Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Latest News: German authorities identify REvil and GangCrab ransomware bosses

Featured Deal: Protect up to 9 devices from ads and tracking for just $16 in this AdGuard deal

Latest Buyer's Guide: Best VPNs in 2025

Am I infected with RelevantKnowledge - Win64 / Adware.RK ?

Started by adamim , Mar 08 2021 04:42 PM

This topic is locked

18 replies to this topic

#1 adamim

Members
24 posts
OFFLINE

Local time:04:59 AM

Posted 08 March 2021 - 04:42 PM

hello everyone while installing a program ***link removed*** application; connection terminated; An event was seen when the application was trying to access the web: C: \ Users \ fgurz \ AppData \ Local \ Temp \ is-0UDL7.tmp \ MP4ToMP3Converter.tmp (7E1E60443F8A304CFDF2F6CBD29B70285A0F9E26) .; 406A31A34160E6E548E1D253.2034FD7399D241462;

Time; Browser; Object type; Object; Detection; Action; User; Information; Mixt; First seen here
7.03.2021 20: 33: 21; Startup browser; file; Operating memory = C: \ Windows \ System32 \ rlls64.dll; application variant Win64 / Adware.RK.A; cleared (after next reboot) ;;; 27AF32336D31003A2FC18D984FAC9AD50ED6A2ED ; 7.03.2021 20:22:41

Time; Browser; Object type; Object; Detection; Action; User; Information; Mixt; First seen here
7.03.2021 20: 23: 24; Real-time file system protection; file; C: \ Program Files (x86) \ RelevantKnowledge \ rlvknlg.exe; application variant Win32 / Adware.RK.AA; cleared by deletion; DESKTOP-LI7N8SG \ fgurz An event occurred while the application was trying to run the file: C: \ Windows \ SysWOW64 \ dllhost.exe (497B8CE238DB644B7E1A16B417DBB5BC052A2684) .; F3CDE92E43CDA57E44BF69732E756B8E0A48181F; 7.03.2021 20:22:40

Time; Browser; Object type; Object; Detection; Action; User; Information; Mixt; First seen here
7.03.2021 20: 32: 49; Startup browser; file; c: \ program files (x86) \ relevantknowledge \ rlservice.exe; application variant Win32 / Adware.RK; cleared by deletion ;;; 319A156CA507067D7455ED4F7C2F413D91DA0743; 7.03.2021 20:22 : 39

other files removed by virus from the following virus retrieved. I heard that it can even copy itself to a MBR detached unit. Currently there is no abnormality on the computer. FRST and Addition files of FRST64 program are attached. Is there a problem on my computer due to the virus I mentioned? Thank you.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-02-2021
Ran by fgurz (administrator) on DESKTOP-LI7N8SG (Acer Aspire 5742G) (09-03-2021 00:13:11)
Running from C:\Users\fgurz\Desktop
Loaded Profiles: fgurz & MSSQL$HIZIR
Platform: Windows 10 Pro Version 20H2 19042.844 (X64) Language: Türkçe (Türkiye)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Ark Danismanlik Bilisim Teknolojileri Mekanik Sanayi Ve Ticaret -> ArkSigner Software and Hardware Co.) C:\Users\fgurz\AppData\Local\Programs\Ark\ArkSigner\ArkSignerGuncelleme.exe
(Ark Danismanlik Bilisim Teknolojileri Mekanik Sanayi Ve Ticaret -> ArkSigner Software and Hardware Co.) C:\Users\fgurz\AppData\Local\Programs\Ark\ArkSigner\ArkSignerManagement.exe
(Ark Danismanlik Bilisim Teknolojileri Mekanik Sanayi Ve Ticaret -> ArkSigner Software and Hardware Co.) C:\Users\fgurz\AppData\Local\Programs\Ark\ArkSigner\ArkSignerService.exe
(Ark Danismanlik Bilisim Teknolojileri Mekanik Sanayi Ve Ticaret -> ArkSigner Software and Hardware Co.) C:\Users\fgurz\AppData\Local\Programs\Ark\ArkSigner\ArkSignerServiceConn.exe
(Emsisoft Ltd -> Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\eppwsc.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.HIZIR\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20688.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20688.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.841_none_e753ac89261e3d9d\TiWorker.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [175504 2020-10-26] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [Emsisoft Anti-Malware] => C:\Program Files\Emsisoft Anti-Malware\a2guard.exe [9331776 2021-03-07] (Emsisoft Ltd -> Emsisoft Ltd)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe [25160568 2019-02-14] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-12-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.) [File not signed]
HKU\S-1-5-21-3002461710-4275012542-1497869708-1001\...\Run: [HizirMessenger] => C:\HIZIRBILISIM\HizirMessenger\HizirMessenger.exe [31744 2020-06-26] () [File not signed]
HKU\S-1-5-21-3002461710-4275012542-1497869708-1001\...\Run: [ArkSigner] => C:\Users\fgurz\AppData\Local\Programs\Ark\ArkSigner\ArkSignerManagement.exe [2675064 2019-03-22] (Ark Danismanlik Bilisim Teknolojileri Mekanik Sanayi Ve Ticaret -> ArkSigner Software and Hardware Co.)
HKU\S-1-5-21-3002461710-4275012542-1497869708-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [11221496 2021-03-02] (Support.com Inc -> SUPERAntiSpyware)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [65096 2018-05-11] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\89.0.4389.82\Installer\chrmstp.exe [2021-03-07] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{AC76BA86-0000-0000-7760-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat DC\Esl\Aiod.dll [2018-05-11] (Adobe Systems, Incorporated -> Adobe Systems, Inc.)
AppInit_DLLs: C:\PROGRA~2\KEYCRY~1\KEYCRY~4.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt64(1).dll [94568 2017-01-19] (Zemana Ltd. -> Zemana Ltd.)
AppInit_DLLs-x32: C:\PROGRA~2\KEYCRY~1\KEYCRY~3.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt32(1).dll [85864 2017-01-19] (Zemana Ltd. -> Zemana Ltd.)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {061357AC-9869-4C7A-94CC-7088C03F4C7E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-07] (Google LLC -> Google LLC)
Task: {1899A711-D2CE-497D-8754-50F45E4D48E0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3915216 2021-02-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {23846FE6-3077-4A4B-8C2F-2A605A3A0C83} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118096 2021-02-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {32EF8998-B0FB-4653-BAD4-161093285AAB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3915216 2021-02-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {59FBF012-5F47-441C-BA5A-CD4334035BE2} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22763912 2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {6D8DB7AC-C292-4A3A-AFFD-DB7F3B416709} - System32\Tasks\AMSkipUAC => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [658808 2020-07-29] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {74207539-8494-4374-B615-076375A0ABF5} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118096 2021-02-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {77559DD8-B443-46E9-A5FE-EC123D8040BF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22763912 2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {A5ACEA01-6AB4-4EF7-9371-63AAF63089A9} - System32\Tasks\SUPERAntiSpyware Scheduled Task 42cc1745-7e35-48fb-8229-be2a7e66a69f => C:\Program Files\SUPERAntiSpyware\SASTask.exe [49944 2013-11-07] (SUPERAntiSpyware.com -> SUPERAdBlocker.com) -> "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" /TASK:42cc1745-7e35-48fb-8229-be2a7e66a69f
Task: {B8084363-7839-46A4-B36B-A889A09B58B5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-07] (Google LLC -> Google LLC)
Task: {C425F456-9D5C-4B8C-811F-EB8A11089395} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [658808 2020-07-29] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {EE3BDBE0-F81E-4FD1-99A5-2ECD5C923C1B} - System32\Tasks\SUPERAntiSpyware Scheduled Task eafb23f8-4d03-4cc0-a065-f5ae09142d5c => C:\Program Files\SUPERAntiSpyware\SASTask.exe [49944 2013-11-07] (SUPERAntiSpyware.com -> SUPERAdBlocker.com) -> "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" /TASK:eafb23f8-4d03-4cc0-a065-f5ae09142d5c

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 42cc1745-7e35-48fb-8229-be2a7e66a69f.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task eafb23f8-4d03-4cc0-a065-f5ae09142d5c.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 127.0.0.1 local.pwsigner.ark-teknoloji.com
Tcpip\Parameters: [DhcpNameServer] 195.175.39.49 195.175.39.50
Tcpip\..\Interfaces\{027077c2-432f-4ae3-90d0-53e07675f850}: [DhcpNameServer] 195.175.39.49 195.175.39.50

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\fgurz\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-07]

FireFox:
========
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2018-05-10]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF HKU\S-1-5-21-3002461710-4275012542-1497869708-1001\...\Firefox\Extensions: [arksignermozillafirefoxextension@ark-teknoloji.com] - C:\Users\fgurz\AppData\Local\Programs\Ark\ArkSigner\firefox\arksignermozillafirefoxextension@ark-teknoloji.com => not found
FF Plugin: @java.com/DTPlugin,version=11.281.2 -> C:\Program Files\Java\jre1.8.0_281\bin\dtplugin\npDeployJava1.dll [2021-02-28] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.281.2 -> C:\Program Files\Java\jre1.8.0_281\bin\plugin2\npjp2.dll [2021-02-28] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.281.2 -> C:\Program Files (x86)\Java\jre1.8.0_281\bin\dtplugin\npDeployJava1.dll [2021-02-28] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.281.2 -> C:\Program Files (x86)\Java\jre1.8.0_281\bin\plugin2\npjp2.dll [2021-02-28] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-02-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-02-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2018-05-11] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\fgurz\AppData\Local\Google\Chrome\User Data\Default [2021-03-09]
CHR DownloadDir: C:\Users\fgurz\Desktop
CHR DefaultSearchURL: Default -> hxxps://www.gstatic.com/youtube/img/branding/favicon/favicon_144x144.png
CHR Session Restore: Default -> is enabled.
CHR Extension: (YouTube) - C:\Users\fgurz\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnkijcaahngcdmfeangaknmldooml [2021-03-07]
CHR Extension: (E-Reçete Barkod Yazdır) - C:\Users\fgurz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coebkbkoamlngilohbmgnafolppgoanh [2021-03-07]
CHR Extension: (Avast Online Security) - C:\Users\fgurz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-03-07]
CHR Extension: (The Great Suspender) - C:\Users\fgurz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ignechgpokdmbnbfpnhnjmhgdnlcopna [2021-03-07]
CHR Extension: (Emsisoft Browser Security) - C:\Users\fgurz\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfofijpkapingknllefalncmbiienkab [2021-03-08]
CHR Extension: (RCTKiT - Karekodlu E-reçete Yazdır) - C:\Users\fgurz\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhelgilkmdppmjcfjfgbnpeigiamfdkf [2021-03-07]
CHR Extension: (Chrome Web Mağazası Ödemeleri) - C:\Users\fgurz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-07]
CHR Extension: (Chrome Media Router) - C:\Users\fgurz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-07]
CHR Extension: (ArkSigner) - C:\Users\fgurz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pllcidbcfbamjfbfpemnnjohnfcliakf [2021-03-07]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [pllcidbcfbamjfbfpemnnjohnfcliakf]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-31] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
S2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [9809008 2021-03-07] (Emsisoft Ltd -> Emsisoft Ltd)
S2 AntiRansom4; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Ransomware Tool for Home 4\anti_ransom.exe [228968 2020-10-20] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8854920 2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
S4 DialogBlockingService; C:\WINDOWS\System32\DialogBlockingService.dll [76288 2021-03-05] (Microsoft Windows -> Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-10-26] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-10-26] (ESET, spol. s r.o. -> ESET)
S2 EmsiCommService; C:\Program Files\Emsisoft Anti-Malware\CommService.exe [13318648 2021-03-07] (Emsisoft Ltd -> Emsisoft Ltd)
R2 EppWsc; C:\Program Files\Emsisoft Anti-Malware\EppWsc.exe [1445584 2021-03-07] (Emsisoft Ltd -> Emsisoft Ltd)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-03-07] (Malwarebytes Inc -> Malwarebytes)
R2 MSSQL$HIZIR; C:\Program Files\Microsoft SQL Server\MSSQL12.HIZIR\MSSQL\Binn\sqlservr.exe [365464 2020-11-01] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5352528 2021-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 SQLAgent$HIZIR; C:\Program Files\Microsoft SQL Server\MSSQL12.HIZIR\MSSQL\Binn\SQLAGENT.EXE [606104 2020-11-01] (Microsoft Corporation -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\NisSrv.exe [2483624 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MsMpEng.exe [128392 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 ZAMSvc; C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe [25160568 2019-02-14] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 A38CCID; C:\WINDOWS\system32\DRIVERS\a38ccid.sys [81264 2018-06-22] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Card Systems Ltd.)
R1 amsdk; C:\WINDOWS\system32\drivers\amsdk.sys [232792 2021-03-08] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [160992 2020-10-26] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [109360 2020-10-26] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15824 2021-03-08] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [190464 2020-10-26] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107784 2020-10-26] (ESET, spol. s r.o. -> ESET)
S1 epp; C:\Program Files\Emsisoft Anti-Malware\epp.sys [155112 2021-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Emsisoft Ltd)
R0 eppdisk; C:\WINDOWS\System32\drivers\eppdisk.sys [37776 2021-03-07] (Emsisoft Ltd -> Emsisoft Ltd)
S0 EppElam; C:\WINDOWS\System32\drivers\EppElam.sys [16808 2021-03-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Emsisoft Ltd)
S1 eppwfp; C:\Program Files\Emsisoft Anti-Malware\eppwfp.sys [126968 2021-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Emsisoft Ltd)
R3 keycrypt; C:\WINDOWS\System32\DRIVERS\KeyCrypt64.sys [161408 2017-09-12] (Zemana Ltd. -> Zemana Ltd.)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [656448 2019-12-15] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [92736 2019-12-27] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [172608 2019-12-21] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [490576 2020-06-02] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [633600 2020-04-28] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [1217792 2020-04-28] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1199184 2020-06-02] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [79424 2019-12-21] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [230976 2020-05-21] (Kaspersky Lab -> AO Kaspersky Lab)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-03-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-03-07] (Malwarebytes Inc -> Malwarebytes)
S4 RsFx0321; C:\WINDOWS\System32\DRIVERS\RsFx0321.sys [258720 2018-07-25] (Microsoft Corporation -> Microsoft Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-13] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49544 2021-03-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [420088 2021-03-06] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-06] (Microsoft Windows -> Microsoft Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2021-03-08] (Zemana Ltd. -> Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2021-03-08] (Zemana Ltd. -> Zemana Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-09 00:13 - 2021-03-09 00:14 - 000021720 _____ C:\Users\fgurz\Desktop\FRST.txt
2021-03-09 00:12 - 2021-03-09 00:13 - 000000000 ____D C:\FRST
2021-03-08 23:39 - 2021-03-08 23:47 - 000008512 _____ C:\Users\fgurz\Desktop\Rkill.txt
2021-03-08 23:00 - 2021-03-08 23:00 - 002301440 _____ (Farbar) C:\Users\fgurz\Desktop\FRST64.exe
2021-03-08 20:30 - 2021-03-08 20:30 - 000232792 _____ (Copyright 2018.) C:\WINDOWS\system32\Drivers\amsdk.sys
2021-03-08 20:30 - 2021-03-08 20:30 - 000003558 _____ C:\WINDOWS\system32\Tasks\AMHelper
2021-03-08 20:30 - 2021-03-08 20:30 - 000002680 _____ C:\WINDOWS\system32\Tasks\AMSkipUAC
2021-03-08 20:30 - 2021-03-08 20:30 - 000001333 _____ C:\ProgramData\Desktop\Zemana AntiMalware.lnk
2021-03-08 20:30 - 2021-03-08 20:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2021-03-08 20:30 - 2021-03-08 20:30 - 000000000 ____D C:\Program Files (x86)\Zemana
2021-03-08 20:29 - 2021-03-08 23:46 - 000000000 ____D C:\Users\fgurz\AppData\Local\AMSDK
2021-03-08 20:21 - 2021-03-08 20:28 - 000314508 _____ C:\TDSSKiller.3.1.0.28_08.03.2021_20.21.47_log.txt
2021-03-08 20:20 - 2021-03-08 20:20 - 000005770 _____ C:\TDSSKiller.3.1.0.28_08.03.2021_20.20.15_log.txt
2021-03-08 14:09 - 2021-03-08 14:09 - 000000000 ____D C:\WINDOWS\SysWOW64\%Report%
2021-03-08 14:05 - 2021-03-08 14:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Ransomware Tool for Home
2021-03-08 14:05 - 2021-03-08 14:05 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2021-03-08 14:05 - 2021-03-08 14:05 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2021-03-08 14:05 - 2020-06-02 20:45 - 001199184 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2021-03-08 14:05 - 2020-06-02 20:45 - 000490576 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys
2021-03-08 14:02 - 2021-03-08 15:24 - 000000000 ____D C:\Users\fgurz\AppData\Roaming\Installer for Kaspersky Anti-Ransomware Tool for Business
2021-03-08 14:02 - 2021-03-08 14:02 - 000000000 ____D C:\Users\fgurz\AppData\Roaming\Kaspersky Anti-Ransomware Tool for Business
2021-03-08 11:38 - 2021-03-08 11:38 - 000000000 ____D C:\KVRT2020_Data
2021-03-08 11:23 - 2021-03-08 11:23 - 000000000 ____D C:\Program Files\HitmanPro
2021-03-08 11:20 - 2021-03-08 11:33 - 000000000 ____D C:\ProgramData\HitmanPro
2021-03-08 11:00 - 2021-03-08 11:19 - 000006342 _____ C:\TDSSKiller.3.1.0.28_08.03.2021_11.00.46_log.txt
2021-03-08 10:48 - 2021-03-09 00:15 - 000830735 _____ C:\WINDOWS\ZAM.krnl.trace
2021-03-08 10:48 - 2021-03-09 00:15 - 000142655 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2021-03-08 10:48 - 2021-03-08 10:48 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2021-03-08 10:48 - 2021-03-08 10:48 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys
2021-03-08 10:47 - 2021-03-08 20:30 - 000000000 ____D C:\Users\fgurz\AppData\Local\Zemana
2021-03-08 10:47 - 2021-03-08 10:48 - 000000000 ____D C:\Program Files (x86)\Zemana AntiLogger
2021-03-08 10:47 - 2021-03-08 10:47 - 000001226 _____ C:\ProgramData\Desktop\Zemana AntiLogger.lnk
2021-03-08 10:47 - 2021-03-08 10:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiLogger
2021-03-08 10:47 - 2021-03-08 10:47 - 000000000 ____D C:\Program Files (x86)\KeyCryptSDK
2021-03-08 10:47 - 2017-09-12 16:53 - 000161408 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\KeyCrypt64.sys
2021-03-08 10:10 - 2021-03-08 10:10 - 000000000 ____D C:\Users\fgurz\Doctor Web
2021-03-08 10:10 - 2021-03-08 10:10 - 000000000 ____D C:\ProgramData\Doctor Web
2021-03-08 05:25 - 2021-03-08 00:44 - 000001110 _____ C:\Users\fgurz\Desktop\Emsisoft Anti-Malware.lnk
2021-03-08 05:21 - 2021-03-08 09:10 - 000000000 ____D C:\ProgramData\Emsisoft
2021-03-08 00:44 - 2021-03-09 00:12 - 000000000 ____D C:\Program Files\Emsisoft Anti-Malware
2021-03-08 00:44 - 2021-03-08 00:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2021-03-08 00:44 - 2021-03-07 20:02 - 000037776 _____ (Emsisoft Ltd) C:\WINDOWS\system32\Drivers\eppdisk.sys
2021-03-08 00:44 - 2021-03-07 20:02 - 000016808 _____ (Emsisoft Ltd) C:\WINDOWS\system32\Drivers\EppElam.sys
2021-03-08 00:29 - 2021-03-08 14:02 - 000000000 ____D C:\Users\fgurz\Desktop\Yeni klasör
2021-03-07 23:04 - 2021-03-08 20:21 - 000000542 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task eafb23f8-4d03-4cc0-a065-f5ae09142d5c.job
2021-03-07 23:04 - 2021-03-08 20:21 - 000000542 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 42cc1745-7e35-48fb-8229-be2a7e66a69f.job
2021-03-07 23:04 - 2021-03-07 23:04 - 000003786 _____ C:\WINDOWS\system32\Tasks\SUPERAntiSpyware Scheduled Task eafb23f8-4d03-4cc0-a065-f5ae09142d5c
2021-03-07 23:04 - 2021-03-07 23:04 - 000003704 _____ C:\WINDOWS\system32\Tasks\SUPERAntiSpyware Scheduled Task 42cc1745-7e35-48fb-8229-be2a7e66a69f
2021-03-07 23:04 - 2021-03-07 23:04 - 000001849 _____ C:\ProgramData\Desktop\SUPERAntiSpyware Professional X.lnk
2021-03-07 23:04 - 2021-03-07 23:04 - 000000000 ____D C:\Users\fgurz\AppData\Roaming\SUPERAntiSpyware.com
2021-03-07 23:04 - 2021-03-07 23:04 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2021-03-07 23:04 - 2021-03-07 23:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2021-03-07 23:04 - 2021-03-07 23:04 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2021-03-07 22:35 - 2021-03-07 22:37 - 000000000 ____D C:\AdwCleaner
2021-03-07 20:41 - 2021-03-07 20:41 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-03-07 20:41 - 2021-03-07 20:41 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-03-07 20:41 - 2021-03-07 20:41 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-03-07 20:41 - 2021-03-07 20:41 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-03-07 20:41 - 2021-03-07 20:41 - 000000000 ____D C:\Users\fgurz\AppData\Local\mbam
2021-03-07 20:41 - 2021-03-07 20:41 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-03-07 20:38 - 2021-03-07 20:38 - 000000000 ____D C:\Program Files\Malwarebytes
2021-03-07 20:15 - 2021-03-07 20:15 - 000000000 ____D C:\Users\fgurz\AppData\Roaming\MP4 to MP3 Converter
2021-03-07 20:14 - 2021-03-07 20:14 - 000000000 ____D C:\Users\fgurz\AppData\Local\ESET
2021-03-07 19:38 - 2021-03-07 19:38 - 000000000 ____D C:\Users\fgurz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Uygulamaları
2021-03-07 14:49 - 2021-03-07 14:49 - 000002319 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-03-07 14:49 - 2021-03-07 14:49 - 000002278 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-03-07 14:49 - 2021-03-07 14:49 - 000000000 ____D C:\Program Files\Google
2021-03-07 14:48 - 2021-03-07 14:48 - 000003540 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-03-07 14:48 - 2021-03-07 14:48 - 000003416 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-03-07 14:15 - 2021-03-07 14:16 - 000000000 ____D C:\Users\fgurz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ArkSigner
2021-03-07 14:13 - 2021-03-07 14:13 - 000000000 ____D C:\Program Files (x86)\Ark
2021-03-06 23:20 - 2021-03-06 23:20 - 000000506 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2021-03-06 23:04 - 2021-03-06 23:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2021-03-06 23:04 - 2021-03-06 23:04 - 000000000 ____D C:\ProgramData\ESET
2021-03-06 23:04 - 2021-03-06 23:04 - 000000000 ____D C:\Program Files\ESET
2021-03-05 13:18 - 2021-03-05 13:18 - 003168869 _____ C:\Users\fgurz\Desktop\WHO STRESLI ZAMANLARDA NE YAPMALI7.pdf
2021-03-05 13:16 - 2021-03-08 19:17 - 000000100 _____ C:\Users\fgurz\Downloads\rufus.ini
2021-03-05 10:55 - 2021-03-05 10:56 - 000000000 ____D C:\Users\fgurz\AppData\Local\Deployment
2021-03-05 09:34 - 2021-03-05 09:34 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-05 09:34 - 2021-03-05 09:34 - 000480256 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-03-05 09:34 - 2021-03-05 09:34 - 000011002 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-03-05 09:33 - 2021-03-05 09:33 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-05 09:33 - 2021-03-05 09:33 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-05 09:33 - 2021-03-05 09:33 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-05 09:33 - 2021-03-05 09:33 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-03-04 20:52 - 2021-03-04 20:52 - 000000052 _____ C:\Users\fgurz\AppData\Local\xx.ini
2021-03-04 20:52 - 2021-03-04 20:52 - 000000000 ____D C:\Users\fgurz\AppData\Local\Alpemix
2021-03-04 05:32 - 2021-03-04 05:32 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-03-04 05:30 - 2021-03-04 05:30 - 000000020 ___SH C:\Users\fgurz\ntuser.ini
2021-03-04 05:29 - 2021-03-08 21:48 - 000004198 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{ED633777-C722-4D5B-9A44-3E8AAC6C4196}
2021-03-04 05:29 - 2021-03-08 20:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-04 05:29 - 2021-03-04 05:30 - 000003494 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-04 05:29 - 2021-03-04 05:29 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2021-03-04 05:29 - 2021-03-04 05:29 - 000011433 _____ C:\WINDOWS\diagerr.xml
2021-03-04 05:29 - 2021-03-04 05:29 - 000003270 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-03-04 05:27 - 2021-03-08 20:28 - 001825484 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-03-04 05:20 - 2021-03-08 20:22 - 000000000 ____D C:\Users\fgurz
2021-03-04 05:20 - 2021-03-04 05:20 - 000000000 _SHDL C:\Users\fgurz\Documents\Videolarım
2021-03-04 05:20 - 2021-03-04 05:20 - 000000000 _SHDL C:\Users\fgurz\Documents\Resimlerim
2021-03-04 05:20 - 2021-03-04 05:20 - 000000000 _SHDL C:\Users\fgurz\Documents\Müziğim
2021-03-04 05:20 - 2021-03-04 05:20 - 000000000 _SHDL C:\Users\fgurz\Belgelerim
2021-03-04 05:20 - 2021-03-04 05:20 - 000000000 _SHDL C:\Users\fgurz\AppData\Roaming\Microsoft\Windows\Start Menu\Programlar
2021-03-04 05:20 - 2019-12-07 12:10 - 000001105 _____ C:\Users\fgurz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-03-04 05:19 - 2016-12-29 15:28 - 000133056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2021-03-04 05:18 - 2021-03-04 05:18 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2021-03-04 05:18 - 2017-01-17 05:57 - 000222648 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-03-04 05:18 - 2016-09-09 21:25 - 000269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-03-04 05:18 - 2016-09-09 21:25 - 000261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-03-04 05:18 - 2016-09-09 21:25 - 000110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-03-04 05:18 - 2016-09-09 21:24 - 000125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-03-04 05:17 - 2021-03-08 22:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-04 05:17 - 2021-03-06 00:30 - 000450472 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-04 05:16 - 2021-03-08 20:21 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-04 05:16 - 2021-03-04 05:30 - 000000000 ____D C:\Windows.old
2021-03-04 05:11 - 2021-03-04 05:16 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2021-03-04 05:09 - 2021-03-04 05:20 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-03-04 05:09 - 2021-03-04 05:09 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-03-04 05:07 - 2021-03-04 05:07 - 000000000 ____D C:\ProgramData\ssh
2021-03-04 05:02 - 2021-03-04 05:02 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-03-04 05:02 - 2021-03-04 05:02 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-03-04 05:02 - 2021-03-04 05:02 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll
2021-03-04 05:02 - 2021-03-04 05:02 - 000138056 _____ C:\WINDOWS\system32\HvsiManagementApi.dll
2021-03-04 05:02 - 2021-03-04 05:02 - 000111616 _____ C:\WINDOWS\system32\RDVGHelper.exe
2021-03-04 05:02 - 2021-03-04 05:02 - 000101704 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll
2021-03-04 05:02 - 2021-03-04 05:02 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-03-04 05:01 - 2021-03-04 05:01 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2021-03-04 05:01 - 2021-03-04 05:01 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-04 05:01 - 2021-03-04 05:01 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-04 05:01 - 2021-03-04 05:01 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2021-03-04 05:01 - 2021-03-04 05:01 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2021-03-04 05:01 - 2021-03-04 05:01 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2021-03-04 05:01 - 2021-03-04 05:01 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-03-04 05:01 - 2021-03-04 05:01 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-03-04 05:01 - 2021-03-04 05:01 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-03-04 05:01 - 2021-03-04 05:01 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-03-04 05:01 - 2021-03-04 05:01 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-03-04 05:01 - 2021-03-04 05:01 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-03-04 05:01 - 2021-03-04 05:01 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2021-03-04 05:01 - 2021-03-04 05:01 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-03-04 05:01 - 2021-03-04 05:01 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2021-03-04 05:01 - 2021-03-04 05:01 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2021-03-04 05:01 - 2021-03-04 05:01 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-03-04 05:01 - 2021-03-04 05:01 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-03-04 05:01 - 2021-03-04 05:01 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-03-04 05:01 - 2021-03-04 05:01 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb
2021-03-04 05:01 - 2021-03-04 05:01 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2021-03-04 05:01 - 2021-03-04 05:01 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-03-04 05:01 - 2021-03-04 05:01 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-03-04 05:01 - 2021-03-04 05:01 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-03-04 05:01 - 2021-03-04 05:01 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-03-04 05:01 - 2021-03-04 05:01 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-03-04 05:01 - 2021-03-04 05:01 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2021-03-04 05:01 - 2021-03-04 05:01 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-03-04 05:01 - 2021-03-04 05:01 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2021-03-04 05:01 - 2021-03-04 05:01 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2021-03-04 05:00 - 2021-03-04 05:00 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2021-03-04 05:00 - 2021-03-04 05:00 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-03-04 05:00 - 2021-03-04 05:00 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2021-03-04 05:00 - 2021-03-04 05:00 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-03-04 05:00 - 2021-03-04 05:00 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-04 05:00 - 2021-03-04 05:00 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2021-03-04 05:00 - 2021-03-04 05:00 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2021-03-04 05:00 - 2021-03-04 05:00 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-03-04 05:00 - 2021-03-04 05:00 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-03-04 05:00 - 2021-03-04 05:00 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-03-04 05:00 - 2021-03-04 05:00 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-03-04 05:00 - 2021-03-04 05:00 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-03-04 05:00 - 2021-03-04 05:00 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2021-03-04 05:00 - 2021-03-04 05:00 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-03-04 05:00 - 2021-03-04 05:00 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2021-03-04 05:00 - 2021-03-04 05:00 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-03-04 05:00 - 2021-03-04 05:00 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-03-04 05:00 - 2021-03-04 05:00 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-03-04 05:00 - 2021-03-04 05:00 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-03-04 05:00 - 2021-03-04 05:00 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-03-04 05:00 - 2021-03-04 05:00 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb
2021-03-04 05:00 - 2021-03-04 05:00 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2021-03-04 05:00 - 2021-03-04 05:00 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-03-04 05:00 - 2021-03-04 05:00 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2021-03-04 05:00 - 2021-03-04 05:00 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2021-03-04 05:00 - 2021-03-04 05:00 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2021-03-04 05:00 - 2021-03-04 05:00 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv
2021-03-04 05:00 - 2021-03-04 05:00 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2021-03-04 05:00 - 2021-03-04 05:00 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2021-03-04 04:59 - 2021-03-04 04:59 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2021-03-04 04:59 - 2021-03-04 04:59 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-03-04 04:59 - 2021-03-04 04:59 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-03-04 04:59 - 2021-03-04 04:59 - 000707544 _____ C:\WINDOWS\system32\TextShaping.dll
2021-03-04 04:59 - 2021-03-04 04:59 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-03-04 04:59 - 2021-03-04 04:59 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-03-04 04:59 - 2021-03-04 04:59 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-03-04 04:59 - 2021-03-04 04:59 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-03-04 04:59 - 2021-03-04 04:59 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-03-04 04:59 - 2021-03-04 04:59 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-03-04 04:59 - 2021-03-04 04:59 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-03-04 04:59 - 2021-03-04 04:59 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2021-03-04 04:59 - 2021-03-04 04:59 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-03-04 04:59 - 2021-03-04 04:59 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2021-03-04 04:59 - 2021-03-04 04:59 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-03-04 04:59 - 2021-03-04 04:59 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2021-03-04 04:59 - 2021-03-04 04:59 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2021-03-04 04:59 - 2021-03-04 04:59 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv
2021-03-04 04:59 - 2021-03-04 04:59 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2021-03-04 04:59 - 2021-03-04 04:59 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2021-03-04 04:59 - 2021-03-04 04:59 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-03-04 04:49 - 2021-03-04 04:49 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2021-03-04 04:49 - 2021-03-04 04:49 - 000000000 ____D C:\Program Files\Reference Assemblies
2021-03-04 04:49 - 2021-03-04 04:49 - 000000000 ____D C:\Program Files\MSBuild
2021-03-04 04:49 - 2021-03-04 04:49 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2021-03-04 04:49 - 2021-03-04 04:49 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-03-03 23:12 - 2021-03-04 05:30 - 000000000 ___DC C:\WINDOWS\Panther
2021-03-03 22:42 - 2021-03-03 22:42 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2021-03-03 21:54 - 2021-03-03 21:54 - 000000000 ____D C:\Users\Default\Documents\Visual Studio 2010
2021-03-03 21:11 - 2021-03-03 21:11 - 000000000 ___HD C:\$Windows.~WS
2021-03-03 19:35 - 2021-03-03 19:27 - 001755016 _____ (Teknopars Bilisim) C:\Users\fgurz\Desktop\hizirbilisimCMX.exe
2021-03-03 16:57 - 2021-03-03 16:57 - 000617667 _____ C:\Users\fgurz\Desktop\çit tasıyıcı gebe bildirim formu.pdf
2021-03-03 16:25 - 2021-03-04 05:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64
2021-03-03 16:25 - 2021-03-03 16:25 - 000000000 ____D C:\Users\fgurz\AppData\Roaming\MPC-HC
2021-03-03 16:25 - 2021-03-03 16:25 - 000000000 ____D C:\Program Files\MPC-HC
2021-03-02 21:36 - 2021-03-02 21:36 - 000000000 ____D C:\Users\fgurz\AppData\Local\IsolatedStorage
2021-03-02 21:34 - 2021-03-02 21:34 - 000000000 ___HD C:\$WinREAgent
2021-03-02 21:30 - 2021-03-05 10:56 - 000000000 ____D C:\Users\fgurz\.sertifikadeposu
2021-03-02 21:30 - 2021-03-02 21:30 - 000000000 ____D C:\AkisLog
2021-03-02 17:13 - 2021-03-02 17:13 - 000000190 _____ C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2021-03-02 17:02 - 2021-03-04 05:20 - 000000000 ____D C:\Users\fgurz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\T.C. Sağlık Bakanlığı
2021-03-02 15:33 - 2021-03-02 15:33 - 000000000 ___RD C:\Users\fgurz\AppData\Roaming\Brother
2021-03-02 15:33 - 2021-03-02 15:33 - 000000000 ____D C:\Users\fgurz\AppData\LocalLow\Brother
2021-03-02 13:56 - 2021-03-06 15:53 - 000059392 _____ C:\Users\fgurz\Desktop\COVID AŞI 65 YAS USTU.xls
2021-03-01 15:53 - 2021-03-01 15:53 - 000000000 ____D C:\Users\fgurz\AppData\Roaming\ControlCenter4
2021-03-01 15:52 - 2021-03-06 00:10 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-01 10:29 - 2021-03-04 05:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2021-03-01 10:29 - 2021-03-01 10:29 - 000002132 _____ C:\ProgramData\Desktop\Brother Utilities.lnk
2021-03-01 10:29 - 2021-03-01 10:29 - 000000093 _____ C:\WINDOWS\brpcfx.ini
2021-03-01 10:29 - 2021-03-01 10:29 - 000000024 _____ C:\WINDOWS\Brpfx04a.ini
2021-03-01 10:28 - 2021-03-07 09:39 - 000000000 ____D C:\Brother
2021-03-01 10:28 - 2021-03-01 10:29 - 000000066 _____ C:\WINDOWS\Brfaxrx.ini
2021-03-01 10:28 - 2021-03-01 10:28 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-03-01 10:28 - 2021-03-01 10:28 - 000000000 ____D C:\ProgramData\PCFaxTx
2021-03-01 10:28 - 2021-03-01 10:28 - 000000000 ____D C:\ProgramData\ControlCenter4
2021-03-01 10:28 - 2021-03-01 10:28 - 000000000 ____D C:\Program Files (x86)\ControlCenter4
2021-03-01 10:28 - 2021-03-01 10:28 - 000000000 ____D C:\Program Files (x86)\Browny02
2021-03-01 10:28 - 2021-03-01 10:28 - 000000000 ____D C:\Program Files (x86)\Brother
2021-03-01 10:28 - 2014-11-26 10:10 - 000180224 _____ (Brother Industries, Ltd.) C:\WINDOWS\SysWOW64\BROSNMP.DLL
2021-03-01 10:28 - 2014-11-26 10:10 - 000077824 _____ (Brother Industries, Ltd.) C:\WINDOWS\SysWOW64\BRLMW03A.DLL
2021-03-01 10:28 - 2014-11-26 10:10 - 000045056 _____ C:\WINDOWS\SysWOW64\BRTCPCON.DLL
2021-03-01 10:28 - 2014-11-26 10:10 - 000025299 _____ (Brother Industries, Ltd) C:\WINDOWS\SysWOW64\BRLM03A.DLL
2021-03-01 10:28 - 2014-11-26 10:10 - 000000114 _____ C:\WINDOWS\SysWOW64\BRLMW03A.INI
2021-03-01 10:28 - 2014-11-26 10:09 - 000000050 _____ C:\WINDOWS\system32\BRADM13A.DAT
2021-03-01 10:28 - 2014-11-25 19:08 - 000227840 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BRCOM13A.DLL
2021-03-01 10:28 - 2013-07-12 14:03 - 000214016 _____ (brother) C:\WINDOWS\SysWOW64\NSSearch.dll
2021-03-01 10:28 - 2013-03-12 15:50 - 001442304 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BrWi213b.dll
2021-03-01 10:28 - 2013-03-08 09:45 - 000054272 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BrUsi13b.dll
2021-03-01 10:28 - 2012-12-12 11:37 - 000318464 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BrFaxTxAppRun64.dll
2021-03-01 10:28 - 2012-12-03 13:39 - 000002560 _____ (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2S.dll
2021-03-01 10:28 - 2012-07-06 13:56 - 000012800 _____ (Brother Industries Ltd.) C:\WINDOWS\system32\BrCiImg.dll
2021-03-01 10:28 - 2011-09-08 12:36 - 000279040 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BrJDec.dll
2021-03-01 10:28 - 2010-03-15 19:45 - 000073728 _____ (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2.dll
2021-03-01 10:28 - 2008-10-16 14:12 - 000005120 _____ (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2L.dll
2021-03-01 10:10 - 2021-03-01 10:10 - 000000000 ____D C:\ZIJIANG Printer Driver V11.3.0.1
2021-03-01 10:07 - 2021-03-01 10:07 - 001174979 _____ C:\WINDOWS\unins000.exe
2021-03-01 10:07 - 2021-03-01 10:07 - 000008829 _____ C:\WINDOWS\unins000.dat
2021-03-01 09:59 - 2021-03-01 09:59 - 000000000 ____D C:\Users\fgurz\AppData\Local\ElevatedDiagnostics
2021-03-01 09:39 - 2021-03-01 10:29 - 000000000 ____D C:\ProgramData\Brother
2021-02-28 23:59 - 2021-03-08 11:58 - 000000000 ____D C:\Users\fgurz\AppData\Roaming\WhatsApp
2021-02-28 23:59 - 2021-03-04 05:20 - 000000000 ____D C:\Users\fgurz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2021-02-28 23:58 - 2021-02-28 23:59 - 000000000 ____D C:\Users\fgurz\AppData\Local\WhatsApp
2021-02-28 22:53 - 2021-02-28 22:55 - 000000000 ____D C:\Users\fgurz\Desktop\SAĞLIK OKUYAZARLIK VE DİJİTALLEŞME
2021-02-28 22:47 - 2021-02-28 22:47 - 000001326 _____ C:\Users\fgurz\Desktop\İNCELENECEK YAZILAR - Kısayol.lnk
2021-02-28 22:35 - 2021-02-28 22:35 - 000000761 _____ C:\Users\fgurz\Desktop\CORONAVİRÜS - Kısayol.lnk
2021-02-28 22:30 - 2021-02-28 22:30 - 000000000 ____D C:\Users\fgurz\AppData\Roaming\WinRAR
2021-02-28 22:27 - 2021-02-28 22:28 - 000000000 ____D C:\Users\fgurz\Desktop\REÇETE ve ÖNERİLER
2021-02-28 22:21 - 2021-02-28 22:21 - 000001664 _____ C:\Users\fgurz\Desktop\TeamViewer.lnk
2021-02-28 22:19 - 2021-02-28 22:19 - 000001538 _____ C:\Users\fgurz\Desktop\IPE - Kısayol.lnk
2021-02-28 22:04 - 2021-02-28 22:26 - 000000000 ____D C:\Users\fgurz\Desktop\AŞI
2021-02-28 21:37 - 2021-03-08 20:19 - 000000396 __RSH C:\ProgramData\ntuser.pol
2021-02-28 21:37 - 2021-02-28 21:37 - 001156152 _____ (Akeo Consulting) C:\Users\fgurz\Downloads\rufus-3.13p.exe
2021-02-28 19:06 - 2021-02-28 19:06 - 000192168 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2021-02-28 19:05 - 2021-02-28 19:05 - 000000000 ____D C:\Program Files\Java
2021-02-28 13:58 - 2021-03-02 21:30 - 000000000 ____D C:\Program Files (x86)\AKIS
2021-02-28 13:48 - 2021-03-04 05:22 - 000000000 ____D C:\Users\fgurz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hızır Bilişim
2021-02-28 13:48 - 2021-02-28 13:48 - 000001517 _____ C:\Users\fgurz\Desktop\HIZIR.lnk
2021-02-28 13:48 - 2021-02-28 13:48 - 000000000 ____D C:\Users\fgurz\AppData\Local\Microsoft_Corporation
2021-02-28 13:46 - 2021-03-04 05:16 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2021-02-28 13:46 - 2021-02-28 13:49 - 000000000 ____D C:\Users\fgurz\Documents\SQL Server Management Studio
2021-02-28 13:46 - 2021-02-28 13:46 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0
2021-02-28 13:44 - 2021-02-28 13:44 - 000000000 ____D C:\WINDOWS\system32\RsFx
2021-02-28 13:43 - 2021-03-04 05:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2014
2021-02-28 13:43 - 2021-03-04 05:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008
2021-02-28 13:42 - 2021-02-28 13:42 - 000000000 ____D C:\Users\fgurz\Documents\Visual Studio 2010
2021-02-28 13:41 - 2021-03-04 05:16 - 000000000 ____D C:\WINDOWS\SysWOW64\1033
2021-02-28 13:41 - 2021-02-28 13:41 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 10.0
2021-02-28 13:40 - 2021-03-04 05:16 - 000000000 ____D C:\WINDOWS\system32\1033
2021-02-28 13:40 - 2021-03-03 22:39 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2021-02-28 13:40 - 2021-02-28 13:40 - 000000000 ____D C:\WINDOWS\symbols
2021-02-28 13:40 - 2021-02-28 13:40 - 000000000 ____D C:\Program Files\Microsoft Visual Studio 10.0
2021-02-28 13:40 - 2021-02-28 13:40 - 000000000 ____D C:\Program Files\Microsoft Help Viewer
2021-02-28 13:40 - 2021-02-28 13:40 - 000000000 ____D C:\Program Files (x86)\Microsoft SDKs
2021-02-28 13:28 - 2021-03-03 22:39 - 000000000 ____D C:\Program Files\Microsoft SQL Server
2021-02-28 13:23 - 2021-03-08 21:50 - 000000000 ____D C:\HIZIRBILISIM
2021-02-28 13:19 - 2021-02-28 22:21 - 000000000 ____D C:\Users\fgurz\AppData\Roaming\TeamViewer
2021-02-28 13:19 - 2021-02-28 13:22 - 000000000 ____D C:\Users\fgurz\AppData\Local\TeamViewer
2021-02-28 13:19 - 2020-10-08 09:56 - 019407200 _____ (TeamViewer) C:\Users\fgurz\Desktop\UzakYardim.exe
2021-02-28 13:18 - 2021-02-28 13:18 - 000000000 ____D C:\Users\fgurz\AppData\Roaming\Teams
2021-02-28 13:17 - 2021-03-01 15:53 - 000000000 ____D C:\Users\fgurz\AppData\Local\SquirrelTemp
2021-02-28 04:30 - 2021-03-04 05:16 - 000000000 ____D C:\Program Files\UNP
2021-02-28 02:44 - 2021-03-03 22:26 - 000000000 ____D C:\ESD
2021-02-28 02:44 - 2021-02-28 02:44 - 000000000 ____D C:\Program Files (x86)\Teams Installer
2021-02-28 02:43 - 2021-03-04 05:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-02-28 02:43 - 2021-02-28 02:43 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2021-02-28 02:43 - 2021-02-28 02:43 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-02-28 02:43 - 2021-02-28 02:43 - 000002492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2021-02-28 02:43 - 2021-02-28 02:43 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2021-02-28 02:43 - 2021-02-28 02:43 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-02-28 02:43 - 2021-02-28 02:43 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2021-02-28 02:43 - 2021-02-28 02:43 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2021-02-28 02:43 - 2021-02-28 02:43 - 000002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2021-02-28 02:29 - 2021-02-28 02:29 - 000000000 ____D C:\Users\fgurz\AppData\LocalLow\Adobe
2021-02-28 02:29 - 2021-02-28 02:29 - 000000000 ____D C:\Users\fgurz\AppData\Local\CEF
2021-02-28 02:20 - 2021-02-28 13:45 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-02-28 02:19 - 2021-02-28 02:19 - 000000000 ____D C:\Program Files\Microsoft Office 15
2021-02-28 02:04 - 2021-02-28 02:29 - 000000000 ____D C:\Users\fgurz\AppData\Local\Adobe
2021-02-28 02:04 - 2021-02-28 02:04 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2021-02-28 02:04 - 2021-02-28 02:04 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2021-02-28 02:04 - 2021-02-28 02:04 - 000000040 ____H C:\F07E3F681666
2021-02-28 02:03 - 2021-02-28 02:04 - 000000000 ____D C:\ProgramData\Adobe
2021-02-28 02:03 - 2021-02-28 02:03 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-02-28 02:01 - 2021-03-04 05:22 - 000000000 ____D C:\Users\fgurz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-02-28 02:01 - 2021-03-04 05:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-02-28 02:01 - 2021-03-01 10:03 - 000000000 ____D C:\Program Files\WinRAR
2021-02-28 01:53 - 2021-02-28 13:58 - 000000000 ____D C:\Users\fgurz\AppData\Local\Apps\2.0
2021-02-28 01:51 - 2021-02-28 01:51 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2021-02-28 01:48 - 2021-02-28 01:48 - 000000000 ____D C:\Program Files\DIFX
2021-02-28 01:48 - 2021-02-28 01:48 - 000000000 ____D C:\Program Files\Advanced Card Systems Ltd
2021-02-28 01:47 - 2021-02-28 01:47 - 000000000 ____D C:\Users\fgurz\AppData\Local\PeerDistRepub
2021-02-28 01:46 - 2021-03-04 05:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AKIS
2021-02-28 01:46 - 2021-03-02 21:30 - 000002078 _____ C:\ProgramData\Desktop\Akis Kart Izleme Araci.lnk
2021-02-28 01:46 - 2021-02-28 01:46 - 000000000 ____D C:\Program Files\AKIS
2021-02-28 01:38 - 2021-03-04 05:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2021-02-28 01:38 - 2021-02-28 01:38 - 000000000 ____D C:\Users\fgurz\AppData\Roaming\Sun
2021-02-28 01:38 - 2021-02-28 01:38 - 000000000 ____D C:\Users\fgurz\AppData\LocalLow\Sun
2021-02-28 01:38 - 2021-02-28 01:37 - 000165032 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2021-02-28 01:37 - 2021-02-28 01:37 - 000000000 ____D C:\ProgramData\Oracle
2021-02-28 01:37 - 2021-02-28 01:37 - 000000000 ____D C:\Program Files (x86)\Java
2021-02-28 01:32 - 2021-03-07 14:49 - 000000000 ____D C:\Users\fgurz\AppData\Local\Google
2021-02-28 01:32 - 2021-03-07 14:48 - 000000000 ____D C:\Program Files (x86)\Google
2021-02-28 01:26 - 2021-02-28 01:26 - 000000000 ____D C:\Users\fgurz\AppData\Local\OneDrive
2021-02-28 01:25 - 2021-02-28 01:25 - 000000000 ____D C:\Users\fgurz\AppData\Local\D3DSCache
2021-02-28 01:15 - 2021-03-04 08:28 - 000000000 ____D C:\Users\fgurz\AppData\Local\PackageStaging
2021-02-27 23:47 - 2021-03-04 07:38 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-27 23:40 - 2021-02-27 23:40 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-27 22:16 - 2021-03-08 20:21 - 000000000 ____D C:\ProgramData\NVIDIA
2021-02-27 22:16 - 2021-02-27 22:16 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-02-27 22:16 - 2016-12-29 16:16 - 006384576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2021-02-27 22:16 - 2016-12-29 16:16 - 002475968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2021-02-27 22:16 - 2016-12-29 16:16 - 001762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2021-02-27 22:16 - 2016-12-29 16:16 - 000546752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2021-02-27 22:16 - 2016-12-29 16:16 - 000392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2021-02-27 22:16 - 2016-12-29 16:16 - 000083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2021-02-27 22:16 - 2016-12-29 16:16 - 000069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2021-02-27 22:16 - 2016-12-29 16:10 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2021-02-27 22:16 - 2016-12-22 02:59 - 007651057 _____ C:\WINDOWS\system32\nvcoproc.bin
2021-02-27 22:15 - 2021-03-03 16:26 - 000000000 ____D C:\Users\fgurz\AppData\Local\PlaceholderTileLogoFolder
2021-02-27 22:14 - 2021-03-04 05:19 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-02-27 22:14 - 2021-02-27 22:14 - 000000000 ___HD C:\Users\fgurz\MicrosoftEdgeBackups
2021-02-27 21:56 - 2021-03-04 05:47 - 000000000 ____D C:\ProgramData\Packages
2021-02-27 21:56 - 2021-02-28 02:24 - 000000000 ____D C:\Users\fgurz\AppData\Local\Comms
2021-02-27 21:46 - 2021-03-04 05:17 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-02-27 21:43 - 2021-02-27 21:43 - 000000000 ___HD C:\OneDriveTemp
2021-02-27 21:42 - 2021-02-28 13:18 - 000000000 ___RD C:\Users\fgurz\OneDrive
2021-02-27 21:40 - 2021-02-28 01:31 - 000000000 ____D C:\Users\fgurz\AppData\Local\MicrosoftEdge
2021-02-27 21:39 - 2021-03-07 08:29 - 000000000 ____D C:\Users\fgurz\AppData\Local\Packages
2021-02-27 21:39 - 2021-03-04 05:30 - 000000000 ___RD C:\Users\fgurz\3D Objects
2021-02-27 21:39 - 2021-02-28 22:43 - 000000000 ____D C:\Users\fgurz\AppData\Local\ConnectedDevicesPlatform
2021-02-27 21:39 - 2021-02-28 02:30 - 000000000 ____D C:\Users\fgurz\AppData\Roaming\Adobe
2021-02-27 21:39 - 2021-02-28 02:11 - 000000000 ____D C:\Users\fgurz\AppData\Local\VirtualStore
2021-02-27 21:39 - 2021-02-27 21:39 - 000000000 ____D C:\Users\fgurz\AppData\Local\Publishers
2021-02-27 21:30 - 2021-02-27 21:30 - 000000000 ____D C:\WINDOWS\CSC
2021-02-27 21:28 - 2021-02-27 21:28 - 000000000 _SHDL C:\Users\Default\Documents\Videolarım
2021-02-27 21:28 - 2021-02-27 21:28 - 000000000 _SHDL C:\Users\Default\Documents\Resimlerim
2021-02-27 21:28 - 2021-02-27 21:28 - 000000000 _SHDL C:\Users\Default\Documents\Müziğim
2021-02-27 21:28 - 2021-02-27 21:28 - 000000000 _SHDL C:\Users\Default\Belgelerim
2021-02-27 21:28 - 2021-02-27 21:28 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programlar
2021-02-27 21:28 - 2021-02-27 21:28 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programlar
2021-02-27 21:28 - 2021-02-27 21:28 - 000000000 _SHDL C:\ProgramData\Belgeler
2021-02-27 21:28 - 2021-02-27 21:28 - 000000000 _SHDL C:\Documents and Settings
2021-02-27 21:26 - 2021-03-06 11:15 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-02-15 16:10 - 2021-02-28 23:59 - 000002203 _____ C:\Users\fgurz\Desktop\WhatsApp.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-09 00:00 - 2019-12-07 12:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-08 20:31 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-03-08 20:28 - 2019-12-07 17:43 - 000705416 _____ C:\WINDOWS\system32\perfh01F.dat
2021-03-08 20:28 - 2019-12-07 17:43 - 000144566 _____ C:\WINDOWS\system32\perfc01F.dat
2021-03-08 20:28 - 2019-12-07 12:13 - 000000000 ____D C:\WINDOWS\INF
2021-03-08 20:20 - 2019-12-07 12:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-03-08 20:17 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-08 16:09 - 2020-10-22 14:09 - 000015824 _____ (ESET) C:\WINDOWS\system32\Drivers\eelam.sys
2021-03-08 14:01 - 2019-12-07 12:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-03-08 10:09 - 2019-06-16 23:59 - 000000000 ____D C:\Users\fgurz\Desktop\TÜM KISAYOLLAR
2021-03-08 00:44 - 2019-12-07 12:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-03-07 07:56 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\appcompat
2021-03-07 02:00 - 2019-12-07 12:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-07 00:10 - 2019-12-07 12:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-06 00:28 - 2019-12-07 17:45 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-03-06 00:28 - 2019-12-07 12:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-06 00:28 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-06 00:28 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-06 00:28 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-06 00:28 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-06 00:28 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-06 00:28 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-06 00:28 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-06 00:28 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-05 09:38 - 2019-12-07 12:03 - 000000000 ____D C:\WINDOWS\servicing
2021-03-04 05:47 - 2019-12-07 12:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-03-04 05:31 - 2019-12-07 12:14 - 000000000 ____D C:\ProgramData\USOPrivate
2021-03-04 05:30 - 2019-12-07 12:14 - 000000000 ____D C:\Program Files\Windows NT
2021-03-04 05:29 - 2019-12-07 12:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-03-04 05:16 - 2019-12-07 12:18 - 000000000 ____D C:\WINDOWS\Setup
2021-03-04 05:16 - 2019-12-07 12:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2021-03-04 05:16 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2021-03-04 05:16 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-03-04 05:16 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\system32\spool
2021-03-04 05:16 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\Help
2021-03-04 05:16 - 2019-12-07 12:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-03-04 05:16 - 2019-03-19 07:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2021-03-04 05:16 - 2018-09-15 10:33 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2021-03-04 05:16 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2021-03-04 05:07 - 2019-12-07 17:45 - 000000000 ___SD C:\WINDOWS\system32\AppV
2021-03-04 05:07 - 2019-12-07 17:45 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-03-04 05:07 - 2019-12-07 17:45 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-03-04 05:07 - 2019-12-07 12:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-03-04 05:07 - 2019-12-07 12:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-03-04 05:07 - 2019-12-07 12:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-03-04 05:07 - 2019-12-07 12:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-03-04 05:07 - 2019-12-07 12:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-03-04 05:07 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-03-04 05:07 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-04 05:07 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-03-04 05:07 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-04 05:07 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2021-03-04 05:07 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-03-04 05:07 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-03-04 05:07 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-03-04 05:07 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-03-04 05:07 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-04 05:07 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-03-04 05:07 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-03-04 05:07 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-04 05:07 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-03-04 05:07 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-03-04 05:07 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-03-04 05:07 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-03-04 05:07 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-03-04 05:07 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-03-04 05:07 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-03-04 05:07 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-03-04 05:07 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-03-04 05:07 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\IME
2021-03-04 05:07 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-03-04 05:07 - 2019-12-07 12:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-03-04 05:07 - 2019-12-07 12:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-03-04 05:06 - 2019-12-07 17:45 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-03-04 05:06 - 2019-12-07 17:45 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-03-04 04:49 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2021-03-04 04:49 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\system32\MUI
2021-02-28 22:48 - 2021-02-05 11:01 - 000000000 ____D C:\Users\fgurz\Desktop\HASTALIK YÖNETİM PLATFORMU
2021-02-28 22:08 - 2020-11-04 21:47 - 000000000 ____D C:\Users\fgurz\Desktop\İSG MÜDÜRLÜK UZAKTAN EĞİTİM
2021-02-28 22:07 - 2020-11-06 14:01 - 000000000 ____D C:\Users\fgurz\Desktop\Saglık Rapor okunacak yazı
2021-02-28 00:59 - 2019-03-19 07:52 - 000000000 ____D C:\WINDOWS\TextInput
2021-02-25 15:16 - 2019-11-08 10:10 - 000002174 _____ C:\Users\fgurz\Desktop\HER ZAMAN LAZIM OLACAKLAR ASM ICIN - Kısayol.lnk
2021-02-25 15:16 - 2019-11-08 10:10 - 000001976 _____ C:\Users\fgurz\Desktop\Son Dosyalar - Kısayol.lnk
2021-02-25 15:16 - 2019-11-08 10:09 - 000001630 _____ C:\Users\fgurz\Desktop\ÇEŞİTLİ PDF WORD vs - Kısayol.lnk

==================== Files in the root of some directories ========

2021-03-04 20:52 - 2021-03-04 20:52 - 000000052 _____ () C:\Users\fgurz\AppData\Local\xx.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-02-2021
Ran by fgurz (09-03-2021 00:17:27)
Running from C:\Users\fgurz\Desktop
Windows 10 Pro Version 20H2 19042.844 (X64) (2021-03-04 02:30:20)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3002461710-4275012542-1497869708-500 - Administrator - Disabled)
fgurz (S-1-5-21-3002461710-4275012542-1497869708-1001 - Administrator - Enabled) => C:\Users\fgurz
Guest (S-1-5-21-3002461710-4275012542-1497869708-501 - Limited - Disabled)
VarsayılanHesap (S-1-5-21-3002461710-4275012542-1497869708-503 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3002461710-4275012542-1497869708-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Emsisoft Anti-Malware Home (Disabled - Up to date) {5FD8BF8F-F242-6153-61B5-8FF333E8736B}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ACS Unified PC/SC Driver 4.2.9.0 (HKLM\...\{2AC3CDA9-E2FB-48C0-9FAB-428AF952071E}) (Version: 4.2.9.0 - Advanced Card Systems Ltd.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 18.011.20040 - Adobe Systems Incorporated)
AKIS Yonetici x64 (2.7) (HKLM\...\{F8E4B72C-8471-4E18-B9DE-821F1EF7BABD}) (Version: 2.7 - TUBITAK)
AKIS Yonetici x86 (2.5) (HKLM-x32\...\{88F71E60-8972-4E28-B771-14E824700707}) (Version: 2.5 - Şirketinizin Adı)
ArkSigner 2.2.4 sürümü (HKU\S-1-5-21-3002461710-4275012542-1497869708-1001\...\{E01501EB-DED5-4FA7-8173-801F0C8B244F}_is1) (Version: 2.2.4 - ArkSigner Co.)
Brother MFL-Pro Suite MFC-L2700DW series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
Emsisoft Anti-Malware (HKLM\...\{CA975286-D816-410C-B6C9-F7213CA84695}) (Version: 21.3.0.10726 - Emsisoft Ltd.)
ESET Security (HKLM\...\{3B47BDC5-99BF-4F5C-A303-1F0F9DBC74F6}) (Version: 14.0.22.0 - ESET, spol. s r.o.)
GDR 6164 for SQL Server 2014 (KB4583463) (64-bit) (HKLM\...\KB4583463) (Version: 12.3.6164.21 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.82 - Google LLC)
Java 8 Update 281 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180281F0}) (Version: 8.0.2810.9 - Oracle Corporation)
Java 8 Update 281 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180281F0}) (Version: 8.0.2810.9 - Oracle Corporation)
Kaspersky Anti-Ransomware Tool for Home (HKLM-x32\...\{166AE239-F67B-45BA-A647-3B55A7EE5D1D}) (Version: 3.0.1.3039 - Kaspersky)
Kurumlar için Microsoft 365 Uygulamaları - tr-tr (HKLM\...\O365ProPlusRetail - tr-tr) (Version: 16.0.13127.21216 - Microsoft Corporation)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.45 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.63 - )
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{51528A68-E842-4152-A171-0440D6EA2F9C}) (Version: 12.3.6164.21 - Microsoft Corporation)
Microsoft Report Viewer 2014 Runtime (HKLM-x32\...\{327E9C0D-1687-414F-923E-F5979E549548}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{6292D514-17A4-403F-98F9-E150F10C043D}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{9D93D367-A2CC-4378-BD63-79EF3FE76C78}) (Version: 11.4.7462.6 - Microsoft Corporation)
Microsoft SQL Server 2014 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2014) (Version: - Microsoft Corporation)
Microsoft SQL Server 2014 Setup (English) (HKLM\...\{D626A6AB-EAFE-4453-B169-3577AB35BBD5}) (Version: 12.3.6164.21 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL Compiler Service (HKLM\...\{A9CAA60A-C8FC-479D-8582-DB15B4077BC1}) (Version: 12.3.6164.21 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{FDB6D282-D17A-422C-9F11-1DB989E76D8A}) (Version: 12.3.6164.21 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (x64) (HKLM\...\{F5C7C3DE-6413-4BB8-A307-734CFC92DBDB}) (Version: 12.3.6164.21 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2014 (HKLM\...\{366CD715-2FF4-40B4-A8B4-A05E5D21A945}) (Version: 12.3.6024.0 - Microsoft Corporation)
MPC-HC 1.9.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.9.10 - MPC-HC Team)
NVIDIA 3D Vision Sürücüsü 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.54 - NVIDIA Corporation)
NVIDIA Grafik Sürücüsü 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)
NVIDIA HD Ses Sürücüsü 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13127.21064 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13127.21064 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13127.21216 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-041F-0000-0000000FF1CE}) (Version: 16.0.13127.21064 - Microsoft Corporation) Hidden
Service Pack 3 for SQL Server 2014 (KB4022619) (64-bit) (HKLM\...\KB4022619) (Version: 12.3.6024.0 - Microsoft Corporation)
SQL Server 2014 Common Files (HKLM\...\{BD1CD96B-FE4B-4EAE-83D4-6EF55AB5779C}) (Version: 12.3.6024.0 - Microsoft Corporation) Hidden
SQL Server 2014 Common Files (HKLM\...\{F7012F84-80F5-4C25-852E-B1BA03276FE6}) (Version: 12.3.6024.0 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM\...\{17531BCD-C627-46A2-9F1E-7CC920E0E94A}) (Version: 12.3.6024.0 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM\...\{5082A9F3-AEE5-4639-9BA7-C19661BA7331}) (Version: 12.3.6024.0 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (HKLM\...\{ACC530B8-B6B4-40D6-B59B-152468CF47D0}) (Version: 12.3.6024.0 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (HKLM\...\{D1B847A9-B06B-4264-9EF0-78E6E1571E65}) (Version: 12.3.6024.0 - Microsoft Corporation) Hidden
SQL Server 2014 Management Studio (HKLM\...\{75A54138-3B98-4705-92E4-F619825B121F}) (Version: 12.3.6024.0 - Microsoft Corporation) Hidden
SQL Server 2014 Management Studio (HKLM\...\{839EF29A-3055-43DC-ADCE-8E84893798D5}) (Version: 12.3.6024.0 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2014 (HKLM-x32\...\{3204DE95-97D2-4261-A286-98A262E171D4}) (Version: 12.3.6024.0 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (HKLM\...\{6476DB81-F263-4C04-8574-AAD31136C304}) (Version: 12.3.6024.0 - Microsoft Corporation) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 10.0.1216 - SUPERAntiSpyware.com)
T.C. Sağlık Bakanlığı EBYS (HKU\S-1-5-21-3002461710-4275012542-1497869708-1001\...\a39925646430ae8d) (Version: 2021.2.19.1 - T.C. Sağlık Bakanlığı)
Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.4.0.2781 - Microsoft Corporation)
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.40219 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WhatsApp (HKU\S-1-5-21-3002461710-4275012542-1497869708-1001\...\WhatsApp) (Version: 2.2106.10 - WhatsApp)
Windows Sürücü Paketi - Advanced Card Systems Ltd. Unified PC/SC Driver (05/16/2018 4.2.9.0) (HKLM\...\A4BD78957AF57FEF09DAFEA84F85DD17AD642B00) (Version: 05/16/2018 4.2.9.0 - Advanced Card Systems Ltd.)
WinRAR 6.00 (64 bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
Zemana AntiLogger (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.664 - Zemana Ltd.)
Zemana AntiMalware 3.2.27 sürümü (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.2.27 - Zemana)
ZIJIANG Series Printer Driver version 11.3.0.1 (HKLM-x32\...\{5B643BF5-11A2-4A75-86D4-8F522DE92AA2}_is1) (Version: 11.3.0.1 - )

Packages:
=========
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_910.5.119.0_x64__8xx8rvfyw5nnt [2021-03-01] (Facebook Inc) [Startup Task]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-03-04] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0 [2021-03-07] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3002461710-4275012542-1497869708-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\fgurz\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3002461710-4275012542-1497869708-1001_Classes\CLSID\{3879ce69-4f1c-48a0-abe8-83435f91e45f}\InprocServer32 -> C:\WINDOWS\system32\dfshim.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3002461710-4275012542-1497869708-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\fgurz\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3002461710-4275012542-1497869708-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\fgurz\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2020-07-29] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-26] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\Program Files\Emsisoft Anti-Malware\A2CONTMENU.DLL [2021-03-07] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers2: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\Program Files\Emsisoft Anti-Malware\A2CONTMENU64.DLL [2021-03-07] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-26] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\Program Files\Emsisoft Anti-Malware\A2CONTMENU.DLL [2021-03-07] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers3: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\Program Files\Emsisoft Anti-Malware\A2CONTMENU64.DLL [2021-03-07] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-03-07] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2020-07-29] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\Program Files\Emsisoft Anti-Malware\A2CONTMENU.DLL [2021-03-07] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers6: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\Program Files\Emsisoft Anti-Malware\A2CONTMENU64.DLL [2021-03-07] (Emsisoft Ltd -> Emsisoft Ltd)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-26] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-03-07] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\fgurz\Desktop\TÜM KISAYOLLAR\Uyap Doküman Editorü.lnk -> C:\Uyap\Uyap Kelime Islemci\DokumanEditor.bat (No File)
Shortcut: C:\Users\fgurz\Desktop\TÜM KISAYOLLAR\Uyap Şablon Editorü.lnk -> C:\Uyap\Uyap Kelime Islemci\SablonEditor.bat (No File)
Shortcut: C:\Users\fgurz\Desktop\Desktop\MASAÜSTÜ 10 10 2018\MASAUSTU\Uyap Doküman Editorü.lnk -> C:\Uyap\Uyap Kelime Islemci\DokumanEditor.bat (No File)
Shortcut: C:\Users\fgurz\Desktop\Desktop\MASAÜSTÜ 10 10 2018\MASAUSTU\Uyap Şablon Editorü.lnk -> C:\Uyap\Uyap Kelime Islemci\SablonEditor.bat (No File)
Shortcut: C:\Users\Public\Desktop\Akis Kart Izleme Araci.lnk -> C:\Program Files (x86)\AKIS\AKiA\runAkiA.bat ()
ShortcutWithArgument: C:\Users\fgurz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Uygulamaları\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml

==================== Loaded Modules (Whitelisted) =============

2015-03-17 01:34 - 2015-03-17 01:34 - 000010240 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\tr_tr\AcroTray.tur
2021-03-07 14:15 - 2014-12-21 20:07 - 000119822 _____ () [File not signed] C:\Users\fgurz\AppData\Local\Programs\Ark\ArkSigner\libgcc_s_dw2-1.dll
2021-03-07 14:15 - 2014-12-21 20:07 - 001026062 _____ () [File not signed] C:\Users\fgurz\AppData\Local\Programs\Ark\ArkSigner\libstdc++-6.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 000013312 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\tr_tr\Acrobat Elements\ContextMenuShim64.tur
2021-03-07 14:15 - 2014-12-21 20:07 - 000049152 _____ (MingW-W64 Project. All rights reserved.) [File not signed] C:\Users\fgurz\AppData\Local\Programs\Ark\ArkSigner\libwinpthread-1.dll
2021-03-04 05:19 - 2016-12-29 15:29 - 000860960 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll
2021-03-04 05:19 - 2016-12-29 15:29 - 000339072 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\_nvstapisvr64.dll
2021-03-07 14:15 - 2016-05-10 10:09 - 001745230 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\fgurz\AppData\Local\Programs\Ark\ArkSigner\LIBEAY32.dll
2021-03-07 14:15 - 2016-05-10 10:09 - 000389041 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\fgurz\AppData\Local\Programs\Ark\ArkSigner\ssleay32.dll
2021-03-07 14:15 - 2016-03-03 19:10 - 000058880 _____ (The Qt Company Ltd) [File not signed] C:\Users\fgurz\AppData\Local\Programs\Ark\ArkSigner\imageformats\qdds.dll
2021-03-07 14:15 - 2016-03-03 15:41 - 000033280 _____ (The Qt Company Ltd) [File not signed] C:\Users\fgurz\AppData\Local\Programs\Ark\ArkSigner\imageformats\qgif.dll
2021-03-07 14:15 - 2016-03-03 19:10 - 000046592 _____ (The Qt Company Ltd) [File not signed] C:\Users\fgurz\AppData\Local\Programs\Ark\ArkSigner\imageformats\qicns.dll
2021-03-07 14:15 - 2016-03-03 15:41 - 000035328 _____ (The Qt Company Ltd) [File not signed] C:\Users\fgurz\AppData\Local\Programs\Ark\ArkSigner\imageformats\qico.dll
2021-03-07 14:15 - 2016-03-03 15:40 - 000251904 _____ (The Qt Company Ltd) [File not signed] C:\Users\fgurz\AppData\Local\Programs\Ark\ArkSigner\imageformats\qjpeg.dll
2021-03-07 14:15 - 2016-03-04 07:44 - 000028672 _____ (The Qt Company Ltd) [File not signed] C:\Users\fgurz\AppData\Local\Programs\Ark\ArkSigner\imageformats\qsvg.dll
2021-03-07 14:15 - 2016-03-03 19:10 - 000027648 _____ (The Qt Company Ltd) [File not signed] C:\Users\fgurz\AppData\Local\Programs\Ark\ArkSigner\imageformats\qtga.dll
2021-03-07 14:15 - 2016-03-03 19:11 - 000496640 _____ (The Qt Company Ltd) [File not signed] C:\Users\fgurz\AppData\Local\Programs\Ark\ArkSigner\imageformats\qtiff.dll
2021-03-07 14:15 - 2016-03-03 19:11 - 000027648 _____ (The Qt Company Ltd) [File not signed] C:\Users\fgurz\AppData\Local\Programs\Ark\ArkSigner\imageformats\qwbmp.dll
2021-03-07 14:15 - 2016-03-03 19:12 - 000366080 _____ (The Qt Company Ltd) [File not signed] C:\Users\fgurz\AppData\Local\Programs\Ark\ArkSigner\imageformats\qwebp.dll
2021-03-07 14:15 - 2016-03-03 15:43 - 001479168 _____ (The Qt Company Ltd) [File not signed] C:\Users\fgurz\AppData\Local\Programs\Ark\ArkSigner\platforms\qwindows.dll
2021-03-07 14:15 - 2016-08-05 12:08 - 005356032 _____ (The Qt Company Ltd) [File not signed] C:\Users\fgurz\AppData\Local\Programs\Ark\ArkSigner\Qt5Core.dll
2021-03-07 14:15 - 2016-03-03 16:28 - 005646336 _____ (The Qt Company Ltd) [File not signed] C:\Users\fgurz\AppData\Local\Programs\Ark\ArkSigner\Qt5Gui.dll
2021-03-07 14:15 - 2016-03-03 16:22 - 001608704 _____ (The Qt Company Ltd) [File not signed] C:\Users\fgurz\AppData\Local\Programs\Ark\ArkSigner\Qt5Network.dll
2021-03-07 14:15 - 2016-03-04 08:44 - 000357888 _____ (The Qt Company Ltd) [File not signed] C:\Users\fgurz\AppData\Local\Programs\Ark\ArkSigner\Qt5Svg.dll
2021-03-07 14:15 - 2016-03-04 08:55 - 000170496 _____ (The Qt Company Ltd) [File not signed] C:\Users\fgurz\AppData\Local\Programs\Ark\ArkSigner\Qt5WebSockets.dll
2021-03-07 14:15 - 2016-03-03 16:36 - 006494208 _____ (The Qt Company Ltd) [File not signed] C:\Users\fgurz\AppData\Local\Programs\Ark\ArkSigner\Qt5Widgets.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\86763312.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ZAM.exe" /service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\86763312.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ZAM.exe" /service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zam64.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zamguard64.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3002461710-4275012542-1497869708-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=625119&clocalename=tr-TR
SearchScopes: HKU\S-1-5-21-3002461710-4275012542-1497869708-1001 -> DefaultScope {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_281\bin\ssv.dll [2021-02-28] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-05-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_281\bin\jp2ssv.dll [2021-02-28] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-05-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_281\bin\ssv.dll [2021-02-28] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-05-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_281\bin\jp2ssv.dll [2021-02-28] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-05-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-05-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-05-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-28] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3002461710-4275012542-1497869708-1001\...\sharepoint.com -> hxxps://yuiek-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 10:31 - 2021-02-28 01:47 - 000001080 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 local.pwsigner.ark-teknoloji.com

2021-03-06 23:20 - 2021-03-06 23:20 - 000000506 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.1 DESKTOP-LI7N8SG.mshome.net # 2026 3 4 5 20 20 29 186
192.168.137.49 LGwebOSTV.mshome.net # 2021 3 6 13 20 20 29 186

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\110\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft SQL Server\120\DTS\Binn\;C:\Program Files (x86)\Microsoft SQL Server\120\Tools\Binn\ManagementStudio\;C:\Program Files (x86)\Microsoft SQL Server\120\DTS\Binn\
HKU\S-1-5-21-3002461710-4275012542-1497869708-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\fgurz\Desktop\155126308_2961447797410338_2106422371835323482_o.jpg
HKU\S-1-5-80-673104602-2485428189-2268277812-4126227293-4239528616\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 195.175.39.49 - 195.175.39.50
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKU\S-1-5-21-3002461710-4275012542-1497869708-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3002461710-4275012542-1497869708-1001\...\StartupApproved\Run: => "HizirMessenger"
HKU\S-1-5-21-3002461710-4275012542-1497869708-1001\...\StartupApproved\Run: => "AkisSIL.exe"
HKU\S-1-5-21-3002461710-4275012542-1497869708-1001\...\StartupApproved\Run: => "SUPERAntiSpyware"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{4E3F52FA-7004-47FB-B3DD-02E01409DA2F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E6B181E3-7255-48BA-A597-AFAEE334EFC1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E92D0555-9DE4-4CFC-A7FC-D8473A827636}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FD1712CD-820D-4E11-AC09-C7BA97BA3540}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{537CB7DF-537D-4427-8A56-4835EE02290F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AEB6B00D-56EA-49E1-95E8-7C53B2C7120B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{444883E9-65FF-4E3D-833E-83030E012A21}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{465C7310-7BC3-4593-B3E8-B724FA0FB0F2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D670F565-A13D-4651-9635-6F27B1077E17}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3E90140B-CFCD-4C64-9222-AFF31AE7CAE6}] => (Allow) C:\Users\fgurz\AppData\Local\Programs\Ark\ArkSigner\ArkSignerServiceConn.exe (Ark Danismanlik Bilisim Teknolojileri Mekanik Sanayi Ve Ticaret -> ArkSigner Software and Hardware Co.)
FirewallRules: [{173C93B6-A515-46C9-8DBC-1D7877D6F655}] => (Allow) C:\Users\fgurz\AppData\Local\Programs\Ark\ArkSigner\ArkSignerService.exe (Ark Danismanlik Bilisim Teknolojileri Mekanik Sanayi Ve Ticaret -> ArkSigner Software and Hardware Co.)
FirewallRules: [{9E508CA8-DB37-414C-93C2-180871FF7891}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A5DE1308-DD7E-40E2-ACD3-30D5FDAACBE5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B253E021-D62B-4582-B8CE-97A0E06DD54C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EB18EA14-E4DA-4BDD-833F-16D0E07B1F55}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EB7A3C94-2960-40C6-8598-A1A676E36FBA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{28AEAE3B-4B47-4A69-B4CD-A077EDAF7DD9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8965A294-4478-4354-AD81-3B40AF31E714}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{73A6B2DF-12C9-4418-A20A-A8637631BDDF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EF002E91-D815-450B-AD1E-A6FA34D92A64}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{37B1E6AF-0B3C-4F10-AE80-BC06C8B30C07}] => (Allow) C:\Program Files\Microsoft SQL Server\MSSQL12.HIZIR\MSSQL\Binn\sqlservr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{90C87816-6359-45AC-9FF7-D6A7310726CD}] => (Allow) C:\Program Files\Microsoft SQL Server\MSSQL12.HIZIR\MSSQL\Binn\sqlservr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{04B507EA-D897-48AA-8DD8-76252C7295AC}] => (Allow) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6D582C90-F23B-4944-BE18-AA2D09A22116}] => (Allow) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

04-03-2021 07:39:33 Windows Modül Yükleyicisi
05-03-2021 09:20:42 Windows Modül Yükleyicisi
07-03-2021 00:09:16 Windows Modül Yükleyicisi
07-03-2021 22:40:00 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (03/07/2021 09:27:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Hatalı uygulama adı: wmiprvse.exe, sürüm: 10.0.19041.546, zaman damgası: 0x5da7ab91
Hatalı modül adı: unknown, sürüm: 0.0.0.0, zaman damgası: 0x00000000
Özel durum kodu: 0x80131623
Hata uzaklığı 0x00007ff938f1200f
Hatalı işlem kimliği: 0xcb4
Uygulama başlangıç zamanı: 0x01d7137f94261290
Hatalı uygulama yolu: C:\WINDOWS\system32\wbem\wmiprvse.exe
Hatalı modül yolu: unknown
Rapor kimliği: 0ad7e069-0d72-4027-bb6c-9a8db7b771a4
Hatalı paket tam adı:
Hatalı paketle ilgili uygulama kimliği:

Error: (03/07/2021 09:27:51 PM) (Source: .NET Runtime) (EventID: 1025) (User: )
Description: Application: wmiprvse.exe
Framework Version: v4.0.30319
Description: The application requested process termination through System.Environment.FailFast(string message).
Message: Sağlayıcı beklenmeyen özel durum oluşturdu:
System.IO.FileLoadException:
File name: 'Microsoft.AppV.AppvClientComConsumer, Version=10.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'
at Microsoft.AppV.AppvPublishingServerWMI.AppvPublishingServer.EnumeratePublishingServers()

Stack:
at System.Environment.FailFast(System.String)
at WmiNative.WbemProvider.WmiNative.IWbemServices.CreateInstanceEnumAsync(System.String, Int32, WmiNative.IWbemContext, WmiNative.IWbemObjectSink)

Error: (03/07/2021 09:27:49 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002

Error: (03/07/2021 09:27:49 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002

Error: (03/07/2021 09:27:49 PM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003

Error: (03/07/2021 09:02:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Hatalı uygulama adı: wmiprvse.exe, sürüm: 10.0.19041.546, zaman damgası: 0x5da7ab91
Hatalı modül adı: unknown, sürüm: 0.0.0.0, zaman damgası: 0x00000000
Özel durum kodu: 0x80131623
Hata uzaklığı 0x00007ff938f1200f
Hatalı işlem kimliği: 0x27dc
Uygulama başlangıç zamanı: 0x01d7137c186242a5
Hatalı uygulama yolu: C:\WINDOWS\system32\wbem\wmiprvse.exe
Hatalı modül yolu: unknown
Rapor kimliği: 03d2df0d-2d71-4fe4-88ce-3c289bd80c47
Hatalı paket tam adı:
Hatalı paketle ilgili uygulama kimliği:

Error: (03/07/2021 09:02:55 PM) (Source: .NET Runtime) (EventID: 1025) (User: )
Description: Application: wmiprvse.exe
Framework Version: v4.0.30319
Description: The application requested process termination through System.Environment.FailFast(string message).
Message: Sağlayıcı beklenmeyen özel durum oluşturdu:
System.IO.FileLoadException:
File name: 'Microsoft.AppV.AppvClientComConsumer, Version=10.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'
at Microsoft.AppV.AppvPublishingServerWMI.AppvPublishingServer.EnumeratePublishingServers()

Stack:
at System.Environment.FailFast(System.String)
at WmiNative.WbemProvider.WmiNative.IWbemServices.CreateInstanceEnumAsync(System.String, Int32, WmiNative.IWbemContext, WmiNative.IWbemObjectSink)

Error: (03/07/2021 09:02:53 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002

System errors:
=============
Error: (03/08/2021 11:11:45 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-LI7N8SG)
Description: Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca sunucusu belirtilen zaman aşımı süresi içinde DCOM'a kayıt yaptıramadı.

Error: (03/08/2021 09:51:06 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-LI7N8SG)
Description: Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca sunucusu belirtilen zaman aşımı süresi içinde DCOM'a kayıt yaptıramadı.

Error: (03/08/2021 08:51:31 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-LI7N8SG)
Description: Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca sunucusu belirtilen zaman aşımı süresi içinde DCOM'a kayıt yaptıramadı.

Error: (03/08/2021 08:29:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: ZAM Controller Service hizmeti beklenmeyen bir şekilde sonlandırıldı. Bu durum 1 defa oluştu.

Error: (03/08/2021 08:26:40 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-LI7N8SG)
Description: Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca sunucusu belirtilen zaman aşımı süresi içinde DCOM'a kayıt yaptıramadı.

Error: (03/08/2021 08:22:00 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-LI7N8SG)
Description: Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca sunucusu belirtilen zaman aşımı süresi içinde DCOM'a kayıt yaptıramadı.

Error: (03/08/2021 07:15:27 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-LI7N8SG)
Description: Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca sunucusu belirtilen zaman aşımı süresi içinde DCOM'a kayıt yaptıramadı.

Error: (03/08/2021 05:05:58 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-LI7N8SG)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} sunucusu belirtilen zaman aşımı süresi içinde DCOM'a kayıt yaptıramadı.

Windows Defender:
================
Date: 2021-03-06 12:36:41
Description:
Microsoft Defender Virüsten Koruma taraması tamamlanmadan durduruldu.
Tarama Kimliği: {41C54DDE-198C-4564-B652-0F92B432E6A2}
Tarama Türü: Kötü Amaçlı Yazılımdan Koruma
Tarama Parametreleri: Hızlı Tarama
Kullanıcı: NT AUTHORITY\SYSTEM

Date: 2021-03-06 00:41:11
Description:
Microsoft Defender Virüsten Koruma taraması tamamlanmadan durduruldu.
Tarama Kimliği: {2261B934-8B2E-4100-A1FE-6AB0F64580A3}
Tarama Türü: Kötü Amaçlı Yazılımdan Koruma
Tarama Parametreleri: Hızlı Tarama
Kullanıcı: NT AUTHORITY\SYSTEM

Date: 2021-03-05 17:10:27
Description:
Microsoft Defender Virüsten Koruma taraması tamamlanmadan durduruldu.
Tarama Kimliği: {A7659BCE-6875-4C45-AAC4-E95CAECEB083}
Tarama Türü: Kötü Amaçlı Yazılımdan Koruma
Tarama Parametreleri: Hızlı Tarama
Kullanıcı: NT AUTHORITY\SYSTEM

Date: 2021-03-05 17:05:43
Description:
Microsoft Defender Virüsten Koruma taraması tamamlanmadan durduruldu.
Tarama Kimliği: {1F4FACC8-5847-4825-8CD2-242F6CB6F852}
Tarama Türü: Kötü Amaçlı Yazılımdan Koruma
Tarama Parametreleri: Hızlı Tarama
Kullanıcı: NT AUTHORITY\SYSTEM

Date: 2021-03-05 16:48:35
Description:
Microsoft Defender Virüsten Koruma taraması tamamlanmadan durduruldu.
Tarama Kimliği: {B45DCC5F-8AB7-446D-8A06-CBBC62D3C7CD}
Tarama Türü: Kötü Amaçlı Yazılımdan Koruma
Tarama Parametreleri: Hızlı Tarama
Kullanıcı: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2021-03-09 00:12:48
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-03-09 00:12:48
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\eppcom64.dll that did not meet the Windows signing level requirements.

Date: 2021-03-09 00:12:48
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\eppwsc.exe) attempted to load \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\eppcom64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-03-09 00:12:48
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\eppcom64.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: Acer V1.30 08/13/2012
Motherboard: Acer Aspire 5742G
Processor: Intel® Core™ i5 CPU M 430 @ 2.27GHz
Percentage of memory in use: 81%
Total physical RAM: 3958.7 MB
Available physical RAM: 717.2 MB
Total Virtual: 6262.7 MB
Available Virtual: 1976.45 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:213.8 GB) (Free:99.91 GB) NTFS
Drive d: (Yeni Birim) (Fixed) (Total:232.28 GB) (Free:101.18 GB) NTFS

\

\Volume{e9e11d1f-0000-0000-0000-100000000000}\ (Sistem Ayrıldı) (Fixed) (Total:0.54 GB) (Free:0.

GB) NTFS
\\?\Volume{e9e11d1f-0000-0000-0000-b09535000000}\ () (Fixed) (Total:0.5 GB) (Free:0.

GB) NTFS

=

=====

=== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 447.1 GB) (Disk ID: E9E11D1F)
Partition 1: (Active) - (Size=549 MB) - (Type=

NTFS)
Partition 2: (Not Active) - (Size=213.8 GB) - (Type=

NTFS)
Partition 3: (Not Active) - (Size=517 MB) - (Type=

)
Partition 4: (Not Active) - (Size=232.3 GB) - (Type=

NTFS)

==================== End of Addition.txt =======================

Edited by Oh My!, 10 March 2021 - 10:22 AM.

BC AdBot (Login to Remove)

BleepingComputer.com
Register to remove ads

#2 Oh My!

Adware and Spyware and Malware

Malware Response Instructor
62,343 posts
ONLINE

Gender:Male
Location:California
Local time:05:59 PM

Posted 10 March 2021 - 10:21 AM

Greetings adamim and :welcome:

to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:

First, please keep in mind most of us at BleepingComputer volunteer our assistance for your benefit in your time of need. Please try to match our commitment to you with your patience toward us.
It is important to not run any tools or take any steps other than those I will provide for you.
Please perform all steps in the order they are listed. If things are not clear or you experience problems be sure to stop and let me know.
Please copy and paste all logs into your post unless otherwise requested.
When your computer is clean I will let you know, provide instructions to remove tools and reports, and offer you information about how you can combat future infections.
If you do not reply to your topic after 5 days I will assume it has been abandoned and I will close it.

===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and let me know.

Thank you for your patience thus far. Not really seeing much but I would like to see the contents of one folder and clean up some junk.

Please do this.

===================================================

Malwarebytes AdwCleaner

-------------------

Please download AdwCleaner and save it to your Desktop
Close all open programs and browsers
Click I agree
Click Scan now
Allow the program to remove what it finds except for Pre-installed applications if you would like to keep those or other entries you would like to keep
When completed click View Scan Log File
Copy and paste the contents in your reply

===================================================

Farbar Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------

Right click on the FRST icon and select Run as administrator
Highlight the below information then hit the Ctrl + C keys at the same time and the text will be copied
There is no need to paste the information anywhere, FRST will do it for you

Start::
CreateRestorePoint:
CloseProcesses:
CustomCLSID: HKU\S-1-5-21-3002461710-4275012542-1497869708-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\fgurz\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3002461710-4275012542-1497869708-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\fgurz\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
Shortcut: C:\Users\fgurz\Desktop\TÜM KISAYOLLAR\Uyap Doküman Editorü.lnk -> C:\Uyap\Uyap Kelime Islemci\DokumanEditor.bat (No File)
Shortcut: C:\Users\fgurz\Desktop\TÜM KISAYOLLAR\Uyap Şablon Editorü.lnk -> C:\Uyap\Uyap Kelime Islemci\SablonEditor.bat (No File)
Shortcut: C:\Users\fgurz\Desktop\Desktop\MASAÜSTÜ 10 10 2018\MASAUSTU\Uyap Doküman Editorü.lnk -> C:\Uyap\Uyap Kelime Islemci\DokumanEditor.bat (No File)
Shortcut: C:\Users\fgurz\Desktop\Desktop\MASAÜSTÜ 10 10 2018\MASAUSTU\Uyap Şablon Editorü.lnk -> C:\Uyap\Uyap Kelime Islemci\SablonEditor.bat (No File)
SearchScopes: HKU\S-1-5-21-3002461710-4275012542-1497869708-1001 -> DefaultScope {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = 
FF HKU\S-1-5-21-3002461710-4275012542-1497869708-1001\...\Firefox\Extensions: [arksignermozillafirefoxextension@ark-teknoloji.com] - C:\Users\fgurz\AppData\Local\Programs\Ark\ArkSigner\firefox\arksignermozillafirefoxextension@ark-teknoloji.com => not found
cmd: dir C:\WINDOWS\SysWOW64\%Report%
End::

Click Fix
When completed he tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.

===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:

Adwcleaner log
Fixlog

Lord, to whom shall we go? You have the words of eternal life and we have believed and have come to know that you are the Holy One of God.
John 6:68-69

The Man on the Middle Cross Said I Could Come

#3 adamim

Topic Starter

Members
24 posts
OFFLINE

Local time:04:59 AM

Posted 10 March 2021 - 02:24 PM

# -------------------------------

# Malwarebytes AdwCleaner 8.1.0.0

# -------------------------------

# Build: 02-15-2021

# Database: 2021-03-09.1 (Cloud)

# Support: https://www.malwarebytes.com/support

# -------------------------------

# Mode: Scan

# -------------------------------

# Start: 03-10-2021

# Duration: 00:00:42

# OS: Windows 10 Pro

# Scanned: 3365

# Detected: 0

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.

AdwCleaner[S00].txt - [1549 octets] - [07/03/2021 22:35:56]

AdwCleaner[C00].txt - [1679 octets] - [07/03/2021 22:37:32]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

#4 adamim

Topic Starter

Members
24 posts
OFFLINE

Local time:04:59 AM

Posted 10 March 2021 - 02:32 PM

Hi, Gary thank you for your help. Here is above Adwcleaner txt. But after i ran FRST program, my computer restarted and my desktop files were disappeared!! and computer screen display changed.So I got it back with system restore .İf it is necessary i can undo the restore process. Here is fixlog.txt.

Fix result of Farbar Recovery Scan Tool (x64) Version: 28-02-2021

Ran by fgurz (10-03-2021 21:15:04) Run:1

Running from C:\Users\fgurz\Desktop

Loaded Profiles: fgurz & MSSQL$HIZIR

Boot Mode: Normal

==============================================

fixlist content:

*****************

CreateRestorePoint:

CloseProcesses:

CustomCLSID: HKU\S-1-5-21-3002461710-4275012542-1497869708-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\fgurz\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\amd64\FileSyncShell64.dll => No File

CustomCLSID: HKU\S-1-5-21-3002461710-4275012542-1497869708-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\fgurz\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\amd64\FileSyncShell64.dll => No File

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File

ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File

ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File

ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File

ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File

ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File

ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File

ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File

ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File

ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File

ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File

ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File

ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File

ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File

ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File

ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File

ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File

ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File

ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File

ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File

ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File

Shortcut: C:\Users\fgurz\Desktop\TÜM KISAYOLLAR\Uyap Doküman Editorü.lnk -> C:\Uyap\Uyap Kelime Islemci\DokumanEditor.bat (No File)

Shortcut: C:\Users\fgurz\Desktop\TÜM KISAYOLLAR\Uyap Şablon Editorü.lnk -> C:\Uyap\Uyap Kelime Islemci\SablonEditor.bat (No File)

Shortcut: C:\Users\fgurz\Desktop\Desktop\MASAÜSTÜ 10 10 2018\MASAUSTU\Uyap Doküman Editorü.lnk -> C:\Uyap\Uyap Kelime Islemci\DokumanEditor.bat (No File)

Shortcut: C:\Users\fgurz\Desktop\Desktop\MASAÜSTÜ 10 10 2018\MASAUSTU\Uyap Şablon Editorü.lnk -> C:\Uyap\Uyap Kelime Islemci\SablonEditor.bat (No File)

SearchScopes: HKU\S-1-5-21-3002461710-4275012542-1497869708-1001 -> DefaultScope {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL =

FF HKU\S-1-5-21-3002461710-4275012542-1497869708-1001\...\Firefox\Extensions: [arksignermozillafirefoxextension@ark-teknoloji.com] - C:\Users\fgurz\AppData\Local\Programs\Ark\ArkSigner\firefox\arksignermozillafirefoxextension@ark-teknoloji.com => not found

cmd: dir C:\WINDOWS\SysWOW64\%Report%

*****************

Restore point was successfully created.

Processes closed successfully.

HKU\S-1-5-21-3002461710-4275012542-1497869708-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E} => removed successfully

HKU\S-1-5-21-3002461710-4275012542-1497869708-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E} => removed successfully

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully

HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully

HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully

HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully

HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully

HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully

HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully

HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully

HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully

HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully

HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully

HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully

"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully

HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully

HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully

HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully

HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully

C:\Users\fgurz\Desktop\TÜM KISAYOLLAR\Uyap Doküman Editorü.lnk => moved successfully

C:\Users\fgurz\Desktop\TÜM KISAYOLLAR\Uyap Şablon Editorü.lnk => moved successfully

C:\Users\fgurz\Desktop\Desktop\MASAÜSTÜ 10 10 2018\MASAUSTU\Uyap Doküman Editorü.lnk => moved successfully

C:\Users\fgurz\Desktop\Desktop\MASAÜSTÜ 10 10 2018\MASAUSTU\Uyap Şablon Editorü.lnk => moved successfully

"HKU\S-1-5-21-3002461710-4275012542-1497869708-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully

"HKU\S-1-5-21-3002461710-4275012542-1497869708-1001\Software\Mozilla\Firefox\Extensions\\arksignermozillafirefoxextension@ark-teknoloji.com" => removed successfully

========= dir C:\WINDOWS\SysWOW64\%Report% =========

Volume in drive C has no label.

Volume Serial Number is 3E9B-E796

Directory of C:\WINDOWS\SysWOW64\%Report%

08.03.2021 14:09 <DIR> .

08.03.2021 14:09 <DIR> ..

08.03.2021 14:09 <DIR> 00

08.03.2021 14:09 <DIR> 01

08.03.2021 14:09 <DIR> 02

08.03.2021 14:09 <DIR> 0C

08.03.2021 14:09 64 g_db_id.dat

08.03.2021 20:30 6.400 g_objbt.dat

08.03.2021 20:30 55.675 g_objdt.dat

08.03.2021 20:30 8.248 g_objid.dat

4 File(s) 70.387 bytes

6 Dir(s) 104.231.043.072 bytes free

========= End of CMD: =========

The system needed a reboot.

==== End of Fixlog 21:15:51 ====

#5 Oh My!

Adware and Spyware and Malware

Malware Response Instructor
62,343 posts
ONLINE

Gender:Male
Location:California
Local time:05:59 PM

Posted 10 March 2021 - 03:23 PM

That is quite odd. Nothing in our Fixlist should have caused that. Since there is really nothing of concern in your reports, including the contents of the folder I wanted to investigate, we should probably leave well enough alone.

Your computer is clean.

#6 adamim

Topic Starter

Members
24 posts
OFFLINE

Local time:04:59 AM

Posted 10 March 2021 - 04:27 PM

then I put the computer into sleep mode.When I look at it again, the computer has started and the screen size has changed and when I restarted it, the image was improved.Thank you very much I I tried the system restore and the computer was back to its previous state .So Can I return the computer to the state after running the frst program?

then I put the computer into sleep mode.When I look at it again, the computer has started and the screen size has changed and when I restarted it, the image was improved

#7 Oh My!

Adware and Spyware and Malware

Malware Response Instructor
62,343 posts
ONLINE

Gender:Male
Location:California
Local time:05:59 PM

Posted 10 March 2021 - 04:37 PM

You can run the Fixlist portion of Post #2 again.

#8 adamim

Topic Starter

Members
24 posts
OFFLINE

Local time:04:59 AM

Posted 11 March 2021 - 01:32 AM

Must i copy paste the information to the search part of FRST program?

#9 Oh My!

Adware and Spyware and Malware

Malware Response Instructor
62,343 posts
ONLINE

Gender:Male
Location:California
Local time:05:59 PM

Posted 11 March 2021 - 09:45 AM

No, once you highlight and copy the information as detailed FRST will automatically "paste" the information for you when you click Fix.

#10 Oh My!

Adware and Spyware and Malware

Malware Response Instructor
62,343 posts
ONLINE

Gender:Male
Location:California
Local time:05:59 PM

Posted 14 March 2021 - 06:53 AM

Greetings,

===================================================

Do You Still Need Help?

It has been 3 days since my last post.

Do you still need help with this?
If you have not replied within 48 hours I will assume you have abandoned the Topic and it will be closed.

#11 adamim

Topic Starter

Members
24 posts
OFFLINE

Local time:04:59 AM

Posted 14 March 2021 - 12:24 PM

Hi again, i did not run FRST fix because my files on the desktop were disappearred that i mentioned older reply. I scanned my computer with comodo disk rescue , adaware, regrun security suite standart and rkill and last FRST .So which log do you want?

#12 Oh My!

Adware and Spyware and Malware

Malware Response Instructor
62,343 posts
ONLINE

Gender:Male
Location:California
Local time:05:59 PM

Posted 14 March 2021 - 04:01 PM

You can revert back to before running the initial Fixlist. Do that by using the FRST System Restore point dated 3-10

#13 adamim

Topic Starter

Members
24 posts
OFFLINE

Local time:04:59 AM

Posted 14 March 2021 - 04:15 PM

Here ise new FRST. log

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-03-2021

Ran by fgurz (administrator) on DESKTOP-LI7N8SG (Acer Aspire 5742G) (14-03-2021 19:41:04)

Running from C:\Users\fgurz\Downloads

Loaded Profiles: fgurz & MSSQL$HIZIR

Platform: Windows 10 Pro Version 20H2 19042.867 (X64) Language: Türkçe (Türkiye)

Default browser: Chrome

Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adaware Software (Lavasoft Software Canada Inc.) -> ) C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.10.129.0\AdAwareService.exe

(Emsisoft Ltd -> Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2service.exe

(Emsisoft Ltd -> Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\CommService.exe

(Emsisoft Ltd -> Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\eppwsc.exe

(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe

(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <23>

(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.HIZIR\MSSQL\Binn\sqlservr.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20688.0_x64__8wekyb3d8bbwe\HxOutlook.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20688.0_x64__8wekyb3d8bbwe\HxTsr.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.521.2012.0_x64__8wekyb3d8bbwe\GameBar.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.521.2012.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [175504 2020-10-26] (ESET, spol. s r.o. -> ESET)

HKLM\...\Run: [Emsisoft Anti-Malware] => C:\Program Files\Emsisoft Anti-Malware\a2guard.exe [9331776 2021-03-07] (Emsisoft Ltd -> Emsisoft Ltd)

HKLM\...\Run: [AdAwareTray] => C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.10.129.0\AdAwareTray.exe [4882168 2021-01-19] (Adaware Software (Lavasoft Software Canada Inc.) -> )

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-12-09] (Oracle America, Inc. -> Oracle Corporation)

HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.) [File not signed]

HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.) [File not signed]

HKLM-x32\...\Run: [RegRun WinBait] => C:\WINDOWS\winbait.exe [22880 2021-03-11] (Greatis Software LLC -> )

HKU\S-1-5-21-3002461710-4275012542-1497869708-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [11221496 2021-03-11] (Support.com Inc -> SUPERAntiSpyware)

HKU\S-1-5-21-3002461710-4275012542-1497869708-1001\...\Run: [HizirMessenger] => C:\HIZIRBILISIM\HizirMessenger\HizirMessenger.exe [31744 2021-03-09] () [File not signed]

HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [65096 2018-05-11] (Adobe Systems, Incorporated -> Adobe Systems Inc)

HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\89.0.4389.82\Installer\chrmstp.exe [2021-03-07] (Google LLC -> Google LLC)

HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{AC76BA86-0000-0000-7760-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat DC\Esl\Aiod.dll [2018-05-11] (Adobe Systems, Incorporated -> Adobe Systems, Inc.)

AppInit_DLLs: C:\PROGRA~2\KEYCRY~1\KEYCRY~4.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt64(1).dll [94568 2017-01-19] (Zemana Ltd. -> Zemana Ltd.)

AppInit_DLLs-x32: C:\PROGRA~2\KEYCRY~1\KEYCRY~3.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt32(1).dll [85864 2017-01-19] (Zemana Ltd. -> Zemana Ltd.)

BootExecute: autocheck autochk * Partizan

GroupPolicy: Restriction - Chrome <==== ATTENTION

Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {061357AC-9869-4C7A-94CC-7088C03F4C7E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-07] (Google LLC -> Google LLC)

Task: {1899A711-D2CE-497D-8754-50F45E4D48E0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3915216 2021-02-28] (Microsoft Corporation -> Microsoft Corporation)

Task: {23846FE6-3077-4A4B-8C2F-2A605A3A0C83} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118096 2021-02-28] (Microsoft Corporation -> Microsoft Corporation)

Task: {32EF8998-B0FB-4653-BAD4-161093285AAB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3915216 2021-02-28] (Microsoft Corporation -> Microsoft Corporation)

Task: {59FBF012-5F47-441C-BA5A-CD4334035BE2} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22763912 2021-02-05] (Microsoft Corporation -> Microsoft Corporation)

Task: {5C29E977-375D-4DFE-B2A4-3740EE5578E2} - System32\Tasks\UnHackMe Task Scheduler => C:\Program Files (x86)\UnHackMe\hackmon.exe [4875104 2021-03-10] (Greatis Software LLC -> Greatis Software)

Task: {6A647240-2410-40ED-BB8C-4A92CB3053E9} - System32\Tasks\RegRun WatchDog Schedule Task => C:\Program Files (x86)\Greatis\RegRunSuite\watchdog.exe [4717920 2021-03-11] (Greatis Software LLC -> Greatis Software)

Task: {6D8DB7AC-C292-4A3A-AFFD-DB7F3B416709} - System32\Tasks\AMSkipUAC => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [658808 2020-07-29] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)

Task: {74207539-8494-4374-B615-076375A0ABF5} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118096 2021-02-28] (Microsoft Corporation -> Microsoft Corporation)

Task: {77559DD8-B443-46E9-A5FE-EC123D8040BF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22763912 2021-02-05] (Microsoft Corporation -> Microsoft Corporation)

Task: {A5ACEA01-6AB4-4EF7-9371-63AAF63089A9} - System32\Tasks\SUPERAntiSpyware Scheduled Task 42cc1745-7e35-48fb-8229-be2a7e66a69f => C:\Program Files\SUPERAntiSpyware\SASTask.exe [49944 2013-11-07] (SUPERAntiSpyware.com -> SUPERAdBlocker.com) -> "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" /TASK:42cc1745-7e35-48fb-8229-be2a7e66a69f

Task: {B8084363-7839-46A4-B36B-A889A09B58B5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-07] (Google LLC -> Google LLC)

Task: {C425F456-9D5C-4B8C-811F-EB8A11089395} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [658808 2020-07-29] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)

Task: {E7A92BCB-0206-4EC4-810F-601D5FD5A3B5} - System32\Tasks\SUPERAntiSpyware Scheduled Task 9e2cb318-93cf-442a-a8b7-a263f3f59171 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [49944 2013-11-07] (SUPERAntiSpyware.com -> SUPERAdBlocker.com) -> "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" /TASK:9e2cb318-93cf-442a-a8b7-a263f3f59171

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 42cc1745-7e35-48fb-8229-be2a7e66a69f.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 9e2cb318-93cf-442a-a8b7-a263f3f59171.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 127.0.0.1 local.pwsigner.ark-teknoloji.com

Tcpip\Parameters: [DhcpNameServer] 195.175.39.49 195.175.39.50

Tcpip\..\Interfaces\{027077c2-432f-4ae3-90d0-53e07675f850}: [DhcpNameServer] 195.175.39.49 195.175.39.50

Tcpip\..\Interfaces\{1ad5d6b6-7448-4ed1-902d-c85ce38d18d3}: [DhcpNameServer] 195.175.39.49 195.175.39.50

Edge:

=======

Edge DefaultProfile: Default

Edge Profile: C:\Users\fgurz\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-14]

FireFox:

========

FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi

FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2018-05-10]

FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi

FF Plugin: @java.com/DTPlugin,version=11.281.2 -> C:\Program Files\Java\jre1.8.0_281\bin\dtplugin\npDeployJava1.dll [2021-02-28] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.281.2 -> C:\Program Files\Java\jre1.8.0_281\bin\plugin2\npjp2.dll [2021-02-28] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=11.281.2 -> C:\Program Files (x86)\Java\jre1.8.0_281\bin\dtplugin\npDeployJava1.dll [2021-02-28] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.281.2 -> C:\Program Files (x86)\Java\jre1.8.0_281\bin\plugin2\npjp2.dll [2021-02-28] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-02-28] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-02-28] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]

FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2018-05-11] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:

=======

CHR DefaultProfile: Default

CHR Profile: C:\Users\fgurz\AppData\Local\Google\Chrome\User Data\Default [2021-03-14]

CHR DownloadDir: C:\Users\fgurz\Desktop

CHR DefaultSearchURL: Default -> hxxps://www.gstatic.com/youtube/img/branding/favicon/favicon_144x144.png

CHR Session Restore: Default -> is enabled.

CHR Extension: (YouTube) - C:\Users\fgurz\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnkijcaahngcdmfeangaknmldooml [2021-03-07]

CHR Extension: (E-Reçete Barkod Yazdır) - C:\Users\fgurz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coebkbkoamlngilohbmgnafolppgoanh [2021-03-07]

CHR Extension: (ZenMate Ücretsiz VPN - Free VPN Chrome) - C:\Users\fgurz\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2021-03-12]

CHR Extension: (Avast Online Security) - C:\Users\fgurz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-03-07]

CHR Extension: (The Great Suspender) - C:\Users\fgurz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ignechgpokdmbnbfpnhnjmhgdnlcopna [2021-03-07]

CHR Extension: (Emsisoft Browser Security) - C:\Users\fgurz\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfofijpkapingknllefalncmbiienkab [2021-03-08]

CHR Extension: (RCTKiT - Karekodlu E-reçete Yazdır) - C:\Users\fgurz\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhelgilkmdppmjcfjfgbnpeigiamfdkf [2021-03-07]

CHR Extension: (Chrome Web Mağazası Ödemeleri) - C:\Users\fgurz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-07]

CHR Extension: (Chrome Media Router) - C:\Users\fgurz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-07]

CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-31] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)

R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [9809008 2021-03-07] (Emsisoft Ltd -> Emsisoft Ltd)

R2 adawareantivirusservice; C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.10.129.0\AdAwareService.exe [587104 2021-01-19] (Adaware Software (Lavasoft Software Canada Inc.) -> )

S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8854920 2021-02-05] (Microsoft Corporation -> Microsoft Corporation)

S4 DialogBlockingService; C:\WINDOWS\System32\DialogBlockingService.dll [76288 2021-03-05] (Microsoft Windows -> Microsoft Corporation)

R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-10-26] (ESET, spol. s r.o. -> ESET)

R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-10-26] (ESET, spol. s r.o. -> ESET)

R2 EmsiCommService; C:\Program Files\Emsisoft Anti-Malware\CommService.exe [13318648 2021-03-07] (Emsisoft Ltd -> Emsisoft Ltd)

R2 EppWsc; C:\Program Files\Emsisoft Anti-Malware\EppWsc.exe [1445584 2021-03-07] (Emsisoft Ltd -> Emsisoft Ltd)

S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-03-07] (Malwarebytes Inc -> Malwarebytes)

R2 MSSQL$HIZIR; C:\Program Files\Microsoft SQL Server\MSSQL12.HIZIR\MSSQL\Binn\sqlservr.exe [365464 2020-11-01] (Microsoft Corporation -> Microsoft Corporation)

S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5352528 2021-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)

S4 SQLAgent$HIZIR; C:\Program Files\Microsoft SQL Server\MSSQL12.HIZIR\MSSQL\Binn\SQLAGENT.EXE [606104 2020-11-01] (Microsoft Corporation -> Microsoft Corporation)

S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\NisSrv.exe [2483624 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)

S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MsMpEng.exe [128392 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)

R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 A38CCID; C:\WINDOWS\system32\DRIVERS\a38ccid.sys [81264 2018-06-22] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Card Systems Ltd.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]

R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [160992 2020-10-26] (ESET, spol. s r.o. -> ESET)

R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [109360 2020-10-26] (ESET, spol. s r.o. -> ESET)

S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15824 2021-03-08] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)

R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [190464 2020-10-26] (ESET, spol. s r.o. -> ESET)

R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107784 2020-10-26] (ESET, spol. s r.o. -> ESET)

R1 epp; C:\Program Files\Emsisoft Anti-Malware\epp.sys [155112 2021-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Emsisoft Ltd)

R0 eppdisk; C:\WINDOWS\System32\drivers\eppdisk.sys [37776 2021-03-07] (Emsisoft Ltd -> Emsisoft Ltd)

S0 EppElam; C:\WINDOWS\System32\drivers\EppElam.sys [16808 2021-03-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Emsisoft Ltd)

R1 eppwfp; C:\Program Files\Emsisoft Anti-Malware\eppwfp.sys [126968 2021-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Emsisoft Ltd)

R3 keycrypt; C:\WINDOWS\System32\DRIVERS\KeyCrypt64.sys [161408 2017-09-12] (Zemana Ltd. -> Zemana Ltd.)

S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-03-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)

S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-03-07] (Malwarebytes Inc -> Malwarebytes)

S4 RsFx0321; C:\WINDOWS\System32\DRIVERS\RsFx0321.sys [258720 2018-07-25] (Microsoft Corporation -> Microsoft Corporation)

R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)

R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-13] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)

R3 Trufos; C:\WINDOWS\System32\DRIVERS\Trufos.sys [611728 2020-08-06] (Bitdefender SRL -> Bitdefender)

S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49544 2021-03-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [420088 2021-03-06] (Microsoft Windows -> Microsoft Corporation)

S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-06] (Microsoft Windows -> Microsoft Corporation)

R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2021-03-08] (Zemana Ltd. -> Zemana Ltd.)

R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2021-03-08] (Zemana Ltd. -> Zemana Ltd.)

U0 Partizan; system32\drivers\Partizan.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-14 19:41 - 2021-03-14 19:42 - 000021663 _____ C:\Users\fgurz\Downloads\FRST.txt

2021-03-14 19:40 - 2021-03-14 19:40 - 000000000 ____D C:\Users\fgurz\AppData\Roaming\Skype

2021-03-14 19:38 - 2021-03-14 19:39 - 002300928 _____ (Farbar) C:\Users\fgurz\Downloads\FRST64.exe

2021-03-14 18:59 - 2021-03-14 19:05 - 000000250 _____ C:\WINDOWS\SysWOW64\PARTIZAN.TXT

2021-03-14 18:38 - 2021-03-14 18:39 - 022089213 _____ C:\Users\fgurz\Desktop\bootracer_free.zip

2021-03-14 18:30 - 2021-03-14 19:09 - 000000000 ____D C:\Program Files (x86)\UnHackMe

2021-03-14 18:30 - 2021-03-14 18:30 - 000003420 _____ C:\WINDOWS\system32\Tasks\UnHackMe Task Scheduler

2021-03-14 18:30 - 2021-03-14 18:30 - 000001080 _____ C:\Users\fgurz\Desktop\UnHackMe.lnk

2021-03-14 18:30 - 2021-03-14 18:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnHackMe

2021-03-14 18:30 - 2021-03-10 13:04 - 000015440 _____ (Greatis Software, LLC.) C:\WINDOWS\SysWOW64\Drivers\UnHackMeDrv.sys

2021-03-14 18:30 - 2015-12-28 11:32 - 000049968 _____ (Greatis Software) C:\WINDOWS\system32\partizan.exe

2021-03-14 14:56 - 2021-03-14 16:05 - 000000000 ____D C:\@RestoreQuarantine

2021-03-14 13:57 - 2021-03-14 19:07 - 000000002 RSHOT C:\WINDOWS\winstart.bat

2021-03-14 13:57 - 2021-03-14 19:07 - 000000002 RSHOT C:\WINDOWS\SysWOW64\CONFIG.NT

2021-03-14 13:57 - 2021-03-14 19:07 - 000000002 RSHOT C:\WINDOWS\SysWOW64\AUTOEXEC.NT

2021-03-14 13:57 - 2021-03-14 13:57 - 000000000 ___HD C:\Users\fgurz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Disabled Startup Items

2021-03-14 13:57 - 2021-03-14 13:57 - 000000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disabled Startup Items

2021-03-14 13:56 - 2021-03-14 19:08 - 000000000 ____D C:\Users\fgurz\Documents\RegRun2

2021-03-14 13:56 - 2021-03-14 19:07 - 000003456 _____ C:\WINDOWS\system32\Tasks\RegRun WatchDog Schedule Task

2021-03-14 13:56 - 2021-03-14 18:28 - 000000000 ____D C:\Program Files (x86)\Greatis

2021-03-14 13:56 - 2021-03-14 13:56 - 000001247 _____ C:\Users\fgurz\Desktop\RegRun Control Center.lnk

2021-03-14 13:56 - 2021-03-14 13:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegRun Security Suite

2021-03-14 13:56 - 2021-03-11 12:12 - 001387872 _____ (Greatis Software) C:\WINDOWS\RunGuard.exe

2021-03-14 13:56 - 2021-03-11 12:12 - 000022880 _____ C:\WINDOWS\WinBait.org

2021-03-14 13:56 - 2021-03-11 12:12 - 000022880 _____ C:\WINDOWS\WinBait.exe

2021-03-14 13:56 - 2003-09-06 15:55 - 000057556 _____ C:\WINDOWS\guard.bmp

2021-03-14 11:54 - 2021-03-14 13:15 - 000000000 ____D C:\ProgramData\TEMP

2021-03-14 11:54 - 2019-10-19 11:13 - 001070152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMCTL.OCX

2021-03-14 04:42 - 2021-03-14 05:03 - 000000000 ____D C:\cce_linux

2021-03-13 23:31 - 2021-03-13 23:31 - 000000000 ____D C:\Users\fgurz\AppData\Roaming\adaware

2021-03-13 23:31 - 2021-03-13 23:31 - 000000000 ____D C:\Users\fgurz\AppData\Local\AdAwareDesktop

2021-03-13 23:26 - 2021-03-13 23:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\adaware

2021-03-13 23:24 - 2021-03-13 23:24 - 000000000 ____D C:\Program Files\adaware

2021-03-13 23:22 - 2021-03-13 23:22 - 000000000 ____D C:\ProgramData\adaware

2021-03-13 23:01 - 2021-03-13 23:01 - 000000000 ____D C:\ProgramData\Avast Software

2021-03-13 22:47 - 2021-03-13 22:47 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb

2021-03-13 22:47 - 2021-03-13 22:47 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb

2021-03-13 22:47 - 2021-03-13 22:47 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim

2021-03-13 22:46 - 2021-03-13 22:46 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE

2021-03-13 22:46 - 2021-03-13 22:46 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll

2021-03-13 22:46 - 2021-03-13 22:46 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll

2021-03-12 22:35 - 2021-03-12 22:35 - 000000000 ____D C:\ProgramData\Package Cache

2021-03-12 17:10 - 2021-03-12 17:11 - 040499088 _____ (SecureMix LLC) C:\Users\fgurz\Desktop\glasswire-setup-2.1.3167.exe

2021-03-11 15:09 - 2021-03-14 00:26 - 000000542 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 9e2cb318-93cf-442a-a8b7-a263f3f59171.job

2021-03-11 15:09 - 2021-03-11 15:09 - 000003786 _____ C:\WINDOWS\system32\Tasks\SUPERAntiSpyware Scheduled Task 9e2cb318-93cf-442a-a8b7-a263f3f59171

2021-03-11 09:36 - 2021-03-13 11:15 - 000000000 ____D C:\WINDOWS\SysWOW64\Heimdal Security

2021-03-11 09:34 - 2021-03-13 11:16 - 000000000 ____D C:\ProgramData\Heimdal Security

2021-03-10 22:18 - 2021-03-14 19:43 - 000591209 _____ C:\WINDOWS\ZAM.krnl.trace

2021-03-10 22:18 - 2021-03-14 19:43 - 000076015 _____ C:\WINDOWS\ZAM_Guard.krnl.trace

2021-03-10 21:16 - 2021-03-10 21:46 - 000000000 ____D C:\Users\TEMP

2021-03-10 11:13 - 2021-03-10 11:13 - 000000000 ____D C:\Users\fgurz\AppData\Roaming\Zoom

2021-03-10 11:13 - 2021-03-10 11:13 - 000000000 ____D C:\Users\fgurz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom

2021-03-09 15:49 - 2021-03-09 15:49 - 000000000 ____D C:\Users\fgurz\Documents\Özel Office Şablonları

2021-03-09 00:12 - 2021-03-14 19:41 - 000000000 ____D C:\FRST

2021-03-08 20:30 - 2021-03-08 20:30 - 000003558 _____ C:\WINDOWS\system32\Tasks\AMHelper

2021-03-08 20:30 - 2021-03-08 20:30 - 000002680 _____ C:\WINDOWS\system32\Tasks\AMSkipUAC

2021-03-08 20:30 - 2021-03-08 20:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware

2021-03-08 20:30 - 2021-03-08 20:30 - 000000000 ____D C:\Program Files (x86)\Zemana

2021-03-08 20:29 - 2021-03-14 00:29 - 000000000 ____D C:\Users\fgurz\AppData\Local\AMSDK

2021-03-08 20:21 - 2021-03-08 20:28 - 000314508 _____ C:\TDSSKiller.3.1.0.28_08.03.2021_20.21.47_log.txt

2021-03-08 20:20 - 2021-03-08 20:20 - 000005770 _____ C:\TDSSKiller.3.1.0.28_08.03.2021_20.20.15_log.txt

2021-03-08 14:09 - 2021-03-10 22:05 - 000000000 ____D C:\WINDOWS\SysWOW64\%Report%

2021-03-08 14:02 - 2021-03-08 15:24 - 000000000 ____D C:\Users\fgurz\AppData\Roaming\Installer for Kaspersky Anti-Ransomware Tool for Business

2021-03-08 14:02 - 2021-03-08 14:02 - 000000000 ____D C:\Users\fgurz\AppData\Roaming\Kaspersky Anti-Ransomware Tool for Business

2021-03-08 11:38 - 2021-03-08 11:38 - 000000000 ____D C:\KVRT2020_Data

2021-03-08 11:23 - 2021-03-08 11:23 - 000000000 ____D C:\Program Files\HitmanPro

2021-03-08 11:20 - 2021-03-08 11:33 - 000000000 ____D C:\ProgramData\HitmanPro

2021-03-08 11:00 - 2021-03-08 11:19 - 000006342 _____ C:\TDSSKiller.3.1.0.28_08.03.2021_11.00.46_log.txt

2021-03-08 10:48 - 2021-03-08 10:48 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys

2021-03-08 10:48 - 2021-03-08 10:48 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys

2021-03-08 10:47 - 2021-03-08 20:30 - 000000000 ____D C:\Users\fgurz\AppData\Local\Zemana

2021-03-08 10:47 - 2021-03-08 10:48 - 000000000 ____D C:\Program Files (x86)\Zemana AntiLogger

2021-03-08 10:47 - 2021-03-08 10:47 - 000001226 _____ C:\ProgramData\Desktop\Zemana AntiLogger.lnk

2021-03-08 10:47 - 2021-03-08 10:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiLogger

2021-03-08 10:47 - 2021-03-08 10:47 - 000000000 ____D C:\Program Files (x86)\KeyCryptSDK

2021-03-08 10:47 - 2017-09-12 16:53 - 000161408 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\KeyCrypt64.sys

2021-03-08 10:10 - 2021-03-08 10:10 - 000000000 ____D C:\Users\fgurz\Doctor Web

2021-03-08 10:10 - 2021-03-08 10:10 - 000000000 ____D C:\ProgramData\Doctor Web

2021-03-08 05:25 - 2021-03-08 00:44 - 000001110 _____ C:\Users\fgurz\Desktop\Emsisoft Anti-Malware.lnk

2021-03-08 05:21 - 2021-03-08 09:10 - 000000000 ____D C:\ProgramData\Emsisoft

2021-03-08 00:44 - 2021-03-14 19:43 - 000000000 ____D C:\Program Files\Emsisoft Anti-Malware

2021-03-08 00:44 - 2021-03-08 00:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware

2021-03-08 00:44 - 2021-03-07 20:02 - 000037776 _____ (Emsisoft Ltd) C:\WINDOWS\system32\Drivers\eppdisk.sys

2021-03-08 00:44 - 2021-03-07 20:02 - 000016808 _____ (Emsisoft Ltd) C:\WINDOWS\system32\Drivers\EppElam.sys

2021-03-08 00:29 - 2021-03-14 19:36 - 000000000 ____D C:\Users\fgurz\Desktop\Yeni klasör

2021-03-07 23:04 - 2021-03-14 00:25 - 000000000 ____D C:\Program Files\SUPERAntiSpyware

2021-03-07 23:04 - 2021-03-08 20:21 - 000000542 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 42cc1745-7e35-48fb-8229-be2a7e66a69f.job

2021-03-07 23:04 - 2021-03-07 23:04 - 000003704 _____ C:\WINDOWS\system32\Tasks\SUPERAntiSpyware Scheduled Task 42cc1745-7e35-48fb-8229-be2a7e66a69f

2021-03-07 23:04 - 2021-03-07 23:04 - 000000000 ____D C:\Users\fgurz\AppData\Roaming\SUPERAntiSpyware.com

2021-03-07 23:04 - 2021-03-07 23:04 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com

2021-03-07 23:04 - 2021-03-07 23:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware

2021-03-07 22:35 - 2021-03-07 22:37 - 000000000 ____D C:\AdwCleaner

2021-03-07 20:41 - 2021-03-07 20:41 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys

2021-03-07 20:41 - 2021-03-07 20:41 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys

2021-03-07 20:41 - 2021-03-07 20:41 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys

2021-03-07 20:41 - 2021-03-07 20:41 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk

2021-03-07 20:41 - 2021-03-07 20:41 - 000000000 ____D C:\Users\fgurz\AppData\Local\mbam

2021-03-07 20:41 - 2021-03-07 20:41 - 000000000 ____D C:\ProgramData\Malwarebytes

2021-03-07 20:38 - 2021-03-07 20:38 - 000000000 ____D C:\Program Files\Malwarebytes

2021-03-07 20:15 - 2021-03-07 20:15 - 000000000 ____D C:\Users\fgurz\AppData\Roaming\MP4 to MP3 Converter

2021-03-07 20:14 - 2021-03-07 20:14 - 000000000 ____D C:\Users\fgurz\AppData\Local\ESET

2021-03-07 19:38 - 2021-03-07 19:38 - 000000000 ____D C:\Users\fgurz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Uygulamaları

2021-03-07 14:49 - 2021-03-07 14:49 - 000002319 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2021-03-07 14:49 - 2021-03-07 14:49 - 000002278 _____ C:\ProgramData\Desktop\Google Chrome.lnk

2021-03-07 14:49 - 2021-03-07 14:49 - 000000000 ____D C:\Program Files\Google

2021-03-07 14:48 - 2021-03-07 14:48 - 000003540 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA

2021-03-07 14:48 - 2021-03-07 14:48 - 000003416 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

2021-03-07 14:15 - 2021-03-07 14:16 - 000000000 ____D C:\Users\fgurz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ArkSigner

2021-03-07 14:13 - 2021-03-07 14:13 - 000000000 ____D C:\Program Files (x86)\Ark

2021-03-06 23:20 - 2021-03-06 23:20 - 000000506 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics

2021-03-06 23:04 - 2021-03-06 23:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET

2021-03-06 23:04 - 2021-03-06 23:04 - 000000000 ____D C:\ProgramData\ESET

2021-03-06 23:04 - 2021-03-06 23:04 - 000000000 ____D C:\Program Files\ESET

2021-03-05 13:18 - 2021-03-05 13:18 - 003168869 _____ C:\Users\fgurz\Desktop\WHO STRESLI ZAMANLARDA NE YAPMALI7.pdf

2021-03-05 13:16 - 2021-03-14 01:36 - 000000129 _____ C:\Users\fgurz\Downloads\rufus.ini

2021-03-05 10:55 - 2021-03-09 15:42 - 000000000 ____D C:\Users\fgurz\AppData\Local\Deployment

2021-03-05 09:34 - 2021-03-05 09:34 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi

2021-03-05 09:34 - 2021-03-05 09:34 - 000480256 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll

2021-03-05 09:33 - 2021-03-05 09:33 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi

2021-03-05 09:33 - 2021-03-05 09:33 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi

2021-03-05 09:33 - 2021-03-05 09:33 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll

2021-03-05 09:33 - 2021-03-05 09:33 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys

2021-03-04 20:52 - 2021-03-04 20:52 - 000000052 _____ C:\Users\fgurz\AppData\Local\xx.ini

2021-03-04 20:52 - 2021-03-04 20:52 - 000000000 ____D C:\Users\fgurz\AppData\Local\Alpemix

2021-03-04 05:32 - 2021-03-04 05:32 - 000000000 ____D C:\ProgramData\Microsoft OneDrive

2021-03-04 05:30 - 2021-03-04 05:30 - 000000020 ___SH C:\Users\fgurz\ntuser.ini

2021-03-04 05:29 - 2021-03-14 19:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT

2021-03-04 05:29 - 2021-03-14 17:34 - 000004198 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{ED633777-C722-4D5B-9A44-3E8AAC6C4196}

2021-03-04 05:29 - 2021-03-04 05:30 - 000003494 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA

2021-03-04 05:29 - 2021-03-04 05:29 - 000011433 _____ C:\WINDOWS\diagwrn.xml

2021-03-04 05:29 - 2021-03-04 05:29 - 000011433 _____ C:\WINDOWS\diagerr.xml

2021-03-04 05:29 - 2021-03-04 05:29 - 000003270 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

2021-03-04 05:27 - 2021-03-14 19:13 - 001825484 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2021-03-04 05:20 - 2021-03-14 19:08 - 000000000 ____D C:\Users\fgurz

2021-03-04 05:20 - 2021-03-04 05:20 - 000000000 _SHDL C:\Users\fgurz\Documents\Videolarım

2021-03-04 05:20 - 2021-03-04 05:20 - 000000000 _SHDL C:\Users\fgurz\Documents\Resimlerim

2021-03-04 05:20 - 2021-03-04 05:20 - 000000000 _SHDL C:\Users\fgurz\Documents\Müziğim

2021-03-04 05:20 - 2021-03-04 05:20 - 000000000 _SHDL C:\Users\fgurz\Belgelerim

2021-03-04 05:20 - 2021-03-04 05:20 - 000000000 _SHDL C:\Users\fgurz\AppData\Roaming\Microsoft\Windows\Start Menu\Programlar

2021-03-04 05:20 - 2019-12-07 12:10 - 000001105 _____ C:\Users\fgurz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2021-03-04 05:19 - 2016-12-29 15:28 - 000133056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe

2021-03-04 05:18 - 2021-03-04 05:18 - 000000000 ____D C:\Program Files (x86)\VulkanRT

2021-03-04 05:18 - 2017-01-17 05:57 - 000222648 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll

2021-03-04 05:18 - 2016-09-09 21:25 - 000269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll

2021-03-04 05:18 - 2016-09-09 21:25 - 000261920 _____ C:\WINDOWS\system32\vulkan-1.dll

2021-03-04 05:18 - 2016-09-09 21:25 - 000110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe

2021-03-04 05:18 - 2016-09-09 21:24 - 000125216 _____ C:\WINDOWS\system32\vulkaninfo.exe

2021-03-04 05:17 - 2021-03-14 15:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy

2021-03-04 05:17 - 2021-03-14 00:27 - 000450472 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2021-03-04 05:16 - 2021-03-14 19:05 - 000008192 ___SH C:\DumpStack.log.tmp

2021-03-04 05:16 - 2021-03-04 05:30 - 000000000 ____D C:\Windows.old

2021-03-04 05:11 - 2021-03-04 05:16 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate

2021-03-04 05:09 - 2021-03-04 05:20 - 000000000 ____D C:\WINDOWS\ServiceProfiles

2021-03-04 05:09 - 2021-03-04 05:09 - 000008192 _____ C:\WINDOWS\system32\config\userdiff

2021-03-04 05:07 - 2021-03-04 05:07 - 000000000 ____D C:\ProgramData\ssh

2021-03-04 05:02 - 2021-03-04 05:02 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr

2021-03-04 05:02 - 2021-03-04 05:02 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr

2021-03-04 05:02 - 2021-03-04 05:02 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll

2021-03-04 05:02 - 2021-03-04 05:02 - 000138056 _____ C:\WINDOWS\system32\HvsiManagementApi.dll

2021-03-04 05:02 - 2021-03-04 05:02 - 000111616 _____ C:\WINDOWS\system32\RDVGHelper.exe

2021-03-04 05:02 - 2021-03-04 05:02 - 000101704 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll

2021-03-04 05:02 - 2021-03-04 05:02 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll

2021-03-04 05:01 - 2021-03-04 05:01 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll

2021-03-04 05:01 - 2021-03-04 05:01 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll

2021-03-04 05:01 - 2021-03-04 05:01 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll

2021-03-04 05:01 - 2021-03-04 05:01 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll

2021-03-04 05:01 - 2021-03-04 05:01 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx

2021-03-04 05:01 - 2021-03-04 05:01 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl

2021-03-04 05:01 - 2021-03-04 05:01 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx

2021-03-04 05:01 - 2021-03-04 05:01 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl

2021-03-04 05:01 - 2021-03-04 05:01 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl

2021-03-04 05:01 - 2021-03-04 05:01 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax

2021-03-04 05:01 - 2021-03-04 05:01 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax

2021-03-04 05:01 - 2021-03-04 05:01 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax

2021-03-04 05:01 - 2021-03-04 05:01 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl

2021-03-04 05:01 - 2021-03-04 05:01 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax

2021-03-04 05:01 - 2021-03-04 05:01 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl

2021-03-04 05:01 - 2021-03-04 05:01 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax

2021-03-04 05:01 - 2021-03-04 05:01 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax

2021-03-04 05:01 - 2021-03-04 05:01 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb

2021-03-04 05:01 - 2021-03-04 05:01 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl

2021-03-04 05:01 - 2021-03-04 05:01 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx

2021-03-04 05:01 - 2021-03-04 05:01 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl

2021-03-04 05:01 - 2021-03-04 05:01 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx

2021-03-04 05:01 - 2021-03-04 05:01 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl

2021-03-04 05:01 - 2021-03-04 05:01 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll

2021-03-04 05:01 - 2021-03-04 05:01 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll

2021-03-04 05:01 - 2021-03-04 05:01 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll

2021-03-04 05:01 - 2021-03-04 05:01 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll

2021-03-04 05:01 - 2021-03-04 05:01 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll

2021-03-04 05:00 - 2021-03-04 05:00 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll

2021-03-04 05:00 - 2021-03-04 05:00 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll

2021-03-04 05:00 - 2021-03-04 05:00 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll

2021-03-04 05:00 - 2021-03-04 05:00 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll

2021-03-04 05:00 - 2021-03-04 05:00 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll

2021-03-04 05:00 - 2021-03-04 05:00 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll

2021-03-04 05:00 - 2021-03-04 05:00 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl

2021-03-04 05:00 - 2021-03-04 05:00 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll

2021-03-04 05:00 - 2021-03-04 05:00 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv

2021-03-04 05:00 - 2021-03-04 05:00 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll

2021-03-04 05:00 - 2021-03-04 05:00 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl

2021-03-04 05:00 - 2021-03-04 05:00 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll

2021-03-04 05:00 - 2021-03-04 05:00 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll

2021-03-04 05:00 - 2021-03-04 05:00 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl

2021-03-04 05:00 - 2021-03-04 05:00 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll

2021-03-04 05:00 - 2021-03-04 05:00 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll

2021-03-04 05:00 - 2021-03-04 05:00 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl

2021-03-04 05:00 - 2021-03-04 05:00 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe

2021-03-04 05:00 - 2021-03-04 05:00 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb

2021-03-04 05:00 - 2021-03-04 05:00 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl

2021-03-04 05:00 - 2021-03-04 05:00 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe

2021-03-04 05:00 - 2021-03-04 05:00 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll

2021-03-04 05:00 - 2021-03-04 05:00 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll

2021-03-04 05:00 - 2021-03-04 05:00 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll

2021-03-04 05:00 - 2021-03-04 05:00 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv

2021-03-04 05:00 - 2021-03-04 05:00 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe

2021-03-04 05:00 - 2021-03-04 05:00 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt

2021-03-04 04:59 - 2021-03-04 04:59 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin

2021-03-04 04:59 - 2021-03-04 04:59 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll

2021-03-04 04:59 - 2021-03-04 04:59 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll

2021-03-04 04:59 - 2021-03-04 04:59 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll

2021-03-04 04:59 - 2021-03-04 04:59 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv

2021-03-04 04:59 - 2021-03-04 04:59 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll

2021-03-04 04:59 - 2021-03-04 04:59 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll

2021-03-04 04:59 - 2021-03-04 04:59 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll

2021-03-04 04:59 - 2021-03-04 04:59 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll

2021-03-04 04:59 - 2021-03-04 04:59 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl

2021-03-04 04:59 - 2021-03-04 04:59 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll

2021-03-04 04:59 - 2021-03-04 04:59 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe

2021-03-04 04:59 - 2021-03-04 04:59 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll

2021-03-04 04:59 - 2021-03-04 04:59 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll

2021-03-04 04:59 - 2021-03-04 04:59 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll

2021-03-04 04:59 - 2021-03-04 04:59 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll

2021-03-04 04:59 - 2021-03-04 04:59 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv

2021-03-04 04:59 - 2021-03-04 04:59 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll

2021-03-04 04:59 - 2021-03-04 04:59 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll

2021-03-04 04:59 - 2021-03-04 04:59 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe

2021-03-04 04:49 - 2021-03-04 04:49 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer

2021-03-04 04:49 - 2021-03-04 04:49 - 000000000 ____D C:\Program Files\Reference Assemblies

2021-03-04 04:49 - 2021-03-04 04:49 - 000000000 ____D C:\Program Files\MSBuild

2021-03-04 04:49 - 2021-03-04 04:49 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies

2021-03-04 04:49 - 2021-03-04 04:49 - 000000000 ____D C:\Program Files (x86)\MSBuild

2021-03-03 23:12 - 2021-03-04 05:30 - 000000000 ___DC C:\WINDOWS\Panther

2021-03-03 22:42 - 2021-03-03 22:42 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services

2021-03-03 21:54 - 2021-03-03 21:54 - 000000000 ____D C:\Users\Default\Documents\Visual Studio 2010

2021-03-03 21:11 - 2021-03-03 21:11 - 000000000 ___HD C:\$Windows.~WS

2021-03-03 19:35 - 2021-03-03 19:27 - 001755016 _____ (Teknopars Bilisim) C:\Users\fgurz\Desktop\hizirbilisimCMX.exe

2021-03-03 16:25 - 2021-03-04 05:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64

2021-03-03 16:25 - 2021-03-03 16:25 - 000000000 ____D C:\Users\fgurz\AppData\Roaming\MPC-HC

2021-03-03 16:25 - 2021-03-03 16:25 - 000000000 ____D C:\Program Files\MPC-HC

2021-03-02 21:36 - 2021-03-02 21:36 - 000000000 ____D C:\Users\fgurz\AppData\Local\IsolatedStorage

2021-03-02 21:34 - 2021-03-02 21:34 - 000000000 ___HD C:\$WinREAgent

2021-03-02 21:30 - 2021-03-09 15:42 - 000000000 ____D C:\Users\fgurz\.sertifikadeposu

2021-03-02 21:30 - 2021-03-09 15:42 - 000000000 ____D C:\AkisLog

2021-03-02 17:13 - 2021-03-02 17:13 - 000000190 _____ C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

2021-03-02 17:02 - 2021-03-04 05:20 - 000000000 ____D C:\Users\fgurz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\T.C. Sağlık Bakanlığı

2021-03-02 15:33 - 2021-03-02 15:33 - 000000000 ___RD C:\Users\fgurz\AppData\Roaming\Brother

2021-03-02 15:33 - 2021-03-02 15:33 - 000000000 ____D C:\Users\fgurz\AppData\LocalLow\Brother

2021-03-02 13:56 - 2021-03-06 15:53 - 000059392 _____ C:\Users\fgurz\Desktop\COVID AŞI 65 YAS USTU.xls

2021-03-01 15:53 - 2021-03-01 15:53 - 000000000 ____D C:\Users\fgurz\AppData\Roaming\ControlCenter4

2021-03-01 15:52 - 2021-03-12 08:43 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk

2021-03-01 10:29 - 2021-03-04 05:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother

2021-03-01 10:29 - 2021-03-01 10:29 - 000002132 _____ C:\ProgramData\Desktop\Brother Utilities.lnk

2021-03-01 10:29 - 2021-03-01 10:29 - 000000093 _____ C:\WINDOWS\brpcfx.ini

2021-03-01 10:29 - 2021-03-01 10:29 - 000000024 _____ C:\WINDOWS\Brpfx04a.ini

2021-03-01 10:28 - 2021-03-07 09:39 - 000000000 ____D C:\Brother

2021-03-01 10:28 - 2021-03-01 10:29 - 000000066 _____ C:\WINDOWS\Brfaxrx.ini

2021-03-01 10:28 - 2021-03-01 10:28 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information

2021-03-01 10:28 - 2021-03-01 10:28 - 000000000 ____D C:\ProgramData\PCFaxTx

2021-03-01 10:28 - 2021-03-01 10:28 - 000000000 ____D C:\ProgramData\ControlCenter4

2021-03-01 10:28 - 2021-03-01 10:28 - 000000000 ____D C:\Program Files (x86)\ControlCenter4

2021-03-01 10:28 - 2021-03-01 10:28 - 000000000 ____D C:\Program Files (x86)\Browny02

2021-03-01 10:28 - 2021-03-01 10:28 - 000000000 ____D C:\Program Files (x86)\Brother

2021-03-01 10:28 - 2014-11-26 10:10 - 000180224 _____ (Brother Industries, Ltd.) C:\WINDOWS\SysWOW64\BROSNMP.DLL

2021-03-01 10:28 - 2014-11-26 10:10 - 000077824 _____ (Brother Industries, Ltd.) C:\WINDOWS\SysWOW64\BRLMW03A.DLL

2021-03-01 10:28 - 2014-11-26 10:10 - 000045056 _____ C:\WINDOWS\SysWOW64\BRTCPCON.DLL

2021-03-01 10:28 - 2014-11-26 10:10 - 000025299 _____ (Brother Industries, Ltd) C:\WINDOWS\SysWOW64\BRLM03A.DLL

2021-03-01 10:28 - 2014-11-26 10:10 - 000000114 _____ C:\WINDOWS\SysWOW64\BRLMW03A.INI

2021-03-01 10:28 - 2014-11-26 10:09 - 000000050 _____ C:\WINDOWS\system32\BRADM13A.DAT

2021-03-01 10:28 - 2014-11-25 19:08 - 000227840 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BRCOM13A.DLL

2021-03-01 10:28 - 2013-07-12 14:03 - 000214016 _____ (brother) C:\WINDOWS\SysWOW64\NSSearch.dll

2021-03-01 10:28 - 2013-03-12 15:50 - 001442304 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BrWi213b.dll

2021-03-01 10:28 - 2013-03-08 09:45 - 000054272 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BrUsi13b.dll

2021-03-01 10:28 - 2012-12-12 11:37 - 000318464 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BrFaxTxAppRun64.dll

2021-03-01 10:28 - 2012-12-03 13:39 - 000002560 _____ (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2S.dll

2021-03-01 10:28 - 2012-07-06 13:56 - 000012800 _____ (Brother Industries Ltd.) C:\WINDOWS\system32\BrCiImg.dll

2021-03-01 10:28 - 2011-09-08 12:36 - 000279040 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BrJDec.dll

2021-03-01 10:28 - 2010-03-15 19:45 - 000073728 _____ (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2.dll

2021-03-01 10:28 - 2008-10-16 14:12 - 000005120 _____ (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2L.dll

2021-03-01 10:10 - 2021-03-01 10:10 - 000000000 ____D C:\ZIJIANG Printer Driver V11.3.0.1

2021-03-01 10:07 - 2021-03-01 10:07 - 001174979 _____ C:\WINDOWS\unins000.exe

2021-03-01 10:07 - 2021-03-01 10:07 - 000008829 _____ C:\WINDOWS\unins000.dat

2021-03-01 09:59 - 2021-03-14 00:46 - 000000000 ____D C:\Users\fgurz\AppData\Local\ElevatedDiagnostics

2021-03-01 09:39 - 2021-03-01 10:29 - 000000000 ____D C:\ProgramData\Brother

2021-02-28 23:59 - 2021-03-14 18:40 - 000000000 ____D C:\Users\fgurz\AppData\Roaming\WhatsApp

2021-02-28 23:59 - 2021-03-04 05:20 - 000000000 ____D C:\Users\fgurz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp

2021-02-28 23:58 - 2021-03-12 09:58 - 000000000 ____D C:\Users\fgurz\AppData\Local\WhatsApp

2021-02-28 22:53 - 2021-02-28 22:55 - 000000000 ____D C:\Users\fgurz\Desktop\SAĞLIK OKUYAZARLIK VE DİJİTALLEŞME

2021-02-28 22:47 - 2021-02-28 22:47 - 000001326 _____ C:\Users\fgurz\Desktop\İNCELENECEK YAZILAR - Kısayol.lnk

2021-02-28 22:35 - 2021-02-28 22:35 - 000000761 _____ C:\Users\fgurz\Desktop\CORONAVİRÜS - Kısayol.lnk

2021-02-28 22:30 - 2021-02-28 22:30 - 000000000 ____D C:\Users\fgurz\AppData\Roaming\WinRAR

2021-02-28 22:27 - 2021-03-14 13:18 - 000000000 ____D C:\Users\fgurz\Desktop\REÇETE ve ÖNERİLER

2021-02-28 22:21 - 2021-02-28 22:21 - 000001664 _____ C:\Users\fgurz\Desktop\TeamViewer.lnk

2021-02-28 22:19 - 2021-02-28 22:19 - 000001538 _____ C:\Users\fgurz\Desktop\IPE - Kısayol.lnk

2021-02-28 22:04 - 2021-02-28 22:26 - 000000000 ____D C:\Users\fgurz\Desktop\AŞI

2021-02-28 21:37 - 2021-03-14 12:55 - 000000972 __RSH C:\ProgramData\ntuser.pol

2021-02-28 19:06 - 2021-02-28 19:06 - 000192168 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll

2021-02-28 19:05 - 2021-02-28 19:05 - 000000000 ____D C:\Program Files\Java

2021-02-28 13:58 - 2021-03-02 21:30 - 000000000 ____D C:\Program Files (x86)\AKIS

2021-02-28 13:48 - 2021-03-04 05:22 - 000000000 ____D C:\Users\fgurz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hızır Bilişim

2021-02-28 13:48 - 2021-02-28 13:48 - 000001517 _____ C:\Users\fgurz\Desktop\HIZIR.lnk

2021-02-28 13:48 - 2021-02-28 13:48 - 000000000 ____D C:\Users\fgurz\AppData\Local\Microsoft_Corporation

2021-02-28 13:46 - 2021-03-04 05:16 - 000000000 ____D C:\WINDOWS\system32\appmgmt

2021-02-28 13:46 - 2021-02-28 13:49 - 000000000 ____D C:\Users\fgurz\Documents\SQL Server Management Studio

2021-02-28 13:46 - 2021-02-28 13:46 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0

2021-02-28 13:44 - 2021-02-28 13:44 - 000000000 ____D C:\WINDOWS\system32\RsFx

2021-02-28 13:43 - 2021-03-04 05:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2014

2021-02-28 13:43 - 2021-03-04 05:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008

2021-02-28 13:42 - 2021-02-28 13:42 - 000000000 ____D C:\Users\fgurz\Documents\Visual Studio 2010

2021-02-28 13:41 - 2021-03-04 05:16 - 000000000 ____D C:\WINDOWS\SysWOW64\1033

2021-02-28 13:41 - 2021-02-28 13:41 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 10.0

2021-02-28 13:40 - 2021-03-04 05:16 - 000000000 ____D C:\WINDOWS\system32\1033

2021-02-28 13:40 - 2021-03-03 22:39 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server

2021-02-28 13:40 - 2021-02-28 13:40 - 000000000 ____D C:\WINDOWS\symbols

2021-02-28 13:40 - 2021-02-28 13:40 - 000000000 ____D C:\Program Files\Microsoft Visual Studio 10.0

2021-02-28 13:40 - 2021-02-28 13:40 - 000000000 ____D C:\Program Files\Microsoft Help Viewer

2021-02-28 13:40 - 2021-02-28 13:40 - 000000000 ____D C:\Program Files (x86)\Microsoft SDKs

2021-02-28 13:28 - 2021-03-03 22:39 - 000000000 ____D C:\Program Files\Microsoft SQL Server

2021-02-28 13:23 - 2021-03-12 08:43 - 000000000 ____D C:\HIZIRBILISIM

2021-02-28 13:19 - 2021-02-28 22:21 - 000000000 ____D C:\Users\fgurz\AppData\Roaming\TeamViewer

2021-02-28 13:19 - 2021-02-28 13:22 - 000000000 ____D C:\Users\fgurz\AppData\Local\TeamViewer

2021-02-28 13:19 - 2020-10-08 09:56 - 019407200 _____ (TeamViewer) C:\Users\fgurz\Desktop\UzakYardim.exe

2021-02-28 13:18 - 2021-02-28 13:18 - 000000000 ____D C:\Users\fgurz\AppData\Roaming\Teams

2021-02-28 13:17 - 2021-03-12 09:56 - 000000000 ____D C:\Users\fgurz\AppData\Local\SquirrelTemp

2021-02-28 04:30 - 2021-03-04 05:16 - 000000000 ____D C:\Program Files\UNP

2021-02-28 02:44 - 2021-03-03 22:26 - 000000000 ____D C:\ESD

2021-02-28 02:44 - 2021-02-28 02:44 - 000000000 ____D C:\Program Files (x86)\Teams Installer

2021-02-28 02:43 - 2021-03-04 05:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools

2021-02-28 02:43 - 2021-02-28 02:43 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk

2021-02-28 02:43 - 2021-02-28 02:43 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk

2021-02-28 02:43 - 2021-02-28 02:43 - 000002492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk

2021-02-28 02:43 - 2021-02-28 02:43 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk

2021-02-28 02:43 - 2021-02-28 02:43 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk

2021-02-28 02:43 - 2021-02-28 02:43 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk

2021-02-28 02:43 - 2021-02-28 02:43 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk

2021-02-28 02:43 - 2021-02-28 02:43 - 000002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk

2021-02-28 02:29 - 2021-02-28 02:29 - 000000000 ____D C:\Users\fgurz\AppData\LocalLow\Adobe

2021-02-28 02:29 - 2021-02-28 02:29 - 000000000 ____D C:\Users\fgurz\AppData\Local\CEF

2021-02-28 02:20 - 2021-02-28 13:45 - 000000000 ____D C:\Program Files (x86)\Microsoft Office

2021-02-28 02:19 - 2021-02-28 02:19 - 000000000 ____D C:\Program Files\Microsoft Office 15

2021-02-28 02:04 - 2021-02-28 02:29 - 000000000 ____D C:\Users\fgurz\AppData\Local\Adobe

2021-02-28 02:04 - 2021-02-28 02:04 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk

2021-02-28 02:04 - 2021-02-28 02:04 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk

2021-02-28 02:04 - 2021-02-28 02:04 - 000000040 ____H C:\F07E3F681666

2021-02-28 02:03 - 2021-02-28 02:04 - 000000000 ____D C:\ProgramData\Adobe

2021-02-28 02:03 - 2021-02-28 02:03 - 000000000 ____D C:\Program Files (x86)\Adobe

2021-02-28 02:01 - 2021-03-04 05:22 - 000000000 ____D C:\Users\fgurz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

2021-02-28 02:01 - 2021-03-04 05:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

2021-02-28 02:01 - 2021-03-01 10:03 - 000000000 ____D C:\Program Files\WinRAR

2021-02-28 01:53 - 2021-02-28 13:58 - 000000000 ____D C:\Users\fgurz\AppData\Local\Apps\2.0

2021-02-28 01:51 - 2021-02-28 01:51 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf

2021-02-28 01:48 - 2021-02-28 01:48 - 000000000 ____D C:\Program Files\DIFX

2021-02-28 01:48 - 2021-02-28 01:48 - 000000000 ____D C:\Program Files\Advanced Card Systems Ltd

2021-02-28 01:47 - 2021-02-28 01:47 - 000000000 ____D C:\Users\fgurz\AppData\Local\PeerDistRepub

2021-02-28 01:46 - 2021-03-04 05:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AKIS

2021-02-28 01:46 - 2021-03-02 21:30 - 000002078 _____ C:\ProgramData\Desktop\Akis Kart Izleme Araci.lnk

2021-02-28 01:46 - 2021-02-28 01:46 - 000000000 ____D C:\Program Files\AKIS

2021-02-28 01:38 - 2021-03-04 05:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2021-02-28 01:38 - 2021-02-28 01:38 - 000000000 ____D C:\Users\fgurz\AppData\Roaming\Sun

2021-02-28 01:38 - 2021-02-28 01:38 - 000000000 ____D C:\Users\fgurz\AppData\LocalLow\Sun

2021-02-28 01:38 - 2021-02-28 01:37 - 000165032 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll

2021-02-28 01:37 - 2021-02-28 01:37 - 000000000 ____D C:\ProgramData\Oracle

2021-02-28 01:37 - 2021-02-28 01:37 - 000000000 ____D C:\Program Files (x86)\Java

2021-02-28 01:32 - 2021-03-07 14:49 - 000000000 ____D C:\Users\fgurz\AppData\Local\Google

2021-02-28 01:32 - 2021-03-07 14:48 - 000000000 ____D C:\Program Files (x86)\Google

2021-02-28 01:26 - 2021-02-28 01:26 - 000000000 ____D C:\Users\fgurz\AppData\Local\OneDrive

2021-02-28 01:25 - 2021-02-28 01:25 - 000000000 ____D C:\Users\fgurz\AppData\Local\D3DSCache

2021-02-28 01:15 - 2021-03-04 08:28 - 000000000 ____D C:\Users\fgurz\AppData\Local\PackageStaging

2021-02-27 23:47 - 2021-03-04 07:38 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools

2021-02-27 23:40 - 2021-03-11 00:09 - 000000000 ____D C:\WINDOWS\system32\MRT

2021-02-27 22:16 - 2021-03-14 19:05 - 000000000 ____D C:\ProgramData\NVIDIA

2021-02-27 22:16 - 2021-02-27 22:16 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation

2021-02-27 22:16 - 2016-12-29 16:16 - 006384576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll

2021-02-27 22:16 - 2016-12-29 16:16 - 002475968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll

2021-02-27 22:16 - 2016-12-29 16:16 - 001762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll

2021-02-27 22:16 - 2016-12-29 16:16 - 000546752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll

2021-02-27 22:16 - 2016-12-29 16:16 - 000392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll

2021-02-27 22:16 - 2016-12-29 16:16 - 000083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll

2021-02-27 22:16 - 2016-12-29 16:16 - 000069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll

2021-02-27 22:16 - 2016-12-29 16:10 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat

2021-02-27 22:16 - 2016-12-22 02:59 - 007651057 _____ C:\WINDOWS\system32\nvcoproc.bin

2021-02-27 22:15 - 2021-03-03 16:26 - 000000000 ____D C:\Users\fgurz\AppData\Local\PlaceholderTileLogoFolder

2021-02-27 22:14 - 2021-03-04 05:19 - 000000000 ____D C:\ProgramData\NVIDIA Corporation

2021-02-27 22:14 - 2021-02-27 22:14 - 000000000 ___HD C:\Users\fgurz\MicrosoftEdgeBackups

2021-02-27 21:56 - 2021-03-04 05:47 - 000000000 ____D C:\ProgramData\Packages

2021-02-27 21:56 - 2021-02-28 02:24 - 000000000 ____D C:\Users\fgurz\AppData\Local\Comms

2021-02-27 21:46 - 2021-03-04 05:17 - 000000000 ____D C:\Program Files\NVIDIA Corporation

2021-02-27 21:43 - 2021-02-27 21:43 - 000000000 ___HD C:\OneDriveTemp

2021-02-27 21:42 - 2021-02-28 13:18 - 000000000 ___RD C:\Users\fgurz\OneDrive

2021-02-27 21:40 - 2021-02-28 01:31 - 000000000 ____D C:\Users\fgurz\AppData\Local\MicrosoftEdge

2021-02-27 21:39 - 2021-03-09 17:22 - 000000000 ____D C:\Users\fgurz\AppData\Local\Packages

2021-02-27 21:39 - 2021-03-04 05:30 - 000000000 ___RD C:\Users\fgurz\3D Objects

2021-02-27 21:39 - 2021-02-28 22:43 - 000000000 ____D C:\Users\fgurz\AppData\Local\ConnectedDevicesPlatform

2021-02-27 21:39 - 2021-02-28 02:30 - 000000000 ____D C:\Users\fgurz\AppData\Roaming\Adobe

2021-02-27 21:39 - 2021-02-28 02:11 - 000000000 ____D C:\Users\fgurz\AppData\Local\VirtualStore

2021-02-27 21:39 - 2021-02-27 21:39 - 000000000 ____D C:\Users\fgurz\AppData\Local\Publishers

2021-02-27 21:30 - 2021-02-27 21:30 - 000000000 ____D C:\WINDOWS\CSC

2021-02-27 21:28 - 2021-02-27 21:28 - 000000000 _SHDL C:\Users\Default\Documents\Videolarım

2021-02-27 21:28 - 2021-02-27 21:28 - 000000000 _SHDL C:\Users\Default\Documents\Resimlerim

2021-02-27 21:28 - 2021-02-27 21:28 - 000000000 _SHDL C:\Users\Default\Documents\Müziğim

2021-02-27 21:28 - 2021-02-27 21:28 - 000000000 _SHDL C:\Users\Default\Belgelerim

2021-02-27 21:28 - 2021-02-27 21:28 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programlar

2021-02-27 21:28 - 2021-02-27 21:28 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programlar

2021-02-27 21:28 - 2021-02-27 21:28 - 000000000 _SHDL C:\ProgramData\Belgeler

2021-02-27 21:28 - 2021-02-27 21:28 - 000000000 _SHDL C:\Documents and Settings

2021-02-27 21:26 - 2021-03-06 11:15 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd

2021-02-15 16:10 - 2021-02-28 23:59 - 000002203 _____ C:\Users\fgurz\Desktop\WhatsApp.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-14 19:45 - 2019-12-07 12:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

2021-03-14 19:13 - 2019-12-07 17:43 - 000705416 _____ C:\WINDOWS\system32\perfh01F.dat

2021-03-14 19:13 - 2019-12-07 17:43 - 000144566 _____ C:\WINDOWS\system32\perfc01F.dat

2021-03-14 19:13 - 2019-12-07 12:13 - 000000000 ____D C:\WINDOWS\INF

2021-03-14 19:08 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\ServiceState

2021-03-14 19:04 - 2019-12-07 12:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI

2021-03-14 00:56 - 2019-12-07 12:03 - 000000000 ____D C:\WINDOWS\CbsTemp

2021-03-14 00:26 - 2019-12-07 17:45 - 000000000 ___SD C:\WINDOWS\system32\AppV

2021-03-14 00:26 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup

2021-03-14 00:26 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe

2021-03-14 00:26 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism

2021-03-14 00:26 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\SystemResources

2021-03-14 00:26 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform

2021-03-14 00:26 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\system32\setup

2021-03-14 00:26 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\system32\oobe

2021-03-14 00:26 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\system32\Dism

2021-03-14 00:26 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\bcastdvr

2021-03-13 23:44 - 2019-12-07 12:14 - 000000000 ___HD C:\Program Files\WindowsApps

2021-03-13 23:44 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\AppReadiness

2021-03-10 22:16 - 2019-12-07 17:44 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync

2021-03-10 22:16 - 2019-12-07 17:44 - 000000000 ____D C:\WINDOWS\system32\OpenSSH

2021-03-10 22:16 - 2019-12-07 17:44 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync

2021-03-10 22:16 - 2019-12-07 12:14 - 000000000 __RSD C:\WINDOWS\Media

2021-03-10 22:16 - 2019-12-07 12:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui

2021-03-10 22:16 - 2019-12-07 12:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12

2021-03-10 22:16 - 2019-12-07 12:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs

2021-03-10 22:16 - 2019-12-07 12:14 - 000000000 ___SD C:\WINDOWS\system32\Nui

2021-03-10 22:16 - 2019-12-07 12:14 - 000000000 ___SD C:\WINDOWS\system32\F12

2021-03-10 22:16 - 2019-12-07 12:14 - 000000000 ___RD C:\WINDOWS\PrintDialog

2021-03-10 22:16 - 2019-12-07 12:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel

2021-03-10 22:16 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\SysWOW64\ras

2021-03-10 22:16 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords

2021-03-10 22:16 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\SysWOW64\InstallShield

2021-03-10 22:16 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com

2021-03-10 22:16 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops

2021-03-10 22:16 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns

2021-03-10 22:16 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\system32\ras

2021-03-10 22:16 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation

2021-03-10 22:16 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\system32\migwiz

2021-03-10 22:16 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\system32\Keywords

2021-03-10 22:16 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\system32\icsxml

2021-03-10 22:16 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\system32\ias

2021-03-10 22:16 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\system32\DDFs

2021-03-10 22:16 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\system32\Com

2021-03-10 22:16 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\system32\Bthprops

2021-03-10 22:16 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\ShellComponents

2021-03-10 22:16 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\Provisioning

2021-03-10 22:16 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions

2021-03-10 22:16 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\L2Schemas

2021-03-10 22:16 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\IdentityCRL

2021-03-10 22:16 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\DiagTrack

2021-03-10 22:16 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\Cursors

2021-03-10 22:05 - 2019-06-16 23:59 - 000000000 ____D C:\Users\fgurz\Desktop\TÜM KISAYOLLAR

2021-03-10 21:52 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\registration

2021-03-08 16:09 - 2020-10-22 14:09 - 000015824 _____ (ESET) C:\WINDOWS\system32\Drivers\eelam.sys

2021-03-08 14:01 - 2019-12-07 12:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM

2021-03-08 00:44 - 2019-12-07 12:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP

2021-03-07 07:56 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\appcompat

2021-03-06 00:28 - 2019-12-07 17:45 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection

2021-03-05 09:38 - 2019-12-07 12:03 - 000000000 ____D C:\WINDOWS\servicing

2021-03-04 05:31 - 2019-12-07 12:14 - 000000000 ____D C:\ProgramData\USOPrivate

2021-03-04 05:30 - 2019-12-07 12:14 - 000000000 ____D C:\Program Files\Windows NT

2021-03-04 05:29 - 2019-12-07 12:14 - 000000000 ____D C:\Program Files\Windows Defender

2021-03-04 05:16 - 2019-12-07 12:18 - 000000000 ____D C:\WINDOWS\Setup

2021-03-04 05:16 - 2019-12-07 12:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template

2021-03-04 05:16 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy

2021-03-04 05:16 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase

2021-03-04 05:16 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\system32\spool

2021-03-04 05:16 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\Help

2021-03-04 05:16 - 2019-12-07 12:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared

2021-03-04 05:16 - 2019-03-19 07:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated

2021-03-04 05:16 - 2018-09-15 10:33 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy

2021-03-04 05:16 - 2018-09-15 10:33 - 000000000 ____D C:\WINDOWS\system32\MsDtc

2021-03-04 05:07 - 2019-12-07 17:45 - 000000000 ____D C:\Program Files\Windows Photo Viewer

2021-03-04 05:07 - 2019-12-07 17:45 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer

2021-03-04 05:07 - 2019-12-07 12:14 - 000000000 ___SD C:\WINDOWS\system32\UNP

2021-03-04 05:07 - 2019-12-07 12:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs

2021-03-04 05:07 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata

2021-03-04 05:07 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation

2021-03-04 05:07 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz

2021-03-04 05:07 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers

2021-03-04 05:07 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata

2021-03-04 05:07 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep

2021-03-04 05:07 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences

2021-03-04 05:07 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\system32\es-MX

2021-03-04 05:07 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\system32\appraiser

2021-03-04 05:07 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers

2021-03-04 05:07 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\ShellExperiences

2021-03-04 05:07 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\IME

2021-03-04 05:07 - 2019-12-07 12:14 - 000000000 ____D C:\Program Files\Common Files\System

2021-03-04 05:07 - 2019-12-07 12:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender

2021-03-04 05:06 - 2019-12-07 17:45 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll

2021-03-04 05:06 - 2019-12-07 17:45 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml

2021-03-04 04:49 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI

2021-03-04 04:49 - 2019-12-07 12:14 - 000000000 ____D C:\WINDOWS\system32\MUI

2021-02-28 22:48 - 2021-02-05 11:01 - 000000000 ____D C:\Users\fgurz\Desktop\HASTALIK YÖNETİM PLATFORMU

2021-02-28 22:08 - 2020-11-04 21:47 - 000000000 ____D C:\Users\fgurz\Desktop\İSG MÜDÜRLÜK UZAKTAN EĞİTİM

2021-02-28 22:07 - 2020-11-06 14:01 - 000000000 ____D C:\Users\fgurz\Desktop\Saglık Rapor okunacak yazı

2021-02-28 00:59 - 2019-03-19 07:52 - 000000000 ____D C:\WINDOWS\TextInput

2021-02-25 15:16 - 2019-11-08 10:10 - 000002174 _____ C:\Users\fgurz\Desktop\HER ZAMAN LAZIM OLACAKLAR ASM ICIN - Kısayol.lnk

2021-02-25 15:16 - 2019-11-08 10:10 - 000001976 _____ C:\Users\fgurz\Desktop\Son Dosyalar - Kısayol.lnk

2021-02-25 15:16 - 2019-11-08 10:09 - 000001630 _____ C:\Users\fgurz\Desktop\ÇEŞİTLİ PDF WORD vs - Kısayol.lnk

==================== Files in the root of some directories ========

2021-03-04 20:52 - 2021-03-04 20:52 - 000000052 _____ () C:\Users\fgurz\AppData\Local\xx.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

ATTENTION: ==> Could not access BCD. ->

==================== End of FRST.txt ========================

and Additon.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-03-2021

Ran by fgurz (14-03-2021 19:45:42)

Running from C:\Users\fgurz\Downloads

Windows 10 Pro Version 20H2 19042.867 (X64) (2021-03-04 02:30:20)

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3002461710-4275012542-1497869708-500 - Administrator - Disabled)

fgurz (S-1-5-21-3002461710-4275012542-1497869708-1001 - Administrator - Enabled) => C:\Users\fgurz

Guest (S-1-5-21-3002461710-4275012542-1497869708-501 - Limited - Disabled)

VarsayılanHesap (S-1-5-21-3002461710-4275012542-1497869708-503 - Limited - Disabled)

WDAGUtilityAccount (S-1-5-21-3002461710-4275012542-1497869708-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}

AV: Emsisoft Anti-Malware Home (Enabled - Up to date) {5FD8BF8F-F242-6153-61B5-8FF333E8736B}

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ACS Unified PC/SC Driver 4.2.9.0 (HKLM\...\{2AC3CDA9-E2FB-48C0-9FAB-428AF952071E}) (Version: 4.2.9.0 - Advanced Card Systems Ltd.)

adaware antivirus (HKLM-x32\...\{33343EC5-F8B9-4369-8650-331267FFE74E}_AdAwareInstaller) (Version: 12.10.129.0 - adaware)

AdAwareInstaller (HKLM\...\{33343EC5-F8B9-4369-8650-331267FFE74E}) (Version: 12.10.129.0 - adaware) Hidden

Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 18.011.20040 - Adobe Systems Incorporated)

AKIS Yonetici x64 (2.7) (HKLM\...\{F8E4B72C-8471-4E18-B9DE-821F1EF7BABD}) (Version: 2.7 - TUBITAK)

AKIS Yonetici x86 (2.5) (HKLM-x32\...\{88F71E60-8972-4E28-B771-14E824700707}) (Version: 2.5 - Şirketinizin Adı)

AntimalwareEngine (HKLM\...\{BD4B133A-741D-4CC7-BC0E-63DC23AEA7B1}) (Version: 3.1.219.0 - adaware) Hidden

ArkSigner 2.2.4 sürümü (HKU\S-1-5-21-3002461710-4275012542-1497869708-1001\...\{E01501EB-DED5-4FA7-8173-801F0C8B244F}_is1) (Version: 2.2.4 - ArkSigner Co.)

Brother MFL-Pro Suite MFC-L2700DW series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 1.0.2.0 - Brother Industries, Ltd.)

Emsisoft Anti-Malware (HKLM\...\{CA975286-D816-410C-B6C9-F7213CA84695}) (Version: 21.3.0.10726 - Emsisoft Ltd.)

ESET Security (HKLM\...\{3B47BDC5-99BF-4F5C-A303-1F0F9DBC74F6}) (Version: 14.0.22.0 - ESET, spol. s r.o.)

GDR 6164 for SQL Server 2014 (KB4583463) (64-bit) (HKLM\...\KB4583463) (Version: 12.3.6164.21 - Microsoft Corporation)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.82 - Google LLC)

Java 8 Update 281 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180281F0}) (Version: 8.0.2810.9 - Oracle Corporation)

Java 8 Update 281 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180281F0}) (Version: 8.0.2810.9 - Oracle Corporation)

Kurumlar için Microsoft 365 Uygulamaları - tr-tr (HKLM\...\O365ProPlusRetail - tr-tr) (Version: 16.0.13127.21216 - Microsoft Corporation)

Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)

Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.50 - Microsoft Corporation)

Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)

Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{51528A68-E842-4152-A171-0440D6EA2F9C}) (Version: 12.3.6164.21 - Microsoft Corporation)

Microsoft Report Viewer 2014 Runtime (HKLM-x32\...\{327E9C0D-1687-414F-923E-F5979E549548}) (Version: 12.0.2000.8 - Microsoft Corporation)

Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F}) (Version: 10.51.2500.0 - Microsoft Corporation)

Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{6292D514-17A4-403F-98F9-E150F10C043D}) (Version: 10.3.5500.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Native Client (HKLM\...\{9D93D367-A2CC-4378-BD63-79EF3FE76C78}) (Version: 11.4.7462.6 - Microsoft Corporation)

Microsoft SQL Server 2014 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2014) (Version: - Microsoft Corporation)

Microsoft SQL Server 2014 Setup (English) (HKLM\...\{D626A6AB-EAFE-4453-B169-3577AB35BBD5}) (Version: 12.3.6164.21 - Microsoft Corporation)

Microsoft SQL Server 2014 Transact-SQL Compiler Service (HKLM\...\{A9CAA60A-C8FC-479D-8582-DB15B4077BC1}) (Version: 12.3.6164.21 - Microsoft Corporation)

Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{FDB6D282-D17A-422C-9F11-1DB989E76D8A}) (Version: 12.3.6164.21 - Microsoft Corporation)

Microsoft SQL Server System CLR Types (HKLM-x32\...\{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA}) (Version: 10.51.2500.0 - Microsoft Corporation)

Microsoft System CLR Types for SQL Server 2014 (x64) (HKLM\...\{F5C7C3DE-6413-4BB8-A307-734CFC92DBDB}) (Version: 12.3.6164.21 - Microsoft Corporation)

Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft VSS Writer for SQL Server 2014 (HKLM\...\{366CD715-2FF4-40B4-A8B4-A05E5D21A945}) (Version: 12.3.6024.0 - Microsoft Corporation)

MPC-HC 1.9.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.9.10 - MPC-HC Team)

NVIDIA 3D Vision Sürücüsü 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.54 - NVIDIA Corporation)

NVIDIA Grafik Sürücüsü 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)

NVIDIA HD Ses Sürücüsü 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)

Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13127.21064 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13127.21064 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13127.21216 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-041F-0000-0000000FF1CE}) (Version: 16.0.13127.21064 - Microsoft Corporation) Hidden

RegRun Security Suite Standard (HKLM-x32\...\RegRun Security Suite_is1) (Version: - )

Service Pack 3 for SQL Server 2014 (KB4022619) (64-bit) (HKLM\...\KB4022619) (Version: 12.3.6024.0 - Microsoft Corporation)

SQL Server 2014 Common Files (HKLM\...\{BD1CD96B-FE4B-4EAE-83D4-6EF55AB5779C}) (Version: 12.3.6024.0 - Microsoft Corporation) Hidden

SQL Server 2014 Common Files (HKLM\...\{F7012F84-80F5-4C25-852E-B1BA03276FE6}) (Version: 12.3.6024.0 - Microsoft Corporation) Hidden

SQL Server 2014 Database Engine Services (HKLM\...\{17531BCD-C627-46A2-9F1E-7CC920E0E94A}) (Version: 12.3.6024.0 - Microsoft Corporation) Hidden

SQL Server 2014 Database Engine Services (HKLM\...\{5082A9F3-AEE5-4639-9BA7-C19661BA7331}) (Version: 12.3.6024.0 - Microsoft Corporation) Hidden

SQL Server 2014 Database Engine Shared (HKLM\...\{ACC530B8-B6B4-40D6-B59B-152468CF47D0}) (Version: 12.3.6024.0 - Microsoft Corporation) Hidden

SQL Server 2014 Database Engine Shared (HKLM\...\{D1B847A9-B06B-4264-9EF0-78E6E1571E65}) (Version: 12.3.6024.0 - Microsoft Corporation) Hidden

SQL Server 2014 Management Studio (HKLM\...\{75A54138-3B98-4705-92E4-F619825B121F}) (Version: 12.3.6024.0 - Microsoft Corporation) Hidden

SQL Server 2014 Management Studio (HKLM\...\{839EF29A-3055-43DC-ADCE-8E84893798D5}) (Version: 12.3.6024.0 - Microsoft Corporation) Hidden

SQL Server Browser for SQL Server 2014 (HKLM-x32\...\{3204DE95-97D2-4261-A286-98A262E171D4}) (Version: 12.3.6024.0 - Microsoft Corporation)

Sql Server Customer Experience Improvement Program (HKLM\...\{6476DB81-F263-4C04-8574-AAD31136C304}) (Version: 12.3.6024.0 - Microsoft Corporation) Hidden

SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 10.0.1216 - SUPERAntiSpyware.com)

T.C. Sağlık Bakanlığı EBYS (HKU\S-1-5-21-3002461710-4275012542-1497869708-1001\...\a39925646430ae8d) (Version: 2021.2.19.1 - T.C. Sağlık Bakanlığı)

Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.4.0.2781 - Microsoft Corporation)

UnHackMe 12.30 (HKLM-x32\...\UnHackMe_is1) (Version: - Greatis Software, LLC.)

Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.40219 - Microsoft Corporation)

Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)

WhatsApp (HKU\S-1-5-21-3002461710-4275012542-1497869708-1001\...\WhatsApp) (Version: 2.2108.8 - WhatsApp)

Windows Sürücü Paketi - Advanced Card Systems Ltd. Unified PC/SC Driver (05/16/2018 4.2.9.0) (HKLM\...\A4BD78957AF57FEF09DAFEA84F85DD17AD642B00) (Version: 05/16/2018 4.2.9.0 - Advanced Card Systems Ltd.)

WinRAR 6.00 (64 bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)

Zemana AntiLogger (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.664 - Zemana Ltd.)

Zemana AntiMalware 3.2.27 sürümü (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.2.27 - Zemana)

ZIJIANG Series Printer Driver version 11.3.0.1 (HKLM-x32\...\{5B643BF5-11A2-4A75-86D4-8F522DE92AA2}_is1) (Version: 11.3.0.1 - )

Zoom (HKU\S-1-5-21-3002461710-4275012542-1497869708-1001\...\ZoomUMX) (Version: 5.5.4 (13142.0301) - Zoom Video Communications, Inc.)

Packages:

=========

Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_910.5.119.0_x64__8xx8rvfyw5nnt [2021-03-10] (Facebook Inc) [Startup Task]

Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-03-10] (Microsoft Studios) [MS Ad]

Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0 [2021-03-10] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3002461710-4275012542-1497869708-1001_Classes\CLSID\{3879ce69-4f1c-48a0-abe8-83435f91e45f}\InprocServer32 -> C:\WINDOWS\system32\dfshim.dll (Microsoft Windows -> Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3002461710-4275012542-1497869708-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\fgurz\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\amd64\FileSyncShell64.dll => No File