Podezření na útok na pc

Zpráva

johny231 · #1 Příspěvek od **johny231** » 09 lis 2023 08:52

Před časem mi někdo ukradl cookies nebo hesla k různým službám. Teď se mi občas v event logu objeví chyba poškozený SRUDB.dat a dochází k náhlemu ukončení aplikace s chybou "The thread tried to read from or write to a virtual address for which it does not have the appropriate access.". Kontroloval jsem disky i ram, ale tooly nenašli žádný problém s HW. Někde jsem našel, že byto mohlo být virem tak jsem se chtěl obrátit na vás s prosbou o kontrolu logů. Děkuji.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-11-2023 02
Ran by janbu (administrator) on SUPERSTROJ (09-11-2023 08:32:48)
Running from E:\Download\Chrome\FRST64.exe
Loaded Profiles: janbu
Platform: Microsoft Windows 11 Pro Version 22H2 22621.2506 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(A-Volute SAS -> A-Volute) C:\Windows\System32\NhNotifSys.exe
(C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files\Bitdefender Agent\ProductAgentService.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\27.0.1.261\DiscoverySrv.exe
(C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bduserhost.exe <2>
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (S.C. BITDEFENDER S.R.L. -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\wsccommunicator.exe
(C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_23275.702.2421.2406_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\119.0.2151.44\msedgewebview2.exe <6>
(C:\Users\janbu\AppData\Local\koofr\storagegui.exe ->) (Koofr d.o.o. -> ) C:\Users\janbu\AppData\Local\koofr\storagechrome.exe <3>
(C:\Users\janbu\AppData\Local\koofr\storagegui.exe ->) (Koofr d.o.o. -> ) C:\Users\janbu\AppData\Local\koofr\storagesync.exe <2>
(cmd.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdtrackersnmh.exe
(Discord Inc. -> Discord Inc.) C:\Users\janbu\AppData\Local\Discord\app-1.0.9023\Discord.exe <6>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <8>
(E:\Games\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) E:\Games\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(E:\Games\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) E:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <6>
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) E:\Games\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <36>
(explorer.exe ->) (Koofr d.o.o. -> ) C:\Users\janbu\AppData\Local\koofr\storagegui.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Qisda Corporation -> Dell Inc.) C:\Program Files\Dell\Dell Display Manager 2\DDM.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) E:\Games\Steam\steam.exe
(FNet Co., Ltd. -> FNet Co., Ltd) C:\Program Files (x86)\RamCache III\RamCache.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler64.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Blizzard\Bonjour Service\mDNSResponder.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ) C:\Windows\System32\AsusUpdateCheck.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.02.15\atkexComSvc.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\redline\bdredline.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\safepay\bdservicehost.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe <3>
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (geek software GmbH -> geek software GmbH) E:\Programy\PDF24\pdf24.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Extreme Tuning Utility -> Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvgbdi.inf_amd64_3a4418d819768788\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(svchost.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.223.1125.0_x64__zpdnekdrzrea0\XboxGameBarSpotify.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe <2>
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.29700.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\spaceman.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1084704 2020-05-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Greenshot] => E:\Programy\Greenshot\Greenshot.exe [527792 2017-08-09] (Open Source Developer, Robin Krom -> Greenshot)
HKLM\...\Run: [PDF24] => E:\Programy\PDF24\pdf24.exe [585464 2021-10-11] (geek software GmbH -> geek software GmbH)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe [1062424 2023-10-29] (Bitdefender SRL -> Bitdefender)
HKLM\...\Run: [BdagentApp] => C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe [1062424 2023-10-29] (Bitdefender SRL -> Bitdefender)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11561184 2023-10-31] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [RamCache III ] => C:\Program Files (x86)\RamCache III\RamCache.exe [5411608 2019-11-24] (FNet Co., Ltd. -> FNet Co., Ltd)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [748624 2023-06-14] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1154824287-3224380686-19161708-1001\...\Run: [Steam] => E:\Games\Steam\steam.exe [4377448 2023-10-31] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1154824287-3224380686-19161708-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [371304 2019-11-24] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-1154824287-3224380686-19161708-1001\...\Run: [EpicGamesLauncher] => E:\Games\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37113808 2023-10-25] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1154824287-3224380686-19161708-1001\...\Run: [Discord] => C:\Users\janbu\AppData\Local\Discord\Update.exe [1525016 2022-12-09] (Discord Inc. -> GitHub)
HKU\S-1-5-21-1154824287-3224380686-19161708-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe [45945088 2023-10-29] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-1154824287-3224380686-19161708-1001\...\Run: [MicrosoftEdgeAutoLaunch_77815F85854C90B3B9829DC7F04C04F2] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3891768 2023-11-02] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1154824287-3224380686-19161708-1001\...\Run: [GoogleChromeAutoLaunch_43BF9FB240AE69DEE3D9C7E5AE894B4F] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [2680608 2023-10-30] (Google LLC -> Google LLC)
HKU\S-1-5-21-1154824287-3224380686-19161708-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [42727840 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-1154824287-3224380686-19161708-1001\...\Policies\system: []
HKLM\...\Windows x64\Print Processors\ssm1MPC: C:\Windows\System32\spool\prtprocs\x64\ssm1mpc.dll [52088 2019-06-26] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\Bullzip PDF Print Monitor: C:\Program Files\Common Files\Bullzip\PDF Printer\Ports\BULLZIP\bzpdf.dll [222208 2020-03-04] (Bullzip) [File not signed]
HKLM\...\Print\Monitors\ssm1M Langmon: C:\Windows\system32\ssm1mlm.dll [31096 2019-06-26] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\us008 Langmon: C:\Windows\system32\us008lm.dll [31256 2016-02-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\119.0.6045.106\Installer\chrmstp.exe [2023-11-07] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\Users\janbu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DDM2.0.lnk [2023-10-06]
ShortcutTarget: DDM2.0.lnk -> C:\Program Files\Dell\Dell Display Manager 2\DDM.exe (Qisda Corporation -> Dell Inc.)
Startup: C:\Users\janbu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Koofr.lnk [2022-07-05]
ShortcutTarget: Koofr.lnk -> C:\Users\janbu\AppData\Local\koofr\storagegui.exe (Koofr d.o.o. -> )
Startup: C:\Users\janbu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mcicda.lnk [2023-09-22]
ShortcutTarget: mcicda.lnk -> E:\Download\qBitTorrent\Party.Animals.Deluxe.Edition\Crack\Setup.exe (No File)
Startup: C:\Users\janbu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2023-03-22]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy\User: Restriction ? <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04b7b24c-2fe7-4377-bd9d-ff09ee6f27a4} - no filepath. <==== ATTENTION
Task: {1498164c-4eb0-4e86-b57f-fb21b820fc65} - no filepath. <==== ATTENTION
Task: {1b22228e-eac5-4e2e-b64a-c63d8cd72413} - no filepath. <==== ATTENTION
Task: {1e42dde3-0e8d-4a7e-ae05-36e7d46e38df} - no filepath. <==== ATTENTION
Task: {1f3fbb4d-8e8f-4b4b-be41-fc95905f3a06} - no filepath. <==== ATTENTION
Task: {226d7d5d-3dae-4c2b-b26d-50d75b401d37} - no filepath. <==== ATTENTION
Task: {287bb4e2-3b3c-431b-a886-0c0daa6edd6e} - no filepath. <==== ATTENTION
Task: {292ccf24-bc7d-43e3-bb68-3d86542903d4} - no filepath. <==== ATTENTION
Task: {33b84a1c-9b06-4a9f-aa4a-ee2983fde2cd} - no filepath. <==== ATTENTION
Task: {3afe6420-c6a8-4a9d-907d-24617f94211e} - no filepath. <==== ATTENTION
Task: {3c1930a8-c08e-415b-9d58-713ce930d61f} - no filepath. <==== ATTENTION
Task: {4172f89f-9272-466e-9a88-b85bf27e37a1} - no filepath. <==== ATTENTION
Task: {50e68116-9ed2-4400-8475-05b4b719d8b8} - no filepath. <==== ATTENTION
Task: {582af7eb-cfdf-4cf8-afaa-138b4fdf3555} - no filepath. <==== ATTENTION
Task: {5ab95abf-c172-468b-96f3-b9566dfcce3a} - no filepath. <==== ATTENTION
Task: {7a2ea8fe-73ee-4d4f-9277-2f739ff51e98} - no filepath. <==== ATTENTION
Task: {7f6148f5-648a-4a35-8857-f5845988c238} - no filepath. <==== ATTENTION
Task: {80b7d36d-5797-46b1-b769-caac239aeece} - no filepath. <==== ATTENTION
Task: {8cc906bb-c27e-42ed-ab5c-b3aef61c67d3} - no filepath. <==== ATTENTION
Task: {912efb06-30b4-4dfe-a2ae-276795e18a2a} - no filepath. <==== ATTENTION
Task: {92727585-2367-4c9a-879e-d4ffef8cb19a} - no filepath. <==== ATTENTION
Task: {92a2ff86-f506-4dd7-912f-ce3b5f49a0ef} - no filepath. <==== ATTENTION
Task: {95aa4cbd-79a6-4a43-b4aa-3cdbb9532ee6} - no filepath. <==== ATTENTION
Task: {9c136c20-e3c4-48a7-bf5a-16fb00d27f8f} - no filepath. <==== ATTENTION
Task: {9ebbfa46-120c-48cf-8d25-593b5ec8511b} - no filepath. <==== ATTENTION
Task: {a3d5225f-1f5c-46a0-98a0-e017456eb978} - no filepath. <==== ATTENTION
Task: {af7b2790-dc69-42dd-b837-a82d660eb674} - no filepath. <==== ATTENTION
Task: {b42b68b1-0d73-4bf9-8f78-6ca335f6b4e0} - no filepath. <==== ATTENTION
Task: {b6ba0234-ce4a-4eab-bb1a-e710239fb393} - no filepath. <==== ATTENTION
Task: {ba1cf534-d378-4113-96b3-246fed1e830e} - no filepath. <==== ATTENTION
Task: {bcf51edc-3c02-4d44-a22a-2a6113dd4011} - no filepath. <==== ATTENTION
Task: {bd3fbf7f-7f1a-4c64-ad9b-2e31769847bc} - no filepath. <==== ATTENTION
Task: {c477e763-82ac-4f98-bb3f-1e2cf175f32c} - no filepath. <==== ATTENTION
Task: {c4b85f97-9a9e-420d-933b-149de53a9d1d} - no filepath. <==== ATTENTION
Task: {c879b86a-a2ae-4f52-8573-a6e0c926c973} - no filepath. <==== ATTENTION
Task: {cd5b2c0a-095e-48ff-8814-54e07b4502dd} - no filepath. <==== ATTENTION
Task: {d6dbb27d-58c4-4021-b661-2ddbdf4a35c3} - no filepath. <==== ATTENTION
Task: {da12e2bc-2a03-4fd5-a820-6649abb5528e} - no filepath. <==== ATTENTION
Task: {ec25a500-1ff6-4b01-9b46-6dfc37ea6f38} - no filepath. <==== ATTENTION
Task: {ef3a3193-4f12-475f-9293-c8284914e485} - no filepath. <==== ATTENTION
Task: {f481f2a5-8282-4ab1-b8fc-8a90e3f75f21} - no filepath. <==== ATTENTION
Task: {f72b3314-b989-41b3-86ad-47d19f5ded9d} - no filepath. <==== ATTENTION
Task: {f7d0cf64-0ebc-47b4-a939-c78c8c1d30b3} - no filepath. <==== ATTENTION
Task: {f8554d5e-a24d-4134-ba65-19105b9326e9} - no filepath. <==== ATTENTION
Task: {fbd338ae-4be5-4a7b-b274-462bc902bd13} - no filepath. <==== ATTENTION
Task: {ffa5b55e-ee54-4cff-a678-98a51824642f} - no filepath. <==== ATTENTION
Task: {F1C271B0-0B1B-45EF-B394-7A1921D11133} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {2C9A54BA-6E62-4643-ABFB-161BFA120F51} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe (No File)
Task: {61F1ADF9-BEC2-441B-8662-AE56A13D5337} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (No File)
Task: {57710C15-CCF4-4938-8DE0-B9D6943307F2} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (No File)
Task: {55E122FB-0D95-4BF7-A13E-72793D47D40F} - System32\Tasks\avfree.migration => C:\Program Files\Bitdefender Antivirus Free\migration_tool\avfree.migration.exe /run (No File)
Task: {36AAFC3A-A44D-487F-B8ED-8034C2D3D5EA} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\27.0.1.261\WatchDog.exe [937000 2023-07-27] (Bitdefender SRL -> Bitdefender)
Task: {8D474450-322B-4D8C-87EE-27A99B92C09C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {37DEA14D-CD83-4664-B609-FCAC49FB3D27} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "b1e91640-54db-4b9a-98cf-b48c225f8f5e" --version "6.17.10746" --silent
Task: {7E0A9B19-787F-43D6-9669-749001A70701} - System32\Tasks\CCleanerSkipUAC - janbu => C:\Program Files\CCleaner\CCleaner.exe [35664800 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {3CE5E26D-D2BC-431A-B1DA-3AD75C007000} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
Task: {6F3296F2-79C5-4B45-BA60-6631B680192F} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
Task: {BC7BECBE-4A95-4138-9BF2-9650634BA834} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-24] (Google Inc -> Google LLC)
Task: {6A76B9FD-90A5-47DA-B3D4-2013B5442468} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-24] (Google Inc -> Google LLC)
Task: {558F15DB-21AB-4659-97A3-9E5E9422BD70} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [1328392 2016-03-17] (Intel(R) Software -> Intel Corporation)
Task: {73547ECC-F16E-4046-B1E1-9E38240AA756} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27033280 2023-10-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {C2BBD2DE-C943-4B13-931D-A0B4D5F7B1BE} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27033280 2023-10-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {26EAA2B3-5A06-426F-9C1B-C8D4B39AF430} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [218080 2023-11-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {4E38DB7A-6213-4B03-9331-6231D6715ECE} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [218080 2023-11-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {691FBDA1-F4C5-4EA7-A7A1-7537D4CC9202} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [73144 2022-12-17] (Microsoft Corporation -> Microsoft)
Task: {45ECEF7C-8CF2-447B-9C15-F46C741A3D81} - System32\Tasks\Microsoft\Windows\ConsentUX\UnifiedConsent\UnifiedConsentSyncTask => {82aa0895-198a-4c1b-b2d1-c16894218afb} C:\WINDOWS\System32\unifiedconsent.dll [311296 2023-10-30] (Microsoft Windows -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {5B36AC95-71EA-4F21-90DB-B43EF24C0C72} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {DCDF2875-C1EB-45C7-B28C-C1A97E6D043E} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {682D1027-818D-40A3-A038-8B9B535DE39B} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {F889D669-CF67-42F7-94BF-C8A5DA930591} - System32\Tasks\NahimicSvc32Run => C:\Windows\SysWOW64\NahimicSvc32.exe [833688 2021-11-01] (A-Volute SAS -> Nahimic)
Task: {43CCAFB5-6657-4F7B-9DA1-E869785DCA4E} - System32\Tasks\NahimicSvc64Run => C:\Windows\system32\NahimicSvc64.exe [1094808 2021-11-01] (A-Volute SAS -> Nahimic)
Task: {C4CA5AF5-2698-4671-AD09-9C84741889A3} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {4D4BDA8B-8F62-485E-BBDB-F31792B8D751} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EEA0987E-754D-415E-A186-B67F4989B2C4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {440D50CF-7544-4113-A659-3DF5B13F4E96} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6AFCB06E-97D1-4CD6-8D74-8F42E8C6BF8A} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4D671167-B5E0-4E9B-AFD7-4123376075DE} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3D48B2F2-DC8C-4AC1-8733-A00C1B172D03} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E93C6911-39FA-41F3-978F-DA3AA8B6231B} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4CFB8C40-3FEB-47D9-9F3D-6E1114FD0FD9} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E9F1F880-F564-4048-BE8E-C2A859290C4B} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130848 2023-10-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {0F055734-374F-4D31-8636-748FE02B67D9} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1154824287-3224380686-19161708-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130848 2023-10-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {434520B7-C982-43B4-AF10-DB43F4B28727} - System32\Tasks\SUPERAntiSpyware Scheduled Task a4b34748-6f95-4175-ba4c-69f882eb0fe7 => E:\Programy\SUPERAntiSpyware\SASTask.exe -> "E:\Programy\SUPERAntiSpyware\SUPERAntiSpyware.exe" /TASK:a4b34748-6f95-4175-ba4c-69f882eb0fe7
Task: {DA6CFF38-4E7E-4E61-BCC0-68ECB26D1475} - System32\Tasks\SUPERAntiSpyware Scheduled Task eb5a5233-86a1-4bd3-9390-a25c86076527 => E:\Programy\SUPERAntiSpyware\SASTask.exe -> "E:\Programy\SUPERAntiSpyware\SUPERAntiSpyware.exe" /TASK:eb5a5233-86a1-4bd3-9390-a25c86076527

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task a4b34748-6f95-4175-ba4c-69f882eb0fe7.job => E:\Programy\SUPERAntiSpyware\SASTask.exe_E:\Programy\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task eb5a5233-86a1-4bd3-9390-a25c86076527.job => E:\Programy\SUPERAntiSpyware\SASTask.exe_E:\Programy\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 84.19.64.3 8.8.4.4
Tcpip\..\Interfaces\{2B95D724-A364-4A0D-B01A-E1CC367A3ACA}: [DhcpNameServer] 10.18.6.2
Tcpip\..\Interfaces\{2c6a1056-397b-4420-8487-27d93e6984f8}: [DhcpNameServer] 84.19.64.3 8.8.4.4
Tcpip\..\Interfaces\{8623B195-4A85-41E3-B9D9-CA68F18B1AC9}: [DhcpNameServer] 10.18.6.2
Tcpip\..\Interfaces\{f58b598d-948b-4adf-b4f9-a3d69ad8a9f0}: [DhcpNameServer] 31.132.31.132 31.132.31.232

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\janbu\AppData\Local\Microsoft\Edge\User Data\Default [2023-11-09]
Edge DownloadDir: Default -> C:\Users\janbu\Downloads
Edge Extension: (Bitdefender Anti-tracker) - C:\Users\janbu\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dbconhplchnbippmjabbcedokimacfjl [2023-10-30]
Edge Extension: (Dokumenty Google offline) - C:\Users\janbu\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-25]
Edge Extension: (Edge relevant text changes) - C:\Users\janbu\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-25]
Edge HKLM-x32\...\Edge\Extension: [dbconhplchnbippmjabbcedokimacfjl]

FireFox:
========
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security App\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security App\bdtbext [2023-06-30] [Legacy] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security App\bdtbext
FF Plugin: @java.com/DTPlugin,version=11.381.2 -> C:\Program Files\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-06-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.381.2 -> C:\Program Files\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-06-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> E:\Programy\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-10-09] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-10-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-08-02] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\janbu\AppData\Local\Google\Chrome\User Data\Default [2023-11-09]
CHR DownloadDir: E:\Download\Chrome
CHR Extension: (Stylish - Custom themes for any website) - C:\Users\janbu\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2023-09-05]
CHR Extension: (React Developer Tools) - C:\Users\janbu\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmkadmapgofadopljbjfkapdkoienihi [2023-10-29]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\janbu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-11-03]
CHR Extension: (Avast Online Security & Privacy) - C:\Users\janbu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2023-01-13]
CHR Extension: (FormApps Extension) - C:\Users\janbu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2022-10-15]
CHR Extension: (Cisco Webex Extension) - C:\Users\janbu\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2023-02-02]
CHR Extension: (Grammarly: Grammar Checker and AI Writing App) - C:\Users\janbu\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2023-11-01]
CHR Extension: (Bitdefender Anti-tracker) - C:\Users\janbu\AppData\Local\Google\Chrome\User Data\Default\Extensions\khndhdhbebhaddchcgnalcjlaekbbeof [2023-10-30]
CHR Extension: (Vylepšení WISu) - C:\Users\janbu\AppData\Local\Google\Chrome\User Data\Default\Extensions\macimepnbaggfjekcmlcohlffafgamcc [2021-05-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\janbu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-05-30]
CHR Extension: (Clockify Time Tracker) - C:\Users\janbu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmjeegjhjdlccodhacdgbgfagbpmccpe [2023-10-22]
CHR Profile: C:\Users\janbu\AppData\Local\Google\Chrome\User Data\System Profile [2023-11-08]
CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.02.15\atkexComSvc.exe [468504 2022-09-12] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [181576 2022-09-12] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.)
R2 AsusUpdateCheck; C:\WINDOWS\System32\AsusUpdateCheck.exe [1097624 2023-11-09] (ASUSTeK Computer Inc. -> )
R2 BDAppSrv; C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe [842264 2023-10-29] (Bitdefender SRL -> Bitdefender)
R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [842264 2023-10-29] (Bitdefender SRL -> Bitdefender)
R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [842264 2023-10-29] (Bitdefender SRL -> Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2946088 2023-08-31] (Bitdefender SRL -> Bitdefender)
R2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [2560552 2023-07-20] (Bitdefender SRL -> Bitdefender)
R2 BDSafepaySrv; C:\Program Files\Bitdefender\Bitdefender Security App\Safepay\bdservicehost.exe [842264 2023-10-29] (Bitdefender SRL -> Bitdefender)
R2 Bonjour Service; C:\Program Files\Blizzard\Bonjour Service\mDNSResponder.exe [390504 2020-03-27] (Apple Inc. -> Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12876472 2023-10-28] (Microsoft Corporation -> Microsoft Corporation)
S3 CloudBackupRestoreSvc; C:\WINDOWS\System32\CloudRestoreLauncher.dll [1355776 2023-10-30] (Microsoft Windows -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2023-10-31] (Dropbox, Inc -> Dropbox, Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4452456 2019-11-24] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1136040 2023-01-01] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [954704 2023-10-17] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2021-12-01] (Epic Games Inc. -> Epic Games, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.209.1008.0002\FileSyncHelper.exe [3505696 2023-10-29] (Microsoft Corporation -> Microsoft Corporation)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10738432 2023-10-29] (Logitech Inc -> Logitech, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9343840 2023-11-08] (Malwarebytes Inc. -> Malwarebytes)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1920152 2021-11-01] (A-Volute SAS -> Nahimic)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.209.1008.0002\OneDriveUpdaterService.exe [3842064 2023-10-29] (Microsoft Corporation -> Microsoft Corporation)
R2 PDF24; E:\Programy\PDF24\pdf24.exe [585464 2021-10-11] (geek software GmbH -> geek software GmbH)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [659496 2023-07-27] (Bitdefender SRL -> Bitdefender)
S3 Rockstar Service; E:\Games\Launcher\RockstarService.exe [1908688 2022-06-26] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534488 2023-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [288792 2023-10-29] (Bitdefender SRL -> Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [842264 2023-10-29] (Bitdefender SRL -> Bitdefender)
S3 VSStandardCollectorService150; D:\Programy\VisualStudio_Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [142304 2022-06-01] (Microsoft Corporation -> Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [2909208 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [128376 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvgbdi.inf_amd64_3a4418d819768788\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvgbdi.inf_amd64_3a4418d819768788\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 Asusgio2; C:\Windows\system32\drivers\AsIO2.sys [34384 2021-10-21] (ASUSTeK Computer Inc. -> )
R1 Asusgio3; C:\WINDOWS\system32\drivers\AsIO3.sys [43168 2022-09-12] (ASUSTeK Computer Inc. -> )
R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [6205488 2023-08-31] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender S.R.L. Bucharest, ROMANIA)
R3 AVoluteSS3Vad; C:\WINDOWS\System32\drivers\AVoluteSS3Vad.sys [93672 2021-10-14] (A-Volute -> Windows (R) Win 7 DDK provider)
R2 BdDci; C:\WINDOWS\System32\DRIVERS\bddci.sys [798128 2022-11-10] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [22976 2020-12-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
S3 bdprivmon; C:\WINDOWS\System32\DRIVERS\bdprivmon.sys [49200 2023-08-21] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender SRL)
S3 bduefiscan; C:\WINDOWS\system32\DRIVERS\bduefiscan.sys [39840 2023-03-02] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2019-11-24] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2019-11-24] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2023-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R0 FNETHYRAMAS; C:\WINDOWS\System32\drivers\FNETHYRAMAS.SYS [56352 2019-11-24] (FNet Co., Ltd. -> FNet Co., Ltd.)
R1 Gemma; C:\WINDOWS\System32\DRIVERS\gemma.sys [1347496 2023-08-31] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender S.R.L. Bucharest, ROMANIA)
R1 GLCKIO2; C:\Windows\system32\drivers\GLCKIO2.sys [29368 2019-04-24] (ASUSTeK Computer Inc. -> )
S3 Ignisv2; C:\WINDOWS\system32\DRIVERS\ignisv2.sys [165312 2023-08-31] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2023-03-28] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2023-03-28] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2023-03-28] (Logitech Inc -> Logitech)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [222800 2023-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-11-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt11.sys [233704 2023-11-09] (Malwarebytes Inc. -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [78400 2023-11-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [188016 2023-11-09] (Malwarebytes Inc. -> Malwarebytes)
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
R2 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [633248 2023-03-02] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S4 UCPD; C:\WINDOWS\System32\drivers\UCPD.sys [29184 2023-09-13] (Microsoft Windows -> Microsoft Corporation)
R0 vlflt; C:\WINDOWS\System32\DRIVERS\vlflt.sys [522136 2023-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [48536 2022-05-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [438544 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [90384 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
U1 aswbdisk; no ImagePath
S1 EneIo; \??\C:\Windows\system32\drivers\ene.sys [X]
S1 EneTechIo; \??\C:\WINDOWS\system32\drivers\ene.sys [X]
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-11-09 08:18 - 2023-11-09 08:18 - 000760034 _____ C:\WINDOWS\system32\perfh005.dat
2023-11-09 08:18 - 2023-11-09 08:18 - 000168698 _____ C:\WINDOWS\system32\perfc005.dat
2023-11-09 08:11 - 2023-11-09 08:11 - 000233704 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt11.sys
2023-11-09 08:11 - 2023-11-09 08:11 - 000188016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2023-11-08 22:48 - 2023-11-09 08:12 - 000000000 ____D C:\Program Files\CCleaner
2023-11-08 22:48 - 2023-11-08 23:46 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-11-08 22:48 - 2023-11-08 22:48 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-11-08 22:48 - 2023-11-08 22:48 - 000003472 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-11-08 22:48 - 2023-11-08 22:48 - 000002894 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - janbu
2023-11-08 22:48 - 2023-11-08 22:48 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2023-11-08 22:48 - 2023-11-08 22:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2023-11-08 22:19 - 2023-11-08 22:19 - 000000000 ____D C:\KVRT2020_Data
2023-11-08 22:15 - 2023-11-08 22:16 - 000000000 ____D C:\AdwCleaner
2023-11-08 22:10 - 2023-11-09 08:12 - 000000000 ____D C:\Users\janbu\AppData\Local\Malwarebytes
2023-11-08 22:10 - 2023-11-08 22:10 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-11-08 22:10 - 2023-11-08 22:10 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-11-08 22:10 - 2023-11-08 22:10 - 000000000 ____D C:\Users\janbu\AppData\Local\mbam
2023-11-08 22:10 - 2023-11-08 22:10 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-11-08 22:10 - 2023-11-08 22:10 - 000000000 ____D C:\Program Files\Malwarebytes
2023-11-08 22:04 - 2023-11-09 08:33 - 000000000 ____D C:\FRST
2023-11-06 23:49 - 2023-11-06 23:49 - 000001146 _____ C:\Users\Public\Desktop\Huntplayers desktop.lnk
2023-11-06 23:49 - 2023-11-06 23:49 - 000000000 ____D C:\Users\janbu\AppData\Local\app.huntplayers.com
2023-11-06 23:49 - 2023-11-06 23:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Huntplayers desktop
2023-11-06 23:49 - 2023-11-06 23:49 - 000000000 ____D C:\Program Files\Huntplayers desktop
2023-11-02 11:52 - 2023-11-02 11:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2023-10-31 12:19 - 2023-10-31 12:19 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2023-10-30 17:37 - 2023-10-30 17:37 - 000016240 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2023-10-30 17:31 - 2023-10-30 17:33 - 000000000 ___HD C:\$WinREAgent
2023-10-30 09:21 - 2023-10-30 09:21 - 000000856 _____ C:\Users\Public\Desktop\Logitech G HUB.lnk
2023-10-30 09:21 - 2023-10-30 09:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2023-10-30 09:21 - 2023-10-30 09:21 - 000000000 ____D C:\Program Files\LGHUB
2023-10-17 17:31 - 2023-10-17 17:31 - 000000000 ____D C:\Users\janbu\AppData\Roaming\EasyAntiCheat
2023-10-17 17:31 - 2023-10-17 17:31 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat_EOS
2023-10-16 21:05 - 2023-10-16 21:05 - 000000000 ____D C:\Users\janbu\AppData\Local\Backup
2023-10-16 15:22 - 2023-10-16 15:22 - 000091368 _____ C:\ProgramData\agent.update.1697466146.bdinstall.v2.bin
2023-10-15 20:58 - 2023-10-30 22:08 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-11-09 08:24 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-11-09 08:24 - 2019-12-06 23:01 - 000000000 ____D C:\ProgramData\NVIDIA
2023-11-09 08:19 - 2023-01-01 23:17 - 000000000 ____D C:\Users\janbu
2023-11-09 08:18 - 2023-01-02 00:03 - 001848894 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-11-09 08:18 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2023-11-09 08:13 - 2023-10-06 19:37 - 000000000 ____D C:\SteamLibrary
2023-11-09 08:13 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-11-09 08:13 - 2019-11-24 13:30 - 000000000 ____D C:\Program Files (x86)\Google
2023-11-09 08:12 - 2023-10-06 21:12 - 000000000 ____D C:\Users\janbu\AppData\Local\Dell Display Manager
2023-11-09 08:12 - 2022-07-05 12:47 - 000000000 ___SD C:\Users\janbu\Koofr
2023-11-09 08:12 - 2019-12-14 22:07 - 000000000 ____D C:\Users\janbu\AppData\Roaming\Discord
2023-11-09 08:12 - 2019-11-24 15:14 - 000000000 ____D C:\Users\janbu\AppData\Roaming\Dropbox
2023-11-09 08:12 - 2019-11-24 15:14 - 000000000 ____D C:\Users\janbu\AppData\Local\Dropbox
2023-11-09 08:11 - 2023-03-28 15:47 - 000000000 ____D C:\Users\janbu\AppData\Local\LGHUB
2023-11-09 08:11 - 2023-01-02 00:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-11-09 08:11 - 2023-01-01 18:29 - 000000000 ____D C:\Users\janbu\AppData\Local\Discord
2023-11-09 08:11 - 2021-02-08 13:36 - 000012288 ___SH C:\DumpStack.log.tmp
2023-11-09 08:11 - 2019-11-23 06:17 - 001136496 _____ C:\WINDOWS\system32\wpbbin.exe
2023-11-09 08:11 - 2019-11-23 06:17 - 001097624 _____ C:\WINDOWS\system32\AsusUpdateCheck.exe
2023-11-09 08:10 - 2023-09-01 17:46 - 000000000 ____D C:\Users\janbu\AppData\Roaming\G HUB
2023-11-09 08:10 - 2022-05-07 06:17 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2023-11-09 07:58 - 2020-04-27 13:09 - 000000000 ____D C:\Users\janbu\AppData\Local\.IdentityService
2023-11-09 07:53 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-11-09 07:50 - 2023-03-28 15:47 - 000000000 ____D C:\Users\janbu\AppData\Roaming\lghub
2023-11-09 07:46 - 2023-01-01 23:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-11-08 23:47 - 2023-01-01 23:57 - 000493624 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-11-08 23:46 - 2020-04-08 09:27 - 000000512 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task eb5a5233-86a1-4bd3-9390-a25c86076527.job
2023-11-08 23:46 - 2020-04-08 09:27 - 000000512 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task a4b34748-6f95-4175-ba4c-69f882eb0fe7.job
2023-11-08 23:09 - 2022-02-08 19:11 - 000000000 ____D C:\Users\janbu\AppData\Local\TSVNCache
2023-11-08 22:50 - 2023-10-04 11:05 - 000000000 ____D C:\WINDOWS\Minidump
2023-11-08 22:50 - 2023-01-01 22:24 - 000000000 ___DC C:\WINDOWS\Panther
2023-11-08 22:50 - 2019-12-06 23:53 - 000000000 ____D C:\Users\janbu\AppData\Local\CrashDumps
2023-11-08 22:50 - 2019-11-24 14:08 - 000000000 ____D C:\Users\janbu\AppData\Roaming\DAEMON Tools Lite
2023-11-08 22:41 - 2019-11-24 13:31 - 000000000 ____D C:\Users\janbu\AppData\Local\D3DSCache
2023-11-08 22:39 - 2019-12-06 22:56 - 000000000 ____D C:\Users\janbu\AppData\Roaming\Microsoft\MMC
2023-11-08 22:37 - 2023-01-02 00:04 - 000003412 _____ C:\WINDOWS\system32\Tasks\SUPERAntiSpyware Scheduled Task a4b34748-6f95-4175-ba4c-69f882eb0fe7
2023-11-08 22:37 - 2023-01-02 00:04 - 000003154 _____ C:\WINDOWS\system32\Tasks\SUPERAntiSpyware Scheduled Task eb5a5233-86a1-4bd3-9390-a25c86076527
2023-11-08 22:37 - 2023-01-02 00:04 - 000002402 _____ C:\WINDOWS\system32\Tasks\NahimicSvc64Run
2023-11-08 22:37 - 2023-01-02 00:04 - 000002402 _____ C:\WINDOWS\system32\Tasks\NahimicSvc32Run
2023-11-08 22:10 - 2022-05-07 06:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-11-08 21:47 - 2023-01-02 00:04 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-11-08 21:47 - 2020-04-15 07:50 - 000001443 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2023-11-08 21:47 - 2019-12-06 22:59 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2023-11-08 21:46 - 2023-01-02 00:04 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-11-08 21:46 - 2023-01-02 00:04 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-11-08 21:46 - 2023-01-02 00:04 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-11-08 21:46 - 2023-01-02 00:04 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-11-08 21:46 - 2023-01-02 00:04 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-11-08 21:46 - 2023-01-02 00:04 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-11-08 21:46 - 2023-01-02 00:04 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-11-08 21:46 - 2023-01-02 00:04 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-11-08 21:46 - 2019-12-06 23:24 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2023-11-08 21:46 - 2019-12-06 22:59 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2023-11-08 21:40 - 2019-11-24 14:54 - 000000000 ____D C:\Users\janbu\AppData\Roaming\Microsoft\Excel
2023-11-08 19:56 - 2023-01-01 23:06 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2023-11-08 18:34 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState
2023-11-08 13:06 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-11-07 20:57 - 2023-09-15 11:30 - 000263784 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_3.dll
2023-11-07 20:57 - 2022-10-20 10:14 - 000095848 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2023-11-07 20:57 - 2022-10-20 10:14 - 000075368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2023-11-07 20:57 - 2022-01-30 13:31 - 002758248 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2023-11-07 20:57 - 2022-01-30 13:31 - 000634880 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2023-11-07 20:57 - 2022-01-30 13:31 - 000210536 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2023-11-07 20:57 - 2022-01-30 13:31 - 000190056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2023-11-07 20:57 - 2022-01-30 13:31 - 000145000 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2023-11-07 20:05 - 2019-11-24 13:30 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-11-07 20:05 - 2019-11-24 13:30 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-11-06 15:22 - 2022-05-07 06:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-11-04 16:17 - 2023-09-08 13:11 - 000000000 ____D C:\Users\janbu\.openshot_qt
2023-11-04 16:15 - 2020-03-25 19:01 - 000000000 ____D C:\Users\janbu\AppData\Roaming\vlc
2023-11-04 15:49 - 2020-06-11 15:59 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-11-04 15:49 - 2020-06-11 15:59 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-11-03 20:50 - 2021-05-04 22:16 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-11-03 20:50 - 2019-11-22 23:33 - 000000000 ____D C:\Users\janbu\AppData\Local\Packages
2023-11-02 11:52 - 2019-11-24 15:14 - 000000000 ____D C:\Program Files (x86)\Dropbox
2023-11-02 05:00 - 2020-04-15 07:47 - 002905128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2023-11-02 05:00 - 2020-04-15 07:47 - 002235944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2023-11-02 05:00 - 2020-04-15 07:47 - 001296936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2023-11-02 04:33 - 2020-12-06 16:02 - 000086568 _____ C:\WINDOWS\system32\FvSDK_x64.dll
2023-11-02 04:33 - 2020-12-06 16:02 - 000075304 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll
2023-10-31 08:09 - 2021-07-28 19:09 - 000000000 ____D C:\ProgramData\BDLogging
2023-10-30 22:08 - 2022-05-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\AppV
2023-10-30 22:08 - 2022-05-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-10-30 22:08 - 2022-05-07 11:05 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2023-10-30 22:08 - 2022-05-07 11:05 - 000000000 ____D C:\WINDOWS\system32\cs
2023-10-30 22:08 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-10-30 22:08 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-10-30 22:08 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-10-30 22:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\UUS
2023-10-30 22:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-10-30 22:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2023-10-30 22:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-10-30 22:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2023-10-30 22:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-10-30 22:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2023-10-30 22:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2023-10-30 22:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2023-10-30 22:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2023-10-30 22:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2023-10-30 22:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2023-10-30 22:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2023-10-30 22:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-10-30 22:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2023-10-30 22:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources
2023-10-30 22:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-10-30 22:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-10-30 22:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2023-10-30 22:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-10-30 22:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2023-10-30 22:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\setup
2023-10-30 22:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-10-30 22:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-10-30 22:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-10-30 22:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2023-10-30 22:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2023-10-30 22:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\id-ID
2023-10-30 22:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2023-10-30 22:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2023-10-30 22:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2023-10-30 22:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\et-EE
2023-10-30 22:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-10-30 22:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-10-30 22:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-10-30 22:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2023-10-30 22:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-10-30 22:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-10-30 22:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-10-30 22:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\Provisioning
2023-10-30 22:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\DiagTrack
2023-10-30 22:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-10-30 22:08 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Common Files\System
2023-10-30 22:08 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\servicing
2023-10-30 20:31 - 2022-10-06 09:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Security
2023-10-30 17:48 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2023-10-30 17:48 - 2019-11-22 23:32 - 000000000 ____D C:\ProgramData\Packages
2023-10-30 17:43 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-10-30 17:42 - 2022-05-07 11:14 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2023-10-30 17:42 - 2022-05-07 06:25 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2023-10-30 17:42 - 2022-05-07 06:24 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2023-10-30 17:38 - 2023-01-01 23:59 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-10-30 17:29 - 2020-10-01 20:00 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-10-30 09:20 - 2021-06-17 20:48 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2023-10-29 16:45 - 2021-02-16 09:24 - 000000000 ____D C:\Users\janbu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2023-10-29 16:43 - 2023-01-02 00:04 - 000003638 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-10-29 16:43 - 2023-01-02 00:04 - 000003514 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-10-29 16:42 - 2023-01-02 00:04 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1154824287-3224380686-19161708-1001
2023-10-29 16:42 - 2023-01-02 00:04 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2023-10-29 16:42 - 2021-05-04 22:25 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-10-29 16:41 - 2019-11-24 13:40 - 000000000 ____D C:\Users\janbu\AppData\Local\Steam
2023-10-22 18:01 - 2023-01-02 00:04 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-10-22 18:01 - 2022-10-15 11:36 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-10-22 18:01 - 2022-10-15 11:36 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-10-17 16:46 - 2021-08-26 16:29 - 000000000 ____D C:\Users\janbu\AppData\Local\TortoiseGit
2023-10-16 15:22 - 2023-01-02 00:04 - 000003846 _____ C:\WINDOWS\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2023-10-16 15:22 - 2019-11-24 21:54 - 000000000 ____D C:\Program Files\Bitdefender Agent
2023-10-15 20:58 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-10-15 11:39 - 2019-12-06 23:06 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-10-15 11:30 - 2019-12-06 23:06 - 181553176 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories ========

2020-02-10 22:10 - 2020-02-10 22:11 - 000000055 _____ () C:\Users\janbu\AppData\Roaming\~SiMPLEX.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Addition.zip: (26 KiB) Staženo 24 x

#2 Příspěvek od **Rudy** » 09 lis 2023 09:29

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

#3 Příspěvek od **JaRon** » 09 lis 2023 09:30

ahoj,
citat:
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>

Kód: Vybrat vše

Start
CloseProcesses:
AlternateDataStreams: C:\ProgramData\TEMP:4FC01C57 [136]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1154824287-3224380686-19161708-1001\...\Policies\system: [] 
ShortcutTarget: mcicda.lnk -> E:\Download\qBitTorrent\Party.Animals.Deluxe.Edition\Crack\Setup.exe (No File)
GroupPolicy\User: Restriction ? <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {04b7b24c-2fe7-4377-bd9d-ff09ee6f27a4} - no filepath. <==== ATTENTION
Task: {1498164c-4eb0-4e86-b57f-fb21b820fc65} - no filepath. <==== ATTENTION
Task: {1b22228e-eac5-4e2e-b64a-c63d8cd72413} - no filepath. <==== ATTENTION
Task: {1e42dde3-0e8d-4a7e-ae05-36e7d46e38df} - no filepath. <==== ATTENTION
Task: {1f3fbb4d-8e8f-4b4b-be41-fc95905f3a06} - no filepath. <==== ATTENTION
Task: {226d7d5d-3dae-4c2b-b26d-50d75b401d37} - no filepath. <==== ATTENTION
Task: {287bb4e2-3b3c-431b-a886-0c0daa6edd6e} - no filepath. <==== ATTENTION
Task: {292ccf24-bc7d-43e3-bb68-3d86542903d4} - no filepath. <==== ATTENTION
Task: {33b84a1c-9b06-4a9f-aa4a-ee2983fde2cd} - no filepath. <==== ATTENTION
Task: {3afe6420-c6a8-4a9d-907d-24617f94211e} - no filepath. <==== ATTENTION
Task: {3c1930a8-c08e-415b-9d58-713ce930d61f} - no filepath. <==== ATTENTION
Task: {4172f89f-9272-466e-9a88-b85bf27e37a1} - no filepath. <==== ATTENTION
Task: {50e68116-9ed2-4400-8475-05b4b719d8b8} - no filepath. <==== ATTENTION
Task: {582af7eb-cfdf-4cf8-afaa-138b4fdf3555} - no filepath. <==== ATTENTION
Task: {5ab95abf-c172-468b-96f3-b9566dfcce3a} - no filepath. <==== ATTENTION
Task: {7a2ea8fe-73ee-4d4f-9277-2f739ff51e98} - no filepath. <==== ATTENTION
Task: {7f6148f5-648a-4a35-8857-f5845988c238} - no filepath. <==== ATTENTION
Task: {80b7d36d-5797-46b1-b769-caac239aeece} - no filepath. <==== ATTENTION
Task: {8cc906bb-c27e-42ed-ab5c-b3aef61c67d3} - no filepath. <==== ATTENTION
Task: {912efb06-30b4-4dfe-a2ae-276795e18a2a} - no filepath. <==== ATTENTION
Task: {92727585-2367-4c9a-879e-d4ffef8cb19a} - no filepath. <==== ATTENTION
Task: {92a2ff86-f506-4dd7-912f-ce3b5f49a0ef} - no filepath. <==== ATTENTION
Task: {95aa4cbd-79a6-4a43-b4aa-3cdbb9532ee6} - no filepath. <==== ATTENTION
Task: {9c136c20-e3c4-48a7-bf5a-16fb00d27f8f} - no filepath. <==== ATTENTION
Task: {9ebbfa46-120c-48cf-8d25-593b5ec8511b} - no filepath. <==== ATTENTION
Task: {a3d5225f-1f5c-46a0-98a0-e017456eb978} - no filepath. <==== ATTENTION
Task: {af7b2790-dc69-42dd-b837-a82d660eb674} - no filepath. <==== ATTENTION
Task: {b42b68b1-0d73-4bf9-8f78-6ca335f6b4e0} - no filepath. <==== ATTENTION
Task: {b6ba0234-ce4a-4eab-bb1a-e710239fb393} - no filepath. <==== ATTENTION
Task: {ba1cf534-d378-4113-96b3-246fed1e830e} - no filepath. <==== ATTENTION
Task: {bcf51edc-3c02-4d44-a22a-2a6113dd4011} - no filepath. <==== ATTENTION
Task: {bd3fbf7f-7f1a-4c64-ad9b-2e31769847bc} - no filepath. <==== ATTENTION
Task: {c477e763-82ac-4f98-bb3f-1e2cf175f32c} - no filepath. <==== ATTENTION
Task: {c4b85f97-9a9e-420d-933b-149de53a9d1d} - no filepath. <==== ATTENTION
Task: {c879b86a-a2ae-4f52-8573-a6e0c926c973} - no filepath. <==== ATTENTION
Task: {cd5b2c0a-095e-48ff-8814-54e07b4502dd} - no filepath. <==== ATTENTION
Task: {d6dbb27d-58c4-4021-b661-2ddbdf4a35c3} - no filepath. <==== ATTENTION
Task: {da12e2bc-2a03-4fd5-a820-6649abb5528e} - no filepath. <==== ATTENTION
Task: {ec25a500-1ff6-4b01-9b46-6dfc37ea6f38} - no filepath. <==== ATTENTION
Task: {ef3a3193-4f12-475f-9293-c8284914e485} - no filepath. <==== ATTENTION
Task: {f481f2a5-8282-4ab1-b8fc-8a90e3f75f21} - no filepath. <==== ATTENTION
Task: {f72b3314-b989-41b3-86ad-47d19f5ded9d} - no filepath. <==== ATTENTION
Task: {f7d0cf64-0ebc-47b4-a939-c78c8c1d30b3} - no filepath. <==== ATTENTION
Task: {f8554d5e-a24d-4134-ba65-19105b9326e9} - no filepath. <==== ATTENTION
Task: {fbd338ae-4be5-4a7b-b274-462bc902bd13} - no filepath. <==== ATTENTION
Task: {ffa5b55e-ee54-4cff-a678-98a51824642f} - no filepath. <==== ATTENTION
Task: {2C9A54BA-6E62-4643-ABFB-161BFA120F51} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe (No File)
Task: {61F1ADF9-BEC2-441B-8662-AE56A13D5337} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (No File)
Task: {57710C15-CCF4-4938-8DE0-B9D6943307F2} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (No File)
Task: {55E122FB-0D95-4BF7-A13E-72793D47D40F} - System32\Tasks\avfree.migration => C:\Program Files\Bitdefender Antivirus Free\migration_tool\avfree.migration.exe /run (No File)
Task: {434520B7-C982-43B4-AF10-DB43F4B28727} - System32\Tasks\SUPERAntiSpyware Scheduled Task a4b34748-6f95-4175-ba4c-69f882eb0fe7 => E:\Programy\SUPERAntiSpyware\SASTask.exe -> "E:\Programy\SUPERAntiSpyware\SUPERAntiSpyware.exe" /TASK:a4b34748-6f95-4175-ba4c-69f882eb0fe7
Task: {DA6CFF38-4E7E-4E61-BCC0-68ECB26D1475} - System32\Tasks\SUPERAntiSpyware Scheduled Task eb5a5233-86a1-4bd3-9390-a25c86076527 => E:\Programy\SUPERAntiSpyware\SASTask.exe -> "E:\Programy\SUPERAntiSpyware\SUPERAntiSpyware.exe" /TASK:eb5a5233-86a1-4bd3-9390-a25c86076527
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task a4b34748-6f95-4175-ba4c-69f882eb0fe7.job => E:\Programy\SUPERAntiSpyware\SASTask.exe_E:\Programy\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task eb5a5233-86a1-4bd3-9390-a25c86076527.job => E:\Programy\SUPERAntiSpyware\SASTask.exe_E:\Programy\SUPERAntiSpyware\SUPERAntiSpyware.exe
S1 EneIo; \??\C:\Windows\system32\drivers\ene.sys [X]
S1 EneTechIo; \??\C:\WINDOWS\system32\drivers\ene.sys [X]
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]



EmptyTemp:
Reboot:
End

•Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe
•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

johny231 · #4 Příspěvek od **johny231** » 09 lis 2023 10:14

Rudy píše: ↑09 lis 2023 09:29 Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-09-2023
# Duration: 00:00:01
# OS: Windows 11 (Build 22621.2506)
# Cleaned: 0
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1936 octets] - [08/11/2023 22:15:45]
AdwCleaner[C00].txt - [1958 octets] - [08/11/2023 22:16:08]
AdwCleaner[S01].txt - [1542 octets] - [08/11/2023 22:17:28]
AdwCleaner[C01].txt - [1732 octets] - [08/11/2023 22:17:44]
AdwCleaner[S02].txt - [1889 octets] - [08/11/2023 22:30:28]
AdwCleaner[C02].txt - [2005 octets] - [08/11/2023 22:30:39]
AdwCleaner[S03].txt - [1786 octets] - [08/11/2023 22:31:15]
AdwCleaner[S04].txt - [2072 octets] - [08/11/2023 22:32:27]
AdwCleaner[C04].txt - [2188 octets] - [08/11/2023 22:33:18]
AdwCleaner[S05].txt - [1969 octets] - [09/11/2023 10:06:13]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C05].txt ##########

JaRon píše: ↑09 lis 2023 09:30 ahoj,
citat:
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>
Kód: Vybrat vše
...
•Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe
•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Fix result of Farbar Recovery Scan Tool (x64) Version: 05-11-2023 02
Ran by janbu (09-11-2023 10:09:40) Run:1
Running from E:\Download\Chrome
Loaded Profiles: janbu
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
AlternateDataStreams: C:\ProgramData\TEMP:4FC01C57 [136]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1154824287-3224380686-19161708-1001\...\Policies\system: []
ShortcutTarget: mcicda.lnk -> E:\Download\qBitTorrent\Party.Animals.Deluxe.Edition\Crack\Setup.exe (No File)
GroupPolicy\User: Restriction ? <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {04b7b24c-2fe7-4377-bd9d-ff09ee6f27a4} - no filepath. <==== ATTENTION
Task: {1498164c-4eb0-4e86-b57f-fb21b820fc65} - no filepath. <==== ATTENTION
Task: {1b22228e-eac5-4e2e-b64a-c63d8cd72413} - no filepath. <==== ATTENTION
Task: {1e42dde3-0e8d-4a7e-ae05-36e7d46e38df} - no filepath. <==== ATTENTION
Task: {1f3fbb4d-8e8f-4b4b-be41-fc95905f3a06} - no filepath. <==== ATTENTION
Task: {226d7d5d-3dae-4c2b-b26d-50d75b401d37} - no filepath. <==== ATTENTION
Task: {287bb4e2-3b3c-431b-a886-0c0daa6edd6e} - no filepath. <==== ATTENTION
Task: {292ccf24-bc7d-43e3-bb68-3d86542903d4} - no filepath. <==== ATTENTION
Task: {33b84a1c-9b06-4a9f-aa4a-ee2983fde2cd} - no filepath. <==== ATTENTION
Task: {3afe6420-c6a8-4a9d-907d-24617f94211e} - no filepath. <==== ATTENTION
Task: {3c1930a8-c08e-415b-9d58-713ce930d61f} - no filepath. <==== ATTENTION
Task: {4172f89f-9272-466e-9a88-b85bf27e37a1} - no filepath. <==== ATTENTION
Task: {50e68116-9ed2-4400-8475-05b4b719d8b8} - no filepath. <==== ATTENTION
Task: {582af7eb-cfdf-4cf8-afaa-138b4fdf3555} - no filepath. <==== ATTENTION
Task: {5ab95abf-c172-468b-96f3-b9566dfcce3a} - no filepath. <==== ATTENTION
Task: {7a2ea8fe-73ee-4d4f-9277-2f739ff51e98} - no filepath. <==== ATTENTION
Task: {7f6148f5-648a-4a35-8857-f5845988c238} - no filepath. <==== ATTENTION
Task: {80b7d36d-5797-46b1-b769-caac239aeece} - no filepath. <==== ATTENTION
Task: {8cc906bb-c27e-42ed-ab5c-b3aef61c67d3} - no filepath. <==== ATTENTION
Task: {912efb06-30b4-4dfe-a2ae-276795e18a2a} - no filepath. <==== ATTENTION
Task: {92727585-2367-4c9a-879e-d4ffef8cb19a} - no filepath. <==== ATTENTION
Task: {92a2ff86-f506-4dd7-912f-ce3b5f49a0ef} - no filepath. <==== ATTENTION
Task: {95aa4cbd-79a6-4a43-b4aa-3cdbb9532ee6} - no filepath. <==== ATTENTION
Task: {9c136c20-e3c4-48a7-bf5a-16fb00d27f8f} - no filepath. <==== ATTENTION
Task: {9ebbfa46-120c-48cf-8d25-593b5ec8511b} - no filepath. <==== ATTENTION
Task: {a3d5225f-1f5c-46a0-98a0-e017456eb978} - no filepath. <==== ATTENTION
Task: {af7b2790-dc69-42dd-b837-a82d660eb674} - no filepath. <==== ATTENTION
Task: {b42b68b1-0d73-4bf9-8f78-6ca335f6b4e0} - no filepath. <==== ATTENTION
Task: {b6ba0234-ce4a-4eab-bb1a-e710239fb393} - no filepath. <==== ATTENTION
Task: {ba1cf534-d378-4113-96b3-246fed1e830e} - no filepath. <==== ATTENTION
Task: {bcf51edc-3c02-4d44-a22a-2a6113dd4011} - no filepath. <==== ATTENTION
Task: {bd3fbf7f-7f1a-4c64-ad9b-2e31769847bc} - no filepath. <==== ATTENTION
Task: {c477e763-82ac-4f98-bb3f-1e2cf175f32c} - no filepath. <==== ATTENTION
Task: {c4b85f97-9a9e-420d-933b-149de53a9d1d} - no filepath. <==== ATTENTION
Task: {c879b86a-a2ae-4f52-8573-a6e0c926c973} - no filepath. <==== ATTENTION
Task: {cd5b2c0a-095e-48ff-8814-54e07b4502dd} - no filepath. <==== ATTENTION
Task: {d6dbb27d-58c4-4021-b661-2ddbdf4a35c3} - no filepath. <==== ATTENTION
Task: {da12e2bc-2a03-4fd5-a820-6649abb5528e} - no filepath. <==== ATTENTION
Task: {ec25a500-1ff6-4b01-9b46-6dfc37ea6f38} - no filepath. <==== ATTENTION
Task: {ef3a3193-4f12-475f-9293-c8284914e485} - no filepath. <==== ATTENTION
Task: {f481f2a5-8282-4ab1-b8fc-8a90e3f75f21} - no filepath. <==== ATTENTION
Task: {f72b3314-b989-41b3-86ad-47d19f5ded9d} - no filepath. <==== ATTENTION
Task: {f7d0cf64-0ebc-47b4-a939-c78c8c1d30b3} - no filepath. <==== ATTENTION
Task: {f8554d5e-a24d-4134-ba65-19105b9326e9} - no filepath. <==== ATTENTION
Task: {fbd338ae-4be5-4a7b-b274-462bc902bd13} - no filepath. <==== ATTENTION
Task: {ffa5b55e-ee54-4cff-a678-98a51824642f} - no filepath. <==== ATTENTION
Task: {2C9A54BA-6E62-4643-ABFB-161BFA120F51} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe (No File)
Task: {61F1ADF9-BEC2-441B-8662-AE56A13D5337} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (No File)
Task: {57710C15-CCF4-4938-8DE0-B9D6943307F2} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (No File)
Task: {55E122FB-0D95-4BF7-A13E-72793D47D40F} - System32\Tasks\avfree.migration => C:\Program Files\Bitdefender Antivirus Free\migration_tool\avfree.migration.exe /run (No File)
Task: {434520B7-C982-43B4-AF10-DB43F4B28727} - System32\Tasks\SUPERAntiSpyware Scheduled Task a4b34748-6f95-4175-ba4c-69f882eb0fe7 => E:\Programy\SUPERAntiSpyware\SASTask.exe -> "E:\Programy\SUPERAntiSpyware\SUPERAntiSpyware.exe" /TASK:a4b34748-6f95-4175-ba4c-69f882eb0fe7
Task: {DA6CFF38-4E7E-4E61-BCC0-68ECB26D1475} - System32\Tasks\SUPERAntiSpyware Scheduled Task eb5a5233-86a1-4bd3-9390-a25c86076527 => E:\Programy\SUPERAntiSpyware\SASTask.exe -> "E:\Programy\SUPERAntiSpyware\SUPERAntiSpyware.exe" /TASK:eb5a5233-86a1-4bd3-9390-a25c86076527
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task a4b34748-6f95-4175-ba4c-69f882eb0fe7.job => E:\Programy\SUPERAntiSpyware\SASTask.exe_E:\Programy\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task eb5a5233-86a1-4bd3-9390-a25c86076527.job => E:\Programy\SUPERAntiSpyware\SASTask.exe_E:\Programy\SUPERAntiSpyware\SUPERAntiSpyware.exe
S1 EneIo; \??\C:\Windows\system32\drivers\ene.sys [X]
S1 EneTechIo; \??\C:\WINDOWS\system32\drivers\ene.sys [X]
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
C:\ProgramData\TEMP => ":4FC01C57" ADS removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
"HKU\S-1-5-21-1154824287-3224380686-19161708-1001\Software\Microsoft\Windows\CurrentVersion\Policies\system\\HKU\S-1-5-21-1154824287-3224380686-19161708-1001\...\Policies\system: []" => not found
"E:\Download\qBitTorrent\Party.Animals.Deluxe.Edition\Crack\Setup.exe" => not found

"C:\WINDOWS\system32\GroupPolicy\User" folder move:

C:\WINDOWS\system32\GroupPolicy\User => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{04b7b24c-2fe7-4377-bd9d-ff09ee6f27a4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1498164c-4eb0-4e86-b57f-fb21b820fc65}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1b22228e-eac5-4e2e-b64a-c63d8cd72413}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1e42dde3-0e8d-4a7e-ae05-36e7d46e38df}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1f3fbb4d-8e8f-4b4b-be41-fc95905f3a06}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{226d7d5d-3dae-4c2b-b26d-50d75b401d37}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{287bb4e2-3b3c-431b-a886-0c0daa6edd6e}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{292ccf24-bc7d-43e3-bb68-3d86542903d4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{33b84a1c-9b06-4a9f-aa4a-ee2983fde2cd}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3afe6420-c6a8-4a9d-907d-24617f94211e}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3c1930a8-c08e-415b-9d58-713ce930d61f}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4172f89f-9272-466e-9a88-b85bf27e37a1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{50e68116-9ed2-4400-8475-05b4b719d8b8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{582af7eb-cfdf-4cf8-afaa-138b4fdf3555}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5ab95abf-c172-468b-96f3-b9566dfcce3a}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7a2ea8fe-73ee-4d4f-9277-2f739ff51e98}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7f6148f5-648a-4a35-8857-f5845988c238}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{80b7d36d-5797-46b1-b769-caac239aeece}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8cc906bb-c27e-42ed-ab5c-b3aef61c67d3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{912efb06-30b4-4dfe-a2ae-276795e18a2a}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{92727585-2367-4c9a-879e-d4ffef8cb19a}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{92a2ff86-f506-4dd7-912f-ce3b5f49a0ef}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{95aa4cbd-79a6-4a43-b4aa-3cdbb9532ee6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9c136c20-e3c4-48a7-bf5a-16fb00d27f8f}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9ebbfa46-120c-48cf-8d25-593b5ec8511b}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{a3d5225f-1f5c-46a0-98a0-e017456eb978}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{af7b2790-dc69-42dd-b837-a82d660eb674}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{b42b68b1-0d73-4bf9-8f78-6ca335f6b4e0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{b6ba0234-ce4a-4eab-bb1a-e710239fb393}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ba1cf534-d378-4113-96b3-246fed1e830e}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{bcf51edc-3c02-4d44-a22a-2a6113dd4011}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{bd3fbf7f-7f1a-4c64-ad9b-2e31769847bc}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{c477e763-82ac-4f98-bb3f-1e2cf175f32c}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{c4b85f97-9a9e-420d-933b-149de53a9d1d}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{c879b86a-a2ae-4f52-8573-a6e0c926c973}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{cd5b2c0a-095e-48ff-8814-54e07b4502dd}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{d6dbb27d-58c4-4021-b661-2ddbdf4a35c3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{da12e2bc-2a03-4fd5-a820-6649abb5528e}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ec25a500-1ff6-4b01-9b46-6dfc37ea6f38}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ef3a3193-4f12-475f-9293-c8284914e485}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{f481f2a5-8282-4ab1-b8fc-8a90e3f75f21}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{f72b3314-b989-41b3-86ad-47d19f5ded9d}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{f7d0cf64-0ebc-47b4-a939-c78c8c1d30b3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{f8554d5e-a24d-4134-ba65-19105b9326e9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{fbd338ae-4be5-4a7b-b274-462bc902bd13}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ffa5b55e-ee54-4cff-a678-98a51824642f}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2C9A54BA-6E62-4643-ABFB-161BFA120F51}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C9A54BA-6E62-4643-ABFB-161BFA120F51}" => removed successfully
C:\WINDOWS\System32\Tasks\ASUS\AcPowerNotification => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS\AcPowerNotification" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{61F1ADF9-BEC2-441B-8662-AE56A13D5337}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{61F1ADF9-BEC2-441B-8662-AE56A13D5337}" => removed successfully
C:\WINDOWS\System32\Tasks\ASUS\ArmourySocketServer => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS\ArmourySocketServer" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{57710C15-CCF4-4938-8DE0-B9D6943307F2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{57710C15-CCF4-4938-8DE0-B9D6943307F2}" => removed successfully
C:\WINDOWS\System32\Tasks\ASUS\P508PowerAgent_sdk => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS\P508PowerAgent_sdk" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{55E122FB-0D95-4BF7-A13E-72793D47D40F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{55E122FB-0D95-4BF7-A13E-72793D47D40F}" => removed successfully
C:\WINDOWS\System32\Tasks\avfree.migration => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\avfree.migration" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{434520B7-C982-43B4-AF10-DB43F4B28727}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{434520B7-C982-43B4-AF10-DB43F4B28727}" => removed successfully
C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task a4b34748-6f95-4175-ba4c-69f882eb0fe7 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SUPERAntiSpyware Scheduled Task a4b34748-6f95-4175-ba4c-69f882eb0fe7" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DA6CFF38-4E7E-4E61-BCC0-68ECB26D1475}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DA6CFF38-4E7E-4E61-BCC0-68ECB26D1475}" => removed successfully
C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task eb5a5233-86a1-4bd3-9390-a25c86076527 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SUPERAntiSpyware Scheduled Task eb5a5233-86a1-4bd3-9390-a25c86076527" => removed successfully
C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task a4b34748-6f95-4175-ba4c-69f882eb0fe7.job => moved successfully
C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task eb5a5233-86a1-4bd3-9390-a25c86076527.job => moved successfully
HKLM\System\CurrentControlSet\Services\EneIo => removed successfully
EneIo => service removed successfully
HKLM\System\CurrentControlSet\Services\EneTechIo => removed successfully
EneTechIo => service removed successfully
HKLM\System\CurrentControlSet\Services\WinSetupMon => removed successfully
WinSetupMon => service removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12729656 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 1325049645 B
Windows/system/drivers => 3238796 B
Edge => 0 B
Chrome => 438905564 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 47032 B
NetworkService => 47032 B
janbu => 27175152 B
SQLTELEMETRY => 27175152 B
MSSQLSERVER => 27175152 B

RecycleBin => 0 B
EmptyTemp: => 1.7 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 10:10:09 ====

#5 Příspěvek od **JaRon** » 09 lis 2023 10:36

pocitac by mal byt cisty

johny231 · #6 Příspěvek od **johny231** » 09 lis 2023 10:42

Mockrát děkuji.

#7 Příspěvek od **JaRon** » 09 lis 2023 11:55

rado sa stalo

#8 Příspěvek od **Rudy** » 09 lis 2023 13:33

Log ADWC je rovněž OK.

VIRY.CZ

Podezření na útok na pc

Podezření na útok na pc

Re: Podezření na útok na pc

Re: Podezření na útok na pc

Re: Podezření na útok na pc

Re: Podezření na útok na pc

Re: Podezření na útok na pc

Re: Podezření na útok na pc

Re: Podezření na útok na pc