Rehber HijackThis Log Paylaşımı ve Çözümleri

1543056134722.png


Sisteminizde yaşadığınız performans düşüşü, kilitlenme, zararlı etkisi, uygulama hatalarından kaynaklanan sorunsalları analiz etmek ve performans iyileştirmesi, zararlı etkisini inaktif etmek için bize HijackThis yazılımı ile yaptığınız tarama Logunu burada paylaşmanız gerekmektedir.



Kullanımı:

1) Bir geliştirici tarafından yeni özellikler kazandırılan güncel sürümünü buradan indirip, arşiv dosyasından masaüstüne uygulamayı çıkartın.

HiJackThis

Program, zararlı temizliğinde imza veritabanı kullanmadan sezgisel tespite dayalı bir yöntemle kullanılır. Çok hızlı bir tarama ile, zararlı bulaşmamış bir sistemden farklı olarak çalışan işlemlerin bir listesini çıkartır. Bu işlemlerin tamamı...
www.technopat.net www.technopat.net

Alternatif: Download HiJackThis Fork - MajorGeeks

Eski Sürüm: HiJackThis | Free software downloads at SourceForge.net

2) Bilgisayarınızı yeniden başlatın 3 dk işlem yapmadan bekleyin.

3) HijackThis yazılımına sağ tıklayıp yönetici olarak çalıştırın (XP için geçerli değil).

1543056459730.png


4) Açılan arayüzde, "Do a system scan and save a log file" butonuna tıklayın.

1543053000396.png


5) Otomatik olarak Hijackthis taraması başlayacak, taramanın tamamlanması sürece fare ve klavyeyi kullanmayın.
1543053111358.png


6) Tarama tamamlandığında HijackThis raporunu içeren bir Log dosyası karşınıza gelecektir.

1543053449185.png



*7) Log dosyasını incelememiz için buraya cevaplama bölümünden eklemeniz gerekmektedir.

1543053710016.png

Kod'a tıklayın.

1543053809056.png


Log'da yazanları mavi bölmenin içine yapıştırıp "Devam Et" butonuna basın.

Uyarı: Sitede kod eklemede sorun yaşarsanız kod paylaşımlarını altta verilen sitelerden birine yapıştırıp linki paylaşmanız gerekmektedir. Bu durumda *7. seçeneği şu anlık kullanmayın.

Paste ofCode

8) Ayrıca sisteminizde var olan sorunu detaylıca (Performans düşüşü, Malware varlığı şüphesi vb.) belirterek konuyu cevaplayın.
(Bunu yapmayana cevap verilmeyecektir)

Fixleme:

Konuda şahsım tarafından veya uzman kişilerden geri dönüş yapıldığında Hijackthis uygulama arayüzünden söylediğimiz satırların başlarına tik işareti koyun. Ardından "Fix checked" butonuna basın.
1543054420492.png
 
Son düzenleme:
Genişletmek için tıkla...
Murat5038 dedi:
C:\ProgramData\ClpHtt
Bu klasör içi şüpheli.

E:\Program Files (x86)\Driver Booster
Sürücü bulucu kullanmışssın sebeplerden biri bu.

Tavsiye edilmeyen adı bile az bilinen programlar yüklemişssiniz mümkün oldukça kaldırın:
E:\Zona
C:\Program Files\Visual Subst
Avira\System Speedup
Free Download Manager

Bunları fixleyin:
Kod: 
O22 - Tasks: VisualSubstUAC - C:\Program Files\Visual Subst\VSubst.exe /UACTASK (sign: 'NTWIND LLC')
O22 - Tasks: \Diagnostic\Service - C:\Users\PC\AppData\Roaming\dktduyxoul\mecsev.exe "C:\Users\PC\AppData\Roaming\dktduyxoul\mecsev.dat" (file missing)
O22 - Tasks_Migrated: FreeDownloadManagerHelperService - C:\Program Files\Softdeluxe\Free Download Manager\helperservice.exe (not signed - Softdeluxe - 01799AB981BC716DCA62356CBA194843C0B1323D)
O22 - Tasks: FreeDownloadManagerHelperService - C:\Program Files\Softdeluxe\Free Download Manager\helperservice.exe (not signed - Softdeluxe - 01799AB981BC716DCA62356CBA194843C0B1323D)

Bunları yaptıktan sonra Kaspersky ile tam tarama yapmanızı da tavsiye ederim.


MBAM ve Kaspersky aktif kullanılamaz. MBAM kaldırın eğer Kaspersky lisanslı kullanıyorsanız.
CCleaner da smart teknoloji özelliğini kapatın.
Temiz önyükleme yapın ve gerekli olmadığında IDM ve arka planda açık program bırakmayın.
Sürücü güncellemelerinizi de kontrol edin.

Bunları fixleyin:
Kod: 
O4 - HKCU\..\StartupApproved\Run: [CCleaner Smart Cleaning] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR (2024/05/17)
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_E8C4207C584F2FB0A77218D53CE2B382] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --win-session-start (2023/12/29)
O4 - HKLM\..\Run: [Logitech Download Assistant] = C:\Windows\System32\LogiLDA.dll C:\Windows\System32\LogiLDA.dll,LogiFetch
O4 - HKLM\..\StartupApproved\Run32: [Lightshot] = C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe (2023/04/20)
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2025/01/17)
O22 - Task (.job): (disabled) (Not scheduled) Intel PTT EK Recertification.job - C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_fc84dfa25a6a7727\lib\IntelPTTEKRecertification.exe
O22 - Task (.job): CCleanerCrashReporting.job - C:\Program Files\CCleaner\CCleanerBugReport.exe --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "e88f95aa-daa4-4c9e-af8e-9c9a1c54b6e0" --version "6.39.0.11548" --silent
O22 - Task: Intel PTT EK Recertification - C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_fc84dfa25a6a7727\lib\IntelPTTEKRecertification.exe


PowerToys kullanıyorsunuz bu güzel araçlar içerse de bilinçsiz kulalnımda sistem kararsızlıklarına yol açar. Güncelliğini de devamlı kontrol etmeniz gerekir. Kullanmıyorsanız kaldırın.
Bunları fixleyin.:
Kod: 
O4 - HKCU\..\StartupApproved\Run: [Spotify] = C:\Users\ersin\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized (2024/11/02) (invalid sign: TRUST_E_BAD_DIGEST - Spotify Ltd - 00BB4C8738992C41C051AA088E2F5D6CF290C4C0)
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_AEEA7D26E10C80D803D1467811869685] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start (2025/09/11) (sign: 'Microsoft')
O22 - Tasks: infatica_p2b - C:\Program Files (x86)\Infatica P2B\infatica_agent.exe (sign: 'Infatica Pte. Ltd.')
Genişletmek için tıkla...
Teşekkürler, iyi çalışmalar.

Murat5038 dedi:
C:\ProgramData\ClpHtt
Bu klasör içi şüpheli.

E:\Program Files (x86)\Driver Booster
Sürücü bulucu kullanmışssın sebeplerden biri bu.

Tavsiye edilmeyen adı bile az bilinen programlar yüklemişssiniz mümkün oldukça kaldırın:
E:\Zona
C:\Program Files\Visual Subst
Avira\System Speedup
Free Download Manager

Bunları fixleyin:
Kod: 
O22 - Tasks: VisualSubstUAC - C:\Program Files\Visual Subst\VSubst.exe /UACTASK (sign: 'NTWIND LLC')
O22 - Tasks: \Diagnostic\Service - C:\Users\PC\AppData\Roaming\dktduyxoul\mecsev.exe "C:\Users\PC\AppData\Roaming\dktduyxoul\mecsev.dat" (file missing)
O22 - Tasks_Migrated: FreeDownloadManagerHelperService - C:\Program Files\Softdeluxe\Free Download Manager\helperservice.exe (not signed - Softdeluxe - 01799AB981BC716DCA62356CBA194843C0B1323D)
O22 - Tasks: FreeDownloadManagerHelperService - C:\Program Files\Softdeluxe\Free Download Manager\helperservice.exe (not signed - Softdeluxe - 01799AB981BC716DCA62356CBA194843C0B1323D)

Bunları yaptıktan sonra Kaspersky ile tam tarama yapmanızı da tavsiye ederim.


MBAM ve Kaspersky aktif kullanılamaz. MBAM kaldırın eğer Kaspersky lisanslı kullanıyorsanız.
CCleaner da smart teknoloji özelliğini kapatın.
Temiz önyükleme yapın ve gerekli olmadığında IDM ve arka planda açık program bırakmayın.
Sürücü güncellemelerinizi de kontrol edin.

Bunları fixleyin:
Kod: 
O4 - HKCU\..\StartupApproved\Run: [CCleaner Smart Cleaning] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR (2024/05/17)
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_E8C4207C584F2FB0A77218D53CE2B382] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --win-session-start (2023/12/29)
O4 - HKLM\..\Run: [Logitech Download Assistant] = C:\Windows\System32\LogiLDA.dll C:\Windows\System32\LogiLDA.dll,LogiFetch
O4 - HKLM\..\StartupApproved\Run32: [Lightshot] = C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe (2023/04/20)
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2025/01/17)
O22 - Task (.job): (disabled) (Not scheduled) Intel PTT EK Recertification.job - C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_fc84dfa25a6a7727\lib\IntelPTTEKRecertification.exe
O22 - Task (.job): CCleanerCrashReporting.job - C:\Program Files\CCleaner\CCleanerBugReport.exe --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "e88f95aa-daa4-4c9e-af8e-9c9a1c54b6e0" --version "6.39.0.11548" --silent
O22 - Task: Intel PTT EK Recertification - C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_fc84dfa25a6a7727\lib\IntelPTTEKRecertification.exe


PowerToys kullanıyorsunuz bu güzel araçlar içerse de bilinçsiz kulalnımda sistem kararsızlıklarına yol açar. Güncelliğini de devamlı kontrol etmeniz gerekir. Kullanmıyorsanız kaldırın.
Bunları fixleyin.:
Kod: 
O4 - HKCU\..\StartupApproved\Run: [Spotify] = C:\Users\ersin\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized (2024/11/02) (invalid sign: TRUST_E_BAD_DIGEST - Spotify Ltd - 00BB4C8738992C41C051AA088E2F5D6CF290C4C0)
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_AEEA7D26E10C80D803D1467811869685] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start (2025/09/11) (sign: 'Microsoft')
O22 - Tasks: infatica_p2b - C:\Program Files (x86)\Infatica P2B\infatica_agent.exe (sign: 'Infatica Pte. Ltd.')
Genişletmek için tıkla...
Teşekkürler iyi çalışmalar..
 
Öncelikle selamlar, bilgisayımı yüke soktuğumda veya özellikle ağır oyunlar oynarken bazı zamanlarda ardı ardına oyun donuyor, Windows donuyor, sesler kesiliyor, bilgisayar soğuduğu için fanlar yavaşlıyor ve birden düzeliyor, bazen de oyun donuyor, görev çubuğunu bile açamıyorum, sesler birbirine karışıyor ve drrrrrrr sesi geliyor, kapatma butonu işe yaramıyor, Power tuşuna 5 saniye basılı tutup kapatmak zorunda kalıyorum, crack program kullanmıyorum, Hitman-Pro tarama sonuçları temiz, bütün driverlerim güncel ve elle kendim kurdum, sıcaklıklar 70C altında, format atmayı denedim disk sağlıklarım %100 ve Windows RAM testinde arıza görünmüyor, iyi çalışmalar :)

Kod: 
Logfile of HiJackThis+ build 2025-01-16 Beta v.3.4.0.17

Platform: x64 Windows 11 (Home), 10.0.26100.6725 (ReleaseId: 2009, 24H2), Service Pack: 0
Time: 01.10.2025 - 22:30 (UTC+03:00)
Language: OS: Turkish (0x41F). Display: Turkish (0x41F). Non-Unicode: Turkish (0x41F)
Memory: 10,67 GiB Free / 16. Loading RAM (32 %), CPU (9 %)
Disk C: 298,72 GiB Free / 465 (SSD, GPT)
Elevated: Yes.
Ran by: yusuf (group: Administrators; type: Microsoft) on YUSUFPC, FirstRun: no.

Internet Explorer: 11.0.26100.1882
Default: "C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe" --single-argument %1 (Brave)

Boot mode: Normal (Secure Boot: On) (Code Integrity: On)

Running processes:
Number | Path.
 7 C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe
 1 C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
 1 C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
 1 C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
 1 C:\Program Files (x86)\ASUS\AsusCertService\1.2.40\AsusCertService.exe
 1 C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.54\AsusFanControlService.exe
 1 C:\Program Files (x86)\ASUS\AXSP\4.06.06\atkexComSvc.exe
 1 C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
 1 C:\Program Files (x86)\LightingService\LightingService.exe
 1 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
 12 C:\Program Files (x86)\Microsoft\EdgeWebView\Application\140.0.3485.94\msedgewebview2.exe
 2 C:\Program Files\ASUS\AacMB\Aac3572MbHal_x86.exe
 1 C:\Program Files\ASUS\Armoury Crate Service\ArmouryCrate.Service.exe
 1 C:\Program Files\ASUS\Armoury Crate Service\ArmouryCrate.UserSessionHelper.exe
 1 C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
 1 C:\Program Files\GX30 Pro\CPL\XearAudioCenter_x64.exe
 1 C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
 1 C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
 1 C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2539.2.0_x64__cv1g1gvanyjgm\WhatsApp.exe
 1 C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_6.3.4.0_x64__qmba6cd70vzyy\ArmouryCrate.exe
 1 C:\Program Files\WindowsApps\Microsoft.GamingServices_31.105.23001.0_x64__8wekyb3d8bbwe\gamingservices.exe
 1 C:\Program Files\WindowsApps\Microsoft.GamingServices_31.105.23001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
 1 C:\Program Files\WindowsApps\Microsoft.WidgetsPlatformRuntime_1.6.14.0_x64__8wekyb3d8bbwe\WidgetService\WidgetService.exe
 1 C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_525.24401.50.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
 1 C:\Program Files\WireSock Secure Connect\bin\wiresock-client.exe
 1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25080.5-0\MpDefenderCoreService.exe
 1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25080.5-0\MsMpEng.exe
 1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25080.5-0\NisSrv.exe
 1 C:\Users\yusuf\Downloads\HiJackThis\HiJackThis.exe
 1 C:\Windows\explorer.exe
 1 C:\Windows\System32\audiodg.exe
 1 C:\Windows\System32\conhost.exe
 2 C:\Windows\System32\csrss.exe
 2 C:\Windows\System32\ctfmon.exe
 1 C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_8a3f88e34f6b8385\jhi_service.exe
 1 C:\Windows\System32\DriverStore\FileRepository\iastorvd.inf_amd64_d0a29c6938d49066\RstMwService.exe
 1 C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_b966ea70c5407e74\WMIRegistrationService.exe
 2 C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_fe5f369669db2f36\Display.NvContainer\NVDisplay.Container.exe
 1 C:\Windows\System32\dwm.exe
 2 C:\Windows\System32\fontdrvhost.exe
 1 C:\Windows\System32\LsaIso.exe
 1 C:\Windows\System32\lsass.exe
 1 C:\Windows\System32\msiexec.exe
 1 C:\Windows\System32\NgcIso.exe
 5 C:\Windows\System32\RuntimeBroker.exe
 1 C:\Windows\System32\SearchIndexer.exe
 1 C:\Windows\System32\SearchProtocolHost.exe
 1 C:\Windows\System32\services.exe
 1 C:\Windows\System32\ShellHost.exe
 1 C:\Windows\System32\sihost.exe
 1 C:\Windows\System32\smartscreen.exe
 1 C:\Windows\System32\smss.exe
 1 C:\Windows\System32\spoolsv.exe
 1 C:\Windows\System32\sppsvc.exe
 41 C:\Windows\System32\svchost.exe
 2 C:\Windows\System32\taskhostw.exe
 1 C:\Windows\System32\wbem\unsecapp.exe
 1 C:\Windows\System32\wbem\WmiApSrv.exe
 2 C:\Windows\System32\wbem\WmiPrvSE.exe
 1 C:\Windows\System32\wininit.exe
 1 C:\Windows\System32\winlogon.exe
 1 C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
 1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
 1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\CrossDeviceResume.exe
 1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe
 1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe

O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_461\bin\jp2ssv.dll (sign: 'Oracle America, Inc.')
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_461\bin\ssv.dll (sign: 'Oracle America, Inc.')
O4 - ActiveSetup: HKLM\..\{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}: [StubPath] = C:\Program Files\BraveSoftware\Brave-Browser\Application\140.1.82.172\Installer\chrmstp.exe --configure-user-settings --verbose-logging --system-level (sign: 'Brave Software, Inc.')
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\yusuf\AppData\Local\Discord\Update.exe --processStart Discord.exe (2025/08/24) (sign: 'Discord Inc.')
O4 - HKCU\..\StartupApproved\Run: [EADM] = C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe -silent (2025/08/06) (sign: 'Electronic Arts, Inc.')
O4 - HKCU\..\StartupApproved\Run: [FACEIT] = C:\Users\yusuf\AppData\Local\FACEIT\update.exe --processStart "FACEIT.exe" (2025/08/01) (sign: 'ESL Gaming GmbH')
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_F5C1F868577C050B1FE977BE638A6254] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start (2025/08/01) (sign: 'Microsoft')
O4 - HKCU\..\StartupApproved\Run: [RiotClient] = E:\Riot Games\Riot Client\RiotClientServices.exe --launch-background-mode (2025/09/20) (sign: 'Riot Games, Inc.')
O4 - HKCU\..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2025/08/01) (sign: 'Valve Corp.')
O4 - HKLM\..\Run: [GX30 Pro] = C:\Program Files\GX30 Pro\CPL\XearAudioCenter_x64.exe /h /d /i (invalid sign - no company - BC3F0F4027D1C8FF60B747F45E92FDDB980A62F2)
O4 - HKLM\..\StartupApproved\Run: [Riot Vanguard] = C:\Program Files\Riot Vanguard\vgtray.exe (2025/09/20) (sign: 'Riot Games, Inc.')
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe (2025/08/01) (sign: 'Microsoft')
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2025/08/17) (sign: 'Oracle America, Inc.')
O4 - HKU\S-1-5-19\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'Local service') (sign: 'Microsoft')
O4 - HKU\S-1-5-20\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'Network service') (sign: 'Microsoft')
O7 - Policy: HKLM\Software\Microsoft\Windows Defender\Features: [TamperProtection] = 4
O17 - DHCP DNS 1: 8.8.8.8 (Well-known DNS: Google)
O17 - DHCP DNS 2: 9.9.9.9 (Well-known DNS: Quad9)
O17 - HKLM\System\CCS\Services\Tcpip\..\{4f254d47-4fef-4eec-8e40-164862a979e8}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{4f254d47-4fef-4eec-8e40-164862a979e8}: [NameServer] = 9.9.9.9 (Well-known DNS: Quad9)
O18 - HKLM\Software\Classes\Protocols\Filter\application/octet-stream: [CLSID] = {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - (no file)
O18 - HKLM\Software\Classes\Protocols\Filter\application/x-complus: [CLSID] = {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - (no file)
O18 - HKLM\Software\Classes\Protocols\Filter\application/x-msdownload: [CLSID] = {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - (no file)
O22 - Tasks: (disabled) (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (sign: 'Microsoft')
O22 - Tasks: (disabled) (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (sign: 'Microsoft')
O22 - Tasks: (disabled) (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (sign: 'Microsoft')
O22 - Tasks: (disabled) (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\WINDOWS\system32\sc.exe start InventorySvc (sign: '')
O22 - Tasks: (disabled) \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical - {613FBA38-A3DF-4AB8-9674-5604984A299A},/RuntimeWide - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical - {DE434264-8FE9-4C0B-A83B-89EBEEBFF78E},/RuntimeWide - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Device Setup\Driver Recovery on Reboot - {452f6ddc-7930-4b57-8794-19cd7420241d} - C:\WINDOWS\System32\DeviceSetupManagerAPI.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Flighting\FeatureConfig\BootstrapUsageDataReporting - {D759C938-B375-41CB-A2A2-E6D866A767F4} - C:\Windows\System32\fcon.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\MdmDiagnosticsCleanup - C:\WINDOWS\system32\MdmDiagnosticsTool.exe /clean (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Servicing\OOBEFodSetup - C:\WINDOWS\system32\OOBEFodSetup.exe (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\SharedPC\Account Cleanup - {7750564D-D61C-4557-8A9D-7DF56BDCFF96} - C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Shell\ThemeAssetTask_SyncFODState - {3BC5DD7D-EA3B-428C-B9B6-0723DB6A1057} - C:\Windows\System32\Windows.UI.Immersive.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\WindowsAI\Recall\InitialConfiguration - {709FD5EF-7296-4154-BD3A-E9830FCFA60A} - C:\WINDOWS\system32\ShellConfigTask.dll (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser Exp - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun express (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\SdbinstMergeDbTask - C:\WINDOWS\system32\sdbinst.exe -mm (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Sustainability\SustainabilityTelemetry - {6EE41D75-D091-4FB7-9AD5-018760DD25D4} - C:\WINDOWS\system32\EcoScoreTask.dll (sign: 'Microsoft')
O22 - Tasks: \ASUS\AcPowerNotification - C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe (sign: 'ASUSTeK COMPUTER INC.')
O22 - Tasks: \ASUS\ArmourySocketServer - C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\TaskSchedulerTool_ArmourySocketServer.exe (sign: 'ASUSTeK COMPUTER INC.')
O22 - Tasks: \ASUS\ASUSUpdateTaskMachineCore1dc02af731f45a0 - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe /c (sign: 'ASUSTeK COMPUTER INC.')
O22 - Tasks: \ASUS\ASUSUpdateTaskMachineUA - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe /ua /installsource scheduler (sign: 'ASUSTeK COMPUTER INC.')
O22 - Tasks: \ASUS\NoiseCancelingEngine - C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe (sign: 'ASUSTeK COMPUTER INC.')
O22 - Tasks: \ASUS\P508PowerAgent_sdk - C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (file missing)
O22 - Tasks: \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 - {84F0FAE1-C27B-4F6F-807B-28CF6F96287D},/RuntimeWide - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 - {429BC048-379E-45E0-80E4-EB1977941B5C},/RuntimeWide - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\AccountHealth\RecoverabilityToastTask - {B7F5B442-EBF8-46CD-9F0B-D8E45ED43492},-flow showtoast -checkup recoverability - C:\WINDOWS\system32\AccountHealth.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Diagnosis\UnexpectedCodepath - C:\WINDOWS\system32\UCConfigTask.exe (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Flighting\FeatureConfig\GovernedFeatureUsageProcessing - {866F38A9-0302-4926-A36F-E4BAABAAE116} - C:\WINDOWS\System32\fcon.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Flighting\FeatureConfig\ReconcileConfigs - {15F5ECE1-4550-4A92-8E26-984FD1DA54FA} - C:\WINDOWS\System32\fcon.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Flighting\FeatureConfig\UsageDataReceiver - {D4C0420F-76BD-4F66-A91F-918A93ABEBEB} - C:\Windows\System32\fcon.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Hotpatch\Monitoring - C:\WINDOWS\system32\cmd.exe /d /c C:\WINDOWS\system32\hpatchmonTask.cmd (sign: '')
O22 - Tasks: \Microsoft\Windows\Input\RemoteMouseSyncDataAvailable - {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA},RemoteMouseSyncDataAvailable - C:\Windows\System32\InputCloudStore.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Input\RemotePenSyncDataAvailable - {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA},RemotePenSyncDataAvailable - C:\Windows\System32\InputCloudStore.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Input\RemoteTouchpadSyncDataAvailable - {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA},RemoteTouchpadSyncDataAvailable - C:\Windows\System32\InputCloudStore.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\MemoryDiagnostic\AutomaticOfflineMemoryDiagnostic - {44f6c389-604a-4363-b09a-f38da08e6079} - C:\WINDOWS\System32\MemoryDiagnostic.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Network Connectivity Status Indicator\NcsiIdentifyUserProxies - {706B965A-8308-4CD4-9900-87C2D79C121B} - C:\Windows\System32\netprofm.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\PCRPF\PCR Prediction Framework Firmware Update Task - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\pcrpf.dll,NotifyFirmwareUpdateStaged (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\PerformanceTrace\RequestTrace - {9efeb182-2ee3-4af9-affa-521410d110d1} - C:\WINDOWS\system32\PerformanceTraceHandler.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\PerformanceTrace\WhesvcToast - {c34546ad-2e37-41d9-8e23-277837b7a234} - C:\WINDOWS\system32\PerformanceTraceHandler.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Pluton\Pluton-Ksp-Provisioning - {997e11e1-0eff-40bd-9b25-8da694816600},PlutonKspProvision - C:\WINDOWS\system32\PlutonTasks.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\ReFsDedupSvc\Initialization - {DCFF735B-64F7-45F3-B39C-6C66BBE2120F} - C:\WINDOWS\System32\ReFsDedupSvc.exe (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Sustainability\PowerGridForecastTask - {251E5B1F-E370-4E12-B5BD-B7AD2A8EE810} - C:\WINDOWS\system32\PowerGridForecastTask.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\TPM\Tpm-PreAttestationHealthCheck - {5014B7C8-934E-4262-9816-887FA745A6C4},TpmPreAttestationHealthCheck - C:\WINDOWS\system32\TpmTasks.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\UIEOrchestrator - C:\WINDOWS\system32\UIEOrchestrator.exe /SendHeartbeat (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (file missing)
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\UUS Failover Task - C:\WINDOWS\System32\MLEngineStub.exe HandleUusFailoverEvaluationSignalFromWnf (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\UsageAndQualityInsights\UsageAndQualityInsights-MaintenanceTask - C:\Windows\System32\Microsoft.Data.UsageAndQualityInsights.MaintenanceTask.exe (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\WindowsAI\Recall\PolicyConfiguration - {0BE6820D-B667-4CB6-931B-C153A77DA895} - C:\WINDOWS\system32\ShellConfigTask.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\WindowsAI\Settings\InitialConfiguration - {2886e5fb-4f01-4a89-9a0e-5d6a9c8048ac} - C:\WINDOWS\system32\SettingsConfigTask.dll (sign: 'Microsoft')
O22 - Tasks: BraveSoftwareUpdateTaskMachineCore{ABE6EAD9-6862-459E-B2F2-1273969E0C7C} - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /c (sign: 'Brave Software, Inc.')
O22 - Tasks: BraveSoftwareUpdateTaskMachineUA{9C1D6E48-A3AB-489B-BA8D-2229B8F59716} - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /ua /installsource scheduler (sign: 'Brave Software, Inc.')
O22 - Tasks: IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe --automatic (sign: 'Intel Corporation')
O22 - Tasks: IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe --automatic (sign: 'Intel Corporation')
O22 - Tasks: USER_ESRV_SVC_QUEENCREEK - C:\WINDOWS\System32\WindowsPowerShell\v1.0\powershell.exe -Command "Start-Process -WindowStyle Hidden task.bat" (sign: 'Microsoft')
O22 - Tasks: WireSockRefresh - C:\Program Files\SplitWire-Turkey\res\wiresock_refresh.bat (not signed - no company - 541E453A151F3B3DAF346B4E200919794D13EDC1)
O23 - Service R2: Armoury Crate Service - (ArmouryCrateService) - C:\Program Files\ASUS\Armoury Crate Service\ArmouryCrate.Service.exe (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service R2: ASUS AURA SYNC lighting service - (LightingService) - C:\Program Files (x86)\LightingService\LightingService.exe (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service R2: ASUS Certificate Service - (AsusCertService) - C:\Program Files (x86)\ASUS\AsusCertService\1.2.40\AsusCertService.exe (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service R2: ASUS Com Service - (asComSvc) - C:\Program Files (x86)\ASUS\AXSP\4.06.06\atkexComSvc.exe (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service R2: AsusFanControlService - C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.54\AsusFanControlService.exe (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service R2: Energy Server Service queencreek - (ESRV_SVC_QUEENCREEK) - C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe "--AUTO_START" "--start" "--start_options_registry_key" "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\ESRV_SVC_QUEENCREEK\_start" (sign: 'Intel Corporation')
O23 - Service R2: GameSDK Service - C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service R2: Gaming Services - (GamingServices) - C:\Program Files\WindowsApps\Microsoft.GamingServices_31.105.23001.0_x64__8wekyb3d8bbwe\GamingServices.exe (sign: 'Microsoft')
O23 - Service R2: Gaming Services - (GamingServicesNet) - C:\Program Files\WindowsApps\Microsoft.GamingServices_31.105.23001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe (sign: 'Microsoft')
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_8a3f88e34f6b8385\jhi_service.exe (sign: 'Intel Corporation')
O23 - Service R2: Intel(R) Management Engine WMI Provider Registration - (WMIRegistrationService) - C:\WINDOWS\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_b966ea70c5407e74\WMIRegistrationService.exe (sign: 'Intel Corporation')
O23 - Service R2: Intel(R) Storage Middleware Service - (RstMwService) - C:\WINDOWS\System32\DriverStore\FileRepository\iastorvd.inf_amd64_d0a29c6938d49066\RstMwService.exe (sign: 'Intel Corporation')
O23 - Service R2: Intel(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK - (SystemUsageReportSvc_QUEENCREEK) - C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe (sign: 'Intel Corporation')
O23 - Service R2: Microsoft Defender Çekirdek Hizmeti - (MDCoreSvc) - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25080.5-0\MpDefenderCoreService.exe (sign: 'Microsoft')
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_fe5f369669db2f36\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_fe5f369669db2f36\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem /ert (sign: 'NVIDIA Corporation')
O23 - Service R2: ROG Live Service - C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service R2: WireSock WireGuard VPN Client Service - (wiresock-client-service) - C:\Program Files\WireSock Secure Connect\bin\wiresock-client.exe service -config "C:\Program Files\SplitWire-Turkey\res\wgcf-profile.conf" -log-level "none" (sign: 'The Anti-Cloud Corporation')
O23 - Service S2: ASUS Güncelleme Hizmeti (asus) - (asus) - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe /svc (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service S2: AsusUpdateCheck - C:\WINDOWS\System32\AsusUpdateCheck.exe (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service S2: Brave Güncelleme Hizmeti (brave) - (brave) - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /svc (sign: 'Brave Software, Inc.')
O23 - Service S2: Intel(R) Platform License Manager Service - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_740dc8aba9846dbb\lib\PlatformLicenseManagerService.exe (sign: 'Intel Corporation')
O23 - Service S3: ASUS Güncelleme Hizmeti (asusm) - (asusm) - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe /medsvc (sign: 'ASUSTeK COMPUTER INC.')
O23 - Service S3: Brave Elevation Service (BraveElevationService) - (BraveElevationService) - C:\Program Files\BraveSoftware\Brave-Browser\Application\140.1.82.172\elevation_service.exe (sign: 'Brave Software, Inc.')
O23 - Service S3: Brave Güncelleme Hizmeti (bravem) - (bravem) - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /medsvc (sign: 'Brave Software, Inc.')
O23 - Service S3: EAAntiCheatService - C:\Program Files\EA\AC\eaanticheat.gameservice.exe (sign: 'Electronic Arts, Inc.')
O23 - Service S3: EABackgroundService - C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe -start (sign: 'Electronic Arts, Inc.')
O23 - Service S3: FACEITService - C:\Program Files\FACEIT AC\faceitservice.exe (sign: 'ESL FACEIT Group Ltd.')
O23 - Service S3: GameInput Redist Service - (GameInputRedistService) - C:\Program Files\Microsoft GameInput\x64\GameInputRedistService.exe (sign: 'Microsoft')
O23 - Service S3: Intel(R) SUR QC Software Asset Manager - (Intel(R) SUR QC SAM) - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe (sign: 'Intel Corporation')
O23 - Service S3: Rockstar Game Library Service - (Rockstar Service) - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe (sign: 'Rockstar Games, Inc.')
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService (sign: 'Valve Corp.')
O23 - Service S3: User Energy Server Service queencreek - (USER_ESRV_SVC_QUEENCREEK) - C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe "--run_as_user_process" (sign: 'Intel Corporation')
O23 - Service S3: vgc - C:\Program Files\Riot Vanguard\vgc.exe (sign: 'Riot Games, Inc.')
O23 - Driver R: ASUS Kernel Mode Driver for NT - C:\WINDOWS\system32\drivers\IOMap64.sys (sign: 'ASUSTeK COMPUTER INC.')
O23 - Driver R0: Intel(R) Chipset VMD RST Controller service - (iaStorVD) - C:\WINDOWS\System32\drivers\iaStorVD.sys (sign: 'Intel Corporation')
O23 - Driver R1: Asusgio3 - C:\WINDOWS\system32\drivers\AsIO3.sys (sign: 'ASUSTeK COMPUTER INC.')
O23 - Driver R1: FACEIT - C:\Program Files\FACEIT AC\FACEIT_AC.sys (sign: 'Microsoft' - no company)
O23 - Driver R1: vgk - C:\Program Files\Riot Vanguard\vgk.sys (sign: 'Riot Games, Inc.')
O23 - Driver R1: WireSock VPN Client Filter Driver - (ndiswgc) - C:\WINDOWS\system32\DRIVERS\ndiswgc.sys (+safe mode) (sign: 'The Anti-Cloud Corporation')
O23 - Driver R3: ACSEHIDRemap Service - (ACSEHIDRemap) - C:\WINDOWS\System32\drivers\ACSEHIDRemap.sys (sign: 'Microsoft' - no company)
O23 - Driver R3: ACSEVirtualBus Service - (ACSEVirtualBus) - C:\WINDOWS\System32\drivers\ACSEVirtualBus.sys (sign: 'Microsoft' - no company)
O23 - Driver R3: G600 - C:\WINDOWS\System32\drivers\G600.sys (sign: 'Microsoft' - C-Media Electronics, Inc.)
O23 - Driver R3: Intel(R) Management Engine Interface - (MEIx64) - C:\WINDOWS\System32\DriverStore\FileRepository\heci.inf_amd64_90341c97d9948f6b\x64\TeeDriverW10x64.sys (sign: 'Intel Corporation')
O23 - Driver R3: Intel(R) PRO/1000 PCI Express Network Connection Driver D - (e1dexpress) - C:\WINDOWS\System32\DriverStore\FileRepository\e1d.inf_amd64_dded470da430edc1\e1d.sys (+safe mode) (sign: 'Intel Corporation')
O23 - Driver R3: Intel(R) Serial IO GPIO Driver v2 - (iaLPSS2_GPIO2_ADL) - C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_6f8ae740d22247ce\iaLPSS2_GPIO2_ADL.sys (sign: 'Intel Corporation')
O23 - Driver R3: Intel(R) Serial IO I2C Driver v2 - (iaLPSS2_I2C_ADL) - C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_adl.inf_amd64_563fbcd35feb69a6\iaLPSS2_I2C_ADL.sys (+safe mode) (sign: 'Intel Corporation')
O23 - Driver R3: nvlddmkm - C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_fe5f369669db2f36\nvlddmkm.sys (sign: 'NVIDIA Corporation')
O23 - Driver R3: semav6msr64 - C:\WINDOWS\system32\drivers\semav6msr64.sys (sign: 'Intel Corporation')
O23 - Driver R3: Service for NVIDIA High Definition Audio Driver - (NVHDA) - C:\WINDOWS\system32\drivers\nvhda64v.sys (sign: 'NVIDIA Corporation')
O23 - Driver R3: WireSock - C:\WINDOWS\System32\drivers\WireSock.sys (+safe mode) (sign: 'The Anti-Cloud Corporation')
O23 - Driver S3: Apple Lower Filter Driver - (AppleLowerFilter) - C:\WINDOWS\System32\drivers\AppleLowerFilter.sys (sign: 'Apple Inc.')
O23 - Driver S3: BERT Reader Service - (bertreader) - C:\WINDOWS\System32\drivers\bertreader.sys (sign: 'Intel Corporation')
O23 - Driver S3: cpuz159 - C:\WINDOWS\temp\cpuz159\cpuz159_x64.sys (sign: 'Microsoft' - CPUID)
O23 - Driver S3: EAAntiCheat - C:\WINDOWS\system32\drivers\eaanticheat.sys (file missing)
O23 - Driver S3: Intel(R) Serial IO GPIO Controller Driver - (iaLPSSi_GPIO) - C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys (sign: 'Intel Corporation - Client Components Group')
O23 - Driver S3: Wintun - (wintun) - C:\WINDOWS\System32\drivers\wintun.sys (sign: 'Microsoft' - WireGuard LLC)
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'e1dexpress'.
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'ndiswgc'.
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'WireSock'.
O27 - Account: (AutoLogon) HKLM\..\Winlogon: YUSUFPC\yusuf (type: Microsoft)

--
End of file - Time spent: 21,4 sec. - 58378 bytes, CRC32: FFFFFFFF. Sign: 묁颺
 
@quarest Senin sorunun farklı mavi ekran alıyorsun büyük ihtimal minidump dosyaları var mı kontrol edin.

Gereksiz Asus yazılımlarını kaldırın.

Yine de bunları fixleyin:
Kod: 
O4 - HKCU\..\StartupApproved\Run: [EADM] = C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe -silent (2025/08/06) (sign: 'Electronic Arts, Inc.')
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_F5C1F868577C050B1FE977BE638A6254] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start (2025/08/01) (sign: 'Microsoft')
O4 - HKLM\..\Run: [GX30 Pro] = C:\Program Files\GX30 Pro\CPL\XearAudioCenter_x64.exe /h /d /i (invalid sign - no company - BC3F0F4027D1C8FF60B747F45E92FDDB980A62F2)
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2025/08/17) (sign: 'Oracle America, Inc.')
O22 - Tasks: USER_ESRV_SVC_QUEENCREEK - C:\WINDOWS\System32\WindowsPowerShell\v1.0\powershell.exe -Command "Start-Process -WindowStyle Hidden task.bat" (sign: 'Microsoft')
O22 - Tasks: WireSockRefresh - C:\Program Files\SplitWire-Turkey\res\wiresock_refresh.bat (not signed - no company - 541E453A151F3B3DAF346B4E200919794D13EDC1)
 
Murat5038 dedi:
@quarest Senin sorunun farklı mavi ekran alıyorsun büyük ihtimal minidump dosyaları var mı kontrol edin.

Gereksiz Asus yazılımlarını kaldırın.

Yine de bunları fixleyin:
Kod: 
O4 - HKCU\..\StartupApproved\Run: [EADM] = C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe -silent (2025/08/06) (sign: 'Electronic Arts, Inc.')
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_F5C1F868577C050B1FE977BE638A6254] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start (2025/08/01) (sign: 'Microsoft')
O4 - HKLM\..\Run: [GX30 Pro] = C:\Program Files\GX30 Pro\CPL\XearAudioCenter_x64.exe /h /d /i (invalid sign - no company - BC3F0F4027D1C8FF60B747F45E92FDDB980A62F2)
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2025/08/17) (sign: 'Oracle America, Inc.')
O22 - Tasks: USER_ESRV_SVC_QUEENCREEK - C:\WINDOWS\System32\WindowsPowerShell\v1.0\powershell.exe -Command "Start-Process -WindowStyle Hidden task.bat" (sign: 'Microsoft')
O22 - Tasks: WireSockRefresh - C:\Program Files\SplitWire-Turkey\res\wiresock_refresh.bat (not signed - no company - 541E453A151F3B3DAF346B4E200919794D13EDC1)
Genişletmek için tıkla...
mavi ekran almıyorum, donuyor ve 30 saniye sonra düzeliyor veya düzelmiyor, teşekkür ederim deneyeceğim
 

Benzer konular

taylaan
HijackThis Log Paylaşımı
Mesaj
0
Görüntüleme
543
taylaan
taylaan
Niyazi Taşcı
Android Silinmeyen Trojan Virüsü Temizleme
Mesaj
5
Görüntüleme
5.684
quarest
quarest
Egeeymen
Kaspersky silinmeyen trojan
Mesaj
2
Görüntüleme
999
acv
A
B
Kaspersky Security Cloud trojan buldu
2 3
Mesaj
21
Görüntüleme
3.002
Murat5038
Murat5038
2
  • Makale
Rehber  Kaspersky Virus Removal Tool ile Zararlı Yazılım Temizliği
Mesaj
7
Görüntüleme
14.505
Windows 11 Bükücü
Windows 11 Bükücü

Technopat Haberler

Yeni konular

Yeni mesajlar

Geri
Yukarı