Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Proxy skript 127.0.0.1:86

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Sionn89
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 05 kvě 2021 19:35

Proxy skript 127.0.0.1:86

#1 Příspěvek od Sionn89 »

Dobry den.
Potreboval by som od vas pomoct s mensim nesvarom.

Po skumani problemu s nacitavanim Youtube (broken sidepanel, nenacitanie videi atd.) som zistil, ze sa mi v Proxy settings OSka objavil proxy setup skript, so script address http://127.0.0.1:86/
Proxy som smaznul z nasledujucich registrov:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\ProxyMgr
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NlaSvc\Parameters\Internet\ManualProxies
Odmazanie obnovilo funkcionalitu YT (a predpokladam i inych webov), bohuzel proxy skript sa po restarte neustale vracia.

ProcMon pri boote mi ukazal len to, ze proxy do AutoConfigURL vzdy pri startupu zpatky nahodi svchost
(C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc)
a to do lokaci:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\AutoConfigURL
HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\AutoConfigURL
HKLM\System\CurrentControlSet\Services\iphlpsvc\Parameters\ProxyMgr\{FA83B550-CF6A-4B62-9170-FB7B04B1BF75}\AutoConfigUrl
HKLM\System\CurrentControlSet\Services\NlaSvc\Parameters\Internet\ManualProxies\(Default)

Uprimne nevim jak dlho to tak uz takto pretrvava, problemy sa objavili par tyzdnov dozadu, prvykrat odmazanie proxy skriptu pomohlo, teraz za to neustale vracia.
Spybot S&D mi nieco malo precistil, Malwarebytes nic nenasiel (ten naposledy odmazaval PUP.Optional.Privoxy z %ProgramFiles(x86)%\SystemWin ale to este v 2017), ESET tiez nenasiel nic podstatne.
Bohuzial issue s proxy skriptom po restarte stale pretrvava.

Zaroven je divne, ze inetcpl.cpl mi neumozni editovat LAN settings (managed by admin, i kdyz jsem admin), moze to suvisiet s IE Restriction co nasiel FSRT?

FSRT a Addition logy prikladam do prilohy.
sionn89_1.zip
(116.62 KiB) Staženo 67 x
Budem vdacny za akukolvek pomoc.
Diky mockrat.


[EDIT] - skusil som schvalne ist na IP port co ziskam, vratil sa mi application/x-ns-proxy-autoconfig subor, otvoril som ho v notepade, ma nasledujuci obsah (na IP s portom 83 sa mi uz nevratilo nic.) :

function FindProxyForURL(url, host) {
//Ver:1.0.0.4
if (shExpMatch(url, "*/recaptcha/*")) return "DIRECT";
if (shExpMatch(host, "cse.google.*")) return "PROXY 127.0.0.1:83";
if (shExpMatch(host, "www.google.*")) return "PROXY 127.0.0.1:83";
if (shExpMatch(host, "*search.yahoo.com")) return "PROXY 127.0.0.1:83";
if (shExpMatch(host, "www.bing.*")) return "PROXY 127.0.0.1:83";
if (shExpMatch(host, "www.amazon.*")) return "PROXY 127.0.0.1:83";
if (shExpMatch(host, "www.youtube.*")) return "PROXY 127.0.0.1:83";
if (shExpMatch(host, "www.ebay.*")) return "PROXY 127.0.0.1:83";
return "DIRECT";}


[EDIT 2] - resource monitor mi ukazal, ze na portoch 83 a 86 naslucha C:\Program Files (x86)\Common Files\InstallShield\Engine\8\intel 32\iKernel.exe - ten ale scany ESET atd. presiel bez viru. VirusTotal zdetekoval len 2/69, tie 2 nalezy su Generic.mg.10624ff080820515 / TScope.Trojan.MSIL - mozno to bude hlavnym vinnikom? Fake InstallShield assembly?

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Proxy skript 127.0.0.1:86

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Sionn89
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 05 kvě 2021 19:35

Re: Proxy skript 127.0.0.1:86

#3 Příspěvek od Sionn89 »

Zdravim, Rudy.
Dekuji, log zde:

# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build: 03-22-2021
# Database: 2021-04-28.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-05-2021
# Duration: 00:00:01
# OS: Windows 10 Pro
# Cleaned: 7
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com
Deleted HKCU\Software\Sunisoft
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2462 octets] - [05/05/2021 21:54:24]
AdwCleaner[S01].txt - [2523 octets] - [05/05/2021 21:56:05]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Proxy skript 127.0.0.1:86

#4 Příspěvek od Rudy »

OK. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Sionn89
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 05 kvě 2021 19:35

Re: Proxy skript 127.0.0.1:86

#5 Příspěvek od Sionn89 »

Zdravim, Rudy.

Je to teda ono, killnul som ikernel, odstranil exe se subfoldrem, vycistil register, odobral sched.task, a proxy skript je minulostou :) + hajzel si k tomu jeste nahodil fake "Digicert Global Root G1A" medzi RootCA... Takze nuke CAcka a zmazanie vsetkych personal certificates co boli issued tou CA..
Subory mam v kopii bokom, uz som to poslal ESETu ako novy sample, je to zatim blbe, ze to nedetekuje vetsina hlavnych AVs...

Clean teda asi bude o odstraneni bordelu, co po nem ostalo, napr. ten restriction na inetcpl.cpl atd.

Logy zde:
Sionn89_2.zip
(28.08 KiB) Staženo 66 x
Dekuji

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Proxy skript 127.0.0.1:86

#6 Příspěvek od Rudy »

Jistě, bude to o tom. Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {5777CC80-D97C-4973-B2D7-E2EE9EC8AFE4} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <==== ATTENTION (Restriction - ProxySettings)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
FF ProfilePath: C:\Users\Etiainen\AppData\Roaming\Mozilla\Firefox\Profiles\ivievfe7.default [not found] <==== ATTENTION
C:\Users\Etiainen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
AlternateDataStreams: C:\ProgramData\TEMP:CD30FA91 [109]
FirewallRules: [{223D2F13-0209-4F4E-8550-26D2E541D71B}] => (Allow) D:\Games\Steam\steamapps\common\Mafia\Mafia\setup.exe => No File
FirewallRules: [{0FA18F28-8181-4670-B0FA-B875862C9538}] => (Allow) D:\Games\Steam\steamapps\common\Mafia\Mafia\setup.exe => No File
FirewallRules: [{D665CFE4-AAAF-4C72-A675-5E2C29140347}] => (Allow) D:\Games\Steam\steamapps\common\Mafia\Mafia\Game.exe => No File
FirewallRules: [{9CA057A3-539A-4E6B-B6A7-53AD7D331609}] => (Allow) D:\Games\Steam\steamapps\common\Mafia\Mafia\Game.exe => No File
FirewallRules: [{7CF8BADD-D5FD-48DC-B679-88C18682C0EB}] => (Allow) D:\Games\Steam\steamapps\common\Mafia III\Launcher.exe => No File
FirewallRules: [{28B12CCA-1B6D-49B6-B2A7-B515152263D0}] => (Allow) D:\Games\Steam\steamapps\common\Mafia III\Launcher.exe => No File
FirewallRules: [{2D136B19-A58F-424B-9D64-388F4EBD68D6}] => (Allow) D:\Games\Steam\steamapps\common\Grand Theft Auto Vice City\gta-vc.exe => No File
FirewallRules: [{E4AB496E-C75F-4B7E-8948-F5C697CB8EA4}] => (Allow) D:\Games\Steam\steamapps\common\Grand Theft Auto Vice City\gta-vc.exe => No File
FirewallRules: [{5B971883-38B5-43B2-AFA6-D69138582C71}] => (Allow) D:\Games\Steam\steamapps\common\Commandos 2 Men of Courage\Legacy\comm2.exe => No File
FirewallRules: [{ADB19C70-BA1D-42C6-BB08-F4A45F7D5B7C}] => (Allow) D:\Games\Steam\steamapps\common\Commandos 2 Men of Courage\Legacy\comm2.exe => No File
FirewallRules: [{7D131751-0788-4275-BE41-017F7D75A934}] => (Allow) D:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{2FF3AA51-5434-40B0-9462-F52D32D57134}] => (Allow) D:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{50EAC000-C7CA-42F8-AA73-07B7DB386A37}] => (Allow) D:\Games\Steam\steamapps\common\Space\launcher\launcher.exe => No File
FirewallRules: [{EF209682-E7F4-4498-A5BC-4FAD21A8C2C9}] => (Allow) D:\Games\Steam\steamapps\common\Space\launcher\launcher.exe => No File
FirewallRules: [{8471EA32-2F49-437D-A3C5-B7C8D071C47C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe => No File
FirewallRules: [{C71C6939-9A1A-47B1-888B-7A164D0872C1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe => No File
FirewallRules: [{4282067A-75B9-4116-8A58-323BC781A9DF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe => No File
FirewallRules: [{26693034-9C75-409F-B887-EA4268C182D1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe => No File
FirewallRules: [{51125E27-0965-4F3B-A7AB-12A23C617BC3}] => (Allow) D:\Games\Steam\steamapps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe => No File
FirewallRules: [{77AF504C-74FF-4E0C-BAD7-61F3B43BB54A}] => (Allow) D:\Games\Steam\steamapps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe => No File
FirewallRules: [{F5ACA3B7-825E-40CA-B379-02AE58AA6F87}] => (Allow) D:\Games\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe => No File
FirewallRules: [{A1B12DB2-F66A-4A93-BF00-66AA1A169E05}] => (Allow) D:\Games\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe => No File
FirewallRules: [{D4BB83C5-55AA-4A41-AD78-D557253225B1}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe => No File
FirewallRules: [{1DD99989-F2A0-45C5-9474-EEB93D82DE67}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe => No File
FirewallRules: [{4067C7D0-9F10-4919-A62A-A44E76744ACF}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe => No File
FirewallRules: [{14D87C5D-09B8-4EE1-BB48-10DA72F6617C}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe => No File
FirewallRules: [{6A7FBA19-84BD-4D49-94BD-BE6F16B4A7AF}] => (Allow) D:\Games\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe => No File
FirewallRules: [{D43AEFCA-2C16-4C7D-8520-351EAC74D159}] => (Allow) D:\Games\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe => No File
FirewallRules: [{7BA56C40-7504-494C-BAFE-8304FEC9C276}] => (Allow) D:\Games\Steam\bin\steamwebhelper.exe => No File
FirewallRules: [{C40009F7-F487-4392-A8DD-E57F5BEF472F}] => (Allow) D:\Games\Steam\bin\steamwebhelper.exe => No File
FirewallRules: [{09A879E7-C7C5-41F8-9F55-6B43ABD97B36}] => (Allow) D:\Games\Steam\Steam.exe => No File
FirewallRules: [{D1006281-25D9-4524-AD66-E351B1F21EBA}] => (Allow) D:\Games\Steam\Steam.exe => No File
FirewallRules: [{D086097B-FF10-43F5-8D37-05E83EB5F81A}] => (Allow) D:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{452F6293-2F06-4CC5-BCCE-C2C092B79BBE}] => (Allow) D:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{48EE311B-FD2C-4DD8-B1C9-45B321777E1D}] => (Allow) D:\Games\Watch_Dogs\bin\watch_dogs.exe => No File
FirewallRules: [{EFD4BF96-E4D1-4E2D-B5EC-6CAD434F9A19}] => (Allow) D:\Games\Watch_Dogs\bin\watch_dogs.exe => No File
FirewallRules: [{4DB8E343-20B7-4F68-ABCF-B8B1844B30C4}] => (Allow) C:\Windows\AutoKMS\AutoKMS.exe => No File
FirewallRules: [{D6FC876D-3A58-455D-99E4-FAE78CE82DAE}] => (Allow) C:\Windows\AutoKMS\AutoKMS.exe => No File
FirewallRules: [{74381A4C-11A6-43EC-BB6F-F102B2EA3C2C}] => (Allow) D:\Games\Steam\steamapps\common\SOMA\Soma.exe => No File
FirewallRules: [{1FF6AEF2-D9D5-420E-A835-BBDD6C4C53EE}] => (Allow) D:\Games\Steam\steamapps\common\SOMA\Soma.exe => No File
FirewallRules: [{81570E2C-C23D-4CA1-A0C9-BE21128A620B}] => (Allow) D:\Games\Steam\steamapps\common\SOMA\ModLauncher.exe => No File
FirewallRules: [{6422CCC3-EAE5-4B2A-8FC0-A485CA49AEB9}] => (Allow) D:\Games\Steam\steamapps\common\SOMA\ModLauncher.exe => No File
FirewallRules: [{A8919AB8-74C3-41EF-982E-97D0F8047C2B}] => (Allow) D:\Games\Steam\steamapps\common\Black Mesa\bms.exe => No File
FirewallRules: [{E625B7A8-DFC2-4E20-9AF9-BEA54DD41E94}] => (Allow) D:\Games\Steam\steamapps\common\Black Mesa\bms.exe => No File
FirewallRules: [{277784C8-3B1F-40B9-8504-6C58A989A148}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{F85965B8-79CA-499F-9CCF-446A95476C3D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{3CD3387B-9842-4DB7-8C57-497BB0B121AD}] => (Allow) C:\Users\Etiainen\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{831FB275-6477-451C-8658-AC353CD27A8C}] => (Allow) D:\Games\Steam\steamapps\common\Mafia III\2KLauncher\LauncherPatcher.exe => No File
FirewallRules: [{24CD0D7D-E1BE-432F-99FA-07E625A55AA1}] => (Allow) D:\Games\Steam\steamapps\common\Mafia III\2KLauncher\LauncherPatcher.exe => No File

EmptyTemp:
Hosts:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Sionn89
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 05 kvě 2021 19:35

Re: Proxy skript 127.0.0.1:86

#7 Příspěvek od Sionn89 »

Zdravim,

Fix dokoncen. Zatim jediny negativni impact vidim nutnost znovuvytvorit firefox profil, ale to je par minut :D
Jinka inetcpl.cpl jiz bez omezeni :) Dekuji!

Log zde:
Fix result of Farbar Recovery Scan Tool (x64) Version: 28-04-2021
Ran by Etiainen (07-05-2021 19:09:50) Run:1
Running from C:\Users\Etiainen\Desktop
Loaded Profiles: Etiainen
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {5777CC80-D97C-4973-B2D7-E2EE9EC8AFE4} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <==== ATTENTION (Restriction - ProxySettings)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
FF ProfilePath: C:\Users\Etiainen\AppData\Roaming\Mozilla\Firefox\Profiles\ivievfe7.default [not found] <==== ATTENTION
C:\Users\Etiainen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
AlternateDataStreams: C:\ProgramData\TEMP:CD30FA91 [109]
FirewallRules: [{223D2F13-0209-4F4E-8550-26D2E541D71B}] => (Allow) D:\Games\Steam\steamapps\common\Mafia\Mafia\setup.exe => No File
FirewallRules: [{0FA18F28-8181-4670-B0FA-B875862C9538}] => (Allow) D:\Games\Steam\steamapps\common\Mafia\Mafia\setup.exe => No File
FirewallRules: [{D665CFE4-AAAF-4C72-A675-5E2C29140347}] => (Allow) D:\Games\Steam\steamapps\common\Mafia\Mafia\Game.exe => No File
FirewallRules: [{9CA057A3-539A-4E6B-B6A7-53AD7D331609}] => (Allow) D:\Games\Steam\steamapps\common\Mafia\Mafia\Game.exe => No File
FirewallRules: [{7CF8BADD-D5FD-48DC-B679-88C18682C0EB}] => (Allow) D:\Games\Steam\steamapps\common\Mafia III\Launcher.exe => No File
FirewallRules: [{28B12CCA-1B6D-49B6-B2A7-B515152263D0}] => (Allow) D:\Games\Steam\steamapps\common\Mafia III\Launcher.exe => No File
FirewallRules: [{2D136B19-A58F-424B-9D64-388F4EBD68D6}] => (Allow) D:\Games\Steam\steamapps\common\Grand Theft Auto Vice City\gta-vc.exe => No File
FirewallRules: [{E4AB496E-C75F-4B7E-8948-F5C697CB8EA4}] => (Allow) D:\Games\Steam\steamapps\common\Grand Theft Auto Vice City\gta-vc.exe => No File
FirewallRules: [{5B971883-38B5-43B2-AFA6-D69138582C71}] => (Allow) D:\Games\Steam\steamapps\common\Commandos 2 Men of Courage\Legacy\comm2.exe => No File
FirewallRules: [{ADB19C70-BA1D-42C6-BB08-F4A45F7D5B7C}] => (Allow) D:\Games\Steam\steamapps\common\Commandos 2 Men of Courage\Legacy\comm2.exe => No File
FirewallRules: [{7D131751-0788-4275-BE41-017F7D75A934}] => (Allow) D:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{2FF3AA51-5434-40B0-9462-F52D32D57134}] => (Allow) D:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{50EAC000-C7CA-42F8-AA73-07B7DB386A37}] => (Allow) D:\Games\Steam\steamapps\common\Space\launcher\launcher.exe => No File
FirewallRules: [{EF209682-E7F4-4498-A5BC-4FAD21A8C2C9}] => (Allow) D:\Games\Steam\steamapps\common\Space\launcher\launcher.exe => No File
FirewallRules: [{8471EA32-2F49-437D-A3C5-B7C8D071C47C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe => No File
FirewallRules: [{C71C6939-9A1A-47B1-888B-7A164D0872C1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe => No File
FirewallRules: [{4282067A-75B9-4116-8A58-323BC781A9DF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe => No File
FirewallRules: [{26693034-9C75-409F-B887-EA4268C182D1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe => No File
FirewallRules: [{51125E27-0965-4F3B-A7AB-12A23C617BC3}] => (Allow) D:\Games\Steam\steamapps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe => No File
FirewallRules: [{77AF504C-74FF-4E0C-BAD7-61F3B43BB54A}] => (Allow) D:\Games\Steam\steamapps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe => No File
FirewallRules: [{F5ACA3B7-825E-40CA-B379-02AE58AA6F87}] => (Allow) D:\Games\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe => No File
FirewallRules: [{A1B12DB2-F66A-4A93-BF00-66AA1A169E05}] => (Allow) D:\Games\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe => No File
FirewallRules: [{D4BB83C5-55AA-4A41-AD78-D557253225B1}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe => No File
FirewallRules: [{1DD99989-F2A0-45C5-9474-EEB93D82DE67}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe => No File
FirewallRules: [{4067C7D0-9F10-4919-A62A-A44E76744ACF}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe => No File
FirewallRules: [{14D87C5D-09B8-4EE1-BB48-10DA72F6617C}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe => No File
FirewallRules: [{6A7FBA19-84BD-4D49-94BD-BE6F16B4A7AF}] => (Allow) D:\Games\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe => No File
FirewallRules: [{D43AEFCA-2C16-4C7D-8520-351EAC74D159}] => (Allow) D:\Games\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe => No File
FirewallRules: [{7BA56C40-7504-494C-BAFE-8304FEC9C276}] => (Allow) D:\Games\Steam\bin\steamwebhelper.exe => No File
FirewallRules: [{C40009F7-F487-4392-A8DD-E57F5BEF472F}] => (Allow) D:\Games\Steam\bin\steamwebhelper.exe => No File
FirewallRules: [{09A879E7-C7C5-41F8-9F55-6B43ABD97B36}] => (Allow) D:\Games\Steam\Steam.exe => No File
FirewallRules: [{D1006281-25D9-4524-AD66-E351B1F21EBA}] => (Allow) D:\Games\Steam\Steam.exe => No File
FirewallRules: [{D086097B-FF10-43F5-8D37-05E83EB5F81A}] => (Allow) D:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{452F6293-2F06-4CC5-BCCE-C2C092B79BBE}] => (Allow) D:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{48EE311B-FD2C-4DD8-B1C9-45B321777E1D}] => (Allow) D:\Games\Watch_Dogs\bin\watch_dogs.exe => No File
FirewallRules: [{EFD4BF96-E4D1-4E2D-B5EC-6CAD434F9A19}] => (Allow) D:\Games\Watch_Dogs\bin\watch_dogs.exe => No File
FirewallRules: [{4DB8E343-20B7-4F68-ABCF-B8B1844B30C4}] => (Allow) C:\Windows\AutoKMS\AutoKMS.exe => No File
FirewallRules: [{D6FC876D-3A58-455D-99E4-FAE78CE82DAE}] => (Allow) C:\Windows\AutoKMS\AutoKMS.exe => No File
FirewallRules: [{74381A4C-11A6-43EC-BB6F-F102B2EA3C2C}] => (Allow) D:\Games\Steam\steamapps\common\SOMA\Soma.exe => No File
FirewallRules: [{1FF6AEF2-D9D5-420E-A835-BBDD6C4C53EE}] => (Allow) D:\Games\Steam\steamapps\common\SOMA\Soma.exe => No File
FirewallRules: [{81570E2C-C23D-4CA1-A0C9-BE21128A620B}] => (Allow) D:\Games\Steam\steamapps\common\SOMA\ModLauncher.exe => No File
FirewallRules: [{6422CCC3-EAE5-4B2A-8FC0-A485CA49AEB9}] => (Allow) D:\Games\Steam\steamapps\common\SOMA\ModLauncher.exe => No File
FirewallRules: [{A8919AB8-74C3-41EF-982E-97D0F8047C2B}] => (Allow) D:\Games\Steam\steamapps\common\Black Mesa\bms.exe => No File
FirewallRules: [{E625B7A8-DFC2-4E20-9AF9-BEA54DD41E94}] => (Allow) D:\Games\Steam\steamapps\common\Black Mesa\bms.exe => No File
FirewallRules: [{277784C8-3B1F-40B9-8504-6C58A989A148}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{F85965B8-79CA-499F-9CCF-446A95476C3D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{3CD3387B-9842-4DB7-8C57-497BB0B121AD}] => (Allow) C:\Users\Etiainen\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{831FB275-6477-451C-8658-AC353CD27A8C}] => (Allow) D:\Games\Steam\steamapps\common\Mafia III\2KLauncher\LauncherPatcher.exe => No File
FirewallRules: [{24CD0D7D-E1BE-432F-99FA-07E625A55AA1}] => (Allow) D:\Games\Steam\steamapps\common\Mafia III\2KLauncher\LauncherPatcher.exe => No File

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5777CC80-D97C-4973-B2D7-E2EE9EC8AFE4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5777CC80-D97C-4973-B2D7-E2EE9EC8AFE4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxySettingsPerUser" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
C:\Users\Etiainen\AppData\Roaming\Mozilla\Firefox\Profiles\ivievfe7.default => path removed successfully
C:\Users\Etiainen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
C:\ProgramData\TEMP => ":CD30FA91" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{223D2F13-0209-4F4E-8550-26D2E541D71B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0FA18F28-8181-4670-B0FA-B875862C9538}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D665CFE4-AAAF-4C72-A675-5E2C29140347}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9CA057A3-539A-4E6B-B6A7-53AD7D331609}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7CF8BADD-D5FD-48DC-B679-88C18682C0EB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{28B12CCA-1B6D-49B6-B2A7-B515152263D0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2D136B19-A58F-424B-9D64-388F4EBD68D6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E4AB496E-C75F-4B7E-8948-F5C697CB8EA4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5B971883-38B5-43B2-AFA6-D69138582C71}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ADB19C70-BA1D-42C6-BB08-F4A45F7D5B7C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7D131751-0788-4275-BE41-017F7D75A934}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2FF3AA51-5434-40B0-9462-F52D32D57134}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{50EAC000-C7CA-42F8-AA73-07B7DB386A37}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EF209682-E7F4-4498-A5BC-4FAD21A8C2C9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8471EA32-2F49-437D-A3C5-B7C8D071C47C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C71C6939-9A1A-47B1-888B-7A164D0872C1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4282067A-75B9-4116-8A58-323BC781A9DF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{26693034-9C75-409F-B887-EA4268C182D1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{51125E27-0965-4F3B-A7AB-12A23C617BC3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{77AF504C-74FF-4E0C-BAD7-61F3B43BB54A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F5ACA3B7-825E-40CA-B379-02AE58AA6F87}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A1B12DB2-F66A-4A93-BF00-66AA1A169E05}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D4BB83C5-55AA-4A41-AD78-D557253225B1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1DD99989-F2A0-45C5-9474-EEB93D82DE67}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4067C7D0-9F10-4919-A62A-A44E76744ACF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{14D87C5D-09B8-4EE1-BB48-10DA72F6617C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6A7FBA19-84BD-4D49-94BD-BE6F16B4A7AF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D43AEFCA-2C16-4C7D-8520-351EAC74D159}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7BA56C40-7504-494C-BAFE-8304FEC9C276}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C40009F7-F487-4392-A8DD-E57F5BEF472F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{09A879E7-C7C5-41F8-9F55-6B43ABD97B36}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D1006281-25D9-4524-AD66-E351B1F21EBA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D086097B-FF10-43F5-8D37-05E83EB5F81A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{452F6293-2F06-4CC5-BCCE-C2C092B79BBE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{48EE311B-FD2C-4DD8-B1C9-45B321777E1D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EFD4BF96-E4D1-4E2D-B5EC-6CAD434F9A19}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4DB8E343-20B7-4F68-ABCF-B8B1844B30C4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D6FC876D-3A58-455D-99E4-FAE78CE82DAE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{74381A4C-11A6-43EC-BB6F-F102B2EA3C2C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1FF6AEF2-D9D5-420E-A835-BBDD6C4C53EE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{81570E2C-C23D-4CA1-A0C9-BE21128A620B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6422CCC3-EAE5-4B2A-8FC0-A485CA49AEB9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A8919AB8-74C3-41EF-982E-97D0F8047C2B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E625B7A8-DFC2-4E20-9AF9-BEA54DD41E94}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{277784C8-3B1F-40B9-8504-6C58A989A148}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F85965B8-79CA-499F-9CCF-446A95476C3D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3CD3387B-9842-4DB7-8C57-497BB0B121AD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{831FB275-6477-451C-8658-AC353CD27A8C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{24CD0D7D-E1BE-432F-99FA-07E625A55AA1}" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 14704640 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 307189924 B
Java, Flash, Steam htmlcache => 969756867 B
Windows/system/drivers => 904762 B
Edge => 47706685 B
Chrome => 509891417 B
Firefox => 1194037045 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 103516 B
NetworkService => 104710 B
Etiainen => 441798234 B

RecycleBin => 76551022 B
EmptyTemp: => 3.3 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:16:53 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Proxy skript 127.0.0.1:86

#8 Příspěvek od Rudy »

Sionn89 píše:Zatim jediny negativni impact vidim nutnost znovuvytvorit firefox profil...
Divné, ADW profil normálně nemaže a ani jsem mu nedal žádný takový příkaz. Bylo smazáno, nemáte zač. :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Sionn89
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 05 kvě 2021 19:35

Re: Proxy skript 127.0.0.1:86

#9 Příspěvek od Sionn89 »

Rudy píše: 07 kvě 2021 19:04
Sionn89 píše:Zatim jediny negativni impact vidim nutnost znovuvytvorit firefox profil...
Divné, ADW profil normálně nemaže a ani jsem mu nedal žádný takový příkaz. Bylo smazáno, nemáte zač. :)
Asi nejaky mini-firefoxfart, profil tam realne fyzicky je, akurat necitelny... ale to jsem za chvilku spravil :)

Ted jenom doufat, ze se tohoto svinstva chyti postupne antiviraky. Nasel jsem i instalacku v TEMPu, ta ma na virustotalu zatim 3/69 :D

Jeste jednou dik, Rudy :) Posilam i donate, forum jsem vyuzil vicekrat a vicekrat jste mi uz pomohli :) (pod inym nickem a nepamatuju heslo k starymu mailu :D)

Krasny vecer prajem! :)

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Proxy skript 127.0.0.1:86

#10 Příspěvek od Rudy »

OK a nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno