Prosím o kontrolu

Zpráva

rc3 · #1 Příspěvek od **rc3** » 29 říj 2020 11:39

Zdravím, mám problém s velmi vysokou odchozí aktivitou (internet), kterou ohlásil Norton. Prosím o kontrolu logů jestli je něco v nepořádku. Asi souvisejícím problémem je mizející Správce úloh který musím ručně povolovat v registrech po každém restartu systému. Předem díky za pomoc.

https://webshare.cz/#/file/VuKGa0FwiX/frstaaddition-rar

#2 Příspěvek od **Diallix** » 29 říj 2020 12:00

Dobry den.

Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.

rc3 · #3 Příspěvek od **rc3** » 29 říj 2020 12:10

# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2020-09-29.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-29-2020
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 4
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\rC3\AppData\Roaming\Digital Protection Services S.R.L

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\csastats
Deleted HKLM\Software\qdu-pr

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.SamsungSmartSwitch Folder C:\Users\rC3\AppData\Roaming\SAMSUNG\SMART SWITCH PC

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [9005 octets] - [06/03/2020 22:47:11]
AdwCleaner[C00].txt - [8053 octets] - [06/03/2020 22:48:15]
AdwCleaner[S01].txt - [1732 octets] - [29/10/2020 12:07:05]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

#4 Příspěvek od **Diallix** » 29 říj 2020 12:12

Poprosim o nove logy FRST + ADDITION.

rc3 · #5 Příspěvek od **rc3** » 29 říj 2020 12:18

https://webshare.cz/#/file/6uSwIt6onT/frst-addi-rar

#6 Příspěvek od **Diallix** » 30 říj 2020 07:04

Na virustotal.com otestujte tento subor: C:\WINDOWS\System32\WScript.exe
Vysledky skopirujte sem.

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Policies\system: [] 
HKU\S-1-5-19\...\Policies\system: [DisableTaskMgr] 1
HKU\S-1-5-20\...\Policies\system: [] 
HKU\S-1-5-20\...\Policies\system: [DisableTaskMgr] 1
HKU\S-1-5-21-4100097515-4028972469-563503778-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-4100097515-4028972469-563503778-1000\...\Policies\system: [] 
HKU\S-1-5-21-4100097515-4028972469-563503778-1000\...\MountPoints2: {a4d7b986-29aa-11ea-a7bf-8c89a5c3911f} - "G:\setup.exe" 
HKU\S-1-5-18\...\Policies\system: [] 
HKU\S-1-5-18\...\Policies\system: [DisableTaskMgr] 1
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.20.5.39\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
U3 aswbdisk; no ImagePath
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 NTIOLib_1_0_6; \??\C:\Program Files (x86)\Setup Files\Ms7758v2D0\NTIOLib_X64.sys [X]
2020-10-17 15:27 - 2020-10-17 15:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-10-17 15:27 - 2020-10-17 15:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-10-17 15:27 - 2020-10-17 15:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-10-17 15:27 - 2020-10-17 15:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-10-17 15:27 - 2020-10-17 15:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-10-17 15:27 - 2020-10-17 15:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-10-17 15:27 - 2020-10-17 15:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-10-17 15:27 - 2020-10-17 15:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-10-17 15:27 - 2020-10-17 15:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-10-17 15:27 - 2020-10-17 15:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-10-17 15:27 - 2020-10-17 15:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-10-17 15:27 - 2020-10-17 15:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-10-29 12:15 - 2020-06-03 16:28 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-10-29 12:15 - 2020-06-03 16:28 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2014-01-06 14:39 - 2014-01-06 14:39 - 000000091 _____ () C:\Users\rC3\AppData\Local\fusioncache.dat
2014-10-23 17:57 - 2014-11-24 14:11 - 000006734 _____ () C:\Users\rC3\AppData\Local\MRDownloader.err
2014-10-23 17:57 - 2014-11-25 09:02 - 000001256 _____ () C:\Users\rC3\AppData\Local\MRDownloader.nast
2018-09-29 20:18 - 2018-09-29 20:18 - 000000000 _____ () C:\Users\rC3\AppData\Local\oobelibMkey.log
2014-06-13 21:40 - 2019-02-07 19:33 - 000007603 _____ () C:\Users\rC3\AppData\Local\resmon.resmoncfg
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
SearchScopes: HKU\S-1-5-21-4100097515-4028972469-563503778-1000 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = &gct=kwd&qsrc=2869
FirewallRules: [{F53590AE-9D4E-42A9-8DF8-5A9712D92F23}] => (Allow) LPort=5357
FirewallRules: [{7F10E45C-30F8-4B68-AB18-E75E3CA3EADA}] => (Allow) LPort=1688
FirewallRules: [{D8178572-6A86-4E2B-8C85-1B6929291A1D}] => (Allow) LPort=26675
FirewallRules: [{2DDC6899-95A6-4FD0-B542-A82727E2CC03}] => (Allow) D:\Soft\Vuze\Azureus.exe => No File
FirewallRules: [{73E49950-B839-4956-8A70-56E1172A9615}] => (Allow) D:\Soft\Vuze\Azureus.exe => No File
FirewallRules: [{B384760C-12C0-433D-A90B-18C3F2A5CDA8}] => (Allow) D:\Soft\Vuze\Azureus.exe => No File
FirewallRules: [{EDF90EFD-DBE2-4694-B8FA-627ADAD830C5}] => (Allow) D:\Soft\Vuze\Azureus.exe => No File
FirewallRules: [{FB58617E-0E04-437C-8433-DDC6C1D660D6}] => (Allow) D:\Hry\Zoo Tycoon 2\zt.exe => No File
FirewallRules: [{53757953-2259-451E-ACF1-61582FA48A42}] => (Allow) D:\Hry\Zoo Tycoon 2\zt.exe => No File
FirewallRules: [{4F04BA53-054F-47AC-9D47-B93E972BEE95}] => (Allow) C:\WINDOWS\SysWOW64\wscript.exe
FirewallRules: [{847D19E3-9DD1-40D7-8873-A5C0A4DB4299}] => (Allow) C:\WINDOWS\SysWOW64\wscript.exe
FirewallRules: [{969A1321-06EA-431F-A067-B1217188943C}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{203350ED-9D74-4908-A8EE-355650C1602E}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{201A4D2B-72C1-4E65-B532-88DC3CE5C3B5}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{21BB4A06-2F9C-475D-8D88-DAF37D03424F}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{E8580937-F4C6-460E-9C3A-D6484827EE9D}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{3575CD5D-F79C-4E8C-8265-A18C20F194CF}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{3E005203-F834-438C-A9CC-521F6F4CE8BB}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{CE0002BC-4C68-40C8-82E2-B75EE09DE06D}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{B41721A8-3F20-4EAB-9FD9-821A63DBC51A}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{913DD0FE-8595-4272-A992-1F87CE66D3D6}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{3B41C99B-E4E2-4ACB-B8D4-79A01AADBF2F}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{D7680A51-2FDA-4B21-B1E9-FBBA4CFD8ED3}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{71873138-70A1-4482-AE03-8534A892AE6E}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{E056BB27-3B8F-4F48-B36F-840DB1859844}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{52379470-E758-47B3-9EEE-5FD311DC8E03}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{914FFBFB-FE8C-49A7-BDB4-33936326FDFB}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{A927DCE4-F828-46C9-AF9A-1D8E6E5D73E4}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{B66092B8-68B6-4E30-B313-C2B2D94D83F9}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{4FCBE99E-9CD8-4673-ADB0-07C02C66491A}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{EB05C28B-D03D-4DBD-9BBC-DF59DC6A351E}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{D4C46496-A954-431B-88EA-8602B697B42B}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{074036D2-2F1E-4175-A4B4-2E9FCFF9E5DD}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{9D212E24-E5D1-4D4D-A3B0-5968C2EDC6F5}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{47D20283-CF94-483D-B032-040CBEFA7C58}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{68436A8C-522C-4E07-B72E-5BB5C891C135}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{AEF5927F-184C-4498-AA75-B73E1A774D78}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{4FE69A32-E29F-438D-BBEC-BD93EA352885}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{523E4B8D-79BB-4054-A396-DBB26554B13D}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{5CD72E16-17E3-42F1-BF4D-CB1505FE5F45}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{367388DF-C2AD-4E44-B43B-179473B3B9FD}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{6D874A14-77D6-4530-8CDC-D91E911B3B88}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{F5E78ED0-CCCF-40C7-9C83-5F4D0DA992CB}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{71FC1B05-FA58-4964-B739-B5F690D12AD0}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{3BB7F883-80D3-4DAF-9451-483480E4AE53}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{04B249E9-3E1A-433C-80F4-596D41156C42}] => (Allow) C:\WINDOWS\TEMP\nfyc577A.tmp\svchost.exe => No File
FirewallRules: [{E155A699-3F1A-4954-8C1B-545F7C726FC2}] => (Allow) C:\WINDOWS\TEMP\nfyc577A.tmp\svchost.exe => No File
FirewallRules: [{4B40BC5A-4102-4F78-9A70-3958880D874C}] => (Allow) C:\WINDOWS\TEMP\flt354IS.tmp\lsass.exe => No File
FirewallRules: [{D0AEAD27-B2EC-4C4A-80CA-07E307F21CD5}] => (Allow) C:\WINDOWS\TEMP\flt354IS.tmp\lsass.exe => No File
FirewallRules: [{20E0C955-BEBC-4740-B3E0-0F5D1C05343A}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{F15D49B6-07FD-4627-93C9-8C2B27003EC8}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{BD66EB53-CF17-4FC9-BDC1-7F821A5E310B}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{83F04775-5E2E-4D53-987A-707A62E389E7}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{065DBE76-6B94-42CF-9B56-53D338B2B4BC}] => (Allow) C:\WINDOWS\TEMP\nfyc577A.tmp\svchost.exe => No File
FirewallRules: [{60041397-B5E7-430D-9F5D-44D126DD05E8}] => (Allow) C:\WINDOWS\TEMP\nfyc577A.tmp\svchost.exe => No File
FirewallRules: [{1F495065-7F98-4AB9-9844-6CB25369B10E}] => (Allow) C:\WINDOWS\TEMP\flt354IS.tmp\lsass.exe => No File
FirewallRules: [{C45BBB1E-9419-47DA-8B3A-183E202A23F9}] => (Allow) C:\WINDOWS\TEMP\flt354IS.tmp\lsass.exe => No File
FirewallRules: [{190B3418-E1D4-43B0-825E-D38287F37B69}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{FEE25EB0-351D-4762-873F-4872EE8AA669}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{7AE8B2C5-BFFB-46CA-85E5-0A9B7A5C1039}] => (Allow) C:\WINDOWS\TEMP\nfyc577A.tmp\svchost.exe => No File
FirewallRules: [{0953BE44-FCB8-4A28-A1BD-8AD3546669AE}] => (Allow) C:\WINDOWS\TEMP\nfyc577A.tmp\svchost.exe => No File
FirewallRules: [{FD808A00-7223-413B-89D2-B95B74700051}] => (Allow) C:\WINDOWS\TEMP\flt354IS.tmp\lsass.exe => No File
FirewallRules: [{99F98F4F-0D90-4992-8296-C9FA3F8E39AF}] => (Allow) C:\WINDOWS\TEMP\flt354IS.tmp\lsass.exe => No File
FirewallRules: [{3FED2E26-27E5-4720-BF0E-8FE18EE8A5A8}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{B90118CB-C22C-4F5C-9CCD-D8ABBABB1B18}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{C7B6E095-8EE9-41A1-80DE-0267E73382E0}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{FC57D040-E9B9-4978-A646-D03074EC78B1}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{11786302-AF6E-482C-A856-0BB385E2AEB4}] => (Allow) C:\WINDOWS\TEMP\nfyc577A.tmp\svchost.exe => No File
FirewallRules: [{2D18CFCE-56FA-4800-8047-BDFE050937FA}] => (Allow) C:\WINDOWS\TEMP\nfyc577A.tmp\svchost.exe => No File
FirewallRules: [{5F032020-361E-4D48-B4CF-BD809BDDB329}] => (Allow) C:\WINDOWS\TEMP\flt354IS.tmp\lsass.exe => No File
FirewallRules: [{FD9387FE-9A59-4D62-9811-225BC188C198}] => (Allow) C:\WINDOWS\TEMP\flt354IS.tmp\lsass.exe => No File

EmptyTemp:

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.

rc3 · #7 Příspěvek od **rc3** » 30 říj 2020 10:12

https://www.virustotal.com/gui/file/f42 ... /detection

Fix result of Farbar Recovery Scan Tool (x64) Version: 24-10-2020
Ran by rC3 (30-10-2020 10:07:08) Run:1
Running from C:\Users\rC3\Desktop
Loaded Profiles: rC3
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Policies\system: []
HKU\S-1-5-19\...\Policies\system: [DisableTaskMgr] 1
HKU\S-1-5-20\...\Policies\system: []
HKU\S-1-5-20\...\Policies\system: [DisableTaskMgr] 1
HKU\S-1-5-21-4100097515-4028972469-563503778-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-4100097515-4028972469-563503778-1000\...\Policies\system: []
HKU\S-1-5-21-4100097515-4028972469-563503778-1000\...\MountPoints2: {a4d7b986-29aa-11ea-a7bf-8c89a5c3911f} - "G:\setup.exe"
HKU\S-1-5-18\...\Policies\system: []
HKU\S-1-5-18\...\Policies\system: [DisableTaskMgr] 1
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.20.5.39\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
U3 aswbdisk; no ImagePath
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 NTIOLib_1_0_6; \??\C:\Program Files (x86)\Setup Files\Ms7758v2D0\NTIOLib_X64.sys [X]
2020-10-17 15:27 - 2020-10-17 15:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-10-17 15:27 - 2020-10-17 15:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-10-17 15:27 - 2020-10-17 15:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-10-17 15:27 - 2020-10-17 15:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-10-17 15:27 - 2020-10-17 15:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-10-17 15:27 - 2020-10-17 15:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-10-17 15:27 - 2020-10-17 15:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-10-17 15:27 - 2020-10-17 15:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-10-17 15:27 - 2020-10-17 15:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-10-17 15:27 - 2020-10-17 15:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-10-17 15:27 - 2020-10-17 15:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-10-17 15:27 - 2020-10-17 15:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-10-29 12:15 - 2020-06-03 16:28 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-10-29 12:15 - 2020-06-03 16:28 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2014-01-06 14:39 - 2014-01-06 14:39 - 000000091 _____ () C:\Users\rC3\AppData\Local\fusioncache.dat
2014-10-23 17:57 - 2014-11-24 14:11 - 000006734 _____ () C:\Users\rC3\AppData\Local\MRDownloader.err
2014-10-23 17:57 - 2014-11-25 09:02 - 000001256 _____ () C:\Users\rC3\AppData\Local\MRDownloader.nast
2018-09-29 20:18 - 2018-09-29 20:18 - 000000000 _____ () C:\Users\rC3\AppData\Local\oobelibMkey.log
2014-06-13 21:40 - 2019-02-07 19:33 - 000007603 _____ () C:\Users\rC3\AppData\Local\resmon.resmoncfg
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
SearchScopes: HKU\S-1-5-21-4100097515-4028972469-563503778-1000 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = &gct=kwd&qsrc=2869
FirewallRules: [{F53590AE-9D4E-42A9-8DF8-5A9712D92F23}] => (Allow) LPort=5357
FirewallRules: [{7F10E45C-30F8-4B68-AB18-E75E3CA3EADA}] => (Allow) LPort=1688
FirewallRules: [{D8178572-6A86-4E2B-8C85-1B6929291A1D}] => (Allow) LPort=26675
FirewallRules: [{2DDC6899-95A6-4FD0-B542-A82727E2CC03}] => (Allow) D:\Soft\Vuze\Azureus.exe => No File
FirewallRules: [{73E49950-B839-4956-8A70-56E1172A9615}] => (Allow) D:\Soft\Vuze\Azureus.exe => No File
FirewallRules: [{B384760C-12C0-433D-A90B-18C3F2A5CDA8}] => (Allow) D:\Soft\Vuze\Azureus.exe => No File
FirewallRules: [{EDF90EFD-DBE2-4694-B8FA-627ADAD830C5}] => (Allow) D:\Soft\Vuze\Azureus.exe => No File
FirewallRules: [{FB58617E-0E04-437C-8433-DDC6C1D660D6}] => (Allow) D:\Hry\Zoo Tycoon 2\zt.exe => No File
FirewallRules: [{53757953-2259-451E-ACF1-61582FA48A42}] => (Allow) D:\Hry\Zoo Tycoon 2\zt.exe => No File
FirewallRules: [{4F04BA53-054F-47AC-9D47-B93E972BEE95}] => (Allow) C:\WINDOWS\SysWOW64\wscript.exe
FirewallRules: [{847D19E3-9DD1-40D7-8873-A5C0A4DB4299}] => (Allow) C:\WINDOWS\SysWOW64\wscript.exe
FirewallRules: [{969A1321-06EA-431F-A067-B1217188943C}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{203350ED-9D74-4908-A8EE-355650C1602E}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{201A4D2B-72C1-4E65-B532-88DC3CE5C3B5}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{21BB4A06-2F9C-475D-8D88-DAF37D03424F}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{E8580937-F4C6-460E-9C3A-D6484827EE9D}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{3575CD5D-F79C-4E8C-8265-A18C20F194CF}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{3E005203-F834-438C-A9CC-521F6F4CE8BB}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{CE0002BC-4C68-40C8-82E2-B75EE09DE06D}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{B41721A8-3F20-4EAB-9FD9-821A63DBC51A}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{913DD0FE-8595-4272-A992-1F87CE66D3D6}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{3B41C99B-E4E2-4ACB-B8D4-79A01AADBF2F}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{D7680A51-2FDA-4B21-B1E9-FBBA4CFD8ED3}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{71873138-70A1-4482-AE03-8534A892AE6E}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{E056BB27-3B8F-4F48-B36F-840DB1859844}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{52379470-E758-47B3-9EEE-5FD311DC8E03}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{914FFBFB-FE8C-49A7-BDB4-33936326FDFB}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{A927DCE4-F828-46C9-AF9A-1D8E6E5D73E4}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{B66092B8-68B6-4E30-B313-C2B2D94D83F9}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{4FCBE99E-9CD8-4673-ADB0-07C02C66491A}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{EB05C28B-D03D-4DBD-9BBC-DF59DC6A351E}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{D4C46496-A954-431B-88EA-8602B697B42B}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{074036D2-2F1E-4175-A4B4-2E9FCFF9E5DD}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{9D212E24-E5D1-4D4D-A3B0-5968C2EDC6F5}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{47D20283-CF94-483D-B032-040CBEFA7C58}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{68436A8C-522C-4E07-B72E-5BB5C891C135}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{AEF5927F-184C-4498-AA75-B73E1A774D78}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{4FE69A32-E29F-438D-BBEC-BD93EA352885}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{523E4B8D-79BB-4054-A396-DBB26554B13D}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{5CD72E16-17E3-42F1-BF4D-CB1505FE5F45}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{367388DF-C2AD-4E44-B43B-179473B3B9FD}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{6D874A14-77D6-4530-8CDC-D91E911B3B88}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{F5E78ED0-CCCF-40C7-9C83-5F4D0DA992CB}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{71FC1B05-FA58-4964-B739-B5F690D12AD0}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{3BB7F883-80D3-4DAF-9451-483480E4AE53}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{04B249E9-3E1A-433C-80F4-596D41156C42}] => (Allow) C:\WINDOWS\TEMP\nfyc577A.tmp\svchost.exe => No File
FirewallRules: [{E155A699-3F1A-4954-8C1B-545F7C726FC2}] => (Allow) C:\WINDOWS\TEMP\nfyc577A.tmp\svchost.exe => No File
FirewallRules: [{4B40BC5A-4102-4F78-9A70-3958880D874C}] => (Allow) C:\WINDOWS\TEMP\flt354IS.tmp\lsass.exe => No File
FirewallRules: [{D0AEAD27-B2EC-4C4A-80CA-07E307F21CD5}] => (Allow) C:\WINDOWS\TEMP\flt354IS.tmp\lsass.exe => No File
FirewallRules: [{20E0C955-BEBC-4740-B3E0-0F5D1C05343A}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{F15D49B6-07FD-4627-93C9-8C2B27003EC8}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{BD66EB53-CF17-4FC9-BDC1-7F821A5E310B}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{83F04775-5E2E-4D53-987A-707A62E389E7}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{065DBE76-6B94-42CF-9B56-53D338B2B4BC}] => (Allow) C:\WINDOWS\TEMP\nfyc577A.tmp\svchost.exe => No File
FirewallRules: [{60041397-B5E7-430D-9F5D-44D126DD05E8}] => (Allow) C:\WINDOWS\TEMP\nfyc577A.tmp\svchost.exe => No File
FirewallRules: [{1F495065-7F98-4AB9-9844-6CB25369B10E}] => (Allow) C:\WINDOWS\TEMP\flt354IS.tmp\lsass.exe => No File
FirewallRules: [{C45BBB1E-9419-47DA-8B3A-183E202A23F9}] => (Allow) C:\WINDOWS\TEMP\flt354IS.tmp\lsass.exe => No File
FirewallRules: [{190B3418-E1D4-43B0-825E-D38287F37B69}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{FEE25EB0-351D-4762-873F-4872EE8AA669}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{7AE8B2C5-BFFB-46CA-85E5-0A9B7A5C1039}] => (Allow) C:\WINDOWS\TEMP\nfyc577A.tmp\svchost.exe => No File
FirewallRules: [{0953BE44-FCB8-4A28-A1BD-8AD3546669AE}] => (Allow) C:\WINDOWS\TEMP\nfyc577A.tmp\svchost.exe => No File
FirewallRules: [{FD808A00-7223-413B-89D2-B95B74700051}] => (Allow) C:\WINDOWS\TEMP\flt354IS.tmp\lsass.exe => No File
FirewallRules: [{99F98F4F-0D90-4992-8296-C9FA3F8E39AF}] => (Allow) C:\WINDOWS\TEMP\flt354IS.tmp\lsass.exe => No File
FirewallRules: [{3FED2E26-27E5-4720-BF0E-8FE18EE8A5A8}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{B90118CB-C22C-4F5C-9CCD-D8ABBABB1B18}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{C7B6E095-8EE9-41A1-80DE-0267E73382E0}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{FC57D040-E9B9-4978-A646-D03074EC78B1}] => (Allow) C:\WINDOWS\System32\WScript.exe
FirewallRules: [{11786302-AF6E-482C-A856-0BB385E2AEB4}] => (Allow) C:\WINDOWS\TEMP\nfyc577A.tmp\svchost.exe => No File
FirewallRules: [{2D18CFCE-56FA-4800-8047-BDFE050937FA}] => (Allow) C:\WINDOWS\TEMP\nfyc577A.tmp\svchost.exe => No File
FirewallRules: [{5F032020-361E-4D48-B4CF-BD809BDDB329}] => (Allow) C:\WINDOWS\TEMP\flt354IS.tmp\lsass.exe => No File
FirewallRules: [{FD9387FE-9A59-4D62-9811-225BC188C198}] => (Allow) C:\WINDOWS\TEMP\flt354IS.tmp\lsass.exe => No File

EmptyTemp:
*****************

Processes closed successfully.
Error: (0) Failed to create a restore point.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0" => removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
"HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\system\\HKU\S-1-5-19\...\Policies\system: []" => not found
"HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableTaskMgr" => removed successfully
"HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\system\\HKU\S-1-5-20\...\Policies\system: []" => not found
"HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableTaskMgr" => removed successfully
"HKU\S-1-5-21-4100097515-4028972469-563503778-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableLockWorkstation" => removed successfully
"HKU\S-1-5-21-4100097515-4028972469-563503778-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\HKU\S-1-5-21-4100097515-4028972469-563503778-1000\...\Policies\system: []" => not found
HKU\S-1-5-21-4100097515-4028972469-563503778-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a4d7b986-29aa-11ea-a7bf-8c89a5c3911f} => removed successfully
"HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\system\\HKU\S-1-5-18\...\Policies\system: []" => not found
"HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableTaskMgr" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif => removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif => removed successfully
HKLM\System\CurrentControlSet\Services\aswbdisk => removed successfully
aswbdisk => service removed successfully
HKLM\System\CurrentControlSet\Services\dgderdrv => removed successfully
dgderdrv => service removed successfully
HKLM\System\CurrentControlSet\Services\NTIOLib_1_0_6 => removed successfully
NTIOLib_1_0_6 => service removed successfully
C:\WINDOWS\system32\DrtmAuth9.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth8.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth7.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth6.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth5.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth4.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth3.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth2.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth12.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth11.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth10.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth1.bin => moved successfully
C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => moved successfully
C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => moved successfully
C:\Users\rC3\AppData\Local\fusioncache.dat => moved successfully
C:\Users\rC3\AppData\Local\MRDownloader.err => moved successfully
C:\Users\rC3\AppData\Local\MRDownloader.nast => moved successfully
C:\Users\rC3\AppData\Local\oobelibMkey.log => moved successfully
C:\Users\rC3\AppData\Local\resmon.resmoncfg => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt03 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt09 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt03 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt09 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKU\S-1-5-21-4100097515-4028972469-563503778-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F53590AE-9D4E-42A9-8DF8-5A9712D92F23}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7F10E45C-30F8-4B68-AB18-E75E3CA3EADA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D8178572-6A86-4E2B-8C85-1B6929291A1D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2DDC6899-95A6-4FD0-B542-A82727E2CC03}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{73E49950-B839-4956-8A70-56E1172A9615}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B384760C-12C0-433D-A90B-18C3F2A5CDA8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EDF90EFD-DBE2-4694-B8FA-627ADAD830C5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FB58617E-0E04-437C-8433-DDC6C1D660D6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{53757953-2259-451E-ACF1-61582FA48A42}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4F04BA53-054F-47AC-9D47-B93E972BEE95}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{847D19E3-9DD1-40D7-8873-A5C0A4DB4299}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{969A1321-06EA-431F-A067-B1217188943C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{203350ED-9D74-4908-A8EE-355650C1602E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{201A4D2B-72C1-4E65-B532-88DC3CE5C3B5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{21BB4A06-2F9C-475D-8D88-DAF37D03424F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E8580937-F4C6-460E-9C3A-D6484827EE9D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3575CD5D-F79C-4E8C-8265-A18C20F194CF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3E005203-F834-438C-A9CC-521F6F4CE8BB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CE0002BC-4C68-40C8-82E2-B75EE09DE06D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B41721A8-3F20-4EAB-9FD9-821A63DBC51A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{913DD0FE-8595-4272-A992-1F87CE66D3D6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3B41C99B-E4E2-4ACB-B8D4-79A01AADBF2F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D7680A51-2FDA-4B21-B1E9-FBBA4CFD8ED3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{71873138-70A1-4482-AE03-8534A892AE6E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E056BB27-3B8F-4F48-B36F-840DB1859844}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{52379470-E758-47B3-9EEE-5FD311DC8E03}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{914FFBFB-FE8C-49A7-BDB4-33936326FDFB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A927DCE4-F828-46C9-AF9A-1D8E6E5D73E4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B66092B8-68B6-4E30-B313-C2B2D94D83F9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4FCBE99E-9CD8-4673-ADB0-07C02C66491A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EB05C28B-D03D-4DBD-9BBC-DF59DC6A351E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D4C46496-A954-431B-88EA-8602B697B42B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{074036D2-2F1E-4175-A4B4-2E9FCFF9E5DD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9D212E24-E5D1-4D4D-A3B0-5968C2EDC6F5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{47D20283-CF94-483D-B032-040CBEFA7C58}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{68436A8C-522C-4E07-B72E-5BB5C891C135}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AEF5927F-184C-4498-AA75-B73E1A774D78}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4FE69A32-E29F-438D-BBEC-BD93EA352885}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{523E4B8D-79BB-4054-A396-DBB26554B13D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5CD72E16-17E3-42F1-BF4D-CB1505FE5F45}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{367388DF-C2AD-4E44-B43B-179473B3B9FD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6D874A14-77D6-4530-8CDC-D91E911B3B88}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F5E78ED0-CCCF-40C7-9C83-5F4D0DA992CB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{71FC1B05-FA58-4964-B739-B5F690D12AD0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3BB7F883-80D3-4DAF-9451-483480E4AE53}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{04B249E9-3E1A-433C-80F4-596D41156C42}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E155A699-3F1A-4954-8C1B-545F7C726FC2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4B40BC5A-4102-4F78-9A70-3958880D874C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D0AEAD27-B2EC-4C4A-80CA-07E307F21CD5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{20E0C955-BEBC-4740-B3E0-0F5D1C05343A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F15D49B6-07FD-4627-93C9-8C2B27003EC8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BD66EB53-CF17-4FC9-BDC1-7F821A5E310B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{83F04775-5E2E-4D53-987A-707A62E389E7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{065DBE76-6B94-42CF-9B56-53D338B2B4BC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{60041397-B5E7-430D-9F5D-44D126DD05E8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1F495065-7F98-4AB9-9844-6CB25369B10E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C45BBB1E-9419-47DA-8B3A-183E202A23F9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{190B3418-E1D4-43B0-825E-D38287F37B69}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FEE25EB0-351D-4762-873F-4872EE8AA669}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7AE8B2C5-BFFB-46CA-85E5-0A9B7A5C1039}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0953BE44-FCB8-4A28-A1BD-8AD3546669AE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FD808A00-7223-413B-89D2-B95B74700051}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{99F98F4F-0D90-4992-8296-C9FA3F8E39AF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3FED2E26-27E5-4720-BF0E-8FE18EE8A5A8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B90118CB-C22C-4F5C-9CCD-D8ABBABB1B18}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C7B6E095-8EE9-41A1-80DE-0267E73382E0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FC57D040-E9B9-4978-A646-D03074EC78B1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{11786302-AF6E-482C-A856-0BB385E2AEB4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2D18CFCE-56FA-4800-8047-BDFE050937FA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5F032020-361E-4D48-B4CF-BD809BDDB329}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FD9387FE-9A59-4D62-9811-225BC188C198}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 132299008 B
Java, Flash, Steam htmlcache => 410 B
Windows/system/drivers => 5266113 B
Edge => 0 B
Chrome => 569884987 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 156894 B
NetworkService => 156894 B
rC3 => 19217601 B
Terka => 19404882 B
DefaultAppPool => 19404882 B

RecycleBin => 0 B
EmptyTemp: => 740.3 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 10:07:25 ====

#8 Příspěvek od **Diallix** » 30 říj 2020 10:16

Ako je na tom pocitac?

rc3 · #9 Příspěvek od **rc3** » 30 říj 2020 10:23

Po fixu a následném restartu zůstal správce úloh přístupný a norton zatím nic nehlásí. Vypadá to že je problém vyřešen, mnohokrát díky za pomoc.

#10 Příspěvek od **Diallix** » 30 říj 2020 14:47

Nemate zac.

VIRY.CZ

Prosím o kontrolu

Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu