Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu, nemohu najít nákazu.

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Jeff Scylla
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 03 pro 2022 13:39

Prosím o kontrolu logu, nemohu najít nákazu.

#1 Příspěvek od Jeff Scylla »

Prosím o kontrolu logu. Neopatrně jsem rozklikl *.jpg z cizí flashky a neopatrnost se vymstila. Dochází k jakoby samovolnému spuštění chromu na pozadí, a okno se na liště zdvojí. To falešně spuštěné nejde ukázat ale jde jakoby zavřít. Když ho spustím (mívám toho otevřeného poměrně dost, někdy jakoby znovu vše načte prázdná okna probliknou všechny na obrazovce a spadne to do lišty. Počítač si bere v intervalech 2x -4x za cca 5min samovolně aktivitu, která se projevuje jako by jste udělali rychle Alt/Tab, prostě najednou je aktivní aplikace mimo. Například ted když píšu musím několikrát kliknout do okna abych tak skutečně činil nebot to prostě přepne do prázdna. K čemu skutečně dochází netuším. Defender nenašel nic, a jakýkoliv pokus o scan online skončí u všech na tom že nejsem připojen k internetu ačkoliv jsem a vše ostatní běží. Internetové připojení trochu kolísá a především ping je dost mizerný někdy i 2500ms :) ale s mím připojením DSL na konci světa není moc divu, i když by mělo být alespon stabilnější myslím. Při vkládání příspěvku mne to přeplo (t.j. okno bylo neaktivní) 7x. Zmíněný *.jpg bohužel nemám ale je to přesně od té doby.

.
.
----------- Inline Hook Scanner --------[3.9]---
Written by Diallix (C)
www.diallix.net
------------------------------------------------
.
.
...[Time/Date]: 14:5/3.11 2022
...[Running as Admin.]: Yes
.
.
=== Running Executable objects and their loaded modules ===


C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairLLAccessLib32.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5RemoteObjects.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Core.dll
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\WINDOWS\SYSTEM32\MSVCP140.dll
C:\WINDOWS\SYSTEM32\VCRUNTIME140.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Network.dll
C:\WINDOWS\SYSTEM32\Wldp.dll

C:\Program Files (x86)\Fluke\Fluke Connect\ExistingMeasurementSyncService.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\WINDOWS\SYSTEM32\VCRUNTIME140_CLR0400.dll
C:\WINDOWS\SYSTEM32\ucrtbase_clr0400.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\a403a0b75e95c07da2caa7f780446a62\mscorlib.ni.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\920e3d1d70447c3c10e69e6df0766568\System.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\1f5d4944c864278deb61bdcdd201093f\System.ServiceProcess.ni.dll
C:\WINDOWS\SYSTEM32\Wldp.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\3fc512c4cf717a111e39acefb2cc216c\System.Core.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\a35aa313c9d47f4574f98c53c215e3ec\System.Configuration.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\2062ed810929ec0e33254c02b0c61bb4\System.Xml.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Management\96012833bebd5f21714fc508603cda97\System.Management.ni.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\wminet_utils.dll
C:\WINDOWS\SYSTEM32\amsi.dll
C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\X86\MpOav.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Confe64a9051#\48ee4ec9441351bbe4d9095c96b8ea01\System.Configuration.Install.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\fe4f7fb577b398b290c2d5d25fed0ad8\System.Drawing.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f6ddbafcaecd4d39ac8f9b0ae72eaa26\System.Windows.Forms.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Security\b0603320b4f270a1f0ab54f7c4d6deb7\System.Security.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Accessibility\b06dd4012b5a0015cfd088a560ea5901\Accessibility.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\e1503878d6648b1b94d533f95ebb9c6f\System.Data.ni.dll
C:\WINDOWS\Microsoft.Net\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\e866c0216a4ad45c5b16d8bd70bd92c7\System.Transactions.ni.dll
C:\WINDOWS\Microsoft.Net\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data.SqlXml\01c73705e7348f9b1e0598aa423fb075\System.Data.SqlXml.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime\32bcd6ad56338e82b2e9ecba5600bdb4\System.Runtime.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ObjectModel\b240bf362c0743be83a4323dcb9d6e4d\System.ObjectModel.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\c2c5caeba5e37e85691cff471f71c4df\WindowsBase.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\20b6becfb89316b50a93b2ffc1329b72\PresentationCore.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\92ebb87728c59675aa663be0b22dd0b1\PresentationFramework.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\e1cd98a17ff5607f4be9d568f50baf62\System.Xaml.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\ecd9f60f42a7727724c6783cdab66525\UIAutomationProvider.ni.dll
C:\Program Files (x86)\Fluke\Fluke Connect\AudioLib_32.dll
C:\WINDOWS\SYSTEM32\VCRUNTIME140.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\000c6ccb646770ae37d7f927b00e5961\System.ServiceModel.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\a3127677749631df61e96a8400ddcb87\System.Runtime.Serialization.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\5fb882c7683a7146ed552a1e37db421a\System.ServiceModel.Internals.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\bdbf52bde9999da77e0098140b52c388\System.IdentityModel.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\6d4a378833185c0981d40388a54e6afb\System.EnterpriseServices.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Net.Http\68de365664d9a58c56faf83d6ab25333\System.Net.Http.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runt93d54979#\9818fa1e8f792af7062d0c13942c3b8c\System.Runtime.DurableInstancing.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Web.Services\a6d5ca624d65d5826ed4b33777348dd7\System.Web.Services.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\b22e42d48a01f8b3e778397c6817b196\SMDiagnostics.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\6d4a378833185c0981d40388a54e6afb\System.EnterpriseServices.Wrapper.dll
C:\WINDOWS\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\f83544ecf937db1fc3b439e2efefe52e\System.Xml.Linq.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Web\32e2ffe01f8ce8b6cf9c47db3ba9bdf7\System.Web.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Comp46f2b404#\df7f79afc685ac088c6467bdffdf6b37\System.ComponentModel.DataAnnotations.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Web.8dc504e4#\b767444d73ebc9e2bbae26979a26f3a9\System.Web.ApplicationServices.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runt19c51595#\addd724232a8a2e18a1311b663258ea0\System.Runtime.Caching.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.B3325a29b#\35d4007e5d0b39425ac4c7e999968162\Microsoft.Build.Framework.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Design\cc0201b141249cc7e9d4bdfe73120d4a\System.Design.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Draw0a54d252#\df4440fb3c03aa6f356f98dd3a2b1f58\System.Drawing.Design.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Numerics\d06877b5a0df441a8dc4c7b8d95b5d41\System.Numerics.ni.dll
C:\WINDOWS\SYSTEM32\virtdisk.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\f727e9e9353823d9fc198ef21733a90b\UIAutomationTypes.ni.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\diasymreader.dll

D:\Program Files\Microvirt\MEmu\MemuService.exe
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll

C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\WINDOWS\SYSTEM32\Wldp.dll
C:\WINDOWS\SYSTEM32\amsi.dll
C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\X86\MpOav.dll
C:\WINDOWS\SYSTEM32\DSPARSE.dll

C:\Program Files (x86)\Fluke\Fluke Connect\DesktopSyncService.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\WINDOWS\SYSTEM32\VCRUNTIME140_CLR0400.dll
C:\WINDOWS\SYSTEM32\ucrtbase_clr0400.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\a403a0b75e95c07da2caa7f780446a62\mscorlib.ni.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\920e3d1d70447c3c10e69e6df0766568\System.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\1f5d4944c864278deb61bdcdd201093f\System.ServiceProcess.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\fe4f7fb577b398b290c2d5d25fed0ad8\System.Drawing.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f6ddbafcaecd4d39ac8f9b0ae72eaa26\System.Windows.Forms.ni.dll
C:\WINDOWS\SYSTEM32\Wldp.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\3fc512c4cf717a111e39acefb2cc216c\System.Core.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\a35aa313c9d47f4574f98c53c215e3ec\System.Configuration.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\2062ed810929ec0e33254c02b0c61bb4\System.Xml.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Management\96012833bebd5f21714fc508603cda97\System.Management.ni.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\wminet_utils.dll
C:\WINDOWS\SYSTEM32\amsi.dll
C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\X86\MpOav.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\a3127677749631df61e96a8400ddcb87\System.Runtime.Serialization.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Numerics\d06877b5a0df441a8dc4c7b8d95b5d41\System.Numerics.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\e1503878d6648b1b94d533f95ebb9c6f\System.Data.ni.dll
C:\WINDOWS\Microsoft.Net\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Confe64a9051#\48ee4ec9441351bbe4d9095c96b8ea01\System.Configuration.Install.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Security\b0603320b4f270a1f0ab54f7c4d6deb7\System.Security.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Accessibility\b06dd4012b5a0015cfd088a560ea5901\Accessibility.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data.SqlXml\01c73705e7348f9b1e0598aa423fb075\System.Data.SqlXml.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\5fb882c7683a7146ed552a1e37db421a\System.ServiceModel.Internals.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\e866c0216a4ad45c5b16d8bd70bd92c7\System.Transactions.ni.dll
C:\WINDOWS\Microsoft.Net\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
C:\WINDOWS\SYSTEM32\virtdisk.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime\32bcd6ad56338e82b2e9ecba5600bdb4\System.Runtime.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ObjectModel\b240bf362c0743be83a4323dcb9d6e4d\System.ObjectModel.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\c2c5caeba5e37e85691cff471f71c4df\WindowsBase.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\20b6becfb89316b50a93b2ffc1329b72\PresentationCore.ni.dll
C:\Program Files (x86)\Fluke\Fluke Connect\AudioLib_32.dll
C:\WINDOWS\SYSTEM32\VCRUNTIME140.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\92ebb87728c59675aa663be0b22dd0b1\PresentationFramework.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\e1cd98a17ff5607f4be9d568f50baf62\System.Xaml.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Net.Http\68de365664d9a58c56faf83d6ab25333\System.Net.Http.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\ecd9f60f42a7727724c6783cdab66525\UIAutomationProvider.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\000c6ccb646770ae37d7f927b00e5961\System.ServiceModel.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Design\cc0201b141249cc7e9d4bdfe73120d4a\System.Design.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Comp46f2b404#\df7f79afc685ac088c6467bdffdf6b37\System.ComponentModel.DataAnnotations.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\bdbf52bde9999da77e0098140b52c388\System.IdentityModel.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\6d4a378833185c0981d40388a54e6afb\System.EnterpriseServices.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runt93d54979#\9818fa1e8f792af7062d0c13942c3b8c\System.Runtime.DurableInstancing.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Web.Services\a6d5ca624d65d5826ed4b33777348dd7\System.Web.Services.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\b22e42d48a01f8b3e778397c6817b196\SMDiagnostics.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Web\32e2ffe01f8ce8b6cf9c47db3ba9bdf7\System.Web.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\f83544ecf937db1fc3b439e2efefe52e\System.Xml.Linq.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Draw0a54d252#\df4440fb3c03aa6f356f98dd3a2b1f58\System.Drawing.Design.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\6d4a378833185c0981d40388a54e6afb\System.EnterpriseServices.Wrapper.dll
C:\WINDOWS\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Web.8dc504e4#\b767444d73ebc9e2bbae26979a26f3a9\System.Web.ApplicationServices.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runt19c51595#\addd724232a8a2e18a1311b663258ea0\System.Runtime.Caching.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.B3325a29b#\35d4007e5d0b39425ac4c7e999968162\Microsoft.Build.Framework.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\f727e9e9353823d9fc198ef21733a90b\UIAutomationTypes.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.V9921e851#\e40e56898d1786bb64a24eed15ee8d7e\Microsoft.VisualBasic.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsForm0b574481#\63ac898f274b5ad3a6537e0e37e1da80\WindowsFormsIntegration.ni.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\diasymreader.dll
C:\Program Files (x86)\Fluke\Fluke Connect\x86\SQLite.Interop.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Compba577418#\739a1a5a27079f62f4c9aae6d1ac1754\System.ComponentModel.Composition.ni.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpfgfx_v0400.dll
C:\WINDOWS\SYSTEM32\MSVCP140_CLR0400.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationNative_v0400.dll

C:\WINDOWS\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\WINDOWS\SYSTEM32\Wldp.dll
C:\WINDOWS\SYSTEM32\UMPDC.dll

c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll

C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\WINDOWS\SYSTEM32\Wldp.dll
C:\WINDOWS\SYSTEM32\amsi.dll
C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\X86\MpOav.dll

C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\Program Files (x86)\GlassWire\GWEventLog.dll
C:\WINDOWS\SYSTEM32\MSVCP140.dll
C:\WINDOWS\SYSTEM32\VCRUNTIME140.dll
C:\WINDOWS\SYSTEM32\wsnmp32.dll
C:\WINDOWS\SYSTEM32\Wldp.dll
C:\Program Files (x86)\GlassWire\plugins\windows.dll
C:\Windows\System32\AppXDeploymentClient.dll
C:\Windows\System32\Windows.ApplicationModel.dll
C:\WINDOWS\SYSTEM32\UMPDC.dll
C:\Windows\System32\FWPolicyIOMgr.dll
C:\Windows\System32\Windows.StateRepositoryBroker.dll
C:\WINDOWS\SYSTEM32\windows.staterepositorycore.dll
C:\Windows\System32\Windows.UI.dll
C:\Windows\System32\WindowManagementAPI.dll
C:\Windows\System32\TextInputFramework.dll
C:\Windows\System32\InputHost.dll
C:\Windows\System32\CoreMessaging.dll
C:\Windows\System32\CoreUIComponents.dll
C:\WINDOWS\SYSTEM32\bcp47mrm.dll

C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\WINDOWS\SYSTEM32\Wldp.dll
C:\WINDOWS\SYSTEM32\UMPDC.dll
C:\WINDOWS\SYSTEM32\amsi.dll
C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\X86\MpOav.dll

C:\WINDOWS\SysWOW64\XtuService.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\WINDOWS\SYSTEM32\VCRUNTIME140_CLR0400.dll
C:\WINDOWS\SYSTEM32\ucrtbase_clr0400.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\a403a0b75e95c07da2caa7f780446a62\mscorlib.ni.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
C:\WINDOWS\SYSTEM32\wldp.dll
C:\WINDOWS\SYSTEM32\amsi.dll
C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\X86\MpOav.dll
C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\X86\MPCLIENT.DLL
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\920e3d1d70447c3c10e69e6df0766568\System.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\1f5d4944c864278deb61bdcdd201093f\System.ServiceProcess.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Confe64a9051#\48ee4ec9441351bbe4d9095c96b8ea01\System.Configuration.Install.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Management\96012833bebd5f21714fc508603cda97\System.Management.ni.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\wminet_utils.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\3fc512c4cf717a111e39acefb2cc216c\System.Core.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\000c6ccb646770ae37d7f927b00e5961\System.ServiceModel.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\a35aa313c9d47f4574f98c53c215e3ec\System.Configuration.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\2062ed810929ec0e33254c02b0c61bb4\System.Xml.ni.dll
C:\WINDOWS\System32\PerfTuneAppMutex.dll
C:\WINDOWS\System32\MSVCP140.dll
C:\WINDOWS\System32\VCRUNTIME140.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\f83544ecf937db1fc3b439e2efefe52e\System.Xml.Linq.ni.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\diasymreader.dll
C:\WINDOWS\System32\ICCLib_v1.dll
C:\WINDOWS\System32\MSVCR110.dll
C:\WINDOWS\System32\ICCLib_v2.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\a3127677749631df61e96a8400ddcb87\System.Runtime.Serialization.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\b22e42d48a01f8b3e778397c6817b196\SMDiagnostics.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\5fb882c7683a7146ed552a1e37db421a\System.ServiceModel.Internals.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\bdbf52bde9999da77e0098140b52c388\System.IdentityModel.ni.dll

C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\WINDOWS\SYSTEM32\Wldp.dll
C:\WINDOWS\SYSTEM32\DSREG.DLL

C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\SYSTEM32\ucrtbase_clr0400.dll
C:\WINDOWS\System32\gdi32full.dll
C:\WINDOWS\SYSTEM32\VCRUNTIME140_CLR0400.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\a403a0b75e95c07da2caa7f780446a62\mscorlib.ni.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\920e3d1d70447c3c10e69e6df0766568\System.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\1f5d4944c864278deb61bdcdd201093f\System.ServiceProcess.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Management\96012833bebd5f21714fc508603cda97\System.Management.ni.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\wminet_utils.dll
C:\WINDOWS\SYSTEM32\amsi.dll
C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\X86\MpOav.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\3fc512c4cf717a111e39acefb2cc216c\System.Core.ni.dll
C:\WINDOWS\SYSTEM32\Wldp.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Numerics\d06877b5a0df441a8dc4c7b8d95b5d41\System.Numerics.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\a3127677749631df61e96a8400ddcb87\System.Runtime.Serialization.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\e1503878d6648b1b94d533f95ebb9c6f\System.Data.ni.dll
C:\WINDOWS\Microsoft.Net\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\2062ed810929ec0e33254c02b0c61bb4\System.Xml.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\a35aa313c9d47f4574f98c53c215e3ec\System.Configuration.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\000c6ccb646770ae37d7f927b00e5961\System.ServiceModel.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\bdbf52bde9999da77e0098140b52c388\System.IdentityModel.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\b22e42d48a01f8b3e778397c6817b196\SMDiagnostics.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\5fb882c7683a7146ed552a1e37db421a\System.ServiceModel.Internals.ni.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\diasymreader.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\e1cd98a17ff5607f4be9d568f50baf62\System.Xaml.ni.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\SiUSBXp.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.CSharp\52ddd00f2466aabca7a7e70a1786014f\Microsoft.CSharp.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Dynamic\84c5d0ed12dd856d470767e99c1e5b82\System.Dynamic.ni.dll

C:\Program Files (x86)\GlassWire\GWIdlMon.exe
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\WINDOWS\SYSTEM32\VCRUNTIME140.dll
C:\WINDOWS\SYSTEM32\MSVCP140.dll
C:\WINDOWS\SYSTEM32\Wldp.dll

C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\WINDOWS\SYSTEM32\AcLayers.DLL
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\WINDOWS\SYSTEM32\UMPDC.dll
C:\WINDOWS\SYSTEM32\Wldp.dll
\\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvUtil.node
C:\WINDOWS\SYSTEM32\drvstore.dll
\\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvBackendAPINode.node
\\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
\\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
\\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackendAPI32.dll
\\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvABHubAPI.node
\\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameStreamAPINode.node
C:\WINDOWS\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.19041.2251_none_d9513b1fe1046fc7\gdiplus.dll
\\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
C:\Program Files (x86)\NVIDIA Corporation\NvStreamSrv\NvGfeServiceBridge.dll
C:\WINDOWS\SYSTEM32\MSVCP140.dll
C:\WINDOWS\SYSTEM32\VCRUNTIME140.dll
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libcrypto-1_1.dll
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\MessageBus.dll
\\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryAPI32.dll
C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryBridge32.dll
C:\WINDOWS\SYSTEM32\inputhost.dll
C:\WINDOWS\SYSTEM32\CoreMessaging.dll
C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
C:\WINDOWS\SYSTEM32\dxcore.dll
\\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvShadowPlayAPINode.node
C:\WINDOWS\SYSTEM32\XINPUT9_1_0.dll
C:\Program Files (x86)\NVIDIA Corporation\ShadowPlay\nvspapi.dll
C:\Program Files (x86)\NVIDIA Corporation\ShadowPlay\IpcCommon.dll
\\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node

F:\Program Files (x86)\StrokeIt\strokeit.exe
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\WINDOWS\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.19041.1110_none_c0da534e38c01f4d\COMCTL32.dll
C:\WINDOWS\SYSTEM32\Wldp.dll
F:\Program Files (x86)\StrokeIt\Plugins\exec.dll
F:\Program Files (x86)\StrokeIt\Plugins\keys.dll
F:\Program Files (x86)\StrokeIt\Plugins\msg.dll
F:\Program Files (x86)\StrokeIt\Plugins\multimon.dll
F:\Program Files (x86)\StrokeIt\Plugins\OSD.DLL
F:\Program Files (x86)\StrokeIt\Plugins\siControl.dll
F:\Program Files (x86)\StrokeIt\Plugins\utilities.dll
F:\Program Files (x86)\StrokeIt\Plugins\win.dll
F:\Program Files (x86)\StrokeIt\mhook.dll
C:\WINDOWS\SYSTEM32\textinputframework.dll
C:\WINDOWS\System32\CoreUIComponents.dll
C:\WINDOWS\System32\CoreMessaging.dll

C:\Program Files (x86)\3 APPES\Sound Lock\SoundLock.exe
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\WINDOWS\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_a8625c1886757984\COMCTL32.dll
C:\WINDOWS\SYSTEM32\textinputframework.dll
C:\WINDOWS\System32\CoreUIComponents.dll
C:\WINDOWS\System32\CoreMessaging.dll
C:\WINDOWS\SYSTEM32\UMPDC.dll
C:\WINDOWS\SYSTEM32\Wldp.dll

C:\Users\HELLBOX-i7\AppData\Local\Google\Update\1.3.36.152\GoogleCrashHandler.exe
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\WINDOWS\SYSTEM32\Wldp.dll
C:\WINDOWS\SYSTEM32\DSREG.DLL

C:\Users\HELLBOX-i7\AppData\Roaming\Axife Standard\Axife.exe
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_a8625c1886757984\COMCTL32.dll
C:\WINDOWS\System32\gdi32full.dll
C:\WINDOWS\SYSTEM32\Wldp.dll
C:\WINDOWS\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.19041.2251_none_d9513b1fe1046fc7\GDIPlus.dll
C:\WINDOWS\SYSTEM32\TextShaping.dll

C:\Users\HELLBOX-i7\AppData\Roaming\Axife Standard\Axife-TaskMgr.exe
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\WINDOWS\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_a8625c1886757984\COMCTL32.dll
C:\WINDOWS\SYSTEM32\Wldp.dll
C:\WINDOWS\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.19041.2251_none_d9513b1fe1046fc7\GDIPlus.dll
C:\WINDOWS\SYSTEM32\TextShaping.dll

C:\Users\HELLBOX-i7\AppData\Roaming\imageclass\Avira.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\SYSTEM32\ucrtbase_clr0400.dll
C:\WINDOWS\SYSTEM32\VCRUNTIME140_CLR0400.dll
C:\WINDOWS\System32\gdi32full.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\a403a0b75e95c07da2caa7f780446a62\mscorlib.ni.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\920e3d1d70447c3c10e69e6df0766568\System.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\3fc512c4cf717a111e39acefb2cc216c\System.Core.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\fe4f7fb577b398b290c2d5d25fed0ad8\System.Drawing.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f6ddbafcaecd4d39ac8f9b0ae72eaa26\System.Windows.Forms.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\a35aa313c9d47f4574f98c53c215e3ec\System.Configuration.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\2062ed810929ec0e33254c02b0c61bb4\System.Xml.ni.dll
C:\WINDOWS\SYSTEM32\Wldp.dll
C:\WINDOWS\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.19041.1110_none_c0da534e38c01f4d\comctl32.dll
C:\WINDOWS\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.19041.2251_none_d9513b1fe1046fc7\gdiplus.dll
C:\WINDOWS\System32\TextShaping.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\e1503878d6648b1b94d533f95ebb9c6f\System.Data.ni.dll
C:\WINDOWS\Microsoft.Net\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\e866c0216a4ad45c5b16d8bd70bd92c7\System.Transactions.ni.dll
C:\WINDOWS\Microsoft.Net\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
C:\WINDOWS\SYSTEM32\httpapi.dll
C:\WINDOWS\SYSTEM32\UMPDC.dll
C:\Windows\System32\Windows.UI.dll
C:\Windows\System32\TextInputFramework.dll
C:\Windows\System32\InputHost.dll
C:\Windows\System32\CoreUIComponents.dll
C:\Windows\System32\WindowManagementAPI.dll
C:\Windows\System32\CoreMessaging.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Management\96012833bebd5f21714fc508603cda97\System.Management.ni.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\wminet_utils.dll
C:\WINDOWS\SYSTEM32\amsi.dll
C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\X86\MpOav.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Numerics\d06877b5a0df441a8dc4c7b8d95b5d41\System.Numerics.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\a3127677749631df61e96a8400ddcb87\System.Runtime.Serialization.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Security\b0603320b4f270a1f0ab54f7c4d6deb7\System.Security.ni.dll
C:\Users\HELLBOX-i7\AppData\Roaming\imageclass\x86\SQLite.Interop.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\6d4a378833185c0981d40388a54e6afb\System.EnterpriseServices.ni.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\6d4a378833185c0981d40388a54e6afb\System.EnterpriseServices.Wrapper.dll
C:\WINDOWS\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\x86\MpDetoursCopyAccelerator.dll
C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\x86\mpclient.dll

C:\Program Files (x86)\GlassWire\GlassWire.exe
C:\WINDOWS\System32\win32u.dll
C:\Program Files (x86)\GlassWire\Qt5WinExtras.dll
C:\Program Files (x86)\GlassWire\Qt5Svg.dll
C:\WINDOWS\System32\gdi32full.dll
C:\Program Files (x86)\GlassWire\Qt5Widgets.dll
C:\Program Files (x86)\GlassWire\Qt5Gui.dll
C:\Program Files (x86)\GlassWire\Qt5Core.dll
C:\WINDOWS\SYSTEM32\MSVCP140.dll
C:\WINDOWS\SYSTEM32\VCRUNTIME140.dll
C:\WINDOWS\SYSTEM32\MSVCP140_1.dll
C:\Program Files (x86)\GlassWire\platforms\qwindows.dll
C:\WINDOWS\SYSTEM32\Wldp.dll
C:\WINDOWS\SYSTEM32\UMPDC.dll
C:\Program Files (x86)\GlassWire\imageformats\qico.dll
C:\Program Files (x86)\GlassWire\iconengines\qsvgicon.dll

C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe
C:\WINDOWS\SYSTEM32\AcLayers.DLL
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueCore.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Network.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Widgets.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Core.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Gui.dll
C:\WINDOWS\SYSTEM32\MSVCP140.dll
C:\WINDOWS\SYSTEM32\VCRUNTIME140.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\hueapi.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iD_BD_x86.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Xml.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Multimedia.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\AudioDeviceConfigLib.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Scxml.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Quick.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Qml.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Concurrent.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Sql.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\D3DCOMPILER_47.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5WinExtras.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\IndexExcludeProxyModel.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\MobileProto.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\ModelHelpers.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\UniversalKey.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5RemoteObjects.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5QmlModels.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\quazip.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\zlib.dll
C:\WINDOWS\SYSTEM32\UMPDC.dll
C:\WINDOWS\SYSTEM32\Wldp.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\platforms\qwindows.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\styles\qwindowsvistastyle.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\modules\ActionUi.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\LegacyNotifications.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\LegacyCommands.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\modules\Actions.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\ActionsConverters.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\modules\AmbidexterityController.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\modules\AssociatedProgramInfo.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\modules\BatteryInfoProxy.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\modules\BrightnessController.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\modules\CombinedManifests.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\modules\CueInputEmulation.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\modules\DeviceManager.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\modules\DeviceProxy.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\modules\DeviceSettings.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\modules\DialStateController.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\modules\DialZoneBrightnessController.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\modules\EventListeners.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\MacroRecording.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\modules\FallbackManifest.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\modules\HardwareLayoutController.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\modules\HostOperatingSystemController.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\modules\LegacyEnumerator.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\modules\LegacyLightings.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\modules\LegacyModels.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\modules\LegacyProfiles.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\modules\ManifestBuilder.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\modules\ManifestRegistry.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\modules\ManifestSharedResources.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\modules\MappingsActualizer.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\modules\Profiles.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\modules\PropertyActualizerStorage.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\modules\WinlockStateController.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qico.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qgif.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qicns.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qjpeg.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qsvg.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Svg.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qtga.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qtiff.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qwbmp.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\imageformats\qwebp.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\sqldrivers\qsqlite.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\QtQuick.2\qtquick2plugin.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5QmlWorkerScript.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\QtQuick\Window.2\windowplugin.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\QtQuick\Layouts\qquicklayoutsplugin.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\libEGL.DLL
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\libGLESv2.dll
C:\WINDOWS\System32\DriverStore\FileRepository\nvmdsig.inf_amd64_5bcaff6c9e313cf1\nvldumd.dll
C:\WINDOWS\SYSTEM32\drvstore.dll
C:\WINDOWS\System32\DriverStore\FileRepository\nvmdsig.inf_amd64_5bcaff6c9e313cf1\nvwgf2um.dll
C:\WINDOWS\SYSTEM32\dxcore.dll
C:\WINDOWS\SYSTEM32\amsi.dll
C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\X86\MpOav.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\plugins\ASUS\asus_plugin.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\plugins\Lenovo\CUEPlugin.dll
C:\WINDOWS\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.19041.2251_none_d9513b1fe1046fc7\gdiplus.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\plugins\LenovoY750s\y750splugin.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\plugins\OriginPC\CUEOPCPlugin.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\libssl-1_1.dll
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\libcrypto-1_1.dll

C:\Users\HELLBO~1\AppData\Local\Temp\{fece6c5c-7ecc-43c8-b1a5-d3ccd063a58a}\6e67c6c8.exe
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\Users\HELLBO~1\AppData\Local\Temp\{fece6c5c-7ecc-43c8-b1a5-d3ccd063a58a}\dumpwriter.dll
C:\Users\HELLBO~1\AppData\Local\Temp\{fece6c5c-7ecc-43c8-b1a5-d3ccd063a58a}\dbghelp.dll
C:\Users\HELLBO~1\AppData\Local\Temp\{fece6c5c-7ecc-43c8-b1a5-d3ccd063a58a}\KvrtGui.dll
C:\Users\HELLBO~1\AppData\Local\Temp\{fece6c5c-7ecc-43c8-b1a5-d3ccd063a58a}\Qt5Core.dll
C:\Users\HELLBO~1\AppData\Local\Temp\{fece6c5c-7ecc-43c8-b1a5-d3ccd063a58a}\MSVCP140.dll
C:\Users\HELLBO~1\AppData\Local\Temp\{fece6c5c-7ecc-43c8-b1a5-d3ccd063a58a}\VCRUNTIME140.dll
C:\Users\HELLBO~1\AppData\Local\Temp\{fece6c5c-7ecc-43c8-b1a5-d3ccd063a58a}\Qt5Widgets.dll
C:\Users\HELLBO~1\AppData\Local\Temp\{fece6c5c-7ecc-43c8-b1a5-d3ccd063a58a}\Qt5Gui.dll
C:\Users\HELLBO~1\AppData\Local\Temp\{fece6c5c-7ecc-43c8-b1a5-d3ccd063a58a}\plugins\platforms\qwindows.dll
C:\WINDOWS\SYSTEM32\Wldp.dll
C:\Users\HELLBO~1\AppData\Local\Temp\{fece6c5c-7ecc-43c8-b1a5-d3ccd063a58a}\plugins\imageformats\qgif.dll
C:\Users\HELLBO~1\AppData\Local\Temp\{fece6c5c-7ecc-43c8-b1a5-d3ccd063a58a}\plugins\imageformats\qicns.dll
C:\Users\HELLBO~1\AppData\Local\Temp\{fece6c5c-7ecc-43c8-b1a5-d3ccd063a58a}\plugins\imageformats\qico.dll
C:\Users\HELLBO~1\AppData\Local\Temp\{fece6c5c-7ecc-43c8-b1a5-d3ccd063a58a}\plugins\imageformats\qjpeg.dll
C:\Users\HELLBO~1\AppData\Local\Temp\{fece6c5c-7ecc-43c8-b1a5-d3ccd063a58a}\plugins\imageformats\qtga.dll
C:\Users\HELLBO~1\AppData\Local\Temp\{fece6c5c-7ecc-43c8-b1a5-d3ccd063a58a}\plugins\imageformats\qtiff.dll
C:\Users\HELLBO~1\AppData\Local\Temp\{fece6c5c-7ecc-43c8-b1a5-d3ccd063a58a}\plugins\imageformats\qwbmp.dll
C:\Users\HELLBO~1\AppData\Local\Temp\{fece6c5c-7ecc-43c8-b1a5-d3ccd063a58a}\plugins\imageformats\qwebp.dll
C:\WINDOWS\SYSTEM32\textinputframework.dll
C:\WINDOWS\System32\CoreUIComponents.dll
C:\WINDOWS\System32\CoreMessaging.dll
C:\Users\HELLBO~1\AppData\Local\Temp\{fece6c5c-7ecc-43c8-b1a5-d3ccd063a58a}\app_core.dll
C:\Users\HELLBO~1\AppData\Local\Temp\{fece6c5c-7ecc-43c8-b1a5-d3ccd063a58a}\instrumental_services.dll
C:\Users\HELLBO~1\AppData\Local\Temp\{fece6c5c-7ecc-43c8-b1a5-d3ccd063a58a}\dblite.dll
C:\Users\HELLBO~1\AppData\Local\Temp\{fece6c5c-7ecc-43c8-b1a5-d3ccd063a58a}\key_value_storage.dll
C:\Users\HELLBO~1\AppData\Local\Temp\{fece6c5c-7ecc-43c8-b1a5-d3ccd063a58a}\crypto_components_meta.dll
C:\Users\HELLBO~1\AppData\Local\Temp\{fece6c5c-7ecc-43c8-b1a5-d3ccd063a58a}\app_core_meta.dll
C:\Users\HELLBO~1\AppData\Local\Temp\{fece6c5c-7ecc-43c8-b1a5-d3ccd063a58a}\ksn_meta.dll
C:\Users\HELLBO~1\AppData\Local\Temp\{fece6c5c-7ecc-43c8-b1a5-d3ccd063a58a}\storage.dll
C:\Users\HELLBO~1\AppData\Local\Temp\{fece6c5c-7ecc-43c8-b1a5-d3ccd063a58a}\ksn_facade.dll
C:\Users\HELLBO~1\AppData\Local\Temp\{fece6c5c-7ecc-43c8-b1a5-d3ccd063a58a}\Bases\Cache\sys_critical_obj.dll.15870ca4e4acf60690f114f8bda721fd_0
C:\Users\HELLBO~1\AppData\Local\Temp\{fece6c5c-7ecc-43c8-b1a5-d3ccd063a58a}\crypto_components.dll
C:\Users\HELLBO~1\AppData\Local\Temp\{fece6c5c-7ecc-43c8-b1a5-d3ccd063a58a}\crypto_ssl_1_1.dll
C:\Users\HELLBO~1\AppData\Local\Temp\{fece6c5c-7ecc-43c8-b1a5-d3ccd063a58a}\uds.dll
C:\Users\HELLBO~1\AppData\Local\Temp\{fece6c5c-7ecc-43c8-b1a5-d3ccd063a58a}\Bases\Cache\avengine.dll.3f0415fac092db9820bf875d8507a68b_0
C:\Users\HELLBO~1\AppData\Local\Temp\{fece6c5c-7ecc-43c8-b1a5-d3ccd063a58a}\Bases\Cache\kavbase.kdl.d1fb224d14b168546a97638054851b82_0
C:\Users\HELLBO~1\AppData\Local\Temp\{fece6c5c-7ecc-43c8-b1a5-d3ccd063a58a}\Bases\Cache\klavemu.kdl.7ba4b571e19461409ed8d30c53f11be5_0
C:\Users\HELLBO~1\AppData\Local\Temp\{fece6c5c-7ecc-43c8-b1a5-d3ccd063a58a}\Bases\Cache\kjim.kdl.c8db75a0894b13545398ce6a65dd26b9_0
C:\WINDOWS\SYSTEM32\UMPDC.dll
C:\WINDOWS\System32\msdelta.dll
C:\Users\HELLBO~1\AppData\Local\Temp\{fece6c5c-7ecc-43c8-b1a5-d3ccd063a58a}\Bases\Cache\mark.kdl.e4eec710e6e9470b1a57482165eb0814_0
C:\Users\HELLBO~1\AppData\Local\Temp\{fece6c5c-7ecc-43c8-b1a5-d3ccd063a58a}\Bases\Cache\arkmon.kdl.dd82b16ab8c750d3bc3432939f4b7a25_0
C:\Users\HELLBO~1\AppData\Local\Temp\{fece6c5c-7ecc-43c8-b1a5-d3ccd063a58a}\Bases\Cache\qscan.kdl.839521cac3a8a20033c299a07ae94a47_0
C:\Users\HELLBO~1\AppData\Local\Temp\{fece6c5c-7ecc-43c8-b1a5-d3ccd063a58a}\Bases\Cache\kavsys.kdl.6ab77d27b0822d55fc1178c0808f9e69_0
C:\WINDOWS\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_a8625c1886757984\comctl32.dll
C:\WINDOWS\System32\CldApi.dll
C:\WINDOWS\SYSTEM32\amsi.dll
C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\X86\MpOav.dll
C:\Windows\System32\BitsProxy.dll

C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe
C:\WINDOWS\SYSTEM32\NCObjAPI.DLL
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\WINDOWS\SYSTEM32\amsi.dll
C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\X86\MpOav.dll
C:\WINDOWS\System32\delegatorprovider.dll
C:\WINDOWS\SYSTEM32\storagewmi_passthru.dll

D:\D\2022- aJeS\inlinehookscanner.exe
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\System32\gdi32full.dll
C:\WINDOWS\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.19041.1110_none_c0da534e38c01f4d\COMCTL32.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
C:\WINDOWS\SYSTEM32\VCRUNTIME140_CLR0400.dll
C:\WINDOWS\SYSTEM32\ucrtbase_clr0400.dll
C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\a403a0b75e95c07da2caa7f780446a62\mscorlib.ni.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
C:\WINDOWS\SYSTEM32\Wldp.dll
.
.
[Total scanned objects]: 1780.
.
.
[EOF]
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15213
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu logu, nemohu najít nákazu.

#2 Příspěvek od JaRon »

Ahoj,
skontroluj s NPE https://forum.viry.cz/viewtopic.php?f=29&t=102959
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
Jeff Scylla
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 03 pro 2022 13:39

Re: Prosím o kontrolu logu, nemohu najít nákazu.

#3 Příspěvek od Jeff Scylla »

Nortona jsem si 5 let platil považuju ho za nejlepší antivirové řešení, bohužel pak ceny vylatěli na pro mne neúnosnou mez. a i tady se děje to samé. Po jeho spuštění se zablokuje přístup na net. Dokonce ho nenechal ani prověřit system. Včera jsem nechal běžet scan od Kaspersky ten našel dva Trojany ale nic se po restartu nezměnilo. Je možnost spustit něco co by sledovalo co se děje po spuštění antiviru?
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15213
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu logu, nemohu najít nákazu.

#4 Příspěvek od JaRon »

Ako prvy krok navstevy tohto fora je vlozenie oboch logov FRST
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
Jeff Scylla
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 03 pro 2022 13:39

Re: Prosím o kontrolu logu, nemohu najít nákazu.

#5 Příspěvek od Jeff Scylla »

Omlouvám se, vložím tedy znovu log FRST jako prve?
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15213
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu logu, nemohu najít nákazu.

#6 Příspěvek od JaRon »

Oba logy FRST su nevyhnutne na dokladne posudenie stavu
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
Jeff Scylla
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 03 pro 2022 13:39

Re: Prosím o kontrolu logu, nemohu najít nákazu.

#7 Příspěvek od Jeff Scylla »

FRST.txt
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-11-2022
Ran by HELLBOX-i7 (administrator) on HELLBOX-I7-PC (Micro-Star International Co., Ltd. MS-7B17) (04-12-2022 12:47:35)
Running from D:\D\2022- aJeS
Loaded Profiles: HELLBOX-i7 & DefaultAppPool
Platform: Microsoft Windows 10 Pro Version 22H2 19045.2251 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(A-Volute SAS -> A-Volute) C:\Users\HELLBOX-i7\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe
(C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <5>
(C:\Program Files (x86)\GlassWire\GWCtlSrv.exe ->) (GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GWIdlMon.exe
(C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(C:\Program Files\LGHUB\lghub.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(C:\Program Files\LGHUB\lghub_agent.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\logi_crashpad_handler.exe <2>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCopyAccelerator.exe
(C:\Users\HELLBOX-i7\AppData\Roaming\imageclass\Avira.exe ->) (Google LLC -> Google LLC) C:\Users\HELLBOX-i7\AppData\Roaming\imageclass\chrome\worker.exe <50>
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe
(explorer.exe ->) (3 APPES Ltd.) [File not signed] C:\Program Files (x86)\3 APPES\Sound Lock\SoundLock.exe
(explorer.exe ->) (AB Team d. o. o. -> AB Team) C:\Program Files (x86)\BSPlayer\bsplayer.exe
(explorer.exe ->) (AMSTION LIMITED -> ) C:\Users\HELLBOX-i7\AppData\Roaming\Axife Standard\Axife.exe
(explorer.exe ->) (AMSTION LIMITED -> ) C:\Users\HELLBOX-i7\AppData\Roaming\Axife Standard\Axife-TaskMgr.exe
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GlassWire.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <38>
(explorer.exe ->) (iMobie Inc. -> iMobie Inc.) C:\Users\HELLBOX-i7\AppData\Roaming\Canon\CNQ.exe
(explorer.exe ->) (iMobie Inc. -> iMobie Inc.) C:\Users\HELLBOX-i7\AppData\Roaming\imageclass\Avira.exe
(explorer.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <4>
(explorer.exe ->) (TCB Networks -> ) F:\Program Files (x86)\StrokeIt\strokeit.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\Fluke\Fluke Connect\DesktopSyncService.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\Fluke\Fluke Connect\ExistingMeasurementSyncService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(services.exe ->) (Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe
(services.exe ->) (GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) C:\Windows\System32\CorsairGamingAudioCfgService64.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdsig.inf_amd64_5bcaff6c9e313cf1\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (OpenVPN Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(services.exe ->) (OpenVPN Inc. -> The OpenVPN project) C:\Program Files\OpenVPN\bin\openvpnserv2.exe
(services.exe ->) (Shanghai Microvirt Software Technology Co., Ltd. -> Microvirt Software Technology Co. Ltd.) D:\Program Files\Microvirt\MEmu\MemuService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Corel Corporation -> Corel Corporation) C:\Program Files (x86)\Corel\CUH\v2\CUH.EXE
(svchost.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(svchost.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.10271.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.10271.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22092.214.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.2180_none_7e328fe47c714aab\TiWorker.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476184 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [CORSAIR iCUE Software] => C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [410152 2020-08-31] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [StrokeIt] => F:\Program Files (x86)\StrokeIt\strokeit.exe [24712 2009-06-16] (TCB Networks -> )
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [SoundLock] => C:\Program Files (x86)\3 APPES\Sound Lock\SoundLock.exe [605184 2012-05-28] (3 APPES Ltd.) [File not signed]
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32703440 2022-11-30] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [Opera GX Browser Assistant] => C:\Users\HELLBOX-i7\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe /launchViaAutoStart (No File)
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [Google Update] => C:\Users\HELLBOX-i7\AppData\Local\Google\Update\1.3.36.152\GoogleUpdateCore.exe [230360 2022-08-30] (Google LLC -> Google LLC)
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [Axife Standard] => C:\Users\HELLBOX-i7\AppData\Roaming\Axife Standard\Axife.exe [1403880 2019-01-02] (AMSTION LIMITED -> )
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [Axife Task Manager Standard] => C:\Users\HELLBOX-i7\AppData\Roaming\Axife Standard\Axife-TaskMgr.exe [1085944 2019-01-02] (AMSTION LIMITED -> )
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [152025856 2022-11-07] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [Opera Browser Assistant] => C:\Users\HELLBOX-i7\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4152776 2022-10-19] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [LogMessager2022] => C:\Users\HELLBOX-i7\AppData\Roaming\Canon\CNQ.exe [5606064 2022-11-06] (iMobie Inc. -> iMobie Inc.)
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [BlueStacks_bgp64] => C:\Users\HELLBOX-i7\AppData\Roaming\Bluestack\DiskCompactionTool.exe [1043840 2016-04-19] (WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.)
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [AviraOE] => C:\Users\HELLBOX-i7\AppData\Roaming\imageclass\Avira.exe [1104304 2017-06-29] (iMobie Inc. -> iMobie Inc.)
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [GlassWire] => C:\Program Files (x86)\GlassWire\glasswire.exe [10554760 2022-11-13] (GlassWire -> SecureMix LLC)
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\MountPoints2: {40022121-105c-11ea-973d-806e6f6e6963} - "rundll32.exe" url,FileProtocolHandler index.html
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\MountPoints2: {93605704-ba78-11eb-93e5-dc7196456518} - "H:\DTLplus_Launcher.exe"
HKLM\...\Windows x64\Print Processors\Epson Laser01: C:\Windows\System32\spool\prtprocs\x64\EP0LPP01.DLL [41472 2011-08-30] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\107.0.5304.107\Installer\chrmstp.exe [2022-11-11] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{E5931AF4-2A8F-48A5-AFC8-CE9B79C4B19D}] -> reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2020-03-17]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) [File not signed]
Startup: C:\Users\HELLBOX-i7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FuzeTV.lnk [2021-06-30]
ShortcutTarget: FuzeTV.lnk -> C:\Users\HELLBOX-i7\AppData\Local\Overwolf\Extensions\dafpjodfmofenjonekfnkphpghegoekhfepmbmib\0.9.9.2534\plugins\agent\FuzeTV.exe (No File)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00649874-8E50-4E19-9D62-14B786842DF9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-469362532-771386427-3435094161-1000UA => C:\Users\HELLBOX-i7\AppData\Local\Google\Update\GoogleUpdate.exe [156232 2021-12-04] (Google LLC -> Google LLC)
Task: {01CC0170-2A71-4B6E-A87C-79D5D5E81740} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-469362532-771386427-3435094161-1000Core => C:\Users\HELLBOX-i7\AppData\Local\Google\Update\GoogleUpdate.exe [156232 2021-12-04] (Google LLC -> Google LLC)
Task: {070884B4-820A-47CC-94B9-F8B6A24E8CE1} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [804408 2021-12-03] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {093540A7-7E09-487C-8924-4333E03F7955} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation)
Task: {0A3589E8-BE07-40A4-B41E-12EC007CAA9E} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1615918871 => C:\Users\HELLBOX-i7\AppData\Local\Programs\Opera GX\launcher.exe [2505160 2022-11-16] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\HELLBOX-i7\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {198B651A-FF4E-4D77-8276-F13FEF181440} - System32\Tasks\CorelUpdateHelperTaskCore => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [3813600 2021-12-03] (Corel Corporation -> Corel Corporation)
Task: {238F307D-357E-4B68-B0B2-B79F152BAE67} - System32\Tasks\G2MUpdateTask-S-1-5-21-469362532-771386427-3435094161-1000 => C:\Users\HELLBOX-i7\AppData\Local\GoToMeeting\19950\g2mupdate.exe [33456 2022-04-22] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {492400B1-914C-4795-87F5-C4306B4A1ECA} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-11-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {4D60D4B0-0514-4588-A186-9BE288DFB7F5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {566805D1-0A9C-4E64-B1C9-CDE327EF9C63} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2022-11-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {57D857CC-13E9-4072-9D35-889000FC137A} - System32\Tasks\CorelUpdateHelperTask-ABB11EE91E664D088EA2CFB6CE1DF05A => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [3813600 2021-12-03] (Corel Corporation -> Corel Corporation)
Task: {5C965C75-9228-4B67-ACD3-CC305821E04B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6214B605-8FA9-424E-A32C-B94FF876B73D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-11-13] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {735B58B2-07FB-4400-A01B-B731BEDDF0CE} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908856 2022-11-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {79897F47-9AF9-49C9-AC17-A8245B8C8B6E} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-11-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {8066F237-E75D-4F5C-8B5B-42D0F0BE1E69} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_371_pepper.exe -check pepperplugin (No File)
Task: {89651C0F-E78B-42AF-8E06-A6A2D634FED6} - System32\Tasks\AdobeAAMUpdater-1.0-HELLBOX-i7-PC-HELLBOX-i7 => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled (No File)
Task: {91AB3C08-4A65-480A-A111-CC820C6921A4} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-11-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {9615EBDF-988E-4E9B-8690-1AEA9543CC0F} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476184 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {99D05795-9A4D-475D-8516-4F1F604F498B} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-11-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {9A1FB372-EC89-4679-A4FF-D725146ECEA4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-02-25] (Google LLC -> Google LLC)
Task: {A18105A5-015F-4C1B-A40E-800AC631B1BF} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1907712 2021-09-17] () [File not signed]
Task: {A7F0F3B0-E41E-4219-880E-E98291C8B3EB} - System32\Tasks\G2MUploadTask-S-1-5-21-469362532-771386427-3435094161-1000 => C:\Users\HELLBOX-i7\AppData\Local\GoToMeeting\19950\g2mupload.exe [33456 2022-04-22] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {B97A38AF-2D5E-477D-BA66-6B4F6B3CA3F8} - System32\Tasks\VideoStudioUpdater2020 => C:\Program Files\Corel\Corel VideoStudio 2020\VSNotification.exe [669320 2020-06-18] (Corel Corporation -> )
Task: {C1162D02-DADA-4965-8947-27ED8DA7C479} - System32\Tasks\Opera scheduled assistant Autoupdate 1582668930 => C:\Users\HELLBOX-i7\AppData\Local\Programs\Opera\launcher.exe [2631112 2022-11-23] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\HELLBOX-i7\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {C1C7C06B-FFDF-453B-AE2E-526D62628285} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2022-11-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {C318C822-F2CA-4A1B-B540-83BA624636A7} - System32\Tasks\Opera GX scheduled Autoupdate 1582841240 => C:\Users\HELLBOX-i7\AppData\Local\Programs\Opera GX\launcher.exe [2505160 2022-11-16] (Opera Norway AS -> Opera Software)
Task: {C641E526-ACDE-4CDE-B890-9AFFDB1A4291} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [1652536 2018-11-05] (Intel(R) Software -> Intel Corporation)
Task: {D8EC91B9-D3C2-46E6-B815-5D11F0E0C176} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F451D1E3-CBDA-4944-AE2E-97E7EC7A0F09} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-02-25] (Google LLC -> Google LLC)
Task: {F5EC4F08-E7B8-4AFB-8C85-353233A5DB2E} - System32\Tasks\Opera scheduled Autoupdate 1582668926 => C:\Users\HELLBOX-i7\AppData\Local\Programs\Opera\launcher.exe [2631112 2022-11-23] (Opera Norway AS -> Opera Software)
Task: {F6A56407-085E-458C-A0AA-46FEC6BF2FE1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908856 2022-11-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {F95089F2-2905-463D-BA30-BAD1DE1005A4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FD214FBF-14C3-4E64-820D-3120394ADA19} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\program files (x86)\microsoft visual studio\installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [65440 2020-07-16] (Microsoft Corporation -> Microsoft)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-469362532-771386427-3435094161-1000.job => C:\Users\HELLBOX-i7\AppData\Local\GoToMeeting\19950\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-469362532-771386427-3435094161-1000.job => C:\Users\HELLBOX-i7\AppData\Local\GoToMeeting\19950\g2mupload.exe
Task: C:\WINDOWS\Tasks\Intel PTT EK Recertification.job => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6073f01f-4650-4db8-b762-f40eaf0fad9c}: [DhcpNameServer] 10.41.0.1
Tcpip\..\Interfaces\{f07e9e9c-ce9a-4c2a-881e-f986d7d6bef1}: [DhcpNameServer] 192.168.1.1

Edge:
=======
DownloadDir: C:\Users\HELLBOX-i7\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\HELLBOX-i7\AppData\Local\Microsoft\Edge\User Data\Default [2022-12-01]
Edge DownloadDir: Default -> C:\Users\HELLBOX-i7\Downloads

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default [2022-12-04]
CHR DownloadDir: C:\Users\HELLBOX-i7
CHR Notifications: Default -> hxxps://aukro.cz; hxxps://cs.soringpcrepair.com; hxxps://en.savefrom.net; hxxps://message.alibaba.com; hxxps://mrak.pirati.cz; hxxps://www.facebook.com; hxxps://www.gfinityesports.com; hxxps://www2.push-news.org; hxxps://zulip.pirati.cz
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com","hxxp://www.yessearches.com/?ts=AHEpA3YtAX4pC0..&uid=F875C13EBB2C40E3EBCD5911F97AEDA4&ptid=cos&mode=nnnb"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Audiotool) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkgoccjhfjgjedhkiefaclppgbmoobnk [2020-08-12]
CHR Extension: (Hudba Google Play) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2020-11-20]
CHR Extension: (Work Offline) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjdagaoojgeilcobhibkgbodajcojda [2021-10-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-12-01]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-12-01]
CHR Extension: (Eml Manager) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjpnegahhmlieielkpdoifigpdfnnkk [2020-08-12]
CHR Extension: ( Best VPN for Chrome by uVPN) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaoafpkngncfpfggjefnekilbkcpjdgp [2021-12-10]
CHR Extension: (Nástroj na obnovení Chromebooku) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\jndclpdbaamdhonoechobihbbiimdgai [2022-06-01]
CHR Extension: (Sketchpad) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkllajgbhondgjjnhmmgbjndmogapinp [2020-08-12]
CHR Extension: (KML, KMZ Viewer with Drive) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbolhellljccdahaeelobbojpfdgjgco [2021-11-18]
CHR Extension: (Map of the Earth) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncekdeccakacjplanbmoofohobljbkad [2020-08-12]
CHR Extension: (Norton Safe) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2020-08-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Ads Killer Adblocker Plus) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgbllmbdjgcalkoimdfcpknbjgnhjclg [2020-08-12]
CHR Extension: (Send from Gmail (by Google)) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgphcomnlaojlmmcjmiddhdapjpbgeoc [2020-08-12]
CHR Extension: (Privacy Badger) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkehgijcmpdhfbdbbnkijodmdjhbjlgp [2022-09-30]

Opera:
=======
OPR Profile: C:\Users\HELLBOX-i7\AppData\Roaming\Opera Software\Opera Stable [2022-12-04]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... tpsf=openc
OPR Extension: (Rich Hints Agent) - C:\Users\HELLBOX-i7\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-10-27]
OPR Extension: (Opera Wallet) - C:\Users\HELLBOX-i7\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-11-29]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\HELLBOX-i7\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-14]
StartMenuInternet: (HKU\S-1-5-21-469362532-771386427-3435094161-1000) Opera GXStable - "C:\Users\HELLBOX-i7\AppData\Local\Programs\Opera GX\Launcher.exe"

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3863256 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3701464 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [9712432 2022-09-18] (BattlEye Innovations e.K. -> )
R2 CorsairGamingAudioConfig; C:\WINDOWS\system32\CorsairGamingAudioCfgService64.exe [605096 2020-08-01] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe [421928 2020-08-31] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [56872 2020-08-31] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [812520 2022-01-29] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2021-10-06] (Epic Games Inc. -> Epic Games, Inc.)
R2 Fluke Connect Patch Service; C:\Program Files (x86)\Fluke\Fluke Connect\ExistingMeasurementSyncService.exe [11776 2021-10-01] () [File not signed]
R2 Fluke Connect Sync Service; C:\Program Files (x86)\Fluke\Fluke Connect\DesktopSyncService.exe [15872 2021-10-01] () [File not signed]
R2 GlassWire; C:\Program Files (x86)\GlassWire\GWCtlSrv.exe [7769992 2022-11-13] (GlassWire -> SecureMix LLC)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10097408 2022-11-07] (Logitech Inc -> Logitech, Inc.)
R2 MEmusvc; D:\Program Files\Microvirt\MEmu\MemuService.exe [269104 2018-05-30] (Shanghai Microvirt Software Technology Co., Ltd. -> Microvirt Software Technology Co. Ltd.)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1888424 2021-10-08] (A-Volute SAS -> Nahimic)
R2 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [24504 2021-02-24] (OpenVPN Inc. -> The OpenVPN project)
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [73592 2021-02-24] (OpenVPN Inc. -> The OpenVPN Project)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 PSI_SVC_2_x64; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S3 Rockstar Service; F:\GAMEs\Rockstar Games\Launcher\RockstarService.exe [1314448 2020-03-29] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224216 2022-11-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12912936 2021-11-16] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [147392 2019-04-30] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\NisSrv.exe [3191272 2022-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe [133544 2022-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmdsig.inf_amd64_5bcaff6c9e313cf1\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmdsig.inf_amd64_5bcaff6c9e313cf1\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 CorsairGamingAudioService; C:\WINDOWS\system32\DRIVERS\CorsairGamingAudio64.sys [60328 2020-08-01] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAccess3B84E98236B28D4E075D5737DF9F567A1FB76E8A; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys [21752 2020-07-29] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45984 2020-07-29] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21920 2020-07-29] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 e1dexpress; C:\WINDOWS\System32\DriverStore\FileRepository\e1d.inf_amd64_e64afe811c7e4662\e1d.sys [608464 2022-06-16] (Intel Corporation -> Intel Corporation)
R1 gwdrv; C:\WINDOWS\system32\DRIVERS\gwdrv.sys [33152 2015-05-29] (GlassWire -> SecureMix LLC)
S3 ibtavflt; C:\WINDOWS\System32\drivers\ibtavflt.sys [32712 2014-07-25] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2022-10-07] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2022-09-29] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2022-10-07] (Logitech Inc -> Logitech)
R2 memudrv; D:\Program Files\Microvirt\MEmuHyperv\MEmuDrv.sys [260368 2015-11-02] (上海迈微软件科技有限公司 -> Microvirt Corporation)
R3 MpKsl9c2fa2b9; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1A23AD6D-39E8-4AE8-BBAD-26265E30828C}\MpKslDrv.sys [214280 2022-12-04] (Microsoft Windows -> Microsoft Corporation)
R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [85616 2021-08-13] (A-Volute -> Windows (R) Win 7 DDK provider)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-11-13] (Nvidia Corporation -> NVIDIA Corporation)
S3 RDID1142; C:\WINDOWS\system32\Drivers\RDWM1142.SYS [212352 2015-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Roland Corporation)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2021-05-26] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2022-11-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [469288 2022-11-10] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\System32\drivers\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-11-10] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [38176 2021-05-26] (WireGuard LLC -> WireGuard LLC)
S3 cpuz149; \??\C:\WINDOWS\temp\cpuz149\cpuz149_x64.sys [X]
S3 MpKsla53ebdcc; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2CEF6D32-A126-4DB1-A4CF-CF442C3EB066}\MpKslDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-12-04 12:47 - 2022-12-04 12:48 - 000000000 ____D C:\FRST
2022-12-04 10:53 - 2022-12-04 11:07 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\NPE
2022-12-04 10:53 - 2022-12-04 10:53 - 000000000 ____D C:\ProgramData\Norton
2022-12-03 23:04 - 2022-12-04 12:46 - 1844010503 _____ C:\Users\HELLBOX-i7\Tulsa.King.S01E03 CZtit V OBRAZE 1080p.mkv
2022-12-03 13:02 - 2022-12-03 13:03 - 000000000 ____D C:\KVRT2020_Data
2022-12-03 12:53 - 2022-12-03 12:53 - 000001434 _____ C:\Users\HELLBOX-i7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2022-12-03 12:53 - 2022-12-03 12:53 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\ESET
2022-12-03 12:49 - 2022-12-04 10:44 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\FSDART
2022-12-03 12:49 - 2022-12-03 12:51 - 000000000 ____D C:\ProgramData\F-Secure
2022-12-03 12:49 - 2022-12-03 12:49 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\F-Secure
2022-12-01 10:06 - 2022-12-01 10:06 - 000110568 _____ C:\Users\HELLBOX-i7\ExpensiveHi-Fi.wsz
2022-11-25 15:21 - 2022-11-25 15:21 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\LocalLow\Hentai Empire
2022-11-23 11:11 - 2022-11-23 11:11 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\LocalLow\Kotovodk Studio
2022-11-22 23:25 - 2022-11-22 23:25 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\SexChess
2022-11-22 21:46 - 2022-11-22 21:46 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\Goldberg SteamEmu Saves
2022-11-22 21:46 - 2022-11-22 21:46 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\LocalLow\IR Studio
2022-11-21 17:25 - 2022-11-21 17:25 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\AdobeUM
2022-11-21 17:24 - 2022-11-21 17:24 - 000000000 ____D C:\Users\HELLBOX-i7\Documents\My eBooks
2022-11-21 16:56 - 2022-11-13 13:23 - 000060112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2022-11-21 16:56 - 2022-11-13 13:23 - 000041984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2022-11-21 16:55 - 2022-11-15 06:53 - 002236992 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-11-21 16:55 - 2022-11-15 06:53 - 002236992 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-11-21 16:55 - 2022-11-15 06:53 - 001642560 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-11-21 16:55 - 2022-11-15 06:53 - 001642560 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-11-21 16:55 - 2022-11-15 06:53 - 001487872 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-11-21 16:55 - 2022-11-15 06:53 - 001444408 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-11-21 16:55 - 2022-11-15 06:53 - 001444408 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-11-21 16:55 - 2022-11-15 06:53 - 001226736 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-11-21 16:55 - 2022-11-15 06:53 - 001168960 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-11-21 16:55 - 2022-11-15 06:53 - 001168960 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-11-21 16:55 - 2022-11-15 06:49 - 001532424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-11-21 16:55 - 2022-11-15 06:49 - 001191936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-11-21 16:55 - 2022-11-15 06:49 - 000851480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-11-21 16:55 - 2022-11-15 06:49 - 000671792 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-11-21 16:55 - 2022-11-15 06:49 - 000507432 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-11-21 16:55 - 2022-11-15 06:48 - 002162688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-11-21 16:55 - 2022-11-15 06:48 - 001618936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-11-21 16:55 - 2022-11-15 06:48 - 000950280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-11-21 16:55 - 2022-11-15 06:48 - 000738312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-11-21 16:55 - 2022-11-15 06:48 - 000734720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-11-21 16:55 - 2022-11-15 06:47 - 012453896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-11-21 16:55 - 2022-11-15 06:47 - 010220552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-11-21 16:55 - 2022-11-15 06:47 - 005891080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-11-21 16:55 - 2022-11-15 06:47 - 005857280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2022-11-21 16:55 - 2022-11-15 06:47 - 005817336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-11-21 16:55 - 2022-11-15 06:47 - 003334664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-11-21 16:55 - 2022-11-15 06:47 - 000458240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-11-21 16:55 - 2022-11-15 06:46 - 000853016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-11-21 16:55 - 2022-11-15 06:45 - 006511856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-11-21 16:55 - 2022-11-13 13:23 - 000100633 _____ C:\WINDOWS\system32\nvinfo.pb
2022-11-20 08:11 - 2022-11-20 08:12 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\glasswire
2022-11-20 08:11 - 2022-11-20 08:11 - 000001977 _____ C:\Users\Public\Desktop\GlassWire.lnk
2022-11-20 08:11 - 2022-11-20 08:11 - 000000000 ____D C:\Program Files (x86)\GlassWire
2022-11-20 08:11 - 2015-05-29 08:30 - 000008392 _____ C:\WINDOWS\system32\Drivers\gwdrv.cat
2022-11-20 08:11 - 2015-05-29 08:15 - 000033152 _____ (SecureMix LLC) C:\WINDOWS\system32\Drivers\gwdrv.sys
2022-11-20 08:10 - 2022-11-20 08:11 - 000000000 ____D C:\ProgramData\glasswire
2022-11-20 07:39 - 2022-11-20 07:39 - 000000000 ___HD C:\$WinREAgent
2022-11-19 19:43 - 2022-11-19 19:43 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\Bravia
2022-11-18 20:48 - 2022-11-18 20:48 - 1747802533 _____ C:\WINDOWS\MEMORY.DMP
2022-11-18 20:48 - 2022-11-18 20:48 - 001910900 _____ C:\WINDOWS\Minidump\111822-9750-01.dmp
2022-11-16 22:55 - 2022-11-16 23:28 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\BoneTown.The.Second.Coming.Edition.v18.10.2021
2022-11-13 08:43 - 2022-11-13 12:43 - 000000000 ____D C:\Program Files\RUXIM
2022-11-12 13:05 - 2022-11-12 13:05 - 000688128 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-11-12 13:05 - 2022-11-12 13:05 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-11-12 13:05 - 2022-11-12 13:05 - 000073216 _____ C:\WINDOWS\system32\nettraceex.dll
2022-11-12 13:05 - 2022-11-12 13:05 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-11-12 09:38 - 2022-11-12 09:38 - 000001402 _____ C:\Users\HELLBOX-i7\Desktop\Cyberpunk 2077.lnk
2022-11-11 23:58 - 2022-11-11 23:57 - 000006557 _____ C:\Users\HELLBOX-i7\Desktop\Fortnite.lnk
2022-11-11 23:15 - 2022-11-11 23:15 - 001427176 _____ (Google LLC) C:\Users\HELLBOX-i7\Downloads\ChromeSetup.exe
2022-11-11 12:04 - 2022-12-04 10:45 - 160694272 _____ C:\WINDOWS\system32\config\SOFTWARE
2022-11-11 12:00 - 2022-11-11 12:04 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2022-11-07 11:40 - 2022-11-07 11:40 - 000000650 _____ C:\Users\Public\Desktop\Logitech G HUB.lnk
2022-11-07 11:40 - 2022-11-07 11:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2022-11-07 11:40 - 2022-11-07 11:40 - 000000000 ____D C:\Program Files\LGHUB
2022-11-06 13:37 - 2022-12-04 10:46 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\imageclass
2022-11-06 13:37 - 2022-11-21 07:41 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\Bluestack
2022-11-06 13:37 - 2022-11-06 13:37 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\Canon

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-12-04 12:48 - 2022-05-07 09:33 - 000003464 _____ C:\WINDOWS\system32\Tasks\CorelUpdateHelperTask-ABB11EE91E664D088EA2CFB6CE1DF05A
2022-12-04 12:46 - 2020-12-01 02:08 - 000000000 ____D C:\Users\HELLBOX-i7
2022-12-04 12:25 - 2020-02-26 23:09 - 000000000 ____D C:\ProgramData\NVIDIA
2022-12-04 12:01 - 2020-02-25 19:19 - 000000000 ____D C:\Program Files (x86)\Google
2022-12-04 11:46 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-12-04 11:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-12-04 11:05 - 2020-09-05 12:15 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-12-04 10:52 - 2020-12-01 08:43 - 001990828 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-12-04 10:52 - 2019-12-07 15:43 - 000815054 _____ C:\WINDOWS\system32\perfh005.dat
2022-12-04 10:52 - 2019-12-07 15:43 - 000189812 _____ C:\WINDOWS\system32\perfc005.dat
2022-12-04 10:52 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-12-04 10:46 - 2022-10-03 16:22 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\LGHUB
2022-12-04 10:46 - 2022-10-02 17:14 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\LGHUB
2022-12-04 10:45 - 2022-08-15 10:47 - 000000000 ____D C:\Users\DefaultAppPool
2022-12-04 10:45 - 2022-08-11 18:50 - 000003148 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner
2022-12-04 10:45 - 2020-12-01 08:46 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-12-04 10:45 - 2020-06-10 06:46 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-12-04 10:45 - 2020-03-27 09:08 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-12-04 10:45 - 2020-03-07 16:39 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\CrashDumps
2022-12-04 10:45 - 2020-02-25 19:21 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-12-04 10:45 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-12-04 10:45 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-12-04 10:45 - 2019-11-30 23:25 - 000000000 ____D C:\Users\HELLBOX-i7\Documents\Assassin's Creed Unity
2022-12-04 10:44 - 2020-12-01 08:40 - 000008192 ___SH C:\DumpStack.log.tmp
2022-12-04 10:44 - 2020-12-01 08:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-12-03 23:16 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-12-02 09:17 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-12-01 23:48 - 2020-08-06 19:09 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\uTorrent
2022-12-01 08:18 - 2020-02-25 20:41 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\D3DSCache
2022-11-30 08:37 - 2020-03-28 13:50 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\ElevatedDiagnostics
2022-11-29 19:46 - 2020-06-23 10:43 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\Winamp
2022-11-29 00:41 - 2022-09-28 15:08 - 000000000 ____D C:\b
2022-11-28 11:34 - 2020-12-01 08:46 - 000004234 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1582668926
2022-11-28 11:34 - 2020-02-25 23:15 - 000001539 _____ C:\Users\HELLBOX-i7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2022-11-26 00:38 - 2021-10-07 22:43 - 000000000 ____D C:\a
2022-11-24 09:10 - 2021-10-30 22:22 - 000005388 _____ C:\Users\HELLBOX-i7\AppData\Roaming\plugin_scan_state_VST2_x64.scan
2022-11-24 09:10 - 2021-10-30 22:22 - 000004287 _____ C:\Users\HELLBOX-i7\AppData\Roaming\plugin_scan_state_VST3_x64.scan
2022-11-24 09:10 - 2021-10-30 22:22 - 000003574 _____ C:\Users\HELLBOX-i7\AppData\Roaming\plugin_scan_state_VST2_x32.scan
2022-11-24 09:10 - 2021-10-30 22:22 - 000001432 _____ C:\Users\HELLBOX-i7\AppData\Roaming\plugin_scan_state_VST3_x32.scan
2022-11-23 13:21 - 2020-12-01 08:46 - 000004246 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1582841240
2022-11-23 13:21 - 2020-02-27 23:07 - 000001568 _____ C:\Users\HELLBOX-i7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera GX.lnk
2022-11-22 23:25 - 2020-03-03 19:17 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\UnrealEngine
2022-11-22 23:05 - 2022-05-22 22:46 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\LocalLow\DefaultCompany
2022-11-21 17:25 - 2020-05-24 09:40 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\Adobe
2022-11-21 17:24 - 2020-02-25 19:07 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\Adobe
2022-11-21 17:04 - 2020-02-26 23:10 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\NVIDIA
2022-11-21 17:04 - 2020-02-25 18:59 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-11-21 16:58 - 2020-12-01 08:46 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-21 16:58 - 2020-12-01 08:46 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-21 16:58 - 2020-12-01 08:46 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-21 16:58 - 2020-12-01 08:46 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-21 16:58 - 2020-12-01 08:46 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-21 16:58 - 2020-12-01 08:46 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-21 16:58 - 2020-12-01 08:46 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-21 16:57 - 2020-12-01 08:46 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-21 16:57 - 2020-12-01 08:46 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-21 16:57 - 2020-02-26 23:09 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2022-11-21 16:57 - 2020-02-25 19:07 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-11-20 08:11 - 2020-02-26 23:09 - 000000000 ____D C:\ProgramData\Package Cache
2022-11-20 08:11 - 2019-11-29 19:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\06-SYSTEM TOOLs
2022-11-20 07:57 - 2021-12-04 09:34 - 000002624 _____ C:\Users\HELLBOX-i7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome Canary.lnk
2022-11-20 07:57 - 2021-12-04 09:34 - 000002587 _____ C:\Users\HELLBOX-i7\Desktop\Google Chrome Canary.lnk
2022-11-20 07:41 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-11-18 20:49 - 2020-12-01 08:40 - 000819600 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-11-18 20:49 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-11-18 20:49 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-11-18 20:49 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-11-18 20:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-11-18 20:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-11-18 20:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-11-18 20:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-11-18 20:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-11-18 20:48 - 2021-06-02 06:47 - 000000000 ____D C:\WINDOWS\Minidump
2022-11-16 23:29 - 2020-12-01 17:17 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\vlc
2022-11-15 06:45 - 2020-10-09 18:22 - 007643384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2022-11-13 13:23 - 2021-04-16 22:06 - 000086568 _____ C:\WINDOWS\system32\FvSDK_x64.dll
2022-11-13 13:23 - 2021-04-16 22:06 - 000075304 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll
2022-11-13 13:23 - 2020-10-09 18:22 - 000129000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2022-11-13 13:23 - 2020-02-26 23:10 - 002890296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2022-11-13 13:23 - 2020-02-26 23:10 - 002224696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2022-11-13 13:23 - 2020-02-26 23:10 - 001297464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2022-11-13 13:23 - 2020-02-26 23:09 - 000169512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2022-11-13 13:23 - 2020-02-26 23:09 - 000148520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2022-11-13 13:23 - 2020-02-26 23:09 - 000059368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2022-11-13 13:23 - 2020-02-26 23:09 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2022-11-12 13:05 - 2020-12-01 08:42 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-11-12 13:05 - 2019-11-25 11:23 - 000415688 __RSH C:\bootmgr
2022-11-11 21:28 - 2020-07-26 14:57 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2022-11-11 21:28 - 2019-12-07 15:47 - 000000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
2022-11-11 21:28 - 2019-12-07 15:47 - 000000000 ___SD C:\WINDOWS\system32\AppV
2022-11-11 21:28 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Portable Devices
2022-11-11 21:28 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2022-11-11 21:28 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2022-11-11 21:28 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2022-11-11 21:28 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-11-11 21:28 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2022-11-11 21:28 - 2019-12-07 15:44 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2022-11-11 21:28 - 2019-12-07 15:43 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2022-11-11 21:28 - 2019-12-07 15:43 - 000000000 ____D C:\WINDOWS\system32\cs
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\dsc
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\InstallShield
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\downlevel
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Containers
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\Services
2022-11-11 21:28 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2022-11-11 21:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\registration
2022-11-10 22:33 - 2020-02-25 19:03 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-11-10 15:50 - 2020-02-26 00:30 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-11-10 15:47 - 2020-02-26 00:30 - 146960040 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-11-08 07:41 - 2020-12-01 08:46 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-11-08 07:41 - 2020-12-01 08:46 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-11-06 18:32 - 2020-02-25 19:10 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\PlaceholderTileLogoFolder
2022-11-06 18:32 - 2020-02-25 19:07 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\Packages

==================== Files in the root of some directories ========

2021-09-04 07:37 - 2021-09-04 07:37 - 001429243 _____ (PolySoft Solutions ) C:\Users\HELLBOX-i7\FreeFLACToMP3Converter.exe
2020-10-11 12:27 - 2022-09-29 16:57 - 000011861 _____ () C:\Program Files (x86)\unins000.dat
2022-09-29 16:57 - 2022-09-29 16:56 - 001383755 _____ () C:\Program Files (x86)\unins000.exe
2020-08-31 16:34 - 2020-09-07 18:47 - 000000799 _____ () C:\Users\HELLBOX-i7\AppData\Roaming\HELLBOX-I7-PC.MTBF.txt
2021-10-30 22:22 - 2022-11-24 09:10 - 000003574 _____ () C:\Users\HELLBOX-i7\AppData\Roaming\plugin_scan_state_VST2_x32.scan
2021-10-30 22:22 - 2022-11-24 09:10 - 000005388 _____ () C:\Users\HELLBOX-i7\AppData\Roaming\plugin_scan_state_VST2_x64.scan
2021-10-30 22:22 - 2022-11-24 09:10 - 000001432 _____ () C:\Users\HELLBOX-i7\AppData\Roaming\plugin_scan_state_VST3_x32.scan
2021-10-30 22:22 - 2022-11-24 09:10 - 000004287 _____ () C:\Users\HELLBOX-i7\AppData\Roaming\plugin_scan_state_VST3_x64.scan
2022-02-20 16:40 - 2022-02-21 16:42 - 000005632 _____ () C:\Users\HELLBOX-i7\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-08-31 15:39 - 2020-08-31 15:39 - 000000098 _____ () C:\Users\HELLBOX-i7\AppData\Local\fusioncache.dat
2020-09-05 11:58 - 2020-09-05 11:58 - 000000410 _____ () C:\Users\HELLBOX-i7\AppData\Local\oobelibMkey.log
2020-08-17 18:12 - 2020-08-17 18:12 - 000000017 _____ () C:\Users\HELLBOX-i7\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Nahoru
Jeff Scylla
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 03 pro 2022 13:39

Re: Prosím o kontrolu logu, nemohu najít nákazu.

#8 Příspěvek od Jeff Scylla »

Additional.txt
Přílohy
Addition.zip
(38.83 KiB) Staženo 28 x
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15213
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu logu, nemohu najít nákazu.

#9 Příspěvek od JaRon »

Description: Intel(R) Wireless-AC 9462 : Bylo zjištěno, že síťový adaptér nepracuje správně.
Na zaciatok pozri na ovladac prip. preinstaluj
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
Jeff Scylla
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 03 pro 2022 13:39

Re: Prosím o kontrolu logu, nemohu najít nákazu.

#10 Příspěvek od Jeff Scylla »

Díky, aktualizoval jsem nicméně ted my došlo že to bude možná tím že mám vypálenou sítovku na desce (za bouřky po datovým kabelu to dostalo pecku a odpálilo modem a sítovku to sestřelilo taky. ale přes WiFi to jede. Udělal jsem trochu místa a disku ale ani norton online scan to nedá a nenpřipojí ho to po spuštění stejně jako FRST64 nepustí do cloudu. Prostě jak se něco snaží online něco zjistit tak je to bloknutý a vypne to sít. Udělal jsem log znovu.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-11-2022
Ran by HELLBOX-i7 (administrator) on HELLBOX-I7-PC (Micro-Star International Co., Ltd. MS-7B17) (04-12-2022 16:54:13)
Running from D:\D\2022- aJeS
Loaded Profiles: HELLBOX-i7 & DefaultAppPool
Platform: Microsoft Windows 10 Pro Version 22H2 19045.2251 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(A-Volute SAS -> A-Volute) C:\Users\HELLBOX-i7\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe
(C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(C:\Program Files (x86)\GlassWire\GWCtlSrv.exe ->) (GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GWIdlMon.exe
(C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(C:\Program Files\LGHUB\lghub.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(C:\Program Files\LGHUB\lghub_agent.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\logi_crashpad_handler.exe <2>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCopyAccelerator.exe
(C:\Users\HELLBOX-i7\AppData\Local\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Users\HELLBOX-i7\AppData\Local\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(C:\Users\HELLBOX-i7\AppData\Local\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Users\HELLBOX-i7\AppData\Local\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(C:\Users\HELLBOX-i7\AppData\Roaming\imageclass\Avira.exe ->) (Google LLC -> Google LLC) C:\Users\HELLBOX-i7\AppData\Roaming\imageclass\chrome\worker.exe <21>
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe
(explorer.exe ->) (3 APPES Ltd.) [File not signed] C:\Program Files (x86)\3 APPES\Sound Lock\SoundLock.exe
(explorer.exe ->) (AB Team d. o. o. -> AB Team) C:\Program Files (x86)\BSPlayer\bsplayer.exe
(explorer.exe ->) (AMSTION LIMITED -> ) C:\Users\HELLBOX-i7\AppData\Roaming\Axife Standard\Axife.exe
(explorer.exe ->) (AMSTION LIMITED -> ) C:\Users\HELLBOX-i7\AppData\Roaming\Axife Standard\Axife-TaskMgr.exe
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GlassWire.exe
(explorer.exe ->) (iMobie Inc. -> iMobie Inc.) C:\Users\HELLBOX-i7\AppData\Roaming\Canon\CNQ.exe
(explorer.exe ->) (iMobie Inc. -> iMobie Inc.) C:\Users\HELLBOX-i7\AppData\Roaming\imageclass\Avira.exe
(explorer.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <4>
(explorer.exe ->) (TCB Networks -> ) F:\Program Files (x86)\StrokeIt\strokeit.exe
(Google LLC -> Google LLC) C:\Users\HELLBOX-i7\AppData\Local\Google\Update\GoogleUpdate.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\Fluke\Fluke Connect\DesktopSyncService.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\Fluke\Fluke Connect\ExistingMeasurementSyncService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(services.exe ->) (Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe
(services.exe ->) (GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) C:\Windows\System32\CorsairGamingAudioCfgService64.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdsig.inf_amd64_5bcaff6c9e313cf1\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (OpenVPN Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(services.exe ->) (OpenVPN Inc. -> The OpenVPN project) C:\Program Files\OpenVPN\bin\openvpnserv2.exe
(services.exe ->) (Shanghai Microvirt Software Technology Co., Ltd. -> Microvirt Software Technology Co. Ltd.) D:\Program Files\Microvirt\MEmu\MemuService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(svchost.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22092.214.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <4>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476184 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [CORSAIR iCUE Software] => C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [410152 2020-08-31] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [StrokeIt] => F:\Program Files (x86)\StrokeIt\strokeit.exe [24712 2009-06-16] (TCB Networks -> )
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [SoundLock] => C:\Program Files (x86)\3 APPES\Sound Lock\SoundLock.exe [605184 2012-05-28] (3 APPES Ltd.) [File not signed]
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32703440 2022-11-30] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [Opera GX Browser Assistant] => C:\Users\HELLBOX-i7\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe /launchViaAutoStart (No File)
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [Google Update] => C:\Users\HELLBOX-i7\AppData\Local\Google\Update\1.3.36.152\GoogleUpdateCore.exe [230360 2022-08-30] (Google LLC -> Google LLC)
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [Axife Standard] => C:\Users\HELLBOX-i7\AppData\Roaming\Axife Standard\Axife.exe [1403880 2019-01-02] (AMSTION LIMITED -> )
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [Axife Task Manager Standard] => C:\Users\HELLBOX-i7\AppData\Roaming\Axife Standard\Axife-TaskMgr.exe [1085944 2019-01-02] (AMSTION LIMITED -> )
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [152025856 2022-11-07] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [Opera Browser Assistant] => C:\Users\HELLBOX-i7\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4152776 2022-10-19] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [LogMessager2022] => C:\Users\HELLBOX-i7\AppData\Roaming\Canon\CNQ.exe [5606064 2022-11-06] (iMobie Inc. -> iMobie Inc.)
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [BlueStacks_bgp64] => C:\Users\HELLBOX-i7\AppData\Roaming\Bluestack\DiskCompactionTool.exe [1043840 2016-04-19] (WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.)
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [AviraOE] => C:\Users\HELLBOX-i7\AppData\Roaming\imageclass\Avira.exe [1104304 2017-06-29] (iMobie Inc. -> iMobie Inc.)
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [GlassWire] => C:\Program Files (x86)\GlassWire\glasswire.exe [10554760 2022-11-13] (GlassWire -> SecureMix LLC)
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\MountPoints2: {40022121-105c-11ea-973d-806e6f6e6963} - "rundll32.exe" url,FileProtocolHandler index.html
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\MountPoints2: {93605704-ba78-11eb-93e5-dc7196456518} - "H:\DTLplus_Launcher.exe"
HKLM\...\Windows x64\Print Processors\Epson Laser01: C:\Windows\System32\spool\prtprocs\x64\EP0LPP01.DLL [41472 2011-08-30] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\107.0.5304.107\Installer\chrmstp.exe [2022-11-11] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{E5931AF4-2A8F-48A5-AFC8-CE9B79C4B19D}] -> reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2020-03-17]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) [File not signed]
Startup: C:\Users\HELLBOX-i7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FuzeTV.lnk [2021-06-30]
ShortcutTarget: FuzeTV.lnk -> C:\Users\HELLBOX-i7\AppData\Local\Overwolf\Extensions\dafpjodfmofenjonekfnkphpghegoekhfepmbmib\0.9.9.2534\plugins\agent\FuzeTV.exe (No File)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00649874-8E50-4E19-9D62-14B786842DF9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-469362532-771386427-3435094161-1000UA => C:\Users\HELLBOX-i7\AppData\Local\Google\Update\GoogleUpdate.exe [156232 2021-12-04] (Google LLC -> Google LLC)
Task: {01CC0170-2A71-4B6E-A87C-79D5D5E81740} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-469362532-771386427-3435094161-1000Core => C:\Users\HELLBOX-i7\AppData\Local\Google\Update\GoogleUpdate.exe [156232 2021-12-04] (Google LLC -> Google LLC)
Task: {093540A7-7E09-487C-8924-4333E03F7955} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation)
Task: {0A3589E8-BE07-40A4-B41E-12EC007CAA9E} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1615918871 => C:\Users\HELLBOX-i7\AppData\Local\Programs\Opera GX\launcher.exe [2505160 2022-11-16] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\HELLBOX-i7\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {198B651A-FF4E-4D77-8276-F13FEF181440} - System32\Tasks\CorelUpdateHelperTaskCore => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [3813600 2021-12-03] (Corel Corporation -> Corel Corporation)
Task: {238F307D-357E-4B68-B0B2-B79F152BAE67} - System32\Tasks\G2MUpdateTask-S-1-5-21-469362532-771386427-3435094161-1000 => C:\Users\HELLBOX-i7\AppData\Local\GoToMeeting\19950\g2mupdate.exe [33456 2022-04-22] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {492400B1-914C-4795-87F5-C4306B4A1ECA} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-11-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {4D60D4B0-0514-4588-A186-9BE288DFB7F5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4F1EB428-273A-4FF6-A8FF-DEEF9919BB35} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [804408 2021-12-03] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {566805D1-0A9C-4E64-B1C9-CDE327EF9C63} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2022-11-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {5C965C75-9228-4B67-ACD3-CC305821E04B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6214B605-8FA9-424E-A32C-B94FF876B73D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-11-13] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {735B58B2-07FB-4400-A01B-B731BEDDF0CE} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908856 2022-11-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {79897F47-9AF9-49C9-AC17-A8245B8C8B6E} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-11-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {8066F237-E75D-4F5C-8B5B-42D0F0BE1E69} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_371_pepper.exe -check pepperplugin (No File)
Task: {89651C0F-E78B-42AF-8E06-A6A2D634FED6} - System32\Tasks\AdobeAAMUpdater-1.0-HELLBOX-i7-PC-HELLBOX-i7 => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled (No File)
Task: {91AB3C08-4A65-480A-A111-CC820C6921A4} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-11-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {9615EBDF-988E-4E9B-8690-1AEA9543CC0F} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476184 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {99D05795-9A4D-475D-8516-4F1F604F498B} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-11-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {9A1FB372-EC89-4679-A4FF-D725146ECEA4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-02-25] (Google LLC -> Google LLC)
Task: {A18105A5-015F-4C1B-A40E-800AC631B1BF} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1907712 2021-09-17] () [File not signed]
Task: {A7F0F3B0-E41E-4219-880E-E98291C8B3EB} - System32\Tasks\G2MUploadTask-S-1-5-21-469362532-771386427-3435094161-1000 => C:\Users\HELLBOX-i7\AppData\Local\GoToMeeting\19950\g2mupload.exe [33456 2022-04-22] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {B97A38AF-2D5E-477D-BA66-6B4F6B3CA3F8} - System32\Tasks\VideoStudioUpdater2020 => C:\Program Files\Corel\Corel VideoStudio 2020\VSNotification.exe [669320 2020-06-18] (Corel Corporation -> )
Task: {C1162D02-DADA-4965-8947-27ED8DA7C479} - System32\Tasks\Opera scheduled assistant Autoupdate 1582668930 => C:\Users\HELLBOX-i7\AppData\Local\Programs\Opera\launcher.exe [2631112 2022-11-23] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\HELLBOX-i7\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {C1C7C06B-FFDF-453B-AE2E-526D62628285} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2022-11-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {C318C822-F2CA-4A1B-B540-83BA624636A7} - System32\Tasks\Opera GX scheduled Autoupdate 1582841240 => C:\Users\HELLBOX-i7\AppData\Local\Programs\Opera GX\launcher.exe [2505160 2022-11-16] (Opera Norway AS -> Opera Software)
Task: {C641E526-ACDE-4CDE-B890-9AFFDB1A4291} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [1652536 2018-11-05] (Intel(R) Software -> Intel Corporation)
Task: {C6C3BD39-E6F4-477B-9D9E-07377A89F1AF} - System32\Tasks\CorelUpdateHelperTask-ABB11EE91E664D088EA2CFB6CE1DF05A => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [3813600 2021-12-03] (Corel Corporation -> Corel Corporation)
Task: {D8EC91B9-D3C2-46E6-B815-5D11F0E0C176} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F451D1E3-CBDA-4944-AE2E-97E7EC7A0F09} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-02-25] (Google LLC -> Google LLC)
Task: {F5EC4F08-E7B8-4AFB-8C85-353233A5DB2E} - System32\Tasks\Opera scheduled Autoupdate 1582668926 => C:\Users\HELLBOX-i7\AppData\Local\Programs\Opera\launcher.exe [2631112 2022-11-23] (Opera Norway AS -> Opera Software)
Task: {F6A56407-085E-458C-A0AA-46FEC6BF2FE1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908856 2022-11-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {F95089F2-2905-463D-BA30-BAD1DE1005A4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FD214FBF-14C3-4E64-820D-3120394ADA19} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\program files (x86)\microsoft visual studio\installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [65440 2020-07-16] (Microsoft Corporation -> Microsoft)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-469362532-771386427-3435094161-1000.job => C:\Users\HELLBOX-i7\AppData\Local\GoToMeeting\19950\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-469362532-771386427-3435094161-1000.job => C:\Users\HELLBOX-i7\AppData\Local\GoToMeeting\19950\g2mupload.exe
Task: C:\WINDOWS\Tasks\Intel PTT EK Recertification.job => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6073f01f-4650-4db8-b762-f40eaf0fad9c}: [DhcpNameServer] 10.41.0.1
Tcpip\..\Interfaces\{f07e9e9c-ce9a-4c2a-881e-f986d7d6bef1}: [DhcpNameServer] 192.168.1.1

Edge:
=======
DownloadDir: C:\Users\HELLBOX-i7\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\HELLBOX-i7\AppData\Local\Microsoft\Edge\User Data\Default [2022-12-01]
Edge DownloadDir: Default -> C:\Users\HELLBOX-i7\Downloads

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default [2022-12-04]
CHR DownloadDir: C:\Users\HELLBOX-i7
CHR Notifications: Default -> hxxps://aukro.cz; hxxps://cs.soringpcrepair.com; hxxps://en.savefrom.net; hxxps://message.alibaba.com; hxxps://mrak.pirati.cz; hxxps://www.facebook.com; hxxps://www.gfinityesports.com; hxxps://www2.push-news.org; hxxps://zulip.pirati.cz
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com","hxxp://www.yessearches.com/?ts=AHEpA3YtAX4pC0..&uid=F875C13EBB2C40E3EBCD5911F97AEDA4&ptid=cos&mode=nnnb"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Audiotool) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkgoccjhfjgjedhkiefaclppgbmoobnk [2020-08-12]
CHR Extension: (Hudba Google Play) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2020-11-20]
CHR Extension: (Work Offline) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjdagaoojgeilcobhibkgbodajcojda [2021-10-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-12-01]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-12-01]
CHR Extension: (Eml Manager) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjpnegahhmlieielkpdoifigpdfnnkk [2020-08-12]
CHR Extension: ( Best VPN for Chrome by uVPN) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaoafpkngncfpfggjefnekilbkcpjdgp [2021-12-10]
CHR Extension: (Nástroj na obnovení Chromebooku) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\jndclpdbaamdhonoechobihbbiimdgai [2022-06-01]
CHR Extension: (Sketchpad) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkllajgbhondgjjnhmmgbjndmogapinp [2020-08-12]
CHR Extension: (KML, KMZ Viewer with Drive) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbolhellljccdahaeelobbojpfdgjgco [2021-11-18]
CHR Extension: (Map of the Earth) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncekdeccakacjplanbmoofohobljbkad [2020-08-12]
CHR Extension: (Norton Safe) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2020-08-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Ads Killer Adblocker Plus) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgbllmbdjgcalkoimdfcpknbjgnhjclg [2020-08-12]
CHR Extension: (Send from Gmail (by Google)) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgphcomnlaojlmmcjmiddhdapjpbgeoc [2020-08-12]
CHR Extension: (Privacy Badger) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkehgijcmpdhfbdbbnkijodmdjhbjlgp [2022-09-30]

Opera:
=======
OPR Profile: C:\Users\HELLBOX-i7\AppData\Roaming\Opera Software\Opera Stable [2022-12-04]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... tpsf=openc
OPR Extension: (Rich Hints Agent) - C:\Users\HELLBOX-i7\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-10-27]
OPR Extension: (Opera Wallet) - C:\Users\HELLBOX-i7\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-11-29]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\HELLBOX-i7\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-14]
StartMenuInternet: (HKU\S-1-5-21-469362532-771386427-3435094161-1000) Opera GXStable - "C:\Users\HELLBOX-i7\AppData\Local\Programs\Opera GX\Launcher.exe"

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3863256 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3701464 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [9712432 2022-09-18] (BattlEye Innovations e.K. -> )
R2 CorsairGamingAudioConfig; C:\WINDOWS\system32\CorsairGamingAudioCfgService64.exe [605096 2020-08-01] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe [421928 2020-08-31] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [56872 2020-08-31] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [812520 2022-01-29] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2021-10-06] (Epic Games Inc. -> Epic Games, Inc.)
R2 Fluke Connect Patch Service; C:\Program Files (x86)\Fluke\Fluke Connect\ExistingMeasurementSyncService.exe [11776 2021-10-01] () [File not signed]
R2 Fluke Connect Sync Service; C:\Program Files (x86)\Fluke\Fluke Connect\DesktopSyncService.exe [15872 2021-10-01] () [File not signed]
R2 GlassWire; C:\Program Files (x86)\GlassWire\GWCtlSrv.exe [7769992 2022-11-13] (GlassWire -> SecureMix LLC)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10097408 2022-11-07] (Logitech Inc -> Logitech, Inc.)
R2 MEmusvc; D:\Program Files\Microvirt\MEmu\MemuService.exe [269104 2018-05-30] (Shanghai Microvirt Software Technology Co., Ltd. -> Microvirt Software Technology Co. Ltd.)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1888424 2021-10-08] (A-Volute SAS -> Nahimic)
R2 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [24504 2021-02-24] (OpenVPN Inc. -> The OpenVPN project)
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [73592 2021-02-24] (OpenVPN Inc. -> The OpenVPN Project)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 PSI_SVC_2_x64; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S3 Rockstar Service; F:\GAMEs\Rockstar Games\Launcher\RockstarService.exe [1314448 2020-03-29] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224216 2022-11-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12912936 2021-11-16] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [147392 2019-04-30] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\NisSrv.exe [3191272 2022-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe [133544 2022-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmdsig.inf_amd64_5bcaff6c9e313cf1\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmdsig.inf_amd64_5bcaff6c9e313cf1\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 CorsairGamingAudioService; C:\WINDOWS\system32\DRIVERS\CorsairGamingAudio64.sys [60328 2020-08-01] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAccess3B84E98236B28D4E075D5737DF9F567A1FB76E8A; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys [21752 2020-07-29] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45984 2020-07-29] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21920 2020-07-29] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 e1dexpress; C:\WINDOWS\System32\DriverStore\FileRepository\e1d.inf_amd64_e64afe811c7e4662\e1d.sys [608464 2022-06-16] (Intel Corporation -> Intel Corporation)
R1 gwdrv; C:\WINDOWS\system32\DRIVERS\gwdrv.sys [33152 2015-05-29] (GlassWire -> SecureMix LLC)
S3 ibtavflt; C:\WINDOWS\System32\drivers\ibtavflt.sys [32712 2014-07-25] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2022-10-07] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2022-09-29] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2022-10-07] (Logitech Inc -> Logitech)
R2 memudrv; D:\Program Files\Microvirt\MEmuHyperv\MEmuDrv.sys [260368 2015-11-02] (上海迈微软件科技有限公司 -> Microvirt Corporation)
R3 MpKsl8f241cb3; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1A23AD6D-39E8-4AE8-BBAD-26265E30828C}\MpKslDrv.sys [214280 2022-12-04] (Microsoft Windows -> Microsoft Corporation)
R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [85616 2021-08-13] (A-Volute -> Windows (R) Win 7 DDK provider)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-11-13] (Nvidia Corporation -> NVIDIA Corporation)
S3 RDID1142; C:\WINDOWS\system32\Drivers\RDWM1142.SYS [212352 2015-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Roland Corporation)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2021-05-26] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2022-11-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [469288 2022-11-10] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\System32\drivers\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-11-10] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [38176 2021-05-26] (WireGuard LLC -> WireGuard LLC)
S3 cpuz149; \??\C:\WINDOWS\temp\cpuz149\cpuz149_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-12-04 16:53 - 2022-12-04 16:53 - 000270672 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_c634f2e7a_mark.sys
2022-12-04 16:52 - 2022-12-04 16:52 - 000299544 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\c634f2e7.sys
2022-12-04 15:25 - 2022-10-19 02:28 - 008817264 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\Netwtw08.sys
2022-12-04 15:25 - 2022-10-19 02:28 - 002686148 _____ C:\WINDOWS\system32\Drivers\Netwfw08.dat
2022-12-04 15:25 - 2022-10-19 02:28 - 001677376 _____ (Intel Corporation) C:\WINDOWS\system32\IntelIHVRouter08.dll
2022-12-04 12:47 - 2022-12-04 16:54 - 000000000 ____D C:\FRST
2022-12-04 10:53 - 2022-12-04 15:38 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\NPE
2022-12-04 10:53 - 2022-12-04 10:53 - 000000000 ____D C:\ProgramData\Norton
2022-12-03 23:04 - 2022-12-04 12:46 - 1844010503 _____ C:\Users\HELLBOX-i7\Tulsa.King.S01E03 CZtit V OBRAZE 1080p.mkv
2022-12-03 13:02 - 2022-12-04 16:52 - 000000000 ____D C:\KVRT2020_Data
2022-12-03 12:53 - 2022-12-03 12:53 - 000001434 _____ C:\Users\HELLBOX-i7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2022-12-03 12:53 - 2022-12-03 12:53 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\ESET
2022-12-03 12:49 - 2022-12-04 10:44 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\FSDART
2022-12-03 12:49 - 2022-12-03 12:51 - 000000000 ____D C:\ProgramData\F-Secure
2022-12-03 12:49 - 2022-12-03 12:49 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\F-Secure
2022-12-01 10:06 - 2022-12-01 10:06 - 000110568 _____ C:\Users\HELLBOX-i7\ExpensiveHi-Fi.wsz
2022-11-25 15:21 - 2022-11-25 15:21 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\LocalLow\Hentai Empire
2022-11-23 11:11 - 2022-11-23 11:11 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\LocalLow\Kotovodk Studio
2022-11-22 23:25 - 2022-11-22 23:25 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\SexChess
2022-11-22 21:46 - 2022-11-22 21:46 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\Goldberg SteamEmu Saves
2022-11-22 21:46 - 2022-11-22 21:46 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\LocalLow\IR Studio
2022-11-21 17:25 - 2022-11-21 17:25 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\AdobeUM
2022-11-21 17:24 - 2022-11-21 17:24 - 000000000 ____D C:\Users\HELLBOX-i7\Documents\My eBooks
2022-11-21 16:56 - 2022-11-13 13:23 - 000060112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2022-11-21 16:56 - 2022-11-13 13:23 - 000041984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2022-11-21 16:55 - 2022-11-15 06:53 - 002236992 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-11-21 16:55 - 2022-11-15 06:53 - 002236992 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-11-21 16:55 - 2022-11-15 06:53 - 001642560 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-11-21 16:55 - 2022-11-15 06:53 - 001642560 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-11-21 16:55 - 2022-11-15 06:53 - 001487872 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-11-21 16:55 - 2022-11-15 06:53 - 001444408 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-11-21 16:55 - 2022-11-15 06:53 - 001444408 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-11-21 16:55 - 2022-11-15 06:53 - 001226736 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-11-21 16:55 - 2022-11-15 06:53 - 001168960 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-11-21 16:55 - 2022-11-15 06:53 - 001168960 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-11-21 16:55 - 2022-11-15 06:49 - 001532424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-11-21 16:55 - 2022-11-15 06:49 - 001191936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-11-21 16:55 - 2022-11-15 06:49 - 000851480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-11-21 16:55 - 2022-11-15 06:49 - 000671792 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-11-21 16:55 - 2022-11-15 06:49 - 000507432 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-11-21 16:55 - 2022-11-15 06:48 - 002162688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-11-21 16:55 - 2022-11-15 06:48 - 001618936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-11-21 16:55 - 2022-11-15 06:48 - 000950280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-11-21 16:55 - 2022-11-15 06:48 - 000738312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-11-21 16:55 - 2022-11-15 06:48 - 000734720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-11-21 16:55 - 2022-11-15 06:47 - 012453896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-11-21 16:55 - 2022-11-15 06:47 - 010220552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-11-21 16:55 - 2022-11-15 06:47 - 005891080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-11-21 16:55 - 2022-11-15 06:47 - 005857280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2022-11-21 16:55 - 2022-11-15 06:47 - 005817336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-11-21 16:55 - 2022-11-15 06:47 - 003334664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-11-21 16:55 - 2022-11-15 06:47 - 000458240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-11-21 16:55 - 2022-11-15 06:46 - 000853016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-11-21 16:55 - 2022-11-15 06:45 - 006511856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-11-21 16:55 - 2022-11-13 13:23 - 000100633 _____ C:\WINDOWS\system32\nvinfo.pb
2022-11-20 08:11 - 2022-11-20 08:12 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\glasswire
2022-11-20 08:11 - 2022-11-20 08:11 - 000001977 _____ C:\Users\Public\Desktop\GlassWire.lnk
2022-11-20 08:11 - 2022-11-20 08:11 - 000000000 ____D C:\Program Files (x86)\GlassWire
2022-11-20 08:11 - 2015-05-29 08:30 - 000008392 _____ C:\WINDOWS\system32\Drivers\gwdrv.cat
2022-11-20 08:11 - 2015-05-29 08:15 - 000033152 _____ (SecureMix LLC) C:\WINDOWS\system32\Drivers\gwdrv.sys
2022-11-20 08:10 - 2022-11-20 08:11 - 000000000 ____D C:\ProgramData\glasswire
2022-11-20 07:39 - 2022-11-20 07:39 - 000000000 ___HD C:\$WinREAgent
2022-11-19 19:43 - 2022-11-19 19:43 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\Bravia
2022-11-18 20:48 - 2022-11-18 20:48 - 1747802533 _____ C:\WINDOWS\MEMORY.DMP
2022-11-18 20:48 - 2022-11-18 20:48 - 001910900 _____ C:\WINDOWS\Minidump\111822-9750-01.dmp
2022-11-16 22:55 - 2022-11-16 23:28 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\BoneTown.The.Second.Coming.Edition.v18.10.2021
2022-11-13 08:43 - 2022-11-13 12:43 - 000000000 ____D C:\Program Files\RUXIM
2022-11-12 13:05 - 2022-11-12 13:05 - 000688128 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-11-12 13:05 - 2022-11-12 13:05 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-11-12 13:05 - 2022-11-12 13:05 - 000073216 _____ C:\WINDOWS\system32\nettraceex.dll
2022-11-12 13:05 - 2022-11-12 13:05 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-11-12 09:38 - 2022-11-12 09:38 - 000001402 _____ C:\Users\HELLBOX-i7\Desktop\Cyberpunk 2077.lnk
2022-11-11 23:58 - 2022-11-11 23:57 - 000006557 _____ C:\Users\HELLBOX-i7\Desktop\Fortnite.lnk
2022-11-11 23:15 - 2022-11-11 23:15 - 001427176 _____ (Google LLC) C:\Users\HELLBOX-i7\Downloads\ChromeSetup.exe
2022-11-11 12:04 - 2022-12-04 16:49 - 160694272 _____ C:\WINDOWS\system32\config\SOFTWARE
2022-11-11 12:00 - 2022-11-11 12:04 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2022-11-07 11:40 - 2022-11-07 11:40 - 000000650 _____ C:\Users\Public\Desktop\Logitech G HUB.lnk
2022-11-07 11:40 - 2022-11-07 11:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2022-11-07 11:40 - 2022-11-07 11:40 - 000000000 ____D C:\Program Files\LGHUB
2022-11-06 13:37 - 2022-12-04 16:50 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\imageclass
2022-11-06 13:37 - 2022-11-21 07:41 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\Bluestack
2022-11-06 13:37 - 2022-11-06 13:37 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\Canon

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-12-04 16:52 - 2020-02-25 19:19 - 000000000 ____D C:\Program Files (x86)\Google
2022-12-04 16:51 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-12-04 16:50 - 2022-10-03 16:22 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\LGHUB
2022-12-04 16:50 - 2022-10-02 17:14 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\LGHUB
2022-12-04 16:50 - 2022-08-11 18:50 - 000003148 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner
2022-12-04 16:50 - 2021-12-04 09:34 - 000002624 _____ C:\Users\HELLBOX-i7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome Canary.lnk
2022-12-04 16:50 - 2021-12-04 09:34 - 000002587 _____ C:\Users\HELLBOX-i7\Desktop\Google Chrome Canary.lnk
2022-12-04 16:50 - 2020-03-27 09:08 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-12-04 16:50 - 2020-03-07 16:39 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\CrashDumps
2022-12-04 16:50 - 2020-02-26 23:09 - 000000000 ____D C:\ProgramData\NVIDIA
2022-12-04 16:50 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-12-04 16:50 - 2019-11-30 23:25 - 000000000 ____D C:\Users\HELLBOX-i7\Documents\Assassin's Creed Unity
2022-12-04 16:49 - 2020-12-01 08:46 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-12-04 16:49 - 2020-12-01 08:40 - 000008192 ___SH C:\DumpStack.log.tmp
2022-12-04 16:49 - 2020-12-01 02:08 - 000000000 ____D C:\Users\HELLBOX-i7
2022-12-04 16:49 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-12-04 15:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-12-04 12:48 - 2022-05-07 09:33 - 000003464 _____ C:\WINDOWS\system32\Tasks\CorelUpdateHelperTask-ABB11EE91E664D088EA2CFB6CE1DF05A
2022-12-04 11:05 - 2020-09-05 12:15 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-12-04 10:52 - 2020-12-01 08:43 - 001990828 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-12-04 10:52 - 2019-12-07 15:43 - 000815054 _____ C:\WINDOWS\system32\perfh005.dat
2022-12-04 10:52 - 2019-12-07 15:43 - 000189812 _____ C:\WINDOWS\system32\perfc005.dat
2022-12-04 10:45 - 2022-08-15 10:47 - 000000000 ____D C:\Users\DefaultAppPool
2022-12-04 10:45 - 2020-06-10 06:46 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-12-04 10:45 - 2020-02-25 19:21 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-12-04 10:45 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-12-04 10:44 - 2020-12-01 08:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-12-03 23:16 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-12-02 09:17 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-12-01 23:48 - 2020-08-06 19:09 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\uTorrent
2022-12-01 08:18 - 2020-02-25 20:41 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\D3DSCache
2022-11-30 08:37 - 2020-03-28 13:50 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\ElevatedDiagnostics
2022-11-29 19:46 - 2020-06-23 10:43 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\Winamp
2022-11-29 00:41 - 2022-09-28 15:08 - 000000000 ____D C:\b
2022-11-28 11:34 - 2020-12-01 08:46 - 000004234 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1582668926
2022-11-28 11:34 - 2020-02-25 23:15 - 000001539 _____ C:\Users\HELLBOX-i7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2022-11-26 00:38 - 2021-10-07 22:43 - 000000000 ____D C:\a
2022-11-24 09:10 - 2021-10-30 22:22 - 000005388 _____ C:\Users\HELLBOX-i7\AppData\Roaming\plugin_scan_state_VST2_x64.scan
2022-11-24 09:10 - 2021-10-30 22:22 - 000004287 _____ C:\Users\HELLBOX-i7\AppData\Roaming\plugin_scan_state_VST3_x64.scan
2022-11-24 09:10 - 2021-10-30 22:22 - 000003574 _____ C:\Users\HELLBOX-i7\AppData\Roaming\plugin_scan_state_VST2_x32.scan
2022-11-24 09:10 - 2021-10-30 22:22 - 000001432 _____ C:\Users\HELLBOX-i7\AppData\Roaming\plugin_scan_state_VST3_x32.scan
2022-11-23 13:21 - 2020-12-01 08:46 - 000004246 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1582841240
2022-11-23 13:21 - 2020-02-27 23:07 - 000001568 _____ C:\Users\HELLBOX-i7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera GX.lnk
2022-11-22 23:25 - 2020-03-03 19:17 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\UnrealEngine
2022-11-22 23:05 - 2022-05-22 22:46 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\LocalLow\DefaultCompany
2022-11-21 17:25 - 2020-05-24 09:40 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\Adobe
2022-11-21 17:24 - 2020-02-25 19:07 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\Adobe
2022-11-21 17:04 - 2020-02-26 23:10 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\NVIDIA
2022-11-21 17:04 - 2020-02-25 18:59 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-11-21 16:58 - 2020-12-01 08:46 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-21 16:58 - 2020-12-01 08:46 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-21 16:58 - 2020-12-01 08:46 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-21 16:58 - 2020-12-01 08:46 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-21 16:58 - 2020-12-01 08:46 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-21 16:58 - 2020-12-01 08:46 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-21 16:58 - 2020-12-01 08:46 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-21 16:57 - 2020-12-01 08:46 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-21 16:57 - 2020-12-01 08:46 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-21 16:57 - 2020-02-26 23:09 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2022-11-21 16:57 - 2020-02-25 19:07 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-11-20 08:11 - 2020-02-26 23:09 - 000000000 ____D C:\ProgramData\Package Cache
2022-11-20 08:11 - 2019-11-29 19:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\06-SYSTEM TOOLs
2022-11-20 07:41 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-11-18 20:49 - 2020-12-01 08:40 - 000819600 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-11-18 20:49 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-11-18 20:49 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-11-18 20:49 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-11-18 20:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-11-18 20:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-11-18 20:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-11-18 20:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-11-18 20:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-11-18 20:48 - 2021-06-02 06:47 - 000000000 ____D C:\WINDOWS\Minidump
2022-11-16 23:29 - 2020-12-01 17:17 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\vlc
2022-11-15 06:45 - 2020-10-09 18:22 - 007643384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2022-11-13 13:23 - 2021-04-16 22:06 - 000086568 _____ C:\WINDOWS\system32\FvSDK_x64.dll
2022-11-13 13:23 - 2021-04-16 22:06 - 000075304 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll
2022-11-13 13:23 - 2020-10-09 18:22 - 000129000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2022-11-13 13:23 - 2020-02-26 23:10 - 002890296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2022-11-13 13:23 - 2020-02-26 23:10 - 002224696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2022-11-13 13:23 - 2020-02-26 23:10 - 001297464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2022-11-13 13:23 - 2020-02-26 23:09 - 000169512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2022-11-13 13:23 - 2020-02-26 23:09 - 000148520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2022-11-13 13:23 - 2020-02-26 23:09 - 000059368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2022-11-13 13:23 - 2020-02-26 23:09 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2022-11-12 13:05 - 2020-12-01 08:42 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-11-12 13:05 - 2019-11-25 11:23 - 000415688 __RSH C:\bootmgr
2022-11-11 21:28 - 2020-07-26 14:57 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2022-11-11 21:28 - 2019-12-07 15:47 - 000000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
2022-11-11 21:28 - 2019-12-07 15:47 - 000000000 ___SD C:\WINDOWS\system32\AppV
2022-11-11 21:28 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Portable Devices
2022-11-11 21:28 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2022-11-11 21:28 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2022-11-11 21:28 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2022-11-11 21:28 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-11-11 21:28 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2022-11-11 21:28 - 2019-12-07 15:44 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2022-11-11 21:28 - 2019-12-07 15:43 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2022-11-11 21:28 - 2019-12-07 15:43 - 000000000 ____D C:\WINDOWS\system32\cs
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\dsc
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\InstallShield
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\downlevel
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Containers
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\Services
2022-11-11 21:28 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2022-11-11 21:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\registration
2022-11-10 22:33 - 2020-02-25 19:03 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-11-10 15:50 - 2020-02-26 00:30 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-11-10 15:47 - 2020-02-26 00:30 - 146960040 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-11-08 07:41 - 2020-12-01 08:46 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-11-08 07:41 - 2020-12-01 08:46 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-11-06 18:32 - 2020-02-25 19:10 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\PlaceholderTileLogoFolder
2022-11-06 18:32 - 2020-02-25 19:07 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\Packages

==================== Files in the root of some directories ========

2021-09-04 07:37 - 2021-09-04 07:37 - 001429243 _____ (PolySoft Solutions ) C:\Users\HELLBOX-i7\FreeFLACToMP3Converter.exe
2020-10-11 12:27 - 2022-09-29 16:57 - 000011861 _____ () C:\Program Files (x86)\unins000.dat
2022-09-29 16:57 - 2022-09-29 16:56 - 001383755 _____ () C:\Program Files (x86)\unins000.exe
2020-08-31 16:34 - 2020-09-07 18:47 - 000000799 _____ () C:\Users\HELLBOX-i7\AppData\Roaming\HELLBOX-I7-PC.MTBF.txt
2021-10-30 22:22 - 2022-11-24 09:10 - 000003574 _____ () C:\Users\HELLBOX-i7\AppData\Roaming\plugin_scan_state_VST2_x32.scan
2021-10-30 22:22 - 2022-11-24 09:10 - 000005388 _____ () C:\Users\HELLBOX-i7\AppData\Roaming\plugin_scan_state_VST2_x64.scan
2021-10-30 22:22 - 2022-11-24 09:10 - 000001432 _____ () C:\Users\HELLBOX-i7\AppData\Roaming\plugin_scan_state_VST3_x32.scan
2021-10-30 22:22 - 2022-11-24 09:10 - 000004287 _____ () C:\Users\HELLBOX-i7\AppData\Roaming\plugin_scan_state_VST3_x64.scan
2022-02-20 16:40 - 2022-02-21 16:42 - 000005632 _____ () C:\Users\HELLBOX-i7\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-08-31 15:39 - 2020-08-31 15:39 - 000000098 _____ () C:\Users\HELLBOX-i7\AppData\Local\fusioncache.dat
2020-09-05 11:58 - 2020-09-05 11:58 - 000000410 _____ () C:\Users\HELLBOX-i7\AppData\Local\oobelibMkey.log
2020-08-17 18:12 - 2020-08-17 18:12 - 000000017 _____ () C:\Users\HELLBOX-i7\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Nahoru
Jeff Scylla
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 03 pro 2022 13:39

Re: Prosím o kontrolu logu, nemohu najít nákazu.

#11 Příspěvek od Jeff Scylla »

Addition
Přílohy
Addition.zip
(38.97 KiB) Staženo 26 x
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15213
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu logu, nemohu najít nákazu.

#12 Příspěvek od JaRon »

1. odinstaluj vsetky AV s ktorymi si experimentoval
2. vycisti PC s Ccleanerom vcetne registrov
Restart
3. vloz logy FRST po akcii, zajtra na to pozriem, zatial to nevypada na nakazu
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
Jeff Scylla
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 03 pro 2022 13:39

Re: Prosím o kontrolu logu, nemohu najít nákazu.

#13 Příspěvek od Jeff Scylla »

omlouvám se za spoždění. Dnes se komp už úplně zbláznil, neustále přepínal krysu do středu aktivní obrazovky se zvukem jako bych vytahoval a zapojoval krysu do USB, Video z čehokoliv se zatmívalo Bsplayer padal. Nedalo se s tím moc dělat. vše jsem nakonec dostal pryč a když jsem spustil Ccleaner tvrdil my že mám puštěný Edge a Chrom. Chrom se spustil ve falešném okně jakoby na někde pozadí jako předtím ale Edge nepoužívám ani náhodou a Ccleaneru se ho ani nepodařilo normálně vypnout jen až pak natvrdo. Pod chromem byl i exe soubor worker kterého jsem si nikdy předtím nevšiml, i když nebyl chrom puštěný nešel smazat, nakonec se to povedlo případně bych přeinstaloval ale od té doby je to trochu lepší. posílám tedy nový log.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-11-2022
Ran by HELLBOX-i7 (administrator) on HELLBOX-I7-PC (Micro-Star International Co., Ltd. MS-7B17) (05-12-2022 17:24:38)
Running from D:\D\2022- aJeS
Loaded Profiles: HELLBOX-i7 & DefaultAppPool
Platform: Microsoft Windows 10 Pro Version 22H2 19045.2251 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(A-Volute SAS -> A-Volute) C:\Users\HELLBOX-i7\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe
(C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(C:\Program Files (x86)\GlassWire\GWCtlSrv.exe ->) (GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GWIdlMon.exe
(C:\Program Files\LGHUB\lghub.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(C:\Program Files\LGHUB\lghub_agent.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\logi_crashpad_handler.exe <2>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCopyAccelerator.exe
(C:\Users\HELLBOX-i7\AppData\Roaming\imageclass\Avira.exe ->) (Google LLC -> Google LLC) C:\Users\HELLBOX-i7\AppData\Roaming\imageclass\chrome\worker.exe <46>
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe
(explorer.exe ->) (3 APPES Ltd.) [File not signed] C:\Program Files (x86)\3 APPES\Sound Lock\SoundLock.exe
(explorer.exe ->) (AMSTION LIMITED -> ) C:\Users\HELLBOX-i7\AppData\Roaming\Axife Standard\Axife.exe
(explorer.exe ->) (AMSTION LIMITED -> ) C:\Users\HELLBOX-i7\AppData\Roaming\Axife Standard\Axife-TaskMgr.exe
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GlassWire.exe
(explorer.exe ->) (iMobie Inc. -> iMobie Inc.) C:\Users\HELLBOX-i7\AppData\Roaming\Canon\CNQ.exe
(explorer.exe ->) (iMobie Inc. -> iMobie Inc.) C:\Users\HELLBOX-i7\AppData\Roaming\imageclass\Avira.exe
(explorer.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <4>
(explorer.exe ->) (TCB Networks -> ) F:\Program Files (x86)\StrokeIt\strokeit.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\Fluke\Fluke Connect\DesktopSyncService.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\Fluke\Fluke Connect\ExistingMeasurementSyncService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(services.exe ->) (Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe
(services.exe ->) (GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) C:\Windows\System32\CorsairGamingAudioCfgService64.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdsig.inf_amd64_5bcaff6c9e313cf1\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (OpenVPN Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(services.exe ->) (OpenVPN Inc. -> The OpenVPN project) C:\Program Files\OpenVPN\bin\openvpnserv2.exe
(services.exe ->) (Shanghai Microvirt Software Technology Co., Ltd. -> Microvirt Software Technology Co. Ltd.) D:\Program Files\Microvirt\MEmu\MemuService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22092.214.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476960 2022-09-27] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [CORSAIR iCUE Software] => C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [410152 2020-08-31] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [StrokeIt] => F:\Program Files (x86)\StrokeIt\strokeit.exe [24712 2009-06-16] (TCB Networks -> )
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [SoundLock] => C:\Program Files (x86)\3 APPES\Sound Lock\SoundLock.exe [605184 2012-05-28] (3 APPES Ltd.) [File not signed]
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32703440 2022-11-30] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [Opera GX Browser Assistant] => C:\Users\HELLBOX-i7\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [Google Update] => C:\Users\HELLBOX-i7\AppData\Local\Google\Update\1.3.36.152\GoogleUpdateCore.exe [230360 2022-08-30] (Google LLC -> Google LLC)
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [Axife Standard] => C:\Users\HELLBOX-i7\AppData\Roaming\Axife Standard\Axife.exe [1403880 2019-01-02] (AMSTION LIMITED -> )
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [Axife Task Manager Standard] => C:\Users\HELLBOX-i7\AppData\Roaming\Axife Standard\Axife-TaskMgr.exe [1085944 2019-01-02] (AMSTION LIMITED -> )
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [152025856 2022-11-07] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [Opera Browser Assistant] => C:\Users\HELLBOX-i7\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4152776 2022-10-19] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [LogMessager2022] => C:\Users\HELLBOX-i7\AppData\Roaming\Canon\CNQ.exe [5606064 2022-11-06] (iMobie Inc. -> iMobie Inc.)
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [AviraOE] => C:\Users\HELLBOX-i7\AppData\Roaming\imageclass\Avira.exe [1104304 2017-06-29] (iMobie Inc. -> iMobie Inc.)
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [GlassWire] => C:\Program Files (x86)\GlassWire\glasswire.exe [10554760 2022-11-13] (GlassWire -> SecureMix LLC)
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38650192 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\RunOnce: [Application Restart #0] => C:\Users\HELLBOX-i7\AppData\Roaming\imageclass\chrome\worker.exe [3133720 2022-12-02] (Google LLC -> Google LLC)
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\MountPoints2: {40022121-105c-11ea-973d-806e6f6e6963} - "rundll32.exe" url,FileProtocolHandler index.html
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\MountPoints2: {93605704-ba78-11eb-93e5-dc7196456518} - "H:\DTLplus_Launcher.exe"
HKLM\...\Windows x64\Print Processors\Epson Laser01: C:\Windows\System32\spool\prtprocs\x64\EP0LPP01.DLL [41472 2011-08-30] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\108.0.5359.95\Installer\chrmstp.exe [2022-12-05] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{E5931AF4-2A8F-48A5-AFC8-CE9B79C4B19D}] -> reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2020-03-17]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) [File not signed]
Startup: C:\Users\HELLBOX-i7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FuzeTV.lnk [2021-06-30]
ShortcutTarget: FuzeTV.lnk -> C:\Users\HELLBOX-i7\AppData\Local\Overwolf\Extensions\dafpjodfmofenjonekfnkphpghegoekhfepmbmib\0.9.9.2534\plugins\agent\FuzeTV.exe (No File)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00649874-8E50-4E19-9D62-14B786842DF9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-469362532-771386427-3435094161-1000UA => C:\Users\HELLBOX-i7\AppData\Local\Google\Update\GoogleUpdate.exe [156232 2021-12-04] (Google LLC -> Google LLC)
Task: {01CC0170-2A71-4B6E-A87C-79D5D5E81740} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-469362532-771386427-3435094161-1000Core => C:\Users\HELLBOX-i7\AppData\Local\Google\Update\GoogleUpdate.exe [156232 2021-12-04] (Google LLC -> Google LLC)
Task: {093540A7-7E09-487C-8924-4333E03F7955} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation)
Task: {0A3589E8-BE07-40A4-B41E-12EC007CAA9E} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1615918871 => C:\Users\HELLBOX-i7\AppData\Local\Programs\Opera GX\launcher.exe [2505160 2022-11-23] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\HELLBOX-i7\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {198B651A-FF4E-4D77-8276-F13FEF181440} - System32\Tasks\CorelUpdateHelperTaskCore => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [3813600 2021-12-03] (Corel Corporation -> Corel Corporation)
Task: {238F307D-357E-4B68-B0B2-B79F152BAE67} - System32\Tasks\G2MUpdateTask-S-1-5-21-469362532-771386427-3435094161-1000 => C:\Users\HELLBOX-i7\AppData\Local\GoToMeeting\19950\g2mupdate.exe [33456 2022-04-22] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {31E23169-6348-4E95-A020-8C20F8339BEF} - System32\Tasks\Opera GX scheduled Autoupdate 1582841240 => C:\Users\HELLBOX-i7\AppData\Local\Programs\Opera GX\launcher.exe [2505160 2022-11-23] (Opera Norway AS -> Opera Software)
Task: {342194ED-728E-45E8-8778-8A715A414AF5} - System32\Tasks\CorelUpdateHelperTask-ABB11EE91E664D088EA2CFB6CE1DF05A => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [3813600 2021-12-03] (Corel Corporation -> Corel Corporation)
Task: {35117699-39D3-425C-A92D-7C6B8D43BBB7} - System32\Tasks\CCleanerSkipUAC - HELLBOX-i7 => C:\Program Files\CCleaner\CCleaner.exe [32325456 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {3E87797D-116A-43BF-95C0-4A386CC37B13} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4323C4FB-C891-49C9-A1F4-F4EA3EEAE159} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {492400B1-914C-4795-87F5-C4306B4A1ECA} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-11-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {566805D1-0A9C-4E64-B1C9-CDE327EF9C63} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2022-11-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {57617A94-4DD7-4D38-AC60-BF6E149DC757} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476960 2022-09-27] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {6214B605-8FA9-424E-A32C-B94FF876B73D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-11-13] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {6691F020-1AC0-4103-AAF9-B3678736512F} - System32\Tasks\Opera scheduled Autoupdate 1582668926 => C:\Users\HELLBOX-i7\AppData\Local\Programs\Opera\launcher.exe [2631112 2022-12-01] (Opera Norway AS -> Opera Software)
Task: {735B58B2-07FB-4400-A01B-B731BEDDF0CE} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908856 2022-11-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {79897F47-9AF9-49C9-AC17-A8245B8C8B6E} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-11-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {8066F237-E75D-4F5C-8B5B-42D0F0BE1E69} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_371_pepper.exe -check pepperplugin (No File)
Task: {89651C0F-E78B-42AF-8E06-A6A2D634FED6} - System32\Tasks\AdobeAAMUpdater-1.0-HELLBOX-i7-PC-HELLBOX-i7 => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled (No File)
Task: {91AB3C08-4A65-480A-A111-CC820C6921A4} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-11-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {99D05795-9A4D-475D-8516-4F1F604F498B} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-11-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {9A1FB372-EC89-4679-A4FF-D725146ECEA4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-02-25] (Google LLC -> Google LLC)
Task: {9A89A347-0FD7-43EA-91E7-EF55505D9DBC} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "2887047f-881f-41f5-8593-6f734bd61f79" --version "6.06.10144" --silent
Task: {A18105A5-015F-4C1B-A40E-800AC631B1BF} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1907712 2021-09-17] () [File not signed]
Task: {A7F0F3B0-E41E-4219-880E-E98291C8B3EB} - System32\Tasks\G2MUploadTask-S-1-5-21-469362532-771386427-3435094161-1000 => C:\Users\HELLBOX-i7\AppData\Local\GoToMeeting\19950\g2mupload.exe [33456 2022-04-22] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {B97A38AF-2D5E-477D-BA66-6B4F6B3CA3F8} - System32\Tasks\VideoStudioUpdater2020 => C:\Program Files\Corel\Corel VideoStudio 2020\VSNotification.exe [669320 2020-06-18] (Corel Corporation -> )
Task: {BE2F09CB-65A5-4BE8-9140-47E376056DCD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C1162D02-DADA-4965-8947-27ED8DA7C479} - System32\Tasks\Opera scheduled assistant Autoupdate 1582668930 => C:\Users\HELLBOX-i7\AppData\Local\Programs\Opera\launcher.exe [2631112 2022-12-01] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\HELLBOX-i7\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {C1C7C06B-FFDF-453B-AE2E-526D62628285} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2022-11-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {C641E526-ACDE-4CDE-B890-9AFFDB1A4291} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [1652536 2018-11-05] (Intel(R) Software -> Intel Corporation)
Task: {C7499500-496D-4B94-8042-F21F45C9E269} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E9F9C924-3163-42A6-834E-3DE25445432D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-11-09] (Piriform Software Ltd -> Piriform)
Task: {EE3B44F8-803E-488C-A57B-BFD434E7EE68} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [804408 2021-12-03] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {F451D1E3-CBDA-4944-AE2E-97E7EC7A0F09} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-02-25] (Google LLC -> Google LLC)
Task: {F6A56407-085E-458C-A0AA-46FEC6BF2FE1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908856 2022-11-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {FD214FBF-14C3-4E64-820D-3120394ADA19} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\program files (x86)\microsoft visual studio\installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [65440 2020-07-16] (Microsoft Corporation -> Microsoft)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-469362532-771386427-3435094161-1000.job => C:\Users\HELLBOX-i7\AppData\Local\GoToMeeting\19950\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-469362532-771386427-3435094161-1000.job => C:\Users\HELLBOX-i7\AppData\Local\GoToMeeting\19950\g2mupload.exe
Task: C:\WINDOWS\Tasks\Intel PTT EK Recertification.job => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6073f01f-4650-4db8-b762-f40eaf0fad9c}: [DhcpNameServer] 10.41.0.1
Tcpip\..\Interfaces\{f07e9e9c-ce9a-4c2a-881e-f986d7d6bef1}: [DhcpNameServer] 192.168.1.1

Edge:
=======
DownloadDir: C:\Users\HELLBOX-i7\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\HELLBOX-i7\AppData\Local\Microsoft\Edge\User Data\Default [2022-12-05]
Edge DownloadDir: Default -> C:\Users\HELLBOX-i7\Downloads

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default [2022-12-05]
CHR DownloadDir: C:\Users\HELLBOX-i7
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com","hxxp://www.yessearches.com/?ts=AHEpA3YtAX4pC0..&uid=F875C13EBB2C40E3EBCD5911F97AEDA4&ptid=cos&mode=nnnb"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Audiotool) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkgoccjhfjgjedhkiefaclppgbmoobnk [2020-08-12]
CHR Extension: (Hudba Google Play) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2020-11-20]
CHR Extension: (Work Offline) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjdagaoojgeilcobhibkgbodajcojda [2021-10-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-12-01]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-12-01]
CHR Extension: (Eml Manager) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjpnegahhmlieielkpdoifigpdfnnkk [2020-08-12]
CHR Extension: ( Best VPN for Chrome by uVPN) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaoafpkngncfpfggjefnekilbkcpjdgp [2021-12-10]
CHR Extension: (Nástroj na obnovení Chromebooku) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\jndclpdbaamdhonoechobihbbiimdgai [2022-06-01]
CHR Extension: (Sketchpad) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkllajgbhondgjjnhmmgbjndmogapinp [2020-08-12]
CHR Extension: (KML, KMZ Viewer with Drive) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbolhellljccdahaeelobbojpfdgjgco [2021-11-18]
CHR Extension: (Map of the Earth) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncekdeccakacjplanbmoofohobljbkad [2020-08-12]
CHR Extension: (Norton Safe) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2020-08-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Ads Killer Adblocker Plus) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgbllmbdjgcalkoimdfcpknbjgnhjclg [2020-08-12]
CHR Extension: (Send from Gmail (by Google)) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgphcomnlaojlmmcjmiddhdapjpbgeoc [2020-08-12]
CHR Extension: (Privacy Badger) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkehgijcmpdhfbdbbnkijodmdjhbjlgp [2022-09-30]

Opera:
=======
OPR Profile: C:\Users\HELLBOX-i7\AppData\Roaming\Opera Software\Opera Stable [2022-12-05]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... tpsf=openc
OPR Extension: (Rich Hints Agent) - C:\Users\HELLBOX-i7\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-10-27]
OPR Extension: (Opera Wallet) - C:\Users\HELLBOX-i7\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-11-29]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\HELLBOX-i7\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-14]
StartMenuInternet: (HKU\S-1-5-21-469362532-771386427-3435094161-1000) Opera GXStable - "C:\Users\HELLBOX-i7\AppData\Local\Programs\Opera GX\Launcher.exe"

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3866592 2022-09-27] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3702240 2022-09-27] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [9712432 2022-09-18] (BattlEye Innovations e.K. -> )
R2 CorsairGamingAudioConfig; C:\WINDOWS\system32\CorsairGamingAudioCfgService64.exe [605096 2020-08-01] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe [421928 2020-08-31] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [56872 2020-08-31] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [812520 2022-01-29] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2021-10-06] (Epic Games Inc. -> Epic Games, Inc.)
R2 Fluke Connect Patch Service; C:\Program Files (x86)\Fluke\Fluke Connect\ExistingMeasurementSyncService.exe [11776 2021-10-01] () [File not signed]
R2 Fluke Connect Sync Service; C:\Program Files (x86)\Fluke\Fluke Connect\DesktopSyncService.exe [15872 2021-10-01] () [File not signed]
R2 GlassWire; C:\Program Files (x86)\GlassWire\GWCtlSrv.exe [7769992 2022-11-13] (GlassWire -> SecureMix LLC)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10097408 2022-11-07] (Logitech Inc -> Logitech, Inc.)
R2 MEmusvc; D:\Program Files\Microvirt\MEmu\MemuService.exe [269104 2018-05-30] (Shanghai Microvirt Software Technology Co., Ltd. -> Microvirt Software Technology Co. Ltd.)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1888424 2021-10-08] (A-Volute SAS -> Nahimic)
R2 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [24504 2021-02-24] (OpenVPN Inc. -> The OpenVPN project)
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [73592 2021-02-24] (OpenVPN Inc. -> The OpenVPN Project)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 PSI_SVC_2_x64; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S3 Rockstar Service; F:\GAMEs\Rockstar Games\Launcher\RockstarService.exe [1314448 2020-03-29] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224216 2022-11-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [15110968 2022-11-24] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [147392 2019-04-30] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\NisSrv.exe [3191272 2022-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe [133544 2022-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmdsig.inf_amd64_5bcaff6c9e313cf1\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmdsig.inf_amd64_5bcaff6c9e313cf1\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 CorsairGamingAudioService; C:\WINDOWS\system32\DRIVERS\CorsairGamingAudio64.sys [60328 2020-08-01] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAccess3B84E98236B28D4E075D5737DF9F567A1FB76E8A; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys [21752 2020-07-29] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45984 2020-07-29] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21920 2020-07-29] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 e1dexpress; C:\WINDOWS\System32\DriverStore\FileRepository\e1d.inf_amd64_e64afe811c7e4662\e1d.sys [608464 2022-06-16] (Intel Corporation -> Intel Corporation)
R1 gwdrv; C:\WINDOWS\system32\DRIVERS\gwdrv.sys [33152 2015-05-29] (GlassWire -> SecureMix LLC)
S3 ibtavflt; C:\WINDOWS\System32\drivers\ibtavflt.sys [32712 2014-07-25] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2022-10-07] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2022-09-29] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2022-10-07] (Logitech Inc -> Logitech)
R2 memudrv; D:\Program Files\Microvirt\MEmuHyperv\MEmuDrv.sys [260368 2015-11-02] (上海迈微软件科技有限公司 -> Microvirt Corporation)
R3 MpKsl9d35ebfc; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{81E99C3A-ACB9-43BB-BF4C-59DD81E1EE84}\MpKslDrv.sys [214280 2022-12-05] (Microsoft Windows -> Microsoft Corporation)
R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [85616 2021-08-13] (A-Volute -> Windows (R) Win 7 DDK provider)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-11-13] (Nvidia Corporation -> NVIDIA Corporation)
S3 RDID1142; C:\WINDOWS\system32\Drivers\RDWM1142.SYS [212352 2015-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Roland Corporation)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2021-05-26] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2022-11-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [469288 2022-11-10] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\System32\drivers\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-11-10] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [38176 2021-05-26] (WireGuard LLC -> WireGuard LLC)
S3 cpuz149; \??\C:\WINDOWS\temp\cpuz149\cpuz149_x64.sys [X]
S3 MpKsl4861d3f8; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BB3F3779-010F-4E5E-A68A-32BBE4B9FEB8}\MpKslDrv.sys [X]
S3 MpKsla6c59e88; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BB3F3779-010F-4E5E-A68A-32BBE4B9FEB8}\MpKslDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Three months (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-12-05 17:07 - 2022-12-05 17:23 - 000000000 ____D C:\Program Files\CCleaner
2022-12-05 17:07 - 2022-12-05 17:13 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2022-12-05 17:07 - 2022-12-05 17:07 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-12-05 17:07 - 2022-12-05 17:07 - 000003472 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2022-12-05 17:07 - 2022-12-05 17:07 - 000002920 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - HELLBOX-i7
2022-12-05 17:07 - 2022-12-05 17:07 - 000000830 _____ C:\Users\Public\Desktop\CCleaner.lnk
2022-12-05 17:07 - 2022-12-05 17:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2022-12-05 16:48 - 2022-12-05 16:48 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\Bluestack
2022-12-05 15:41 - 2022-12-05 15:41 - 000000000 ____D C:\Program Files\7-Zip
2022-12-05 07:48 - 2022-12-05 17:13 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\imageclass
2022-12-05 07:48 - 2022-12-05 16:47 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\Bravia
2022-12-04 18:04 - 2022-12-05 17:03 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2022-12-04 18:03 - 2022-12-04 18:03 - 000000000 ____D C:\Program Files\Common Files\AV
2022-12-04 17:22 - 2022-12-05 17:02 - 000000000 ____D C:\ProgramData\NortonInstaller
2022-12-04 17:15 - 2022-12-04 17:15 - 000001611 _____ C:\Users\HELLBOX-i7\Desktop\Norton Download Manager.lnk
2022-12-04 17:15 - 2022-12-04 17:15 - 000001424 _____ C:\Users\HELLBOX-i7\Desktop\Norton Installation Files.lnk
2022-12-04 17:15 - 2022-12-04 17:15 - 000000000 ____D C:\Users\Public\Downloads\Norton
2022-12-04 15:25 - 2022-10-19 02:28 - 008817264 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\Netwtw08.sys
2022-12-04 15:25 - 2022-10-19 02:28 - 002686148 _____ C:\WINDOWS\system32\Drivers\Netwfw08.dat
2022-12-04 15:25 - 2022-10-19 02:28 - 001677376 _____ (Intel Corporation) C:\WINDOWS\system32\IntelIHVRouter08.dll
2022-12-04 12:47 - 2022-12-05 17:25 - 000000000 ____D C:\FRST
2022-12-04 10:53 - 2022-12-05 17:05 - 000000000 ____D C:\ProgramData\Norton
2022-12-04 10:53 - 2022-12-05 16:47 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\NPE
2022-12-03 23:04 - 2022-12-04 12:46 - 1844010503 _____ C:\Users\HELLBOX-i7\Tulsa.King.S01E03 CZtit V OBRAZE 1080p.mkv
2022-12-03 13:02 - 2022-12-04 16:52 - 000000000 ____D C:\KVRT2020_Data
2022-12-03 12:53 - 2022-12-03 12:53 - 000001434 _____ C:\Users\HELLBOX-i7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2022-12-03 12:53 - 2022-12-03 12:53 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\ESET
2022-12-03 12:49 - 2022-12-04 10:44 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\FSDART
2022-12-03 12:49 - 2022-12-03 12:51 - 000000000 ____D C:\ProgramData\F-Secure
2022-12-03 12:49 - 2022-12-03 12:49 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\F-Secure
2022-12-01 10:06 - 2022-12-01 10:06 - 000110568 _____ C:\Users\HELLBOX-i7\ExpensiveHi-Fi.wsz
2022-11-25 15:21 - 2022-11-25 15:21 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\LocalLow\Hentai Empire
2022-11-23 11:11 - 2022-11-23 11:11 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\LocalLow\Kotovodk Studio
2022-11-22 23:25 - 2022-11-22 23:25 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\SexChess
2022-11-22 21:46 - 2022-11-22 21:46 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\Goldberg SteamEmu Saves
2022-11-22 21:46 - 2022-11-22 21:46 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\LocalLow\IR Studio
2022-11-21 17:25 - 2022-11-21 17:25 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\AdobeUM
2022-11-21 17:24 - 2022-11-21 17:24 - 000000000 ____D C:\Users\HELLBOX-i7\Documents\My eBooks
2022-11-21 16:56 - 2022-11-13 13:23 - 000060112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2022-11-21 16:56 - 2022-11-13 13:23 - 000041984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2022-11-21 16:55 - 2022-11-15 06:53 - 002236992 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-11-21 16:55 - 2022-11-15 06:53 - 002236992 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-11-21 16:55 - 2022-11-15 06:53 - 001642560 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-11-21 16:55 - 2022-11-15 06:53 - 001642560 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-11-21 16:55 - 2022-11-15 06:53 - 001487872 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-11-21 16:55 - 2022-11-15 06:53 - 001444408 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-11-21 16:55 - 2022-11-15 06:53 - 001444408 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-11-21 16:55 - 2022-11-15 06:53 - 001226736 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-11-21 16:55 - 2022-11-15 06:53 - 001168960 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-11-21 16:55 - 2022-11-15 06:53 - 001168960 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-11-21 16:55 - 2022-11-15 06:49 - 001532424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-11-21 16:55 - 2022-11-15 06:49 - 001191936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-11-21 16:55 - 2022-11-15 06:49 - 000851480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-11-21 16:55 - 2022-11-15 06:49 - 000671792 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-11-21 16:55 - 2022-11-15 06:49 - 000507432 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-11-21 16:55 - 2022-11-15 06:48 - 002162688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-11-21 16:55 - 2022-11-15 06:48 - 001618936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-11-21 16:55 - 2022-11-15 06:48 - 000950280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-11-21 16:55 - 2022-11-15 06:48 - 000738312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-11-21 16:55 - 2022-11-15 06:48 - 000734720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-11-21 16:55 - 2022-11-15 06:47 - 012453896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-11-21 16:55 - 2022-11-15 06:47 - 010220552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-11-21 16:55 - 2022-11-15 06:47 - 005891080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-11-21 16:55 - 2022-11-15 06:47 - 005857280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2022-11-21 16:55 - 2022-11-15 06:47 - 005817336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-11-21 16:55 - 2022-11-15 06:47 - 003334664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-11-21 16:55 - 2022-11-15 06:47 - 000458240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-11-21 16:55 - 2022-11-15 06:46 - 000853016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-11-21 16:55 - 2022-11-15 06:45 - 006511856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-11-21 16:55 - 2022-11-13 13:23 - 000100633 _____ C:\WINDOWS\system32\nvinfo.pb
2022-11-20 08:11 - 2022-12-05 16:57 - 000000000 ____D C:\Program Files (x86)\GlassWire
2022-11-20 08:11 - 2022-11-20 08:12 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\glasswire
2022-11-20 08:11 - 2022-11-20 08:11 - 000001977 _____ C:\Users\Public\Desktop\GlassWire.lnk
2022-11-20 08:11 - 2015-05-29 08:30 - 000008392 _____ C:\WINDOWS\system32\Drivers\gwdrv.cat
2022-11-20 08:11 - 2015-05-29 08:15 - 000033152 _____ (SecureMix LLC) C:\WINDOWS\system32\Drivers\gwdrv.sys
2022-11-20 08:10 - 2022-11-20 08:11 - 000000000 ____D C:\ProgramData\glasswire
2022-11-20 07:39 - 2022-11-20 07:39 - 000000000 ___HD C:\$WinREAgent
2022-11-16 22:55 - 2022-11-16 23:28 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\BoneTown.The.Second.Coming.Edition.v18.10.2021
2022-11-13 08:43 - 2022-11-13 12:43 - 000000000 ____D C:\Program Files\RUXIM
2022-11-12 13:05 - 2022-11-12 13:05 - 000688128 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-11-12 13:05 - 2022-11-12 13:05 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-11-12 13:05 - 2022-11-12 13:05 - 000073216 _____ C:\WINDOWS\system32\nettraceex.dll
2022-11-12 13:05 - 2022-11-12 13:05 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-11-12 09:38 - 2022-11-12 09:38 - 000001402 _____ C:\Users\HELLBOX-i7\Desktop\Cyberpunk 2077.lnk
2022-11-11 23:58 - 2022-11-11 23:57 - 000006557 _____ C:\Users\HELLBOX-i7\Desktop\Fortnite.lnk
2022-11-11 23:15 - 2022-11-11 23:15 - 001427176 _____ (Google LLC) C:\Users\HELLBOX-i7\Downloads\ChromeSetup.exe
2022-11-11 12:04 - 2022-12-05 17:04 - 161480704 _____ C:\WINDOWS\system32\config\SOFTWARE
2022-11-11 12:00 - 2022-11-11 12:04 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2022-11-07 11:40 - 2022-11-07 11:40 - 000000650 _____ C:\Users\Public\Desktop\Logitech G HUB.lnk
2022-11-07 11:40 - 2022-11-07 11:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2022-11-07 11:40 - 2022-11-07 11:40 - 000000000 ____D C:\Program Files\LGHUB
2022-11-06 13:37 - 2022-11-06 13:37 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\Canon
2022-10-23 13:43 - 2022-10-23 13:44 - 000002531 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 6.0.lnk
2022-10-23 13:43 - 2022-10-23 13:44 - 000002109 _____ C:\Users\Public\Desktop\Adobe Reader 6.0.lnk
2022-10-23 13:43 - 2022-10-23 13:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintMe Internet Printing
2022-10-23 13:43 - 2022-10-23 13:43 - 000000000 ____D C:\WINDOWS\Cache
2022-10-12 07:16 - 2022-10-12 07:16 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-10-12 07:16 - 2022-10-12 07:16 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-10-12 07:16 - 2022-10-12 07:16 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-10-12 07:16 - 2022-10-12 07:16 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-10-12 07:16 - 2022-10-12 07:16 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-10-07 06:38 - 2022-10-07 06:38 - 000073040 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_xlcore.sys
2022-10-07 06:38 - 2022-10-07 06:38 - 000044880 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_bus_enum.sys
2022-10-03 16:22 - 2022-12-05 17:13 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\LGHUB
2022-10-03 16:19 - 2022-10-07 18:35 - 000000000 ____D C:\ProgramData\LGHUB
2022-10-02 17:14 - 2022-12-05 17:13 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\LGHUB
2022-10-02 17:14 - 2022-10-02 17:14 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\LGHUB_BKP
2022-09-29 22:06 - 2022-09-29 22:06 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\Logitech
2022-09-29 22:05 - 2022-09-29 22:05 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\Logitech
2022-09-29 22:05 - 2022-09-29 22:05 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\Logishrd
2022-09-29 16:57 - 2022-09-29 16:56 - 001383755 _____ C:\Program Files (x86)\unins000.exe
2022-09-29 09:09 - 2022-09-30 19:42 - 000000000 ____D C:\ProgramData\Logishrd
2022-09-29 09:09 - 2022-09-29 17:00 - 000000000 ____D C:\Program Files\Logitech
2022-09-29 09:09 - 2022-09-29 09:09 - 000032080 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_vir_hid.sys
2022-09-28 15:08 - 2022-11-29 00:41 - 000000000 ____D C:\b
2022-09-28 15:06 - 2022-09-29 06:45 - 000000000 ____D C:\C
2022-09-26 20:44 - 2022-09-26 20:44 - 000002101 _____ C:\Users\Public\Desktop\Bloody7.lnk
2022-09-26 20:44 - 2022-09-26 20:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloody
2022-09-26 20:44 - 2022-09-26 20:44 - 000000000 ____D C:\ProgramData\Bloody7
2022-09-26 20:44 - 2022-09-26 20:44 - 000000000 ____D C:\Program Files (x86)\Bloody7
2022-09-26 20:23 - 2022-09-26 20:25 - 034632032 _____ C:\Users\HELLBOX-i7\Downloads\Bloody7_V2022.0805_MUI.exe
2022-09-26 10:33 - 2022-09-26 10:33 - 000000000 ____D C:\Users\HELLBOX-i7\Downloads\KeyResponsePK_V2.0_20150707_B1
2022-09-26 10:29 - 2022-09-26 10:30 - 010486312 _____ C:\Users\HELLBOX-i7\Downloads\KeyResponsePK_V2.0_20150707_B1.zip
2022-09-22 12:42 - 2022-09-22 12:42 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\bunkus.org
2022-09-22 12:41 - 2022-09-22 12:46 - 000000000 ____D C:\Program Files\MKVToolNix
2022-09-22 12:41 - 2022-09-22 12:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix
2022-09-22 12:21 - 2022-09-22 12:21 - 000002236 _____ C:\Users\Public\Desktop\AnyMP4 Video Converter Ultimate.lnk
2022-09-16 15:39 - 2022-09-16 15:39 - 000413696 _____ C:\WINDOWS\system32\AzureCheck.dll
2022-09-16 15:39 - 2022-09-16 15:39 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2022-09-08 14:52 - 2022-09-08 14:52 - 000000000 ____D C:\Program Files\Google

==================== Three months (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-12-05 17:20 - 2020-12-01 08:43 - 001990828 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-12-05 17:20 - 2019-12-07 15:43 - 000815054 _____ C:\WINDOWS\system32\perfh005.dat
2022-12-05 17:20 - 2019-12-07 15:43 - 000189812 _____ C:\WINDOWS\system32\perfc005.dat
2022-12-05 17:20 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-12-05 17:15 - 2020-02-25 19:19 - 000000000 ____D C:\Program Files (x86)\Google
2022-12-05 17:14 - 2019-11-30 23:25 - 000000000 ____D C:\Users\HELLBOX-i7\Documents\Assassin's Creed Unity
2022-12-05 17:13 - 2022-08-15 10:47 - 000000000 ____D C:\Users\DefaultAppPool
2022-12-05 17:13 - 2022-08-11 18:50 - 000003148 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner
2022-12-05 17:13 - 2020-12-01 08:46 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-12-05 17:13 - 2020-12-01 08:40 - 000008192 ___SH C:\DumpStack.log.tmp
2022-12-05 17:13 - 2020-12-01 08:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-12-05 17:13 - 2020-12-01 02:08 - 000000000 ____D C:\Users\HELLBOX-i7
2022-12-05 17:13 - 2020-03-27 09:08 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-12-05 17:13 - 2020-02-26 23:09 - 000000000 ____D C:\ProgramData\NVIDIA
2022-12-05 17:13 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-12-05 17:10 - 2021-06-02 06:47 - 000000000 ____D C:\WINDOWS\Minidump
2022-12-05 17:10 - 2020-08-06 19:09 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\uTorrent
2022-12-05 17:10 - 2020-03-07 16:39 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\CrashDumps
2022-12-05 17:04 - 2021-10-07 22:43 - 000000000 ____D C:\a
2022-12-05 17:04 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-12-05 17:03 - 2020-02-25 20:41 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\D3DSCache
2022-12-05 17:03 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-12-05 17:03 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-12-05 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-12-05 16:47 - 2020-03-06 18:43 - 000000000 ____D C:\Program Files (x86)\ACD Systems
2022-12-05 16:39 - 2020-12-01 17:17 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\vlc
2022-12-05 15:57 - 2021-12-04 09:34 - 000002624 _____ C:\Users\HELLBOX-i7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome Canary.lnk
2022-12-05 15:57 - 2021-12-04 09:34 - 000002587 _____ C:\Users\HELLBOX-i7\Desktop\Google Chrome Canary.lnk
2022-12-05 15:48 - 2020-12-01 08:40 - 000818120 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-12-05 15:46 - 2020-02-25 19:21 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-12-05 15:45 - 2020-02-26 23:09 - 000000000 ____D C:\ProgramData\Package Cache
2022-12-05 15:44 - 2020-07-20 22:52 - 000000000 ____D C:\Program Files\dotnet
2022-12-05 15:42 - 2021-01-08 21:00 - 000001386 _____ C:\Users\Public\Desktop\Skype.lnk
2022-12-05 15:42 - 2021-01-08 21:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2022-12-05 15:41 - 2020-12-01 17:16 - 000000883 _____ C:\Users\Public\Desktop\VLC media player.lnk
2022-12-05 15:41 - 2020-02-17 10:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2022-12-05 15:40 - 2020-07-15 08:02 - 000001107 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2022-12-05 15:40 - 2020-07-15 08:02 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\Notepad++
2022-12-05 15:40 - 2020-07-15 08:02 - 000000000 ____D C:\Program Files (x86)\Notepad++
2022-12-05 13:03 - 2022-05-07 09:33 - 000003464 _____ C:\WINDOWS\system32\Tasks\CorelUpdateHelperTask-ABB11EE91E664D088EA2CFB6CE1DF05A
2022-12-04 23:11 - 2020-12-01 08:46 - 000003522 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2022-12-04 23:11 - 2020-09-05 12:15 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-12-04 20:15 - 2020-12-01 08:46 - 000004246 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1582841240
2022-12-04 20:15 - 2020-02-27 23:07 - 000001568 _____ C:\Users\HELLBOX-i7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera GX.lnk
2022-12-04 19:51 - 2020-12-01 08:46 - 000004234 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1582668926
2022-12-04 19:51 - 2020-02-25 23:15 - 000001539 _____ C:\Users\HELLBOX-i7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2022-12-04 18:07 - 2020-02-26 17:47 - 000000000 ____D C:\Program Files (x86)\BSPlayer
2022-12-04 10:45 - 2020-06-10 06:46 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-12-04 10:45 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-12-02 09:17 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-11-30 08:37 - 2020-03-28 13:50 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\ElevatedDiagnostics
2022-11-29 19:46 - 2020-06-23 10:43 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\Winamp
2022-11-24 09:10 - 2021-10-30 22:22 - 000005388 _____ C:\Users\HELLBOX-i7\AppData\Roaming\plugin_scan_state_VST2_x64.scan
2022-11-24 09:10 - 2021-10-30 22:22 - 000004287 _____ C:\Users\HELLBOX-i7\AppData\Roaming\plugin_scan_state_VST3_x64.scan
2022-11-24 09:10 - 2021-10-30 22:22 - 000003574 _____ C:\Users\HELLBOX-i7\AppData\Roaming\plugin_scan_state_VST2_x32.scan
2022-11-24 09:10 - 2021-10-30 22:22 - 000001432 _____ C:\Users\HELLBOX-i7\AppData\Roaming\plugin_scan_state_VST3_x32.scan
2022-11-22 23:25 - 2020-03-03 19:17 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\UnrealEngine
2022-11-22 23:05 - 2022-05-22 22:46 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\LocalLow\DefaultCompany
2022-11-21 17:25 - 2020-05-24 09:40 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\Adobe
2022-11-21 17:24 - 2020-02-25 19:07 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\Adobe
2022-11-21 17:04 - 2020-02-26 23:10 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\NVIDIA
2022-11-21 17:04 - 2020-02-25 18:59 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-11-21 16:58 - 2020-12-01 08:46 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-21 16:58 - 2020-12-01 08:46 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-21 16:58 - 2020-12-01 08:46 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-21 16:58 - 2020-12-01 08:46 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-21 16:58 - 2020-12-01 08:46 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-21 16:58 - 2020-12-01 08:46 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-21 16:58 - 2020-12-01 08:46 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-21 16:57 - 2020-12-01 08:46 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-21 16:57 - 2020-12-01 08:46 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-21 16:57 - 2020-02-26 23:09 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2022-11-21 16:57 - 2020-02-25 19:07 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-11-20 08:11 - 2019-11-29 19:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\06-SYSTEM TOOLs
2022-11-20 07:41 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-11-18 20:49 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-11-18 20:49 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-11-18 20:49 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-11-18 20:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-11-18 20:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-11-18 20:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-11-18 20:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-11-18 20:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-11-15 06:45 - 2020-10-09 18:22 - 007643384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2022-11-13 13:23 - 2021-04-16 22:06 - 000086568 _____ C:\WINDOWS\system32\FvSDK_x64.dll
2022-11-13 13:23 - 2021-04-16 22:06 - 000075304 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll
2022-11-13 13:23 - 2020-10-09 18:22 - 000129000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2022-11-13 13:23 - 2020-02-26 23:10 - 002890296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2022-11-13 13:23 - 2020-02-26 23:10 - 002224696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2022-11-13 13:23 - 2020-02-26 23:10 - 001297464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2022-11-13 13:23 - 2020-02-26 23:09 - 000169512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2022-11-13 13:23 - 2020-02-26 23:09 - 000148520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2022-11-13 13:23 - 2020-02-26 23:09 - 000059368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2022-11-13 13:23 - 2020-02-26 23:09 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2022-11-12 13:05 - 2020-12-01 08:42 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-11-12 13:05 - 2019-11-25 11:23 - 000415688 __RSH C:\bootmgr
2022-11-11 21:28 - 2020-07-26 14:57 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2022-11-11 21:28 - 2019-12-07 15:47 - 000000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
2022-11-11 21:28 - 2019-12-07 15:47 - 000000000 ___SD C:\WINDOWS\system32\AppV
2022-11-11 21:28 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Portable Devices
2022-11-11 21:28 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2022-11-11 21:28 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2022-11-11 21:28 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2022-11-11 21:28 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-11-11 21:28 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2022-11-11 21:28 - 2019-12-07 15:44 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2022-11-11 21:28 - 2019-12-07 15:43 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2022-11-11 21:28 - 2019-12-07 15:43 - 000000000 ____D C:\WINDOWS\system32\cs
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\dsc
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\InstallShield
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\downlevel
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Containers
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\Services
2022-11-11 21:28 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2022-11-11 21:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\registration
2022-11-10 22:33 - 2020-02-25 19:03 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-11-10 15:50 - 2020-02-26 00:30 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-11-10 15:47 - 2020-02-26 00:30 - 146960040 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-11-08 07:41 - 2020-12-01 08:46 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-11-08 07:41 - 2020-12-01 08:46 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-11-06 18:32 - 2020-02-25 19:10 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\PlaceholderTileLogoFolder
2022-11-06 18:32 - 2020-02-25 19:07 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\Packages

==================== Files in the root of some directories ========

2021-09-04 07:37 - 2021-09-04 07:37 - 001429243 _____ (PolySoft Solutions ) C:\Users\HELLBOX-i7\FreeFLACToMP3Converter.exe
2020-10-11 12:27 - 2022-09-29 16:57 - 000011861 _____ () C:\Program Files (x86)\unins000.dat
2022-09-29 16:57 - 2022-09-29 16:56 - 001383755 _____ () C:\Program Files (x86)\unins000.exe
2020-08-31 16:34 - 2020-09-07 18:47 - 000000799 _____ () C:\Users\HELLBOX-i7\AppData\Roaming\HELLBOX-I7-PC.MTBF.txt
2021-10-30 22:22 - 2022-11-24 09:10 - 000003574 _____ () C:\Users\HELLBOX-i7\AppData\Roaming\plugin_scan_state_VST2_x32.scan
2021-10-30 22:22 - 2022-11-24 09:10 - 000005388 _____ () C:\Users\HELLBOX-i7\AppData\Roaming\plugin_scan_state_VST2_x64.scan
2021-10-30 22:22 - 2022-11-24 09:10 - 000001432 _____ () C:\Users\HELLBOX-i7\AppData\Roaming\plugin_scan_state_VST3_x32.scan
2021-10-30 22:22 - 2022-11-24 09:10 - 000004287 _____ () C:\Users\HELLBOX-i7\AppData\Roaming\plugin_scan_state_VST3_x64.scan
2022-02-20 16:40 - 2022-02-21 16:42 - 000005632 _____ () C:\Users\HELLBOX-i7\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-08-31 15:39 - 2020-08-31 15:39 - 000000098 _____ () C:\Users\HELLBOX-i7\AppData\Local\fusioncache.dat
2020-09-05 11:58 - 2020-09-05 11:58 - 000000410 _____ () C:\Users\HELLBOX-i7\AppData\Local\oobelibMkey.log
2020-08-17 18:12 - 2020-08-17 18:12 - 000000017 _____ () C:\Users\HELLBOX-i7\AppData\Local\resmon.resmoncfg

==================== SigCheckExt =========================

2019-03-18 18:18 - 2019-03-18 18:18 - 000459264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dref9.dll
2012-09-28 20:45 - 2012-09-28 20:45 - 000246272 _____ C:\WINDOWS\system32\rtvcvfw64.dll
2022-09-29 16:57 - 2022-09-29 16:56 - 001383755 _____ C:\Program Files (x86)\unins000.exe
2020-03-12 13:18 - 1998-10-29 16:45 - 000306688 _____ (InstallShield Software Corporation) C:\WINDOWS\IsUninst.exe
2020-09-27 15:11 - 2007-08-24 03:10 - 000196608 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RTASIOCP.exe
2021-10-29 23:20 - 1998-04-30 13:56 - 000129024 _____ C:\WINDOWS\UNWISE.EXE
2020-04-26 14:40 - 1997-07-30 10:43 - 000070656 _____ (Apple Computer, Inc.) C:\WINDOWS\SysWOW64\3dviewer.dll
2020-08-31 15:37 - 2004-07-02 15:28 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ATL70.DLL
2020-08-31 15:37 - 2004-07-02 15:28 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl71.dll
2020-04-26 14:39 - 1999-03-21 04:34 - 000100864 _____ (Corel Corporation Limited) C:\WINDOWS\SysWOW64\awpe.dll
2020-04-26 14:39 - 1998-12-10 03:27 - 000168448 _____ (WexTech Systems, Inc.) C:\WINDOWS\SysWOW64\Awrtl30.dll
2021-10-29 23:20 - 1998-05-20 17:41 - 000269312 _____ (Iterated Systems, Inc.) C:\WINDOWS\SysWOW64\clrvidcc.DLL
2021-10-29 23:20 - 1998-05-20 17:41 - 000203776 _____ (Iterated Systems, Inc.) C:\WINDOWS\SysWOW64\clrviddc.DLL
2018-08-09 13:53 - 2018-08-09 13:53 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D2D1Debug2.dll
2018-08-09 13:56 - 2018-08-09 13:56 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11sdklayers.dll
2018-08-09 13:56 - 2018-08-09 13:56 - 000698368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11_1sdklayers.dll
2018-08-09 13:56 - 2018-08-09 13:56 - 000936960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11_2sdklayers.dll
2019-03-18 17:10 - 2019-03-18 17:10 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dref9.dll
2020-03-06 18:43 - 2000-12-12 21:10 - 000045568 _____ (Eastman Kodak Company) C:\WINDOWS\SysWOW64\DC210.dll
2020-03-06 18:43 - 2000-12-12 21:10 - 000110592 _____ (Eastman Kodak Company) C:\WINDOWS\SysWOW64\DC240.dll
2020-03-06 18:43 - 2000-12-12 21:10 - 000230400 _____ (Eastman Kodak Company) C:\WINDOWS\SysWOW64\DC265.dll
2020-04-26 14:42 - 1998-09-25 07:03 - 000607744 _____ (Digital Equipment Corp.) C:\WINDOWS\SysWOW64\Decslib.dll
2004-09-28 00:02 - 2004-09-28 00:02 - 000716800 _____ (DivXNetworks, Inc.) C:\WINDOWS\SysWOW64\DivX.dll
2005-07-29 19:37 - 2005-07-29 19:37 - 000094208 _____ (DivXNetworks, Inc.) C:\WINDOWS\SysWOW64\divxdec_0407.dll
2005-07-29 19:37 - 2005-07-29 19:37 - 000094208 _____ (DivXNetworks, Inc.) C:\WINDOWS\SysWOW64\divxdec_040c.dll
2005-07-29 19:37 - 2005-07-29 19:37 - 000094208 _____ (DivXNetworks, Inc.) C:\WINDOWS\SysWOW64\divxdec_0411.dll
2005-07-29 19:37 - 2005-07-29 19:37 - 000206848 _____ (DivXNetworks, Inc.) C:\WINDOWS\SysWOW64\divx_xx07.dll
2005-07-29 19:37 - 2005-07-29 19:37 - 000206336 _____ (DivXNetworks, Inc.) C:\WINDOWS\SysWOW64\divx_xx0c.dll
2005-07-29 19:37 - 2005-07-29 19:37 - 000528384 _____ (DivXNetworks, Inc.) C:\WINDOWS\SysWOW64\divx_xx11.dll
2007-04-27 08:43 - 2007-04-27 08:43 - 000120200 _____ () C:\WINDOWS\SysWOW64\DLLDEV32i.dll
2005-07-29 19:38 - 2005-07-29 19:38 - 000290816 _____ (DivXNetworks) C:\WINDOWS\SysWOW64\dpu10.dll
2005-07-29 19:38 - 2005-07-29 19:38 - 000602112 _____ (DivXNetworks) C:\WINDOWS\SysWOW64\dpuGUI10.dll
2005-07-29 19:38 - 2005-07-29 19:38 - 000335872 _____ (DivXNetworks) C:\WINDOWS\SysWOW64\dpus10.dll
2005-07-29 19:38 - 2005-07-29 19:38 - 000053248 _____ (DivXNetworks) C:\WINDOWS\SysWOW64\dpv10.dll
2020-03-06 18:43 - 2000-12-12 21:10 - 000043520 _____ (Eastman Kodak Company) C:\WINDOWS\SysWOW64\ekfpixaudio.dll
2020-03-06 18:43 - 2000-12-12 21:10 - 000138240 _____ (Eastman Kodak Company) C:\WINDOWS\SysWOW64\ekfpixexif.dll
2020-03-06 18:43 - 2000-12-12 21:10 - 000004608 _____ (Eastman Kodak Company) C:\WINDOWS\SysWOW64\ekfpixguid.dll
2020-03-06 18:43 - 2000-12-12 21:10 - 000446976 _____ (Eastman Kodak Company) C:\WINDOWS\SysWOW64\ekfpixio130.dll
2020-03-06 18:43 - 2000-12-12 21:10 - 000097280 _____ (Eastman Kodak Company) C:\WINDOWS\SysWOW64\ekfpixjpeg.dll
2020-03-06 18:43 - 2000-12-12 21:10 - 000068096 _____ (Eastman Kodak Company) C:\WINDOWS\SysWOW64\ekfpixpsets.dll
2021-10-29 23:20 - 1998-05-20 17:41 - 000085504 _____ (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\encdnet.DLL
2020-03-06 18:43 - 2000-12-12 21:10 - 000032768 _____ (Eastman Kodak Company) C:\WINDOWS\SysWOW64\F210.dll
2020-03-06 18:43 - 2000-12-12 21:10 - 000011264 _____ (Johnson-Grace Company) C:\WINDOWS\SysWOW64\Jgar500.dll
2020-03-06 18:43 - 2000-12-12 21:10 - 000144896 _____ (America Online) C:\WINDOWS\SysWOW64\Jgdw500.dll
2020-03-06 18:43 - 2000-12-12 21:10 - 000011264 _____ (Johnson-Grace Company) C:\WINDOWS\SysWOW64\Jgid500.dll
2020-03-06 18:43 - 2000-12-12 21:10 - 000007168 _____ (Johnson-Grace Company) C:\WINDOWS\SysWOW64\Jgme500.dll
2020-03-06 18:43 - 2000-12-12 21:10 - 000015872 _____ (Johnson-Grace Company) C:\WINDOWS\SysWOW64\Jgpl500.dll
2020-03-06 18:43 - 2000-12-12 21:10 - 000013312 _____ (Johnson-Grace Company) C:\WINDOWS\SysWOW64\Jgst500.dll
2020-03-06 18:43 - 2000-12-12 21:10 - 000335872 _____ C:\WINDOWS\SysWOW64\ldf252.dll
2020-03-06 18:43 - 2000-12-12 21:10 - 000126976 _____ (LuraTech GmbH) C:\WINDOWS\SysWOW64\lwf214p.dll
2020-08-31 15:36 - 2002-01-05 02:48 - 000974848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC70.DLL
2020-08-31 15:36 - 2002-01-05 02:36 - 000964608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC70U.DLL
2020-08-31 15:36 - 2004-05-14 04:07 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71.DLL
2020-08-31 15:36 - 2003-11-21 15:48 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71CHS.DLL
2020-08-31 15:36 - 2003-11-21 15:48 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71CHT.DLL
2020-08-31 15:36 - 2003-11-21 15:48 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71DEU.DLL
2020-08-31 15:36 - 2003-11-21 15:48 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ENU.DLL
2020-08-31 15:36 - 2003-11-21 15:48 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ESP.DLL
2020-08-31 15:36 - 2003-11-21 15:48 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71FRA.DLL
2020-08-31 15:36 - 2003-11-21 15:48 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ITA.DLL
2020-08-31 15:36 - 2003-11-21 15:48 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71JPN.DLL
2020-08-31 15:36 - 2003-11-21 15:48 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71KOR.DLL
2020-08-31 15:36 - 2005-03-21 22:26 - 001047552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71u.DLL
2020-04-26 14:43 - 1999-02-17 07:34 - 001039360 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSJET35.DLL
2020-08-31 15:36 - 2002-01-05 01:38 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVCI70.DLL
2020-04-26 14:40 - 1997-01-22 18:11 - 000565760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp50.dll
2020-08-31 15:36 - 2003-03-26 05:58 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVCP70.DLL
2005-08-05 17:30 - 2005-08-05 17:30 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVCP71.DLL
2013-12-17 02:27 - 2013-12-17 02:27 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp80.dll
2002-07-16 13:18 - 2002-07-16 13:18 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr70.dll
2013-12-17 02:27 - 2013-12-17 02:27 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVCR71.DLL
2013-12-17 02:27 - 2013-12-17 02:27 - 000585728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr80.dll
2020-05-03 20:27 - 2020-05-03 20:24 - 000151552 _____ C:\WINDOWS\SysWOW64\nvRegDev.dll
2021-10-29 23:20 - 1998-05-20 17:41 - 000090624 _____ (Progressive Networks, Inc.) C:\WINDOWS\SysWOW64\pnc32301.DLL
2021-10-29 23:20 - 1998-05-20 17:41 - 000130048 _____ (Progressive Networks, Inc.) C:\WINDOWS\SysWOW64\pnc32401.DLL
2021-10-29 23:20 - 1998-05-20 17:41 - 000130560 _____ (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\pnc3250.DLL
2021-10-29 23:20 - 1998-05-20 17:41 - 000273408 _____ (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\pncrt.DLL
2021-10-29 23:20 - 1998-05-20 17:41 - 000163840 _____ (Progressive Networks, Inc.) C:\WINDOWS\SysWOW64\pnen3230.DLL
2021-10-29 23:20 - 1998-05-20 17:41 - 000131072 _____ (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\pneng50.DLL
2004-09-28 00:02 - 2004-09-28 00:02 - 001335296 _____ (Protexis Inc.) C:\WINDOWS\SysWOW64\PSIKey.dll
2020-04-26 14:40 - 1999-08-17 13:38 - 000909312 _____ (Apple Computer Inc.) C:\WINDOWS\SysWOW64\qd3d.dll
2005-07-29 19:38 - 2005-07-29 19:38 - 003375104 _____ C:\WINDOWS\SysWOW64\qt-mt331.dll
2021-10-29 23:20 - 1998-05-20 17:41 - 000081920 _____ (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\RA3214_4.DLL
2021-10-29 23:20 - 1998-05-20 17:41 - 000072704 _____ (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\RA3228_8.DLL
2021-10-29 23:20 - 1998-05-20 17:41 - 000072192 _____ (Iterated Systems, Inc.) C:\WINDOWS\SysWOW64\ra32clv1.DLL
2021-10-29 23:20 - 1998-05-20 17:41 - 000021504 _____ (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\ra32dnet.DLL
2021-10-29 23:20 - 1998-05-20 17:41 - 000019968 _____ (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\ra32rv10.DLL
2021-10-29 23:20 - 1998-05-20 17:41 - 000087040 _____ (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\ra32sipr.DLL
2021-10-29 23:20 - 1998-05-20 17:41 - 000097280 _____ (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\rarv1032.DLL
2021-10-29 23:20 - 1998-05-20 17:41 - 000146944 _____ (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\rarv10en.DLL
2020-04-26 14:40 - 1997-07-30 10:06 - 000553984 _____ (Apple Computer, Inc.) C:\WINDOWS\SysWOW64\rave.dll
2021-10-29 23:20 - 1998-05-20 17:41 - 000009728 _____ C:\WINDOWS\SysWOW64\rmevents.DLL
2021-10-29 23:20 - 1998-05-20 17:41 - 000061952 _____ C:\WINDOWS\SysWOW64\rmmerge2.DLL
2020-03-06 18:43 - 2000-12-12 21:10 - 000317952 _____ (Blue Sky Software Corporation.) C:\WINDOWS\SysWOW64\Roboex32.dll
2012-09-28 20:45 - 2012-09-28 20:45 - 000247296 _____ C:\WINDOWS\SysWOW64\rtvcvfw32.dll
2020-04-26 14:39 - 1999-07-21 14:59 - 000245760 _____ (Corel Corporation) C:\WINDOWS\SysWOW64\Sccomp91.dll
2020-04-26 14:39 - 1999-08-30 05:56 - 000110592 _____ (Corel Corporation) C:\WINDOWS\SysWOW64\Sccres91.dll
2020-04-26 14:39 - 1999-08-30 05:56 - 000225280 _____ (Corel Corporation) C:\WINDOWS\SysWOW64\Scint91.dll
2020-04-26 14:40 - 1998-11-03 05:55 - 000112688 _____ C:\WINDOWS\SysWOW64\shw32.dll
2020-03-06 18:43 - 2000-12-12 21:10 - 000049152 _____ () C:\WINDOWS\SysWOW64\TransportSerial.dll
2020-03-06 18:43 - 2000-12-12 21:10 - 000049152 _____ () C:\WINDOWS\SysWOW64\TransportUSB.dll
2020-07-07 15:51 - 2005-11-13 21:40 - 000089360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB5DB.DLL
2020-04-26 14:43 - 1999-02-17 07:34 - 000368912 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBAR332.DLL
2006-10-26 13:45 - 2006-10-26 13:45 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WISPTIS.EXE
2021-09-04 07:37 - 2021-09-04 07:37 - 001429243 _____ (PolySoft Solutions ) C:\Users\HELLBOX-i7\FreeFLACToMP3Converter.exe
2021-11-01 23:43 - 2021-11-01 23:43 - 008598007 _____ (Installshield Software Corporation ) C:\Users\HELLBOX-i7\Downloads\AudioWizard12.exe
2019-11-29 19:19 - 2019-11-29 19:20 - 020955355 _____ (CDex) C:\Users\HELLBOX-i7\Downloads\CDex-1.99.1.exe
2019-11-26 22:41 - 2019-11-26 22:41 - 011562120 _____ C:\Users\HELLBOX-i7\Downloads\StrokeIt_0.9.7-Home-English.exe
2020-09-09 07:31 - 2020-09-09 07:31 - 000645729 _____ (WDS Team) C:\Users\HELLBOX-i7\Downloads\windirstat1_1_2_setup.exe

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


==================== BCD ================================

Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=C:
description Windows Boot Manager
locale cs-CZ
inherit {globalsettings}
default {current}
resumeobject {55185bd3-33a8-11eb-93cb-dc7196456518}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 3

Windows Boot Loader
-------------------
identifier {50dac926-105c-11ea-973d-c94dc56ded48}
device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{50dac927-105c-11ea-973d-c94dc56ded48}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale cs-CZ
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{50dac927-105c-11ea-973d-c94dc56ded48}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes

Windows Boot Loader
-------------------
identifier {current}
device partition=C:
path \WINDOWS\system32\winload.exe
description Windows 10
locale cs-CZ
inherit {bootloadersettings}
recoverysequence {55185bd6-33a8-11eb-93cb-dc7196456518}
displaymessageoverride Recovery
recoveryenabled Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {55185bd3-33a8-11eb-93cb-dc7196456518}
nx OptIn
bootmenupolicy Standard

Windows Boot Loader
-------------------
identifier {55185bd6-33a8-11eb-93cb-dc7196456518}
device ramdisk=[\Device\HarddiskVolume6]\Recovery\WindowsRE\Winre.wim,{55185bd7-33a8-11eb-93cb-dc7196456518}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale cs-CZ
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume6]\Recovery\WindowsRE\Winre.wim,{55185bd7-33a8-11eb-93cb-dc7196456518}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes

Windows Boot Loader
-------------------
identifier {a7b2d427-0f6d-11ea-9483-ad8c9ed400d1}
device ramdisk=[C:]\Recovery\a7b2d427-0f6d-11ea-9483-ad8c9ed400d1\Winre.wim,{a7b2d428-0f6d-11ea-9483-ad8c9ed400d1}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\a7b2d427-0f6d-11ea-9483-ad8c9ed400d1\Winre.wim,{a7b2d428-0f6d-11ea-9483-ad8c9ed400d1}
systemroot \windows
nx OptIn
winpe Yes

Windows Boot Loader
-------------------
identifier {a7b2d42b-0f6d-11ea-9483-ad8c9ed400d1}
device ramdisk=[C:]\Recovery\a7b2d42b-0f6d-11ea-9483-ad8c9ed400d1\Winre.wim,{a7b2d42c-0f6d-11ea-9483-ad8c9ed400d1}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\a7b2d42b-0f6d-11ea-9483-ad8c9ed400d1\Winre.wim,{a7b2d42c-0f6d-11ea-9483-ad8c9ed400d1}
systemroot \windows
nx OptIn
winpe Yes

Resume from Hibernate
---------------------
identifier {55185bd3-33a8-11eb-93cb-dc7196456518}
device partition=C:
path \WINDOWS\system32\winresume.exe
description Windows Resume Application
locale cs-CZ
inherit {resumeloadersettings}
recoverysequence {55185bd6-33a8-11eb-93cb-dc7196456518}
recoveryenabled Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No

Windows Memory Tester
---------------------
identifier {memdiag}
device partition=C:
path \boot\memtest.exe
description Diagnostika pamŘti syst‚mu Windows
locale cs-CZ
inherit {globalsettings}
badmemoryaccess Yes

EMS Settings
------------
identifier {emssettings}
bootems No

Debugger Settings
-----------------
identifier {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200

RAM Defects
-----------
identifier {badmemory}

Global Settings
---------------
identifier {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

Boot Loader Settings
--------------------
identifier {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

Hypervisor Settings
-------------------
identifier {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Resume Loader Settings
----------------------
identifier {resumeloadersettings}
inherit {globalsettings}

Device options
--------------
identifier {55185bd7-33a8-11eb-93cb-dc7196456518}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume6
ramdisksdipath \Recovery\WindowsRE\boot.sdi

Device options
--------------
identifier {a7b2d428-0f6d-11ea-9483-ad8c9ed400d1}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\a7b2d427-0f6d-11ea-9483-ad8c9ed400d1\boot.sdi

Device options
--------------
identifier {a7b2d42c-0f6d-11ea-9483-ad8c9ed400d1}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\a7b2d42b-0f6d-11ea-9483-ad8c9ed400d1\boot.sdi

==================== End of FRST.txt ========================
Přílohy
Addition.zip
(35.67 KiB) Staženo 25 x
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15213
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu logu, nemohu najít nákazu.

#14 Příspěvek od JaRon »

https://forum.viry.cz/viewtopic.php?p=1 ... x#p1543625 Pouzi delfix
Zajtra napisem fixlist
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15213
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu logu, nemohu najít nákazu.

#15 Příspěvek od JaRon »

citat:
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
AlternateDataStreams: C:\Intel:err [1122]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [492]
FirewallRules: [UDP Query User{16D43D9C-EE82-488D-834A-1A12B7368B86}C:2\games\the ball\binaries\win32\theball.exe] => (Allow) C:2\games\the ball\binaries\win32\theball.exe => No File
FirewallRules: [TCP Query User{68AF264D-F7D5-4FA8-9FEB-D8B1C967043B}C:2\games\the ball\binaries\win32\theball.exe] => (Allow) C:2\games\the ball\binaries\win32\theball.exe => No File
FirewallRules: [{B9EA81DD-C2DC-4B08-BB9F-D327AC9E0B65}] => (Block) c:\users\hellbox-i7\appdata\local\temp\{fece6c5c-7ecc-43c8-b1a5-d3ccd063a58a}\6e67c6c8.exe => No File
FirewallRules: [{32AA99D6-BB5A-4CE7-B5C2-052696535D89}] => (Block) c:\users\hellbox-i7\appdata\local\temp\{fece6c5c-7ecc-43c8-b1a5-d3ccd063a58a}\6e67c6c8.exe => No File
FirewallRules: [{122CDE30-BE77-4137-B37C-1ED2309FFD5C}] => (Block) c:\users\hellbox-i7\appdata\local\temp\{e2603c3b-7692-4964-8963-3acce05a84c7}\9a3ecb27.exe => No File
FirewallRules: [{39806F34-3F34-4380-B216-464CA965FC36}] => (Block) c:\users\hellbox-i7\appdata\local\temp\{e2603c3b-7692-4964-8963-3acce05a84c7}\9a3ecb27.exe => No File
FirewallRules: [{36C1185B-245B-433C-BDA6-DF998579C844}] => (Block) c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\ngc_22.22.10.9\npe.exe => No File
FirewallRules: [{E4EC3A2C-23E4-4ABA-8ED7-68DD4C0D384B}] => (Block) c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\ngc_22.22.10.9\npe.exe => No File
ShortcutTarget: FuzeTV.lnk -> C:\Users\HELLBOX-i7\AppData\Local\Overwolf\Extensions\dafpjodfmofenjonekfnkphpghegoekhfepmbmib\0.9.9.2534\plugins\agent\FuzeTV.exe (No File)
S3 cpuz149; \??\C:\WINDOWS\temp\cpuz149\cpuz149_x64.sys [X]
S3 MpKsl4861d3f8; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BB3F3779-010F-4E5E-A68A-32BBE4B9FEB8}\MpKslDrv.sys [X]
S3 MpKsla6c59e88; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BB3F3779-010F-4E5E-A68A-32BBE4B9FEB8}\MpKslDrv.sys [X]
2022-12-03 13:02 - 2022-12-04 16:52 - 000000000 ____D C:\KVRT2020_Data
2022-12-03 12:53 - 2022-12-03 12:53 - 000001434 _____ C:\Users\HELLBOX-i7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2022-12-03 12:53 - 2022-12-03 12:53 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\ESET
2022-12-03 12:49 - 2022-12-04 10:44 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\FSDART
2022-12-03 12:49 - 2022-12-03 12:51 - 000000000 ____D C:\ProgramData\F-Secure
2022-12-03 12:49 - 2022-12-03 12:49 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\F-Secure


EmptyTemp:
Reboot:
End
•Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST

:arrow: Spustte znovu FRST.exe
•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt

:arrow: Restart PC a dejte mi sem fixlog.txt
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“