Platform: x64 Windows 11 (Pro), 10.0.22621.160 (ReleaseId: 2009, 22H2), Service Pack: 0
Language: OS: Turkish (0x41F). Display: English (0x409). Non-Unicode: English (0x409)
Elevated: Yes
Ran by: XATHENA (group: Administrators) on DESKTOP-NV5ICAC, FirstRun: yes
Chrome: 101.0.4951.54
Internet Explorer: 11.0.22621.1
Default: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument %1 (Microsoft Edge)
Boot mode: Normal
Running processes:
Number | Path
1 C:\Program Files (x86)\GAMEPOWER Audio 7.1\GAMEPOWER Audio 7.1.exe
1 C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe
12 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
6 C:\Program Files (x86)\Microsoft\EdgeWebView\Application\103.0.1264.44\msedgewebview2.exe
1 C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.7\Lightshot.exe
1 C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe
1 C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe
1 C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Repair_Windows.exe
1 C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Odyssey\ACOdyssey.exe
1 C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
1 C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\upc.exe
11 C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UplayWebCore.exe
1 C:\Program Files\AMD\CNext\CNext\amdow.exe
1 C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
1 C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
1 C:\Program Files\AMD\CNext\CNext\cncmd.exe
1 C:\Program Files\AMD\CNext\CNext\CPUMetricsServer.exe
1 C:\Program Files\AMD\CNext\CNext\QtWebEngineProcess.exe
1 C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
1 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
1 C:\Program Files\TeraCopy\TeraCopyService.exe
1 C:\Program Files\WindowsApps\Microsoft.GamingServices_4.66.30001.0_x64__8wekyb3d8bbwe\gamingservices.exe
1 C:\Program Files\WindowsApps\Microsoft.GamingServices_4.66.30001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
1 C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.545.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe
15 C:\Users\XATHENA\AppData\Local\DiscordPTB\app-1.0.1015\DiscordPTB.exe
1 C:\Users\XATHENA\AppData\Local\Programs\Opera GX\88.0.4412.75\opera_crashreporter.exe
48 C:\Users\XATHENA\AppData\Local\Programs\Opera GX\opera.exe
1 C:\Users\XATHENA\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe
2 C:\Users\XATHENA\Desktop\HiJackThis.exe
1 C:\Users\XATHENA\Desktop\tweaking.com_windows_repair_aio_setup.exe
3 C:\Windows\explorer.exe
1 C:\Windows\System32\AggregatorHost.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\cmd.exe
2 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dasHost.exe
2 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_630dffb5316e4d50\RtkAudUService64.exe
1 C:\Windows\System32\DriverStore\FileRepository\u0379487.inf_amd64_69570110508a8108\B379425\atieclxx.exe
1 C:\Windows\System32\DriverStore\FileRepository\u0379487.inf_amd64_69570110508a8108\B379425\atiesrxx.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\GameBarPresenceWriter.exe
1 C:\Windows\System32\LsaIso.exe
1 C:\Windows\System32\lsass.exe
4 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\Sgrm\SgrmBroker.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
82 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
O1 - Hosts: is empty
O1 - Hosts.ICS: 172.23.32.1 DESKTOP-NV5ICAC.mshome.net # 2027 6 2 29 12 33 37 667
O4 - HKCU\..\Run: [com.blitz.app] = C:\Users\XATHENA\AppData\Local\Programs\Blitz\Blitz.exe --autostart
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\XATHENA\AppData\Local\Discord\Update.exe --processStart Discord.exe (2022/04/27)
O4 - HKCU\..\StartupApproved\Run: [DiscordPTB] = C:\Users\XATHENA\AppData\Local\DiscordPTB\Update.exe --processStart DiscordPTB.exe (2022/06/23)
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_CF1FB59B8939513717300D43485121AF] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start /prefetch:5 (2022/03/30)
O4 - HKCU\..\StartupApproved\Run: [MobalyticsHQ.DesktopApp] = C:\Users\XATHENA\AppData\Local\Programs\mobalytics-desktop\Mobalytics Desktop.exe (file missing) (2022/05/23)
O4 - HKCU\..\StartupApproved\Run: [PreMiD] = C:\Users\XATHENA\AppData\Roaming\PreMiD\PreMiD.exe --hidden (2022/04/27)
O4 - HKCU\..\StartupApproved\Run: [XSplitVCam] = C:\Program Files\XSplit\VCam\x64\XSplitVCam.exe minimized (2022/06/23)
O4 - HKLM\..\StartupApproved\Run: [Riot Vanguard] = C:\Program Files\Riot Vanguard\vgtray.exe (2022/04/27)
O4 - HKLM\..\StartupApproved\Run: [RtkAudUService] = C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_630dffb5316e4d50\RtkAudUService64.exe -background (2022/05/23)
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe (2022/04/27)
O4 - HKU\S-1-5-19\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (Microsoft) (User 'Local service')
O4 - HKU\S-1-5-20\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (Microsoft) (User 'Network service')
O4-32 - HKLM\..\Run: [GAMEPOWER Audio 7.1] = C:\Program Files (x86)\GAMEPOWER Audio 7.1\GAMEPOWER Audio 7.1.exe
O4-32 - HKLM\..\Run: [Lightshot] = C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\nlansp_c.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O22 - BITS Job: (download) {0E17F427-B2DC-40C1-97C7-CDA81A11E1AA} - http://edgedl.me.gvt1.com/edgedl/delta-update/oimompecagnajdejgnnjijobebaeigek/1.1c292b1d794595f42dad1e6cb4910d14e7867789b0682651cead4bfdd7c1da70/1.e80345a4828e2b82d049520da48dc125df0c2600b1e4591cd05c71bb661231e5/1410c7aef6afb660ff4f081072525d4ba5a4315908ec6cd7021ec61018551cab.crxd -> C:\Users\XATHENA\AppData\Local\Temp\chrome_BITS_20432_1743157417\1410c7aef6afb660ff4f081072525d4ba5a4315908ec6cd7021ec61018551cab.crxd
O22 - BITS Job: Fix all (including legit)
O22 - Task (.job): update-S-1-5-21-2974734722-2424839588-2509962272-1001.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
O22 - Task (.job): update-sys.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E8C1BDD9-3A19-4C28-97F9-AC753A748726} - \Tweaking.com - Windows Repair Tray Icon (no xml)
O22 - Task: (disabled) (telemetry) \COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} - C:\Program Files\COMODO\COMODO Internet Security\cis.exe --telemetry (file missing)
O22 - Task: (disabled) \COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} - C:\Program Files\COMODO\COMODO Internet Security\cis.exe --cistrayUI (file missing)
O22 - Task: (disabled) \COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} - C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {06A09C0F-DD9C-4191-A670-71115CD78627} (file missing)
O22 - Task: (disabled) \COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} - C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {947247B5-026A-4437-9371-770782BE839D} (file missing)
O22 - Task: (disabled) \COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} - C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} (file missing)
O22 - Task: (disabled) \COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} - C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {A6D52E4F-569B-4756-B3D8-DF217313DA85} (file missing)
O22 - Task: (disabled) \Microsoft\VisualStudio\Updates\BackgroundDownload - C:\Program Files (x86)\Microsoft Visual Studio\Installer.9982a172628c4ce6bd4e2df665965feb\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe (file missing)
O22 - Task: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\WINDOWS\system32\fclip.exe (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\MdmDiagnosticsCleanup - C:\WINDOWS\system32\MdmDiagnosticsTool.exe /clean (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - C:\WINDOWS\System32\MbaeParserTask.exe (file missing)
O22 - Task: (disabled) \Microsoft\Windows\Printing\PrintJobCleanupTask - {8ABCE260-32B6-476C-AE13-B34D0C91292D} - C:\Windows\System32\PrinterCleanupTask.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Shell\ThemeAssetTask_SyncFODState - {3BC5DD7D-EA3B-428C-B9B6-0723DB6A1057} - C:\Windows\System32\Windows.UI.Immersive.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\WINDOWS\system32\MusNotification.exe /RunOnAC RebootDialog (file missing)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\WINDOWS\system32\MusNotification.exe /RunOnBattery RebootDialog (file missing)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (disabled) GoogleUpdateTaskMachineCore{4E3C7A49-7AC2-4E6C-BB71-E0B0E3DE5ED2} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: (disabled) GoogleUpdateTaskMachineUA{CF6E900F-94DA-45D2-958D-4E5283371604} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: (disabled) Opera GX scheduled assistant Autoupdate 1649348888 - C:\Users\XATHENA\AppData\Local\Programs\Opera GX\launcher.exe --scheduledautoupdate --component-name=assistant --component-path="C:\Users\XATHENA\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
O22 - Task: (disabled) update-S-1-5-21-2974734722-2424839588-2509962272-1001 - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
O22 - Task: (disabled) update-sys - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\WINDOWS\system32\sc.exe start InventorySvc
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\SdbinstMergeDbTask - C:\WINDOWS\system32\sdbinst.exe -mm (Microsoft)
O22 - Task: \Microsoft\Windows\CloudRestore\Restore - {B4BCFA6F-948D-46B8-BF27-E8B1117E23B3} - C:\WINDOWS\system32\CloudRestoreLauncher.dll (Microsoft)
O22 - Task: \Microsoft\Windows\PI\SecureBootEncodeUEFI - C:\WINDOWS\system32\SecureBootEncodeUEFI.exe (Microsoft)
O22 - Task: \Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask - {8702A841-D5CA-47C3-812D-9CEDC304C200} - C:\WINDOWS\system32\IntelligentPwdlessTask.dll (Microsoft)
O22 - Task: \Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults - C:\WINDOWS\system32\MusNotification.exe LogonUpdateResults (file missing)
O22 - Task: \Microsoft\Windows\UpdateOrchestrator\StartOobeAppsScan_LicenseAccepted - C:\WINDOWS\system32\usoclient.exe StartOobeAppsScan (Microsoft)
O22 - Task: \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (file missing)
O22 - Task: \Microsoft\Windows\WlanSvc\MoProfileManagement - {085EDA12-CF4A-4944-8222-8ADCADE137CB} - C:\Windows\System32\WlanMediaManager.dll (Microsoft)
O22 - Task: AMDInstallLauncher - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe /InstallAUEP
O22 - Task: AMDRyzenMasterSDKTask - C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe
O22 - Task: ModifyLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -UpdateCurrentUser
O22 - Task: npcapwatchdog - C:\Program Files\Npcap\CheckStatus.bat
O22 - Task: Opera GX scheduled Autoupdate 1648669572 - C:\Users\XATHENA\AppData\Local\Programs\Opera GX\launcher.exe --scheduledautoupdate $(Arg0)
O22 - Task: StartCN - C:\Program Files\AMD\CNext\CNext\cncmd.exe startwithdelay
O22 - Task: StartDVR - C:\Program Files\AMD\CNext\CNext\RSServCmd.exe
O23 - Service R2: AMD External Events Utility - C:\WINDOWS\System32\DriverStore\FileRepository\u0379487.inf_amd64_69570110508a8108\B379425\atiesrxx.exe
O23 - Service R2: Gaming Services - (GamingServices) - C:\Program Files\WindowsApps\Microsoft.GamingServices_4.66.30001.0_x64__8wekyb3d8bbwe\GamingServices.exe
O23 - Service R2: Gaming Services - (GamingServicesNet) - C:\Program Files\WindowsApps\Microsoft.GamingServices_4.66.30001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_630dffb5316e4d50\RtkAudUService64.exe
O23 - Service R2: TeraCopy Service - (TeraCopyService.exe) - C:\Program Files\TeraCopy\TeraCopyService.exe
O23 - Service R2: Wallpaper Engine Service - C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe
O23 - Service S2: GameInput Service - C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService
O23 - Service S3: vgc - C:\Program Files\Riot Vanguard\vgc.exe
O23 - Service S3: Visual Studio Standard Collector Service 150 - (VSStandardCollectorService150) - D:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe