Luna Stellar | 21.10.2021 16:04 | Win10 pro, Trojaner von ( Neuinstallation von Windows durchgeführt. Tut mir leid wegen der Log-Dateien.
Die Originaldateien liegen in der anderen Festplatte. Nur die anderen Festplatten sind Formatiert.
Ein Back up habe ich nicht, und mir ist momentan nicht genau bewusst was genau gemeint ist.
Ich wollte eigentlich von dem alten Windows keine spuren haben, weswegen ich die Festplatte Formatiert in dem Windows Installations tool, bevor ich Windows installiert habe.
Ich habe Mittler weise schon wieder ein paar mehr spiele und Programme wieder heruntergeladen, hoffe aber das würde nichts aus machen, sonst scanne ich nochmal neu.
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-10-2021
Ran by deniz (administrator) on DESKTOP-RFV8NSG (21-10-2021 00:28:48)
Running from C:\Users\deniz\Downloads
Loaded Profiles: deniz
Platform: Microsoft Windows 10 Pro Version 21H1 19043.928 (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ASUS) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryWebBrowserEdge.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x86.exe
(ASUSTeK Computer Inc. -> ) C:\Windows\System32\AsusUpdateCheck.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(ASUSTeK Computer Inc. -> ASUSTek Compputer Inc.) C:\Program Files\ASUS\AacMB\Aac3572MbHal_x86.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <4>
(ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.01.11\AsusFanControlService.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.02.08\atkexComSvc.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\AacExtCard\extensionCardHal_x86.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS_Aac_DRAM\Aac3572DramHal_x86.exe
(ASUSTeK COMPUTER INC.) C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_4.2.12.0_x64__qmba6cd70vzyy\ArmouryCrate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <15>
(Google LLC -> Google) C:\Users\deniz\AppData\Local\Google\Chrome\User Data\SwReporter\93.269.200\software_reporter_tool.exe <4>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\89.0.774.50\msedgewebview2.exe <6>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CredentialEnrollmentManager.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.925_none_e76d4f6f260a683e\TiWorker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKU\S-1-5-21-3940181809-1686576957-2779795201-1001\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\deniz\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-3940181809-1686576957-2779795201-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\deniz\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-3940181809-1686576957-2779795201-1001\...\RunOnce: [Uninstall 19.043.0304.0013\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\deniz\AppData\Local\Microsoft\OneDrive\19.043.0304.0013\amd64"
HKU\S-1-5-21-3940181809-1686576957-2779795201-1001\...\RunOnce: [Uninstall 19.043.0304.0013] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\deniz\AppData\Local\Microsoft\OneDrive\19.043.0304.0013"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\95.0.4638.54\Installer\chrmstp.exe [2021-10-21] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1144C620-B052-4D38-8999-E0C75CC7687E} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d7c600ecff7ef0 => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-10-21] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {26C00CF4-0065-4A46-83B6-0536BAC4DD9B} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-10-21] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {4E7A0BA3-1A56-4465-81E8-79420CA1007C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-21] (Google LLC -> Google LLC)
Task: {591E6230-733C-43ED-897D-025558E8DFA3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-21] (Google LLC -> Google LLC)
Task: {754B0C45-C2C9-4BDD-9420-4563A3D4FE8F} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe
Task: {A6DA43BB-14DA-4C1F-9D2C-89E1011867AC} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [104600 2021-09-16] (ASUSTeK Computer Inc. -> ASUS)
Task: {DA74184A-2843-4E88-8E42-E766C2A6F234} - System32\Tasks\ASUS\ArmouryAIOFanServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\ArmouryAIOFanServer.exe [764152 2021-06-10] (ASUSTeK Computer Inc. -> TODO: <Company name>)
Task: {DAFDCF30-049C-4C60-B591-F7AB8AB9978F} - System32\Tasks\ASUS\NoiseCancelingEngine.exe => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe [1241448 2021-06-22] (ASUSTeK Computer Inc. -> ASUS)
Task: {E59D2B69-DDFD-464C-84F8-A69F3766CBFD} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [44588888 2021-08-18] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {FA23BB0C-EAB5-44EB-9DB4-DC275864DBA7} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [2179960 2021-09-16] (ASUSTeK Computer Inc. -> ASUS)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer]
Tcpip\..\Interfaces\{af2f6ff4-8bcf-4309-9881-985e8c90fc2a}: [DhcpNameServer]
Edge Profile: C:\Users\deniz\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-21]
CHR Profile: C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default [2021-10-21]
CHR HomePage: Default -> hxxps//
CHR StartupUrls: Default -> "hxxps//","hxxps//","hxxps//"
CHR Extension: (Präsentationen) - C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-10-21]
CHR Extension: (Docs) - C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-10-21]
CHR Extension: (Google Drive) - C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-10-21]
CHR Extension: (YouTube) - C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-10-21]
CHR Extension: (Watch2Gether) - C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cimpffimgeipdhnhjohpbehjkcdpjolg [2021-10-21]
CHR Extension: (uBlock Origin) - C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-10-21]
CHR Extension: (Adblock für Youtube™) - C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2021-10-21]
CHR Extension: (Tabellen) - C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-10-21]
CHR Extension: (Google Docs Offline) - C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-21]
CHR Extension: (Cisco Webex Extension) - C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2021-10-21]
CHR Extension: (Behind The Overlay) - C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljipkdpcjbmhkdjjmbbaggebcednbbme [2021-10-21]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-21]
CHR Extension: (Chrome Apps & Extensions Developer Tool) - C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohmmkhmmmpcnpikjeljgnaoabkaalbgc [2021-10-21]
CHR Extension: (Netflix Party is now Teleparty) - C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Extensions\oocalimimngaihdkbihfgmpkcpnmlaoa [2021-10-21]
CHR Extension: (Sand) - C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdknckljjbdpkhgmcokoahffbdinafbo [2021-10-21]
CHR Extension: (Google Mail) - C:\Users\deniz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-10-21]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe [349928 2021-10-07] (ASUSTEK COMPUTER INCORPORATION -> ASUSTeK COMPUTER INC.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.02.08\atkexComSvc.exe [456520 2021-08-06] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-10-21] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [313008 2021-08-20] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.01.11\AsusFanControlService.exe [2201416 2021-08-06] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [167384 2021-10-21] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusUpdateCheck; C:\Windows\System32\AsusUpdateCheck.exe [842128 2021-10-21] (ASUSTeK Computer Inc. -> )
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [3565600 2021-08-17] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R2 ROG Live Service; C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe [5937384 2021-08-20] (ASUSTEK COMPUTER INCORPORATION -> ASUSTek COMPUTER INC.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5361256 2021-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 Asusgio2; C:\Windows\system32\drivers\AsIO2.sys [33832 2019-04-09] (ASUSTeK Computer Inc. -> )
R1 Asusgio3; C:\Windows\system32\drivers\AsIO3.sys [43160 2021-08-20] (ASUSTeK Computer Inc. -> )
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 cpuz152; C:\Windows\temp\cpuz152\cpuz152_x64.sys [35840 2021-10-21] (Microsoft Windows Hardware Compatibility Publisher -> CPUID)
R1 EneTechIo; C:\Windows\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-10-21 02:07 - 2021-10-21 00:08 - 000000000 ____D C:\Windows\Panther
2021-10-21 00:28 - 2021-10-21 00:29 - 000014707 _____ C:\Users\deniz\Downloads\FRST.txt
2021-10-21 00:28 - 2021-10-21 00:28 - 002310656 _____ (Farbar) C:\Users\deniz\Downloads\FRST64.exe
2021-10-21 00:28 - 2021-10-21 00:28 - 000000000 ____D C:\FRST
2021-10-21 00:26 - 2021-10-21 00:26 - 000000000 ____D C:\Users\deniz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps
2021-10-21 00:26 - 2021-10-21 00:26 - 000000000 ____D C:\Users\deniz\AppData\Local\Comms
2021-10-21 00:26 - 2021-10-21 00:26 - 000000000 ____D C:\Users\deniz\AppData\Local\ASUS
2021-10-21 00:26 - 2021-10-21 00:26 - 000000000 ____D C:\Program Files (x86)\LightingService
2021-10-21 00:25 - 2021-10-21 00:26 - 000000000 ____D C:\Program Files\ASUS
2021-10-21 00:25 - 2021-10-21 00:25 - 000000000 ____D C:\Program Files\PHISON
2021-10-21 00:25 - 2021-10-21 00:25 - 000000000 ____D C:\Program Files\PD
2021-10-21 00:25 - 2021-10-21 00:25 - 000000000 ____D C:\Program Files\Patriot
2021-10-21 00:25 - 2021-10-21 00:25 - 000000000 ____D C:\Program Files\ENE
2021-10-21 00:25 - 2021-10-21 00:25 - 000000000 ____D C:\Program Files (x86)\ENE
2021-10-21 00:25 - 2021-08-20 11:06 - 000151608 _____ (©ASUSTeK Computer Inc.) C:\Windows\system32\AsIO3.dll
2021-10-21 00:25 - 2021-08-20 11:06 - 000123744 _____ (©ASUSTeK Computer Inc.) C:\Windows\SysWOW64\AsIO3.dll
2021-10-21 00:25 - 2021-08-20 11:06 - 000043160 _____ C:\Windows\system32\Drivers\AsIO3.sys
2021-10-21 00:25 - 2020-05-12 01:28 - 000020992 _____ C:\Windows\system32\Drivers\ene.sys
2021-10-21 00:25 - 2020-01-19 19:49 - 000017424 _____ (MICSYS Technology Co., LTd) C:\Windows\system32\Drivers\MsIo64.sys
2021-10-21 00:25 - 2020-01-19 19:49 - 000017424 _____ (MICSYS Technology Co., LTd) C:\Windows\system32\Drivers\MsIo64.old
2021-10-21 00:24 - 2021-10-21 00:26 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-10-21 00:24 - 2021-10-21 00:26 - 000000000 ____D C:\Users\deniz\AppData\Local\AcSdkInsLog
2021-10-21 00:24 - 2021-10-21 00:24 - 000000000 ____D C:\Users\deniz\AppData\Local\PeerDistRepub
2021-10-21 00:23 - 2021-10-21 00:23 - 000002315 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-10-21 00:23 - 2021-10-21 00:23 - 000002274 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-10-21 00:23 - 2021-10-21 00:23 - 000000000 ____D C:\Program Files\Google
2021-10-21 00:22 - 2021-10-21 00:28 - 000000000 ____D C:\Users\deniz\AppData\Local\Google
2021-10-21 00:22 - 2021-10-21 00:28 - 000000000 ____D C:\Program Files (x86)\Google
2021-10-21 00:22 - 2021-10-21 00:26 - 000000000 ____D C:\Windows\system32\Tasks\ASUS
2021-10-21 00:22 - 2021-10-21 00:22 - 001341272 _____ (Google LLC) C:\Users\deniz\Downloads\ChromeSetup.exe
2021-10-21 00:22 - 2021-10-21 00:22 - 000003632 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-10-21 00:22 - 2021-10-21 00:22 - 000003508 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-10-21 00:21 - 2021-10-21 00:26 - 000000000 ____D C:\ProgramData\Package Cache
2021-10-21 00:21 - 2021-10-21 00:26 - 000000000 ____D C:\Program Files (x86)\ASUS
2021-10-21 00:21 - 2021-10-21 00:23 - 000000000 ___RD C:\Users\deniz\OneDrive
2021-10-21 00:21 - 2021-10-21 00:21 - 001189784 _____ (ASUSTeK Computer Inc.) C:\Windows\system32\AsusDownloadAgent.exe
2021-10-21 00:21 - 2021-10-21 00:21 - 000378376 _____ C:\Windows\system32\syncas.dll
2021-10-21 00:21 - 2021-10-21 00:21 - 000003380 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3940181809-1686576957-2779795201-1001
2021-10-21 00:21 - 2021-10-21 00:21 - 000000000 ___HD C:\OneDriveTemp
2021-10-21 00:21 - 2021-10-21 00:21 - 000000000 ____D C:\Users\deniz\AppData\Local\PlaceholderTileLogoFolder
2021-10-21 00:21 - 2021-10-21 00:21 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-10-21 00:21 - 2019-04-09 18:27 - 000033832 _____ C:\Windows\system32\Drivers\AsIO2.sys
2021-10-21 00:21 - 2019-04-09 17:22 - 000120880 _____ C:\Windows\system32\AsIO2.dll
2021-10-21 00:21 - 2019-04-09 17:22 - 000095280 _____ C:\Windows\SysWOW64\AsIO2.dll
2021-10-21 00:19 - 2021-10-21 00:28 - 000000000 ____D C:\Users\deniz\AppData\Local\Packages
2021-10-21 00:19 - 2021-10-21 00:26 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-10-21 00:19 - 2021-10-21 00:26 - 000000000 ____D C:\ProgramData\Packages
2021-10-21 00:19 - 2021-10-21 00:25 - 000000000 ____D C:\Users\deniz\AppData\Local\D3DSCache
2021-10-21 00:19 - 2021-10-21 00:19 - 000000000 ___RD C:\Users\deniz\3D Objects
2021-10-21 00:19 - 2021-10-21 00:19 - 000000000 ____D C:\Users\deniz\AppData\Roaming\Adobe
2021-10-21 00:19 - 2021-10-21 00:19 - 000000000 ____D C:\Users\deniz\AppData\Local\VirtualStore
2021-10-21 00:19 - 2021-10-21 00:19 - 000000000 ____D C:\Users\deniz\AppData\Local\Publishers
2021-10-21 00:19 - 2021-10-21 00:19 - 000000000 ____D C:\Users\deniz\AppData\Local\ConnectedDevicesPlatform
2021-10-21 00:17 - 2021-10-21 00:21 - 000002367 _____ C:\Users\deniz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-10-21 00:17 - 2021-10-21 00:21 - 000000000 ____D C:\Users\deniz
2021-10-21 00:17 - 2021-10-21 00:19 - 000000000 ____D C:\Program Files (x86)\Razer
2021-10-21 00:17 - 2021-10-21 00:17 - 000000020 ___SH C:\Users\deniz\ntuser.ini
2021-10-21 00:17 - 2021-10-21 00:17 - 000000000 ____D C:\ProgramData\Razer
2021-10-21 00:17 - 2021-08-31 02:02 - 000079840 _____ (Razer Inc) C:\Windows\system32\RazerS3Coinstaller.dll
2021-10-21 00:16 - 2021-10-21 00:21 - 000338272 _____ () C:\Windows\system32\AsusDownLoadLicense.exe
2021-10-21 00:13 - 2021-10-21 00:20 - 000795738 _____ C:\Windows\system32\PerfStringBackup.INI
2021-10-21 00:11 - 2021-10-21 00:11 - 000000000 ____D C:\Windows\CSC
2021-10-21 00:09 - 2021-10-21 00:11 - 000000000 ____D C:\Users\defaultuser0\AppData\Local\Packages
2021-10-21 00:09 - 2021-10-21 00:09 - 000000020 ___SH C:\Users\defaultuser0\ntuser.ini
2021-10-21 00:09 - 2021-10-21 00:09 - 000000000 _SHDL C:\Documents and Settings
2021-10-21 00:09 - 2021-10-21 00:09 - 000000000 ____D C:\Users\defaultuser0\AppData\Local\VirtualStore
2021-10-21 00:09 - 2021-10-21 00:09 - 000000000 ____D C:\Users\defaultuser0\AppData\Local\ConnectedDevicesPlatform
2021-10-21 00:09 - 2021-10-21 00:09 - 000000000 ____D C:\Users\defaultuser0
2021-10-21 00:09 - 2019-12-07 11:10 - 000001105 _____ C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-10-21 00:08 - 2021-10-21 00:26 - 000000000 ____D C:\ProgramData\ASUS
2021-10-21 00:08 - 2021-10-21 00:16 - 000880672 _____ C:\Windows\system32\wpbbin.exe
2021-10-21 00:08 - 2021-10-21 00:16 - 000842128 _____ C:\Windows\system32\AsusUpdateCheck.exe
2021-10-21 00:08 - 2021-10-21 00:16 - 000008192 ___SH C:\DumpStack.log.tmp
2021-10-21 00:08 - 2021-10-21 00:16 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-10-21 00:08 - 2021-10-21 00:09 - 000003700 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-10-21 00:08 - 2021-10-21 00:09 - 000003576 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-10-21 00:08 - 2021-10-21 00:08 - 000257920 _____ C:\Windows\system32\FNTCACHE.DAT
2021-10-21 00:08 - 2021-10-21 00:08 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-10-21 00:08 - 2021-10-21 00:08 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-10-21 00:08 - 2021-10-21 00:08 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2021-10-21 00:08 - 2021-10-21 00:08 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-10-21 00:08 - 2021-10-21 00:08 - 000000000 ____D C:\Windows\system32\Drivers\wd
2021-10-21 00:08 - 2021-10-21 00:08 - 000000000 ____D C:\Windows\ServiceProfiles
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-10-21 02:07 - 2019-12-07 11:14 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2021-10-21 00:28 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2021-10-21 00:26 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-10-21 00:24 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2021-10-21 00:19 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-10-21 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2021-10-21 00:18 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2021-10-21 00:16 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\UNP
2021-10-21 00:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2021-10-21 00:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2021-10-21 00:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-10-21 00:16 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\
2021-10-21 00:16 - 2019-12-07 11:03 - 000262144 _____ C:\Windows\system32\config\BBI
2021-10-21 00:11 - 2019-12-07 16:46 - 000000000 ____D C:\Windows\system32\FxsTmp
2021-10-21 00:11 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\spool
2021-10-21 00:09 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2021-10-21 00:09 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\USOPrivate
2021-10-21 00:08 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\PrintDialog
2021-10-21 00:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\appcompat
2021-10-21 00:08 - 2019-12-07 11:03 - 000032768 _____ C:\Windows\system32\config\ELAM
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ======================== --- --- --- Code:
FRST Logfile:
scan result of Farbar Recovery Scan Tool (x64) Version: 20-10-2021
Ran by deniz (21-10-2021 00:29:15)
Running from C:\Users\deniz\Downloads
Microsoft Windows 10 Pro Version 21H1 19043.928 (X64) (2021-10-20 22:09:23)
Boot Mode: Normal
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3940181809-1686576957-2779795201-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3940181809-1686576957-2779795201-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3940181809-1686576957-2779795201-1000 - Limited - Disabled) => C:\Users\defaultuser0
deniz (S-1-5-21-3940181809-1686576957-2779795201-1001 - Administrator - Enabled) => C:\Users\deniz
Guest (S-1-5-21-3940181809-1686576957-2779795201-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3940181809-1686576957-2779795201-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ARMOURY CRATE Lite Service (HKLM\...\{EF3944FF-2501-4568-B15C-5701E726719E}) (Version: 4.2.12 - ASUS)
ASUS AIOFan HAL (HKLM\...\{EAE80DED-1A39-41C5-9F60-87CC947F6454}) (Version: - ASUSTek COMPUTER INC.) Hidden
ASUS AIOFan HAL (HKLM-x32\...\{37daa872-b179-48ca-a185-be987f7c63cf}) (Version: - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM\...\{237E1CAC-1708-4940-AC34-DF15C079AB70}) (Version: - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\...\{9c72488b-eb92-40bd-94a3-de309514c154}) (Version: - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM\...\{4EBEAC95-76BC-46A8-8644-6E2F1C87CF70}) (Version: - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM-x32\...\{c347309a-a19c-44af-9d6c-5c60ba1ba83b}) (Version: - ASUSTeK COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.04.07 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA VGA Component (HKLM\...\{71BB96A6-EAC4-45AE-A17D-D3ED43FF1D14}) (Version: - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA VGA Component (HKLM-x32\...\{7a0d5159-cb5e-4f66-91f8-bab46f864f14}) (Version: - ASUSTek COMPUTER INC. ) Hidden
ASUS Framework Service (HKLM-x32\...\{8bf47d14-406b-49e8-8759-966757033aa0}) (Version: - ASUSTek COMPUTER INC.)
ASUS Framework Service (HKLM-x32\...\{EA6A87BE-8AD3-40D2-944C-9DF5FBFF4332}) (Version: - ASUSTek COMPUTER INC.) Hidden
ASUS Motherboard (HKLM-x32\...\{93795eb8-bd86-4d4d-ab27-ff80f9467b37}) (Version: 2.00.13 - ASUSTek Computer Inc.)
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: - ASUSTeK Computer Inc.) Hidden
AURA DRAM Component (HKLM\...\{9AFE5429-866B-457D-A864-80BCF7672EE8}) (Version: 1.1.14 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{c6391bdc-929f-4a9f-98cd-9a3038379379}) (Version: 1.1.14 - ASUS) Hidden
AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.18 - ASUS)
AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.18 - ASUS)
AURA Service (HKLM-x32\...\{0E536061-3B55-4D45-BF58-0BDA261C94B0}) (Version: 3.05.18 - ASUSTeK Computer Inc.) Hidden
AURA Service (HKLM-x32\...\{2f406341-f76d-47c9-a781-b6d186b55b00}) (Version: 3.05.18 - ASUSTeK Computer Inc.)
ENE RGB HAL (HKLM\...\{E050E98C-5524-4AFB-9E53-97700BEF2C02}) (Version: - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{413fe4b8-1352-4234-a775-ff2f04ad9042}) (Version: - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{bf1d7028-d935-477f-b5b2-053062f9b527}) (Version: - ENE TECHNOLOGY INC.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 95.0.4638.54 - Google LLC)
Kingston AURA DRAM Component (HKLM\...\{965CDF5F-901C-476F-B3A8-7396701B1129}) (Version: 1.1.8 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{26b750af-32e4-4afb-aed3-d4c571b122ad}) (Version: 1.1.8 - KINGSTON COMPONENTS INC.) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.68 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 89.0.774.50 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3940181809-1686576957-2779795201-1001\...\OneDriveSetup.exe) (Version: 21.196.0921.0007 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29913 (HKLM-x32\...\{855e31d2-9031-46e1-b06d-c9d7777deefb}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.26.28720 (HKLM-x32\...\{86380aef-fd23-4fc3-8723-a98ccad8f2c6}) (Version: 14.26.28720.3 - Microsoft Corporation)
Patriot Viper DRAM RGB (HKLM\...\{1F9C282E-CCB4-4D8E-A5CB-7B74DFCD8C95}) (Version: - Patriot Memory) Hidden
Patriot Viper DRAM RGB (HKLM-x32\...\{fdc098ce-d76c-4e2e-a0a6-01a24e9a1f7d}) (Version: - Patriot Memory)
Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{3c403389-0bc5-4298-bebf-09de0c0b745d}) (Version: - Patriot Memory)
PHISON HAL (HKLM\...\{966E33F0-6786-4B38-AA29-C1B3F6C1955D}) (Version: - PHISON Electronics Corp.) Hidden
PHISON HAL (HKLM-x32\...\{549da357-1b81-456b-83f2-dcc47c41dfff}) (Version: - PHISON Electronics Corp.) Hidden
ROG FAN XPERT 4 (HKLM-x32\...\{2dfe216d-3481-4684-ad4d-2566bd7cfe4f}) (Version: 1.00.10 - ASUSTek Computer Inc.)
ROG Live Service (HKLM-x32\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: - ASUSTek COMPUTER INC.)
Universal Holtek RGB DRAM (HKLM\...\{826388E4-E31F-4514-948B-3BB954FB3EAF}) (Version: - PD) Hidden
Universal Holtek RGB DRAM (HKLM-x32\...\{6870588f-9f28-488b-a169-cf548ad6b393}) (Version: - PD)
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{589d5178-7c46-4052-8509-a0685184d622}) (Version: - ENE TECHNOLOGY INC.) Hidden
ARMOURY CRATE -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_4.2.12.0_x64__qmba6cd70vzyy [2021-10-21] (ASUSTeK COMPUTER INC.)
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_1.1911.21713.0_x64__8wekyb3d8bbwe [2021-10-21] (Microsoft Corporation)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2021-10-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2021-10-21] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\deniz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Chrome Apps & Extensions Developer Tool.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ohmmkhmmmpcnpikjeljgnaoabkaalbgc
==================== Loaded Modules (Whitelisted) =============
2021-08-18 14:27 - 2021-08-18 14:27 - 000477696 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ffi-napi\prebuilds\win32-ia32\node.napi.node
2021-08-18 14:27 - 2021-08-18 14:27 - 000471040 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ref-napi\prebuilds\win32-ia32\node.napi.node
2021-08-18 14:27 - 2021-08-18 14:27 - 000454656 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\registry-js\prebuilds\win32-ia32\node.napi.node
2021-10-21 00:26 - 2021-08-25 17:50 - 001149952 _____ () [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AiSuiteSDK\DIP4FanCalibration.dll
2021-10-21 00:26 - 2021-08-25 17:54 - 001542144 _____ () [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AiSuiteSDK\swInterface.dll
2021-10-21 00:24 - 2019-12-23 18:51 - 000093184 _____ () [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\zlibwapi.dll
2021-08-18 14:27 - 2021-08-18 14:27 - 000081920 _____ () [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\WindowID\WindowID.dll
2021-10-21 00:26 - 2021-10-21 00:26 - 077628928 _____ () [File not signed] C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_4.2.12.0_x64__qmba6cd70vzyy\ArmouryCrate.dll
2020-05-26 17:08 - 2020-05-26 17:08 - 002831360 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\LightingService\log4cxx.dll
2021-10-21 00:24 - 2019-06-26 16:07 - 003394560 _____ (The OpenSSL Project, hxxp// [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libcrypto-1_1-x64.dll
2021-10-21 00:24 - 2019-06-26 16:07 - 000679424 _____ (The OpenSSL Project, hxxp// [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libssl-1_1-x64.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp//
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp//
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp//
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp//
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp//
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//
HKU\S-1-5-21-3940181809-1686576957-2779795201-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//
HKU\S-1-5-21-3940181809-1686576957-2779795201-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//
HKU\S-1-5-21-3940181809-1686576957-2779795201-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp//
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//{searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//{searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//{searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//{searchTerms}&FORM=IE8SRC
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3940181809-1686576957-2779795201-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3940181809-1686576957-2779795201-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\deniz\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{98557AE7-5327-4912-B2E0-B7A8D9CC575D}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTEK COMPUTER INCORPORATION -> ASUSTek COMPUTER INC.)
FirewallRules: [{73D2F64D-86DF-4DDF-8B16-E3C0B14F6766}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTEK COMPUTER INCORPORATION -> ASUSTek COMPUTER INC.)
FirewallRules: [{688CD9D9-F0E9-4D0D-895F-AAAC59D122DE}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{061453C5-B62E-468D-9E10-19949FD48E3D}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\89.0.774.50\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D62DC37D-55AC-42AB-9A6D-C3717FB6E79C}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
FirewallRules: [{A59A7C89-7FDC-48D7-9A4F-631850931977}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{C6D884D0-1067-4BAB-8F4F-FE3984A64772}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK Computer Inc. -> ASUS)
==================== Restore Points =========================
21-10-2021 00:15:31 Windows Modules Installer
==================== Faulty Device Manager Devices ============
Name: CV1 External Camera
Description: CV1 External Camera
Class Guid:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: CV1 External Camera
Description: CV1 External Camera
Class Guid:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: CV1 External Camera
Description: CV1 External Camera
Class Guid:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: GoXLRMini
Description: USB Audio 2.0
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: usbaudio2
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: PCI Encryption/Decryption Controller
Description: PCI Encryption/Decryption Controller
Class Guid:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: ========================
Application errors:
Error: (10/21/2021 12:16:42 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\DESKTOP-RFV8NSG$ via failed:
GetCACaps: Not Found
{"Message":"The authority \"\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 20 Oct 2021 22:16:43 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 364ca8ab-e4db-41d9-8adb-13c055dddceb
Method: GET(218ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (10/21/2021 12:11:26 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\WIN-E9LUH5JB8EK$ via failed:
GetCACaps: Not Found
{"Message":"The authority \"\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 20 Oct 2021 22:11:26 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 2e2f1e7b-13a8-4a32-9b6a-43d23428216e
Method: GET(203ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (10/21/2021 12:11:24 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating Windows Defender status to SECURITY_PRODUCT_STATE_ON.
Error: (10/21/2021 12:09:21 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: The Cryptographic Services service failed to initialise the Catalogue Database. The ESENT error was: -1409.
System errors:
Error: (10/21/2021 12:16:35 AM) (Source: usbaudio2) (EventID: 37) (User: )
Description: The driver could not find a feedback endpoint for an asynchronous data OUT endpoint on device \Device\0000005f.
Error: (10/21/2021 12:11:23 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The Printer Extensions and Notifications service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
Error: (10/21/2021 12:09:15 AM) (Source: usbaudio2) (EventID: 37) (User: )
Description: The driver could not find a feedback endpoint for an asynchronous data OUT endpoint on device \Device\0000005e.
Error: (10/21/2021 12:08:14 AM) (Source: usbaudio2) (EventID: 37) (User: )
Description: The driver could not find a feedback endpoint for an asynchronous data OUT endpoint on device \Device\0000008f.
Error: (10/21/2021 12:08:09 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The netprofm service terminated with the following error:
The device is not ready.
==================== --- --- ---
Memory info ===========================
BIOS: American Megatrends Inc. 4021 08/09/2021
Processor: AMD Ryzen 9 3900X 12-Core Processor
Percentage of memory in use: 8%
Total physical RAM: 65444.81 MB
Available physical RAM: 59957.55 MB
Total Virtual: 75172.81 MB
Available Virtual: 70037.63 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:953.85 GB) (Free:894.04 GB) NTFS
Drive d: () (Fixed) (Total:232.19 GB) (Free:232.09 GB) NTFS
Drive e: (Files) (Fixed) (Total:2794.5 GB) (Free:2424.3 GB) NTFS
Drive f: () (Fixed) (Total:465.75 GB) (Free:465.64 GB) NTFS
\\?\Volume{34508798-05e2-4d5e-a052-d35964c5c876}\ () (Fixed) (Total:0.58 GB) (Free:0.57 GB) NTFS
\\?\Volume{075ef1eb-41c7-47de-bdcd-8577755fc0f6}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
Disk: 0 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)
Partition: GPT.
Disk: 1 (Protective MBR) (Size: 2794.5 GB) (Disk ID: 00000000)
Partition: GPT.
Disk: 2 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)
Partition: GPT.
Disk: 3 (Protective MBR) (Size: 953.9 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ======================= |