Which app's process is this

He is running privacy/performance tweaks script which modify core windows system files, I really doubt his pc is having any corporate control.
Yes, I agree with your assessment. Though some corporates don't control*, they just ask you to do work for which you need these special applications like those from Adobe etc. Many of these applications don't have manners.

* E.g. Google, some orgs within Apple and IBM give their employees a lot of freedom.
 
Look, this is getting you nowhere. Either you are ok with MB and KVRT saying there's no infection, in which case you don't need to reinstall windows at all. Or you don't believe the tools, there IS an infection, and you should COMPLETELY nuke everything in your SSD/HDD and reinstall from scratch without copying anything.

No one here knows anything about how your system is setup, and personally I don't think these files are something you need to worry about. But if you want to be _sure_, you have no other option but to reinstall windows from scratch.
 
Look, this is getting you nowhere. Either you are ok with MB and KVRT saying there's no infection, in which case you don't need to reinstall windows at all. Or you don't believe the tools, there IS an infection, and you should COMPLETELY nuke everything in your SSD/HDD and reinstall from scratch without copying anything.

No one here knows anything about how your system is setup, and personally I don't think these files are something you need to worry about. But if you want to be _sure_, you have no other option but to reinstall windows from scratch.
Well, this issue aside, he actually has an annoying search related problem on this very install that has lingered for months. He hasn't been able to fix his broken search despite his finest efforts.

Any further effort in this direction is a waste of time. Nuking and reinstalling is the wise decision here.
 
Well, this issue aside, he actually has an annoying search related problem on this very install that has lingered for months. He hasn't been able to fix his broken search despite his finest efforts.

Any further effort in this direction is a waste of time. Nuking and reinstalling is the wise decision here.
I have a feeling that issue is due to something being disabled using O&O shutup 10 or similar.

format, re-install, change all your passwords
Mind giving a reason or what you're basing that on? Otherwise it's not very helpful.
 
At this point I would nuke C: drive and reinstall windows just to be safe. If you still care about it then give these software a try.
ADWcleaner by malwarebytes
Malwarebytes AV
RKILL
HitmanPro Trial (otherwise its a paid software)
They can be found on www.bleepingcomputer.com or any trusted malware security website.
Running all of these one by one until none shows any detection will work. Then do "sfc /scannow" in cmd prompt (run as admin) to verify windows files.
 
  • Like
Reactions: becool773
Since you are using this machine for work, could even be some badly behaved corporate application that is creating and running these files. E.g. one guy had Adobe Acrobat create hexadecimal named files right in their drive root : https://superuser.com/questions/160...-with-hex-names-that-show-up-in-my-drive-root


Not only Adobe, many other corporate darling applications, including scripts by internal IT team are badly behaved i.e. create suspicious files and don't clean up properly.

Check the creation times of these files, and what you were doing around that time. Maybe write a script to check that folder for files every minute. Also stop posting the hexadecimal name on the internet, because it might encode some information about you or your employer.
No no bro just using o&o10 and other softwares to stop windows from that ads and telemetry shit.
Sorry for asking what info can the hexadecimal name leak?
@guest_999 @rootyme
Have c drive and d drive in this drive. Do I need to format the whole drive or only reinstallation of windows in c drive enough?
Most important question as malwarebytes and kvrt are saying that all files are clean, so is it safe to copy the important files and folders elsewhere?
 
Have c drive and d drive in this drive. Do I need to format the whole drive or only reinstallation of windows in c drive enough?
Only C drive, I posted a link earlier about a guide to fresh install windows 11.

Most important question as malwarebytes and kvrt are saying that all files are clean, so is it safe to copy the important files and folders elsewhere?
You can but check all those files & folders again with avast, kaspersky & bitdefender trial versions just to be sure.
 
  • Like
Reactions: rootyme
Only C drive, I posted a link earlier about a guide to fresh install windows 11.


You can but check all those files & folders again with avast, kaspersky & bitdefender trial versions just to be sure.
+ @rootyme

Thanks for all the help. Will reformat and get back. Check with rkill and got this btw
Windows Version: Windows 10 Home

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Automatic Updates Disabled

[HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU]
"NoAutoUpdate" = dword:00000001

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.