\Yeni klasör (2)\Yeni klasör\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\pc.DESKTOP-SSB3C3R\Desktop\Yeni klasör (2)\Yeni klasör\Microsoft Edge.lnk -> Tile and icon assets
Shortcut: C:\Users\pc.DESKTOP-SSB3C3R\Desktop\Yeni klasör (2)\Yeni klasör\NVIDIA GeForce NOW.lnk -> C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\NVIDIA Corporation\GeForceNOW\CEF\GeForceNOW.exe (NVIDIA Corporation)
Shortcut: C:\Users\pc.DESKTOP-SSB3C3R\Desktop\Yeni klasör (2)\Yeni klasör\Spotify.lnk -> C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
Shortcut: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NVIDIA GeForce NOW.lnk -> C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\NVIDIA Corporation\GeForceNOW\CEF\GeForceNOW.exe (NVIDIA Corporation)
Shortcut: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk -> C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
Shortcut: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Konsol RAR kılavuzu.lnk -> C:\Program Files (x86)\WinRAR\Rar.txt ()
Shortcut: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR yardımı.lnk -> C:\Program Files (x86)\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files (x86)\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp\WhatsApp.lnk -> C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\WhatsApp\WhatsApp.exe (WhatsApp)
Shortcut: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PreMiD\PreMiD.lnk -> C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\PreMiD\PreMiD.exe (GitHub, Inc.)
Shortcut: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PreMiD\Uninstall PreMiD.lnk -> C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\PreMiD\uninstall.exe (Timeraa)
Shortcut: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth Dosya Aktarımı.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\cb5c0a23f64e3735\League of Legends.lnk -> B:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc.)
Shortcut: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)


ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\Mediatek Wireless Utility.lnk -> C:\Program Files (x86)\MediatekWiFi\Common\RaUI.exe (Mediatek Inc.) -> -s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games\League of Legends.lnk -> B:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc.) -> --launch-product=league_of_legends --launch-patchline=live
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision preview pack 1.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe (NVIDIA Corporation) -> /show
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mediatek Wireless\Uninstall - RT2870.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}\setup.exe (Mediatek) -> -runfromtemp -removeonly
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\Uninstall.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /i {ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7} REMOVE=ALL
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky VPN\Remove Kaspersky VPN.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /i{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2} REMOVE=ALL
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Cloud\Remove Kaspersky Security Cloud.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /i{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976} REMOVE=ALL
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Password Manager\Uninstall Kaspersky Password Manager.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /i{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611} REMOVE=ALL
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk -> C:\Program Files\Java\jre1.8.0_291\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk -> C:\Program Files\Java\jre1.8.0_291\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -> C:\Windows\System32\secpol.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) -> --sendto
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\SendTo\Faks alıcısı.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\pc\AppData\Roaming\Microsoft\Windows\SendTo\Faks alıcısı.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\pc\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\pc\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\pc\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\pc\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\pc\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\pc\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\pc\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\pc\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\pc\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\pc\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\pc\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\pc.DESKTOP-SSB3C3R\Desktop\Discord.lnk -> C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe
ShortcutWithArgument: C:\Users\pc.DESKTOP-SSB3C3R\Desktop\YouTube.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\pc.DESKTOP-SSB3C3R\Desktop\Yeni klasör (2)\Yeni klasör\Discord.lnk -> C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe
ShortcutWithArgument: C:\Users\pc.DESKTOP-SSB3C3R\Desktop\Yeni klasör (2)\Yeni klasör\League of Legends PBE.lnk -> B:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc.) -> --launch-product=league_of_legends --launch-patchline=pbe
ShortcutWithArgument: C:\Users\pc.DESKTOP-SSB3C3R\Desktop\Yeni klasör (2)\Yeni klasör\League of Legends.lnk -> B:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc.) -> --launch-product=league_of_legends --launch-patchline=live
ShortcutWithArgument: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc\Discord.lnk -> C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe
ShortcutWithArgument: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Uygulamaları\YouTube.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Microsoft\Windows\SendTo\Faks alıcısı.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) -> --sendto
ShortcutWithArgument: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\4ac866364817f10c\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\Public\Desktop\League of Legends.lnk -> B:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc.) -> --launch-product=league_of_legends --launch-patchline=live


InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Gameforge Client.url -> URL: gfclient://
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> URL: hxxp://support.steampowered.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva\Recuva Homepage.url -> URL: hxxp://www.ccleaner.com/recuva
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macro Recorder\Macro Recorder Online Support.url -> URL: hxxp://www.jitbit.com/docs/macrorecorder/index.htm
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.url -> URL: hxxps://java.com/help
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.url -> URL: hxxps://java.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner Homepage.url -> URL: hxxp://www.ccleaner.com/ccleaner
InternetURL: C:\Users\pc\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\pc.DESKTOP-SSB3C3R\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\pc.DESKTOP-SSB3C3R\Desktop\Counter-Strike Global Offensive.url -> URL: steam://rungameid/730
InternetURL: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Ball 3D Racing Soccer & Sports Games.url -> URL: steam://rungameid/485610
InternetURL: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Ball 3D.url -> URL: steam://rungameid/485610
InternetURL: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Brawlhalla.url -> URL: steam://rungameid/291550
InternetURL: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Counter-Strike Global Offensive.url -> URL: steam://rungameid/730
InternetURL: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Golf Galore.url -> URL: steam://rungameid/868080
InternetURL: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Left 4 Dead 2.url -> URL: steam://rungameid/550
InternetURL: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\My Stunt Life.url -> URL: steam://rungameid/1045650
InternetURL: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Portal 2.url -> URL: steam://rungameid/620
InternetURL: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Realm Royale.url -> URL: steam://rungameid/813820
InternetURL: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Valheim.url -> URL: steam://rungameid/892970
InternetURL: C:\Users\pc.DESKTOP-SSB3C3R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6\Cs 1.6 Sunucular.url -> URL: hxxp://www.oyunyoneticisi.com/sunucu.php

==================== End of Shortcut.txt =============================
         
__________________


Alt 07.06.2021, 19:42   #3
M-K-D-B
/// TB-Ausbilder
 
WIndows 10: Kaspersky hat ein Virus gefunden, wahrscheinlich von einem Texturepack. - Standard

WIndows 10: Kaspersky hat ein Virus gefunden, wahrscheinlich von einem Texturepack.







Mein Name ist Matthias und ich werde dir bei der Analyse und der eventuell notwendigen Bereinigung deines Computers helfen.




Zitat:
Zitat von amorte Beitrag anzeigen
Ich habe mein PC formatiert und möchte sichergehen, dass sich keine Viren mehr darauf befinden.
Wenn du den PC formatiert und anschließend eine saubere Neuinstallation durchgeführt hast, kann keine Malware mehr drauf sein. Daher ist eine Analyse in diesem Fall sinnfrei.

Alles Gute!
__________________

Alt 07.06.2021, 19:52   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
WIndows 10: Kaspersky hat ein Virus gefunden, wahrscheinlich von einem Texturepack. - Standard

WIndows 10: Kaspersky hat ein Virus gefunden, wahrscheinlich von einem Texturepack.



Ebenso sinnfrei ist das hier:

Zitat:
Kaspersky Security Cloud
CCleaner
Es sei denn man steht auf Leistungsverluste und Probleme mit solchen Kaputtmachern.

Zitat:
Windows 10 Pro Version 20H2
WinRAR 5.91 (32 bit)
Und das ist auch etwas fragwürdig. Wenn man schon alle abreißt und neu macht, dann installiert man gleich die aktuellen Versionen; 21H1 statt 20H2 und das alte WinRAR 5.91 sondern das aktuelle in 64-Bit-Version.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 08.06.2021, 19:50   #5
M-K-D-B
/// TB-Ausbilder
 
WIndows 10: Kaspersky hat ein Virus gefunden, wahrscheinlich von einem Texturepack. - Standard

WIndows 10: Kaspersky hat ein Virus gefunden, wahrscheinlich von einem Texturepack.



Schritt 1
  • Speichere deine Arbeiten und schließe alle offenen Programme, damit keine Daten verloren gehen.
  • Kopiere den gesamten Inhalt der folgenden Code-Box:
    Code:
    ATTFilter
    Start::
    DeleteQuarantine:
    Unlock: C:\FRST
    Reboot:
    End::
             
  • Starte nun FRST und klicke direkt den Reparieren Button.
    Wichtig: Du brauchst den Inhalt der Code-Box nirgends einfügen, da sich FRST den Code aus der Zwischenablage holt!
  • Das Tool führt die gewünschten Schritte aus und erstellt eine fixlog.txt im selben Verzeichnis, in dem sich FRST befindet.
  • Gegebenenfalls muss dein Rechner neu gestartet werden.
  • Poste mir den Inhalt der fixlog.txt mit deiner nächsten Antwort.





Schritt 2
Auf deinem Computer fehlt das aktuelle Funktionsupdate Version 21H1.
Zitat:
Platform: Windows 10 Pro Version 20H2
  • Folge dem Pfad Start > Einstellungen > Update und Sicherheit > Windows Update und klicke auf Nach Updates suchen.
  • Wähle das Funktionsupdates aus, downloade und installiere es.
  • Alternativ kannst du auch mit dem Update Assistenten deine Windows-Version auf den neuesten Stand bringen.
    Klicke dazu auf Jetzt aktualisieren, lade dir den Update-Assistenten herunter und führe ihn aus.








Dann wären wir durch!
Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.


Abschließend bitte noch einen Cleanup mit unserem TBCleanUpTool durchführen und unbedingt die Sicherheitsmaßnahmen lesen und umsetzen - beides ist in folgendem Lesestoff verlinkt:




Wenn Du möchtest, kannst Du hier sagen, ob du mit mir und meiner Hilfe zufrieden warst...
Vielleicht möchtest du das Forum mit einer kleinen Spende unterstützen.


Hinweis:
Bitte gib mir eine kurze Rückmeldung, sobald du die oben verlinkten Informationen gelesen hast, alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.


Alt 08.06.2021, 19:52   #6
M-K-D-B
/// TB-Ausbilder
 
WIndows 10: Kaspersky hat ein Virus gefunden, wahrscheinlich von einem Texturepack. - Standard

WIndows 10: Kaspersky hat ein Virus gefunden, wahrscheinlich von einem Texturepack.



Dieses Thema scheint erledigt und wird aus unseren Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke uns bitte eine Erinnerung inklusive Link zum Thema.

Jeder andere bitte hier klicken und ein eigenes Thema erstellen.

Thema geschlossen

Themen zu WIndows 10: Kaspersky hat ein Virus gefunden, wahrscheinlich von einem Texturepack.
adware, avp, browser, cpu, defender, error, firefox, google, homepage, internet, internet explorer, kaspersky, mozilla, nvcontainer, nvcontainer.exe, proxy, registry, rundll, scan, security, software, svchost.exe, system, texturepack, udp, viren, virus, webadvisor, windows




Ähnliche Themen: WIndows 10: Kaspersky hat ein Virus gefunden, wahrscheinlich von einem Texturepack.


  1. HEUR:Trojan.Script.Generic (durch Kaspersky gefunden) | Windows 8.1 | Firefox
    Log-Analyse und Auswertung - 11.01.2018 (7)
  2. Windows 10 und die durch einem Virus verlorenen Adminrechte
    Plagegeister aller Art und deren Bekämpfung - 08.03.2017 (24)
  3. Kaspersky hat not-a-virus:Downloader.Win32.DownloadSponsor.pe im Temp gefunden
    Plagegeister aller Art und deren Bekämpfung - 06.03.2017 (2)
  4. Windows 10 und die durch einem Virus verlorenen Adminrechte
    Alles rund um Windows - 25.02.2017 (2)
  5. Kaspersky meldet legales Programm, das von einem Angreifer benutzt werden kann
    Log-Analyse und Auswertung - 29.09.2016 (5)
  6. TR/Crypt.XPACK.Gen gefunden in C:\ProgramData\Kaspersky Lab, Windows 10, über Avira gefunden
    Log-Analyse und Auswertung - 03.04.2016 (13)
  7. Kaspersky meldet: Legales Programm, das von einem Angreifer benutzt werden kann, um den Computer oder die Benutzerdaten zu beschädigen
    Plagegeister aller Art und deren Bekämpfung - 06.07.2015 (16)
  8. Not-a-Virus: Adware.win32.cydoor von Kaspersky auf externer Festplatte gefunden
    Plagegeister aller Art und deren Bekämpfung - 22.01.2014 (3)
  9. cmd.exe bei Windows XP nach Entfernung von GVU Virus mit Kaspersky
    Plagegeister aller Art und deren Bekämpfung - 26.09.2013 (21)
  10. Bka Virus auf einem Windows XP PC
    Plagegeister aller Art und deren Bekämpfung - 07.08.2013 (5)
  11. Trojan-Downloader.Win32.MultiDL.c über Kaspersky gefunden, Objekt: C:\\Windows\System32\Macromed\Flash\FlashPlayerUpdateService,
    Plagegeister aller Art und deren Bekämpfung - 23.07.2013 (11)
  12. Wahrscheinlich Virus eingefangen
    Plagegeister aller Art und deren Bekämpfung - 23.12.2011 (16)
  13. Antivir meldet einen Wurm den ich wahrscheinlich von einem Facebook Link habe!!!
    Plagegeister aller Art und deren Bekämpfung - 17.08.2011 (1)
  14. Verdacht auf Virus/Malware nach Upgrade auf Windows 7 Kaspersky Untersuchung bleibt hängen!
    Plagegeister aller Art und deren Bekämpfung - 05.04.2011 (3)
  15. PC wahrscheinlich von Virus befallen
    Log-Analyse und Auswertung - 11.01.2010 (3)
  16. Virus vorhanden - wahrscheinlich?
    Plagegeister aller Art und deren Bekämpfung - 14.11.2009 (0)
  17. wahrscheinlich virus an board
    Plagegeister aller Art und deren Bekämpfung - 01.10.2007 (12)

Zum Thema WIndows 10: Kaspersky hat ein Virus gefunden, wahrscheinlich von einem Texturepack. - Hallo, seit einiger Zeit lief mein PC langsamer als gewöhnlich. Deshalb habe ich gestern mein PC mit Kaspersky untersuchen lassen. Es wurde ein Virus gefunden, wahrscheinlich von einem Texturepack für - WIndows 10: Kaspersky hat ein Virus gefunden, wahrscheinlich von einem Texturepack....
Archiv
Du betrachtest: WIndows 10: Kaspersky hat ein Virus gefunden, wahrscheinlich von einem Texturepack. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.