Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu, nemohu najít nákazu.

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
Jeff Scylla
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 03 pro 2022 13:39

Re: Prosím o kontrolu logu, nemohu najít nákazu.

#16 Příspěvek od Jeff Scylla »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-11-2022
Ran by HELLBOX-i7 (administrator) on HELLBOX-I7-PC (Micro-Star International Co., Ltd. MS-7B17) (06-12-2022 08:42:18)
Running from D:\D\2022- aJeS
Loaded Profiles: HELLBOX-i7 & DefaultAppPool
Platform: Microsoft Windows 10 Pro Version 22H2 19045.2251 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(A-Volute SAS -> A-Volute) C:\Users\HELLBOX-i7\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe
(C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(C:\Program Files (x86)\GlassWire\GWCtlSrv.exe ->) (GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GWIdlMon.exe
(C:\Program Files\LGHUB\lghub.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(C:\Program Files\LGHUB\lghub_updater.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\logi_crashpad_handler.exe <2>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCopyAccelerator.exe
(C:\Users\HELLBOX-i7\AppData\Roaming\imageclass\Avira.exe ->) (Google LLC -> Google LLC) C:\Users\HELLBOX-i7\AppData\Roaming\imageclass\chrome\worker.exe <22>
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe
(explorer.exe ->) (3 APPES Ltd.) [File not signed] C:\Program Files (x86)\3 APPES\Sound Lock\SoundLock.exe
(explorer.exe ->) (AMSTION LIMITED -> ) C:\Users\HELLBOX-i7\AppData\Roaming\Axife Standard\Axife.exe
(explorer.exe ->) (AMSTION LIMITED -> ) C:\Users\HELLBOX-i7\AppData\Roaming\Axife Standard\Axife-TaskMgr.exe
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GlassWire.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <20>
(explorer.exe ->) (iMobie Inc. -> iMobie Inc.) C:\Users\HELLBOX-i7\AppData\Roaming\Canon\CNQ.exe
(explorer.exe ->) (iMobie Inc. -> iMobie Inc.) C:\Users\HELLBOX-i7\AppData\Roaming\imageclass\Avira.exe
(explorer.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <4>
(explorer.exe ->) (TCB Networks -> ) F:\Program Files (x86)\StrokeIt\strokeit.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\Fluke\Fluke Connect\DesktopSyncService.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\Fluke\Fluke Connect\ExistingMeasurementSyncService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(services.exe ->) (Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe
(services.exe ->) (GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) C:\Windows\System32\CorsairGamingAudioCfgService64.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdsig.inf_amd64_5bcaff6c9e313cf1\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (OpenVPN Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(services.exe ->) (OpenVPN Inc. -> The OpenVPN project) C:\Program Files\OpenVPN\bin\openvpnserv2.exe
(services.exe ->) (Shanghai Microvirt Software Technology Co., Ltd. -> Microvirt Software Technology Co. Ltd.) D:\Program Files\Microvirt\MEmu\MemuService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (LogMeIn, Inc. -> LogMeIn, Inc.) C:\Users\HELLBOX-i7\AppData\Local\GoToMeeting\19950\g2mupdate.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22092.214.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476960 2022-09-27] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [CORSAIR iCUE Software] => C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [410152 2020-08-31] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [StrokeIt] => F:\Program Files (x86)\StrokeIt\strokeit.exe [24712 2009-06-16] (TCB Networks -> )
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [SoundLock] => C:\Program Files (x86)\3 APPES\Sound Lock\SoundLock.exe [605184 2012-05-28] (3 APPES Ltd.) [File not signed]
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32703440 2022-11-30] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [Opera GX Browser Assistant] => C:\Users\HELLBOX-i7\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [Google Update] => C:\Users\HELLBOX-i7\AppData\Local\Google\Update\1.3.36.152\GoogleUpdateCore.exe [230360 2022-08-30] (Google LLC -> Google LLC)
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [Axife Standard] => C:\Users\HELLBOX-i7\AppData\Roaming\Axife Standard\Axife.exe [1403880 2019-01-02] (AMSTION LIMITED -> )
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [Axife Task Manager Standard] => C:\Users\HELLBOX-i7\AppData\Roaming\Axife Standard\Axife-TaskMgr.exe [1085944 2019-01-02] (AMSTION LIMITED -> )
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [152025856 2022-11-07] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [Opera Browser Assistant] => C:\Users\HELLBOX-i7\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4152776 2022-10-19] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [LogMessager2022] => C:\Users\HELLBOX-i7\AppData\Roaming\Canon\CNQ.exe [5606064 2022-11-06] (iMobie Inc. -> iMobie Inc.)
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [AviraOE] => C:\Users\HELLBOX-i7\AppData\Roaming\imageclass\Avira.exe [1104304 2017-06-29] (iMobie Inc. -> iMobie Inc.)
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [GlassWire] => C:\Program Files (x86)\GlassWire\glasswire.exe [10554760 2022-11-13] (GlassWire -> SecureMix LLC)
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38650192 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\RunOnce: [Application Restart #0] => C:\Users\HELLBOX-i7\AppData\Roaming\imageclass\chrome\worker.exe [3133720 2022-12-02] (Google LLC -> Google LLC)
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\MountPoints2: {40022121-105c-11ea-973d-806e6f6e6963} - "rundll32.exe" url,FileProtocolHandler index.html
HKU\S-1-5-21-469362532-771386427-3435094161-1000\...\MountPoints2: {93605704-ba78-11eb-93e5-dc7196456518} - "H:\DTLplus_Launcher.exe"
HKLM\...\Windows x64\Print Processors\Epson Laser01: C:\Windows\System32\spool\prtprocs\x64\EP0LPP01.DLL [41472 2011-08-30] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\108.0.5359.95\Installer\chrmstp.exe [2022-12-05] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{E5931AF4-2A8F-48A5-AFC8-CE9B79C4B19D}] -> reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2020-03-17]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) [File not signed]
Startup: C:\Users\HELLBOX-i7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FuzeTV.lnk [2021-06-30]
ShortcutTarget: FuzeTV.lnk -> C:\Users\HELLBOX-i7\AppData\Local\Overwolf\Extensions\dafpjodfmofenjonekfnkphpghegoekhfepmbmib\0.9.9.2534\plugins\agent\FuzeTV.exe (No File)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00649874-8E50-4E19-9D62-14B786842DF9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-469362532-771386427-3435094161-1000UA => C:\Users\HELLBOX-i7\AppData\Local\Google\Update\GoogleUpdate.exe [156232 2021-12-04] (Google LLC -> Google LLC)
Task: {01CC0170-2A71-4B6E-A87C-79D5D5E81740} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-469362532-771386427-3435094161-1000Core => C:\Users\HELLBOX-i7\AppData\Local\Google\Update\GoogleUpdate.exe [156232 2021-12-04] (Google LLC -> Google LLC)
Task: {093540A7-7E09-487C-8924-4333E03F7955} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation)
Task: {0A3589E8-BE07-40A4-B41E-12EC007CAA9E} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1615918871 => C:\Users\HELLBOX-i7\AppData\Local\Programs\Opera GX\launcher.exe [2505160 2022-11-23] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\HELLBOX-i7\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {198B651A-FF4E-4D77-8276-F13FEF181440} - System32\Tasks\CorelUpdateHelperTaskCore => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [3813600 2021-12-03] (Corel Corporation -> Corel Corporation)
Task: {238F307D-357E-4B68-B0B2-B79F152BAE67} - System32\Tasks\G2MUpdateTask-S-1-5-21-469362532-771386427-3435094161-1000 => C:\Users\HELLBOX-i7\AppData\Local\GoToMeeting\19950\g2mupdate.exe [33456 2022-04-22] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {31E23169-6348-4E95-A020-8C20F8339BEF} - System32\Tasks\Opera GX scheduled Autoupdate 1582841240 => C:\Users\HELLBOX-i7\AppData\Local\Programs\Opera GX\launcher.exe [2505160 2022-11-23] (Opera Norway AS -> Opera Software)
Task: {342194ED-728E-45E8-8778-8A715A414AF5} - System32\Tasks\CorelUpdateHelperTask-ABB11EE91E664D088EA2CFB6CE1DF05A => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [3813600 2021-12-03] (Corel Corporation -> Corel Corporation)
Task: {35117699-39D3-425C-A92D-7C6B8D43BBB7} - System32\Tasks\CCleanerSkipUAC - HELLBOX-i7 => C:\Program Files\CCleaner\CCleaner.exe [32325456 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {3E87797D-116A-43BF-95C0-4A386CC37B13} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4323C4FB-C891-49C9-A1F4-F4EA3EEAE159} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {492400B1-914C-4795-87F5-C4306B4A1ECA} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-11-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {566805D1-0A9C-4E64-B1C9-CDE327EF9C63} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2022-11-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {57617A94-4DD7-4D38-AC60-BF6E149DC757} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476960 2022-09-27] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {6214B605-8FA9-424E-A32C-B94FF876B73D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-11-13] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {6691F020-1AC0-4103-AAF9-B3678736512F} - System32\Tasks\Opera scheduled Autoupdate 1582668926 => C:\Users\HELLBOX-i7\AppData\Local\Programs\Opera\launcher.exe [2631112 2022-12-01] (Opera Norway AS -> Opera Software)
Task: {735B58B2-07FB-4400-A01B-B731BEDDF0CE} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908856 2022-11-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {79897F47-9AF9-49C9-AC17-A8245B8C8B6E} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-11-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {8066F237-E75D-4F5C-8B5B-42D0F0BE1E69} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_371_pepper.exe -check pepperplugin (No File)
Task: {89651C0F-E78B-42AF-8E06-A6A2D634FED6} - System32\Tasks\AdobeAAMUpdater-1.0-HELLBOX-i7-PC-HELLBOX-i7 => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled (No File)
Task: {91AB3C08-4A65-480A-A111-CC820C6921A4} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-11-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {94412E76-A075-4CE9-AF4A-10A2C88CCE69} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [804408 2021-12-03] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {99D05795-9A4D-475D-8516-4F1F604F498B} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-11-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {9A1FB372-EC89-4679-A4FF-D725146ECEA4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-02-25] (Google LLC -> Google LLC)
Task: {9A89A347-0FD7-43EA-91E7-EF55505D9DBC} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "2887047f-881f-41f5-8593-6f734bd61f79" --version "6.06.10144" --silent
Task: {A18105A5-015F-4C1B-A40E-800AC631B1BF} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1907712 2021-09-17] () [File not signed]
Task: {A7F0F3B0-E41E-4219-880E-E98291C8B3EB} - System32\Tasks\G2MUploadTask-S-1-5-21-469362532-771386427-3435094161-1000 => C:\Users\HELLBOX-i7\AppData\Local\GoToMeeting\19950\g2mupload.exe [33456 2022-04-22] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {B97A38AF-2D5E-477D-BA66-6B4F6B3CA3F8} - System32\Tasks\VideoStudioUpdater2020 => C:\Program Files\Corel\Corel VideoStudio 2020\VSNotification.exe [669320 2020-06-18] (Corel Corporation -> )
Task: {BE2F09CB-65A5-4BE8-9140-47E376056DCD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C1162D02-DADA-4965-8947-27ED8DA7C479} - System32\Tasks\Opera scheduled assistant Autoupdate 1582668930 => C:\Users\HELLBOX-i7\AppData\Local\Programs\Opera\launcher.exe [2631112 2022-12-01] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\HELLBOX-i7\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {C1C7C06B-FFDF-453B-AE2E-526D62628285} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2022-11-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {C641E526-ACDE-4CDE-B890-9AFFDB1A4291} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [1652536 2018-11-05] (Intel(R) Software -> Intel Corporation)
Task: {C7499500-496D-4B94-8042-F21F45C9E269} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E9F9C924-3163-42A6-834E-3DE25445432D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-11-09] (Piriform Software Ltd -> Piriform)
Task: {F451D1E3-CBDA-4944-AE2E-97E7EC7A0F09} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-02-25] (Google LLC -> Google LLC)
Task: {F6A56407-085E-458C-A0AA-46FEC6BF2FE1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908856 2022-11-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {FD214FBF-14C3-4E64-820D-3120394ADA19} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\program files (x86)\microsoft visual studio\installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [65440 2020-07-16] (Microsoft Corporation -> Microsoft)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-469362532-771386427-3435094161-1000.job => C:\Users\HELLBOX-i7\AppData\Local\GoToMeeting\19950\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-469362532-771386427-3435094161-1000.job => C:\Users\HELLBOX-i7\AppData\Local\GoToMeeting\19950\g2mupload.exe
Task: C:\WINDOWS\Tasks\Intel PTT EK Recertification.job => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6073f01f-4650-4db8-b762-f40eaf0fad9c}: [DhcpNameServer] 10.41.0.1
Tcpip\..\Interfaces\{f07e9e9c-ce9a-4c2a-881e-f986d7d6bef1}: [DhcpNameServer] 192.168.1.1

Edge:
=======
DownloadDir: C:\Users\HELLBOX-i7\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\HELLBOX-i7\AppData\Local\Microsoft\Edge\User Data\Default [2022-12-05]
Edge DownloadDir: Default -> C:\Users\HELLBOX-i7\Downloads

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default [2022-12-06]
CHR DownloadDir: C:\Users\HELLBOX-i7
CHR Notifications: Default -> hxxps://aukro.cz; hxxps://cs.soringpcrepair.com; hxxps://en.savefrom.net; hxxps://message.alibaba.com; hxxps://mrak.pirati.cz; hxxps://www.facebook.com; hxxps://www.gfinityesports.com; hxxps://www2.push-news.org; hxxps://zulip.pirati.cz
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com","hxxp://www.yessearches.com/?ts=AHEpA3YtAX4pC0..&uid=F875C13EBB2C40E3EBCD5911F97AEDA4&ptid=cos&mode=nnnb"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Audiotool) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkgoccjhfjgjedhkiefaclppgbmoobnk [2020-08-12]
CHR Extension: (Hudba Google Play) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2020-11-20]
CHR Extension: (Work Offline) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjdagaoojgeilcobhibkgbodajcojda [2021-10-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-12-01]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-12-01]
CHR Extension: (Eml Manager) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjpnegahhmlieielkpdoifigpdfnnkk [2020-08-12]
CHR Extension: ( Best VPN for Chrome by uVPN) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaoafpkngncfpfggjefnekilbkcpjdgp [2021-12-10]
CHR Extension: (Nástroj na obnovení Chromebooku) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\jndclpdbaamdhonoechobihbbiimdgai [2022-06-01]
CHR Extension: (Sketchpad) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkllajgbhondgjjnhmmgbjndmogapinp [2020-08-12]
CHR Extension: (KML, KMZ Viewer with Drive) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbolhellljccdahaeelobbojpfdgjgco [2021-11-18]
CHR Extension: (Map of the Earth) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncekdeccakacjplanbmoofohobljbkad [2020-08-12]
CHR Extension: (Norton Safe) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2020-08-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Ads Killer Adblocker Plus) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgbllmbdjgcalkoimdfcpknbjgnhjclg [2020-08-12]
CHR Extension: (Send from Gmail (by Google)) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgphcomnlaojlmmcjmiddhdapjpbgeoc [2020-08-12]
CHR Extension: (Privacy Badger) - C:\Users\HELLBOX-i7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkehgijcmpdhfbdbbnkijodmdjhbjlgp [2022-09-30]

Opera:
=======
OPR Profile: C:\Users\HELLBOX-i7\AppData\Roaming\Opera Software\Opera Stable [2022-12-06]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... tpsf=openc
OPR Extension: (Rich Hints Agent) - C:\Users\HELLBOX-i7\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-10-27]
OPR Extension: (Opera Wallet) - C:\Users\HELLBOX-i7\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-11-29]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\HELLBOX-i7\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-14]
StartMenuInternet: (HKU\S-1-5-21-469362532-771386427-3435094161-1000) Opera GXStable - "C:\Users\HELLBOX-i7\AppData\Local\Programs\Opera GX\Launcher.exe"

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3866592 2022-09-27] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3702240 2022-09-27] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [9712432 2022-09-18] (BattlEye Innovations e.K. -> )
R2 CorsairGamingAudioConfig; C:\WINDOWS\system32\CorsairGamingAudioCfgService64.exe [605096 2020-08-01] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe [421928 2020-08-31] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [56872 2020-08-31] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [812520 2022-01-29] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2021-10-06] (Epic Games Inc. -> Epic Games, Inc.)
R2 Fluke Connect Patch Service; C:\Program Files (x86)\Fluke\Fluke Connect\ExistingMeasurementSyncService.exe [11776 2021-10-01] () [File not signed]
R2 Fluke Connect Sync Service; C:\Program Files (x86)\Fluke\Fluke Connect\DesktopSyncService.exe [15872 2021-10-01] () [File not signed]
R2 GlassWire; C:\Program Files (x86)\GlassWire\GWCtlSrv.exe [7769992 2022-11-13] (GlassWire -> SecureMix LLC)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10097408 2022-11-07] (Logitech Inc -> Logitech, Inc.)
R2 MEmusvc; D:\Program Files\Microvirt\MEmu\MemuService.exe [269104 2018-05-30] (Shanghai Microvirt Software Technology Co., Ltd. -> Microvirt Software Technology Co. Ltd.)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1888424 2021-10-08] (A-Volute SAS -> Nahimic)
R2 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [24504 2021-02-24] (OpenVPN Inc. -> The OpenVPN project)
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [73592 2021-02-24] (OpenVPN Inc. -> The OpenVPN Project)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 PSI_SVC_2_x64; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S3 Rockstar Service; F:\GAMEs\Rockstar Games\Launcher\RockstarService.exe [1314448 2020-03-29] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224216 2022-11-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [15110968 2022-11-24] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [147392 2019-04-30] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\NisSrv.exe [3191272 2022-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe [133544 2022-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmdsig.inf_amd64_5bcaff6c9e313cf1\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmdsig.inf_amd64_5bcaff6c9e313cf1\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 CorsairGamingAudioService; C:\WINDOWS\system32\DRIVERS\CorsairGamingAudio64.sys [60328 2020-08-01] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAccess3B84E98236B28D4E075D5737DF9F567A1FB76E8A; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys [21752 2020-07-29] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45984 2020-07-29] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21920 2020-07-29] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 e1dexpress; C:\WINDOWS\System32\DriverStore\FileRepository\e1d.inf_amd64_e64afe811c7e4662\e1d.sys [608464 2022-06-16] (Intel Corporation -> Intel Corporation)
R1 gwdrv; C:\WINDOWS\system32\DRIVERS\gwdrv.sys [33152 2015-05-29] (GlassWire -> SecureMix LLC)
S3 ibtavflt; C:\WINDOWS\System32\drivers\ibtavflt.sys [32712 2014-07-25] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2022-10-07] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2022-09-29] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2022-10-07] (Logitech Inc -> Logitech)
R2 memudrv; D:\Program Files\Microvirt\MEmuHyperv\MEmuDrv.sys [260368 2015-11-02] (上海迈微软件科技有限公司 -> Microvirt Corporation)
R3 MpKsl768ef3c2; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2F4F492F-DCFE-4264-9963-E134136A61CA}\MpKslDrv.sys [214280 2022-12-06] (Microsoft Windows -> Microsoft Corporation)
R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [85616 2021-08-13] (A-Volute -> Windows (R) Win 7 DDK provider)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-11-13] (Nvidia Corporation -> NVIDIA Corporation)
S3 RDID1142; C:\WINDOWS\system32\Drivers\RDWM1142.SYS [212352 2015-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Roland Corporation)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2021-05-26] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2022-11-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [469288 2022-11-10] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\System32\drivers\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-11-10] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [38176 2021-05-26] (WireGuard LLC -> WireGuard LLC)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-12-05 21:45 - 2022-12-05 21:45 - 052306832 _____ (Piriform Software Ltd) C:\Users\HELLBOX-i7\Downloads\ccsetup606.exe
2022-12-05 21:45 - 2022-12-05 21:45 - 052306832 _____ (Piriform Software Ltd) C:\Users\HELLBOX-i7\Downloads\ccsetup606 (1).exe
2022-12-05 17:07 - 2022-12-06 08:41 - 000000000 ____D C:\Program Files\CCleaner
2022-12-05 17:07 - 2022-12-05 17:13 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2022-12-05 17:07 - 2022-12-05 17:07 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-12-05 17:07 - 2022-12-05 17:07 - 000003472 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2022-12-05 17:07 - 2022-12-05 17:07 - 000002920 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - HELLBOX-i7
2022-12-05 17:07 - 2022-12-05 17:07 - 000000830 _____ C:\Users\Public\Desktop\CCleaner.lnk
2022-12-05 17:07 - 2022-12-05 17:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2022-12-05 16:48 - 2022-12-05 16:48 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\Bluestack
2022-12-05 15:41 - 2022-12-05 15:41 - 000000000 ____D C:\Program Files\7-Zip
2022-12-05 07:48 - 2022-12-06 08:40 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\imageclass
2022-12-05 07:48 - 2022-12-05 16:47 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\Bravia
2022-12-04 18:04 - 2022-12-05 17:03 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2022-12-04 18:03 - 2022-12-04 18:03 - 000000000 ____D C:\Program Files\Common Files\AV
2022-12-04 17:22 - 2022-12-05 17:02 - 000000000 ____D C:\ProgramData\NortonInstaller
2022-12-04 17:15 - 2022-12-04 17:15 - 000001611 _____ C:\Users\HELLBOX-i7\Desktop\Norton Download Manager.lnk
2022-12-04 17:15 - 2022-12-04 17:15 - 000001424 _____ C:\Users\HELLBOX-i7\Desktop\Norton Installation Files.lnk
2022-12-04 17:15 - 2022-12-04 17:15 - 000000000 ____D C:\Users\Public\Downloads\Norton
2022-12-04 15:25 - 2022-10-19 02:28 - 008817264 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\Netwtw08.sys
2022-12-04 15:25 - 2022-10-19 02:28 - 002686148 _____ C:\WINDOWS\system32\Drivers\Netwfw08.dat
2022-12-04 15:25 - 2022-10-19 02:28 - 001677376 _____ (Intel Corporation) C:\WINDOWS\system32\IntelIHVRouter08.dll
2022-12-04 12:47 - 2022-12-06 08:42 - 000000000 ____D C:\FRST
2022-12-04 10:53 - 2022-12-05 17:05 - 000000000 ____D C:\ProgramData\Norton
2022-12-04 10:53 - 2022-12-05 16:47 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\NPE
2022-12-03 23:04 - 2022-12-04 12:46 - 1844010503 _____ C:\Users\HELLBOX-i7\Tulsa.King.S01E03 CZtit V OBRAZE 1080p.mkv
2022-12-01 10:06 - 2022-12-01 10:06 - 000110568 _____ C:\Users\HELLBOX-i7\ExpensiveHi-Fi.wsz
2022-11-25 15:21 - 2022-11-25 15:21 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\LocalLow\Hentai Empire
2022-11-23 11:11 - 2022-11-23 11:11 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\LocalLow\Kotovodk Studio
2022-11-22 23:25 - 2022-11-22 23:25 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\SexChess
2022-11-22 21:46 - 2022-11-22 21:46 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\Goldberg SteamEmu Saves
2022-11-22 21:46 - 2022-11-22 21:46 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\LocalLow\IR Studio
2022-11-21 17:25 - 2022-11-21 17:25 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\AdobeUM
2022-11-21 17:24 - 2022-11-21 17:24 - 000000000 ____D C:\Users\HELLBOX-i7\Documents\My eBooks
2022-11-21 16:56 - 2022-11-13 13:23 - 000060112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2022-11-21 16:56 - 2022-11-13 13:23 - 000041984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2022-11-21 16:55 - 2022-11-15 06:53 - 002236992 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-11-21 16:55 - 2022-11-15 06:53 - 002236992 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-11-21 16:55 - 2022-11-15 06:53 - 001642560 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-11-21 16:55 - 2022-11-15 06:53 - 001642560 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-11-21 16:55 - 2022-11-15 06:53 - 001487872 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-11-21 16:55 - 2022-11-15 06:53 - 001444408 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-11-21 16:55 - 2022-11-15 06:53 - 001444408 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-11-21 16:55 - 2022-11-15 06:53 - 001226736 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-11-21 16:55 - 2022-11-15 06:53 - 001168960 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-11-21 16:55 - 2022-11-15 06:53 - 001168960 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-11-21 16:55 - 2022-11-15 06:49 - 001532424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-11-21 16:55 - 2022-11-15 06:49 - 001191936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-11-21 16:55 - 2022-11-15 06:49 - 000851480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-11-21 16:55 - 2022-11-15 06:49 - 000671792 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-11-21 16:55 - 2022-11-15 06:49 - 000507432 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-11-21 16:55 - 2022-11-15 06:48 - 002162688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-11-21 16:55 - 2022-11-15 06:48 - 001618936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-11-21 16:55 - 2022-11-15 06:48 - 000950280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-11-21 16:55 - 2022-11-15 06:48 - 000738312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-11-21 16:55 - 2022-11-15 06:48 - 000734720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-11-21 16:55 - 2022-11-15 06:47 - 012453896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-11-21 16:55 - 2022-11-15 06:47 - 010220552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-11-21 16:55 - 2022-11-15 06:47 - 005891080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-11-21 16:55 - 2022-11-15 06:47 - 005857280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2022-11-21 16:55 - 2022-11-15 06:47 - 005817336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-11-21 16:55 - 2022-11-15 06:47 - 003334664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-11-21 16:55 - 2022-11-15 06:47 - 000458240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-11-21 16:55 - 2022-11-15 06:46 - 000853016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-11-21 16:55 - 2022-11-15 06:45 - 006511856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-11-21 16:55 - 2022-11-13 13:23 - 000100633 _____ C:\WINDOWS\system32\nvinfo.pb
2022-11-20 08:11 - 2022-12-05 16:57 - 000000000 ____D C:\Program Files (x86)\GlassWire
2022-11-20 08:11 - 2022-11-20 08:12 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\glasswire
2022-11-20 08:11 - 2022-11-20 08:11 - 000001977 _____ C:\Users\Public\Desktop\GlassWire.lnk
2022-11-20 08:11 - 2015-05-29 08:30 - 000008392 _____ C:\WINDOWS\system32\Drivers\gwdrv.cat
2022-11-20 08:11 - 2015-05-29 08:15 - 000033152 _____ (SecureMix LLC) C:\WINDOWS\system32\Drivers\gwdrv.sys
2022-11-20 08:10 - 2022-11-20 08:11 - 000000000 ____D C:\ProgramData\glasswire
2022-11-20 07:39 - 2022-11-20 07:39 - 000000000 ___HD C:\$WinREAgent
2022-11-16 22:55 - 2022-11-16 23:28 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\BoneTown.The.Second.Coming.Edition.v18.10.2021
2022-11-13 08:43 - 2022-11-13 12:43 - 000000000 ____D C:\Program Files\RUXIM
2022-11-12 13:05 - 2022-11-12 13:05 - 000688128 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-11-12 13:05 - 2022-11-12 13:05 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-11-12 13:05 - 2022-11-12 13:05 - 000073216 _____ C:\WINDOWS\system32\nettraceex.dll
2022-11-12 13:05 - 2022-11-12 13:05 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-11-12 09:38 - 2022-11-12 09:38 - 000001402 _____ C:\Users\HELLBOX-i7\Desktop\Cyberpunk 2077.lnk
2022-11-11 23:58 - 2022-11-11 23:57 - 000006557 _____ C:\Users\HELLBOX-i7\Desktop\Fortnite.lnk
2022-11-11 23:15 - 2022-11-11 23:15 - 001427176 _____ (Google LLC) C:\Users\HELLBOX-i7\Downloads\ChromeSetup.exe
2022-11-11 12:04 - 2022-12-06 08:39 - 161480704 _____ C:\WINDOWS\system32\config\SOFTWARE
2022-11-11 12:00 - 2022-11-11 12:04 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2022-11-07 11:40 - 2022-11-07 11:40 - 000000650 _____ C:\Users\Public\Desktop\Logitech G HUB.lnk
2022-11-07 11:40 - 2022-11-07 11:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2022-11-07 11:40 - 2022-11-07 11:40 - 000000000 ____D C:\Program Files\LGHUB
2022-11-06 13:37 - 2022-11-06 13:37 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\Canon

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-12-06 08:41 - 2020-02-25 19:19 - 000000000 ____D C:\Program Files (x86)\Google
2022-12-06 08:40 - 2022-10-03 16:22 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\LGHUB
2022-12-06 08:40 - 2022-10-02 17:14 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\LGHUB
2022-12-06 08:40 - 2022-08-11 18:50 - 000003148 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner
2022-12-06 08:40 - 2020-02-26 23:09 - 000000000 ____D C:\ProgramData\NVIDIA
2022-12-06 08:40 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-12-06 08:39 - 2020-12-01 08:46 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-12-06 08:39 - 2020-12-01 08:40 - 000818040 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-12-06 08:39 - 2020-12-01 08:40 - 000008192 ___SH C:\DumpStack.log.tmp
2022-12-06 08:39 - 2020-03-27 09:08 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-12-06 08:39 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-12-06 08:39 - 2019-11-30 23:25 - 000000000 ____D C:\Users\HELLBOX-i7\Documents\Assassin's Creed Unity
2022-12-06 08:38 - 2022-08-15 10:47 - 000000000 ____D C:\Users\DefaultAppPool
2022-12-06 08:38 - 2020-07-21 22:55 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\LocalLow\Temp
2022-12-06 08:28 - 2020-12-01 08:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-12-06 00:41 - 2020-12-01 02:08 - 000000000 ____D C:\Users\HELLBOX-i7
2022-12-05 23:33 - 2020-09-05 12:15 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-12-05 17:20 - 2020-12-01 08:43 - 001990828 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-12-05 17:20 - 2019-12-07 15:43 - 000815054 _____ C:\WINDOWS\system32\perfh005.dat
2022-12-05 17:20 - 2019-12-07 15:43 - 000189812 _____ C:\WINDOWS\system32\perfc005.dat
2022-12-05 17:20 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-12-05 17:10 - 2021-06-02 06:47 - 000000000 ____D C:\WINDOWS\Minidump
2022-12-05 17:10 - 2020-08-06 19:09 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\uTorrent
2022-12-05 17:10 - 2020-03-07 16:39 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\CrashDumps
2022-12-05 17:04 - 2021-10-07 22:43 - 000000000 ____D C:\a
2022-12-05 17:03 - 2020-02-25 20:41 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\D3DSCache
2022-12-05 17:03 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-12-05 17:03 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-12-05 16:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-12-05 16:47 - 2020-03-06 18:43 - 000000000 ____D C:\Program Files (x86)\ACD Systems
2022-12-05 16:39 - 2020-12-01 17:17 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\vlc
2022-12-05 15:57 - 2021-12-04 09:34 - 000002624 _____ C:\Users\HELLBOX-i7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome Canary.lnk
2022-12-05 15:57 - 2021-12-04 09:34 - 000002587 _____ C:\Users\HELLBOX-i7\Desktop\Google Chrome Canary.lnk
2022-12-05 15:46 - 2020-02-25 19:21 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-12-05 15:45 - 2020-02-26 23:09 - 000000000 ____D C:\ProgramData\Package Cache
2022-12-05 15:44 - 2020-07-20 22:52 - 000000000 ____D C:\Program Files\dotnet
2022-12-05 15:42 - 2021-01-08 21:00 - 000001386 _____ C:\Users\Public\Desktop\Skype.lnk
2022-12-05 15:42 - 2021-01-08 21:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2022-12-05 15:41 - 2020-12-01 17:16 - 000000883 _____ C:\Users\Public\Desktop\VLC media player.lnk
2022-12-05 15:41 - 2020-02-17 10:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2022-12-05 15:40 - 2020-07-15 08:02 - 000001107 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2022-12-05 15:40 - 2020-07-15 08:02 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\Notepad++
2022-12-05 15:40 - 2020-07-15 08:02 - 000000000 ____D C:\Program Files (x86)\Notepad++
2022-12-05 13:03 - 2022-05-07 09:33 - 000003464 _____ C:\WINDOWS\system32\Tasks\CorelUpdateHelperTask-ABB11EE91E664D088EA2CFB6CE1DF05A
2022-12-04 23:11 - 2020-12-01 08:46 - 000003522 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2022-12-04 20:15 - 2020-12-01 08:46 - 000004246 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1582841240
2022-12-04 20:15 - 2020-02-27 23:07 - 000001568 _____ C:\Users\HELLBOX-i7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera GX.lnk
2022-12-04 19:51 - 2020-12-01 08:46 - 000004234 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1582668926
2022-12-04 19:51 - 2020-02-25 23:15 - 000001539 _____ C:\Users\HELLBOX-i7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2022-12-04 18:07 - 2020-02-26 17:47 - 000000000 ____D C:\Program Files (x86)\BSPlayer
2022-12-04 10:45 - 2020-06-10 06:46 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-12-04 10:45 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-12-02 09:17 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-11-30 08:37 - 2020-03-28 13:50 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\ElevatedDiagnostics
2022-11-29 19:46 - 2020-06-23 10:43 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\Winamp
2022-11-29 00:41 - 2022-09-28 15:08 - 000000000 ____D C:\b
2022-11-24 09:10 - 2021-10-30 22:22 - 000005388 _____ C:\Users\HELLBOX-i7\AppData\Roaming\plugin_scan_state_VST2_x64.scan
2022-11-24 09:10 - 2021-10-30 22:22 - 000004287 _____ C:\Users\HELLBOX-i7\AppData\Roaming\plugin_scan_state_VST3_x64.scan
2022-11-24 09:10 - 2021-10-30 22:22 - 000003574 _____ C:\Users\HELLBOX-i7\AppData\Roaming\plugin_scan_state_VST2_x32.scan
2022-11-24 09:10 - 2021-10-30 22:22 - 000001432 _____ C:\Users\HELLBOX-i7\AppData\Roaming\plugin_scan_state_VST3_x32.scan
2022-11-22 23:25 - 2020-03-03 19:17 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\UnrealEngine
2022-11-22 23:05 - 2022-05-22 22:46 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\LocalLow\DefaultCompany
2022-11-21 17:25 - 2020-05-24 09:40 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\Adobe
2022-11-21 17:24 - 2020-02-25 19:07 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Roaming\Adobe
2022-11-21 17:04 - 2020-02-26 23:10 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\NVIDIA
2022-11-21 17:04 - 2020-02-25 18:59 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-11-21 16:58 - 2020-12-01 08:46 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-21 16:58 - 2020-12-01 08:46 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-21 16:58 - 2020-12-01 08:46 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-21 16:58 - 2020-12-01 08:46 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-21 16:58 - 2020-12-01 08:46 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-21 16:58 - 2020-12-01 08:46 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-21 16:58 - 2020-12-01 08:46 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-21 16:57 - 2020-12-01 08:46 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-21 16:57 - 2020-12-01 08:46 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-21 16:57 - 2020-02-26 23:09 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2022-11-21 16:57 - 2020-02-25 19:07 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-11-20 08:11 - 2019-11-29 19:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\06-SYSTEM TOOLs
2022-11-20 07:41 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-11-18 20:49 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-11-18 20:49 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-11-18 20:49 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-11-18 20:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-11-18 20:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-11-18 20:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-11-18 20:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-11-18 20:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-11-15 06:45 - 2020-10-09 18:22 - 007643384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2022-11-13 13:23 - 2021-04-16 22:06 - 000086568 _____ C:\WINDOWS\system32\FvSDK_x64.dll
2022-11-13 13:23 - 2021-04-16 22:06 - 000075304 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll
2022-11-13 13:23 - 2020-10-09 18:22 - 000129000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2022-11-13 13:23 - 2020-02-26 23:10 - 002890296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2022-11-13 13:23 - 2020-02-26 23:10 - 002224696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2022-11-13 13:23 - 2020-02-26 23:10 - 001297464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2022-11-13 13:23 - 2020-02-26 23:09 - 000169512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2022-11-13 13:23 - 2020-02-26 23:09 - 000148520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2022-11-13 13:23 - 2020-02-26 23:09 - 000059368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2022-11-13 13:23 - 2020-02-26 23:09 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2022-11-12 13:05 - 2020-12-01 08:42 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-11-12 13:05 - 2019-11-25 11:23 - 000415688 __RSH C:\bootmgr
2022-11-11 21:28 - 2020-07-26 14:57 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2022-11-11 21:28 - 2019-12-07 15:47 - 000000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
2022-11-11 21:28 - 2019-12-07 15:47 - 000000000 ___SD C:\WINDOWS\system32\AppV
2022-11-11 21:28 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Portable Devices
2022-11-11 21:28 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2022-11-11 21:28 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2022-11-11 21:28 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2022-11-11 21:28 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-11-11 21:28 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2022-11-11 21:28 - 2019-12-07 15:44 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2022-11-11 21:28 - 2019-12-07 15:43 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2022-11-11 21:28 - 2019-12-07 15:43 - 000000000 ____D C:\WINDOWS\system32\cs
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\dsc
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\InstallShield
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\downlevel
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Containers
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-11-11 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\Services
2022-11-11 21:28 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2022-11-11 21:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\registration
2022-11-10 22:33 - 2020-02-25 19:03 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-11-10 15:50 - 2020-02-26 00:30 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-11-10 15:47 - 2020-02-26 00:30 - 146960040 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-11-08 07:41 - 2020-12-01 08:46 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-11-08 07:41 - 2020-12-01 08:46 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-11-06 18:32 - 2020-02-25 19:10 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\PlaceholderTileLogoFolder
2022-11-06 18:32 - 2020-02-25 19:07 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\Packages

==================== Files in the root of some directories ========

2021-09-04 07:37 - 2021-09-04 07:37 - 001429243 _____ (PolySoft Solutions ) C:\Users\HELLBOX-i7\FreeFLACToMP3Converter.exe
2020-10-11 12:27 - 2022-09-29 16:57 - 000011861 _____ () C:\Program Files (x86)\unins000.dat
2022-09-29 16:57 - 2022-09-29 16:56 - 001383755 _____ () C:\Program Files (x86)\unins000.exe
2020-08-31 16:34 - 2020-09-07 18:47 - 000000799 _____ () C:\Users\HELLBOX-i7\AppData\Roaming\HELLBOX-I7-PC.MTBF.txt
2021-10-30 22:22 - 2022-11-24 09:10 - 000003574 _____ () C:\Users\HELLBOX-i7\AppData\Roaming\plugin_scan_state_VST2_x32.scan
2021-10-30 22:22 - 2022-11-24 09:10 - 000005388 _____ () C:\Users\HELLBOX-i7\AppData\Roaming\plugin_scan_state_VST2_x64.scan
2021-10-30 22:22 - 2022-11-24 09:10 - 000001432 _____ () C:\Users\HELLBOX-i7\AppData\Roaming\plugin_scan_state_VST3_x32.scan
2021-10-30 22:22 - 2022-11-24 09:10 - 000004287 _____ () C:\Users\HELLBOX-i7\AppData\Roaming\plugin_scan_state_VST3_x64.scan
2022-02-20 16:40 - 2022-02-21 16:42 - 000005632 _____ () C:\Users\HELLBOX-i7\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-08-31 15:39 - 2020-08-31 15:39 - 000000098 _____ () C:\Users\HELLBOX-i7\AppData\Local\fusioncache.dat
2020-09-05 11:58 - 2020-09-05 11:58 - 000000410 _____ () C:\Users\HELLBOX-i7\AppData\Local\oobelibMkey.log
2020-08-17 18:12 - 2020-08-17 18:12 - 000000017 _____ () C:\Users\HELLBOX-i7\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Přílohy
Addition.zip
(36.87 KiB) Staženo 23 x

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15192
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu logu, nemohu najít nákazu.

#17 Příspěvek od JaRon »

po akcii potrebujem fixlog.txt
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Jeff Scylla
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 03 pro 2022 13:39

Re: Prosím o kontrolu logu, nemohu najít nákazu.

#18 Příspěvek od Jeff Scylla »

sry posílám. po fix se to vrátilo zpět na počátek t.j. problém nezmizel zxcela ale nebylo to tolik časté. Při spuštění FRST64 vyhodí vždy okno Failed to update. Nic to prostě nechce pustit ven ačkoliv přístup na weby funguje. Dále je podezřelé že po spuštění PC najdu ve správci úloh spuštěných mnoho instanci Chromu ačkoliv ho ještě nemám spuštěný. a na liště se to ukazuje jedno okno s názvem po posledním aktivním okně. minule po stažení Ccleaneru to dokonce průběžně otevíralo okno na uložení instalačního souboru neustále dokola.
FIXLOG:

Fix result of Farbar Recovery Scan Tool (x64) Version: 26-11-2022
Ran by HELLBOX-i7 (06-12-2022 08:38:22) Run:1
Running from D:\D\2022- aJeS
Loaded Profiles: HELLBOX-i7 & DefaultAppPool
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
AlternateDataStreams: C:\Intel:err [1122]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [492]
FirewallRules: [UDP Query User{16D43D9C-EE82-488D-834A-1A12B7368B86}C:2\games\the ball\binaries\win32\theball.exe] => (Allow) C:2\games\the ball\binaries\win32\theball.exe => No File
FirewallRules: [TCP Query User{68AF264D-F7D5-4FA8-9FEB-D8B1C967043B}C:2\games\the ball\binaries\win32\theball.exe] => (Allow) C:2\games\the ball\binaries\win32\theball.exe => No File
FirewallRules: [{B9EA81DD-C2DC-4B08-BB9F-D327AC9E0B65}] => (Block) c:\users\hellbox-i7\appdata\local\temp\{fece6c5c-7ecc-43c8-b1a5-d3ccd063a58a}\6e67c6c8.exe => No File
FirewallRules: [{32AA99D6-BB5A-4CE7-B5C2-052696535D89}] => (Block) c:\users\hellbox-i7\appdata\local\temp\{fece6c5c-7ecc-43c8-b1a5-d3ccd063a58a}\6e67c6c8.exe => No File
FirewallRules: [{122CDE30-BE77-4137-B37C-1ED2309FFD5C}] => (Block) c:\users\hellbox-i7\appdata\local\temp\{e2603c3b-7692-4964-8963-3acce05a84c7}\9a3ecb27.exe => No File
FirewallRules: [{39806F34-3F34-4380-B216-464CA965FC36}] => (Block) c:\users\hellbox-i7\appdata\local\temp\{e2603c3b-7692-4964-8963-3acce05a84c7}\9a3ecb27.exe => No File
FirewallRules: [{36C1185B-245B-433C-BDA6-DF998579C844}] => (Block) c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\ngc_22.22.10.9\npe.exe => No File
FirewallRules: [{E4EC3A2C-23E4-4ABA-8ED7-68DD4C0D384B}] => (Block) c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\ngc_22.22.10.9\npe.exe => No File
ShortcutTarget: FuzeTV.lnk -> C:\Users\HELLBOX-i7\AppData\Local\Overwolf\Extensions\dafpjodfmofenjonekfnkphpghegoekhfepmbmib\0.9.9.2534\plugins\agent\FuzeTV.exe (No File)
S3 cpuz149; \??\C:\WINDOWS\temp\cpuz149\cpuz149_x64.sys [X]
S3 MpKsl4861d3f8; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BB3F3779-010F-4E5E-A68A-32BBE4B9FEB8}\MpKslDrv.sys [X]
S3 MpKsla6c59e88; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BB3F3779-010F-4E5E-A68A-32BBE4B9FEB8}\MpKslDrv.sys [X]
2022-12-03 13:02 - 2022-12-04 16:52 - 000000000 ____D C:\KVRT2020_Data
2022-12-03 12:53 - 2022-12-03 12:53 - 000001434 _____ C:\Users\HELLBOX-i7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2022-12-03 12:53 - 2022-12-03 12:53 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\ESET
2022-12-03 12:49 - 2022-12-04 10:44 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\FSDART
2022-12-03 12:49 - 2022-12-03 12:51 - 000000000 ____D C:\ProgramData\F-Secure
2022-12-03 12:49 - 2022-12-03 12:49 - 000000000 ____D C:\Users\HELLBOX-i7\AppData\Local\F-Secure


EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
C:\Intel => ":err" ADS removed successfully
C:\ProgramData\Reprise => ":wupeogjxlctlfudivq`qsp`28hfm" ADS removed successfully
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{16D43D9C-EE82-488D-834A-1A12B7368B86}C:2\games\the ball\binaries\win32\theball.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{68AF264D-F7D5-4FA8-9FEB-D8B1C967043B}C:2\games\the ball\binaries\win32\theball.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B9EA81DD-C2DC-4B08-BB9F-D327AC9E0B65}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{32AA99D6-BB5A-4CE7-B5C2-052696535D89}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{122CDE30-BE77-4137-B37C-1ED2309FFD5C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{39806F34-3F34-4380-B216-464CA965FC36}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{36C1185B-245B-433C-BDA6-DF998579C844}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E4EC3A2C-23E4-4ABA-8ED7-68DD4C0D384B}" => removed successfully
"C:\Users\HELLBOX-i7\AppData\Local\Overwolf\Extensions\dafpjodfmofenjonekfnkphpghegoekhfepmbmib\0.9.9.2534\plugins\agent\FuzeTV.exe" => not found
HKLM\System\CurrentControlSet\Services\cpuz149 => removed successfully
cpuz149 => service removed successfully
MpKsl4861d3f8 => service not found.
MpKsla6c59e88 => service not found.
C:\KVRT2020_Data => moved successfully
C:\Users\HELLBOX-i7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk => moved successfully
C:\Users\HELLBOX-i7\AppData\Local\ESET => moved successfully
C:\Users\HELLBOX-i7\AppData\Local\FSDART => moved successfully
C:\ProgramData\F-Secure => moved successfully
C:\Users\HELLBOX-i7\AppData\Local\F-Secure => moved successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11697233 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 552050337 B
Windows/system/drivers => -3225416305 B
Edge => 98829 B
Chrome => 202633584 B
Firefox => 0 B
Opera => 67286464 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 122873 B
LocalService => 122873 B
NetworkService => 127783 B
HELLBOX-i7 => 196602897 B
DefaultAppPool => 196602897 B

RecycleBin => 0 B
EmptyTemp: => 1.1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 08:38:55 ====

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15192
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu logu, nemohu najít nákazu.

#19 Příspěvek od JaRon »

1. preventivne s prikazoveho riadku ako spravca spust
sfc /scannow
2. otestuj PC s Adwcleanerom - log sem
3. otestuj PC s MBAM - info sem
4. prever nastavenie routra
5. kratkodobo vypni FW
6. v spravcovi zariadeni je vsetko OK ?
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Odpovědět