Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Někdo je v mém PC

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Zpráva
Autor
not_ketchupp
5. stupeň - BAN
Příspěvky: 38
Registrován: 05 dub 2021 18:31

Re: Někdo je v mém PC

#46 Příspěvek od not_ketchupp »

Teď mám zkopírovat ten váš text, který jste mi posílal. Ale nevím kam ho mám dát. Mám vymazat ten text v textovém souboru fixlist???

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118191
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Někdo je v mém PC

#47 Příspěvek od Rudy »

Mám dojem, že si buď ze mne děláte srandu, anebo si pozorně nepřečtete instrukce, které vám posílám. Tak tedy a naposledy:

1. Otevřete poznámkový blok (myslím nový, čistý)
2. Text, který jsem poslal zkopírujete do toho otevřeného poznámkového bloku
3. Uložíte do stejného adresáře, kde máte uloženu aplikaci FRST jako fixlist.txt
4. Fixlist zavřete
5. Znovu spustíte aplikaci FRST a klinete na >Fix<. Proběhne mazání a budete požádán o restart
6. Provedete restart, po kterém se otevře fislog.txt (pokud by se neotevřel sám, najdete ho ve stejném adresáři
7. Text z fixlog.txt zkopírujete sem do fóra

Lépe a jednodušeji to už opravdu neumím vysvětlit.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

not_ketchupp
5. stupeň - BAN
Příspěvky: 38
Registrován: 05 dub 2021 18:31

Re: Někdo je v mém PC

#48 Příspěvek od not_ketchupp »

Ale já nevím jak se bude jmenovat (ten soubor). fixlist.txt??? fixlog.txt???

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15191
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Někdo je v mém PC

#49 Příspěvek od JaRon »

3. Uložíte do stejného adresáře, kde máte uloženu aplikaci FRST jako fixlist.txt
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118191
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Někdo je v mém PC

#50 Příspěvek od Rudy »

Je vidět, že nečtete instrukce:
Rudy píše:Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
:!:
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

not_ketchupp
5. stupeň - BAN
Příspěvky: 38
Registrován: 05 dub 2021 18:31

Re: Někdo je v mém PC

#51 Příspěvek od not_ketchupp »

Toto by mělo být ono

Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-12-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-20\...\Policies\system: []
HKU\S-1-5-21-1212909314-1353993095-2117482179-1001\...\MountPoints2: {0a8c0ab8-f8d2-11e9-bb97-90b11c8dc496} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1212909314-1353993095-2117482179-1001\...\MountPoints2: {37fb3f5a-5b62-11ea-bbb0-001a7dda7111} - "F:\setup.exe"
HKU\S-1-5-21-1212909314-1353993095-2117482179-1001\...\MountPoints2: {393bbffe-687f-11eb-bd62-90b11c8dc496} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1212909314-1353993095-2117482179-1001\...\MountPoints2: {cc47666b-0d5d-11eb-bccb-90b11c8dc496} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1212909314-1353993095-2117482179-1001\...\MountPoints2: {da0f45c8-aaf8-11ea-bc54-90b11c8dc496} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-19\...\Policies\system: []
HKU\S-1-5-18\...\Policies\system: []
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
C:\WINDOWS\SysWOW64\unp156707654.tmp
C:\Users\Milospc\AppData\Roaming\UgwIPUUWRxfZSNm
C:\Users\Milospc\AppData\Roaming\Kasuoreo
C:\Users\Milospc\AppData\Roaming\dxpiaLbEQTovDGYYL
C:\Users\Milospc\AppData\Roaming\Onagf
C:\Users\Milospc\AppData\Roaming\OIsXCbJHBYPenw
C:\Users\Milospc\Downloads\Outbyte-PC-Repair-11662247-Crack---License-Key-Free-Download-2021_f814605c5d678f16fc637c.zip
C:\Users\Milospc\Downloads\Streamlabs+OBS+Setup+0.27.1-mgNosYaFcbcxpZz.exe
CustomCLSID: HKU\S-1-5-21-1212909314-1353993095-2117482179-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Milospc\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Milospc\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Milospc\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Milospc\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Milospc\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Milospc\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Milospc\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Milospc\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
AlternateDataStreams: C:\Users\Milospc:Heroes & Generals [0]
AlternateDataStreams: C:\Users\Milospc\AppData\Local\Temp:$DATA​ [0]
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
FirewallRules: [TCP Query User{358A8AE0-28E7-412A-90EF-4E175E4ACA86}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [UDP Query User{7E36775F-A79B-42EC-A808-9EC9DCDE001B}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [{9F2E6941-E215-4820-B609-8D060C0D95B3}] => (Allow) C:\Users\zimul\AppData\Local\Programs\Opera\68.0.3618.104\opera.exe => No File
FirewallRules: [{60254BAD-1547-45C8-BF58-19862F7E2003}] => (Allow) C:\Users\zimul\AppData\Local\Programs\Opera\68.0.3618.125\opera.exe => No File
FirewallRules: [{83CCC72F-05C7-44B0-8061-62263894C280}] => (Allow) C:\Program Files\Epic Games\TrackmaniaNext\trackmania.exe => No File
FirewallRules: [{5882A00B-22F9-42F6-9099-E508983DC7EB}] => (Allow) C:\Program Files\Epic Games\TrackmaniaNext\trackmania.exe => No File
FirewallRules: [TCP Query User{69BB3FBB-73C1-47EE-BAD4-C84646D5AEDA}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [UDP Query User{C9BDB66D-8B73-4D45-859C-C152F016FF2C}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [TCP Query User{96365D89-101B-4944-9275-53BA1B85AE27}C:\users\milospc\appdata\local\programs\opera\70.0.3728.119\opera.exe] => (Allow) C:\users\milospc\appdata\local\programs\opera\70.0.3728.119\opera.exe => No File
FirewallRules: [UDP Query User{75684D88-4104-42CA-95CE-D75F8951B9D1}C:\users\milospc\appdata\local\programs\opera\70.0.3728.119\opera.exe] => (Allow) C:\users\milospc\appdata\local\programs\opera\70.0.3728.119\opera.exe => No File
FirewallRules: [TCP Query User{AED3B6CD-93C6-49FD-9DE9-13F44F4C8D6A}C:\program files\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_51\bin\javaw.exe => No File
FirewallRules: [UDP Query User{E9608693-A0D2-4207-B6D7-BBD15D240B27}C:\program files\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_51\bin\javaw.exe => No File
FirewallRules: [TCP Query User{0A99E0AA-1711-4546-849F-33F0B5080696}C:\program files\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_51\bin\javaw.exe => No File
FirewallRules: [UDP Query User{2BF27D67-4FD8-47F5-80D1-D6110B3B943F}C:\program files\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_51\bin\javaw.exe => No File
FirewallRules: [TCP Query User{25A62816-B8B7-464E-BE3A-DB05216D4636}C:\users\milospc\downloads\skate-3.exe] => (Allow) C:\users\milospc\downloads\skate-3.exe => No File
FirewallRules: [UDP Query User{772A50AB-0A51-49F8-ABD6-C1507CF18A53}C:\users\milospc\downloads\skate-3.exe] => (Allow) C:\users\milospc\downloads\skate-3.exe => No File
FirewallRules: [TCP Query User{BC075250-1BDD-4881-905D-2731537F3F3D}C:\program files\ldplayerbox\ldvboxheadless.exe] => (Allow) C:\program files\ldplayerbox\ldvboxheadless.exe => No File
FirewallRules: [UDP Query User{FB3E2067-E892-4FBE-B52C-942AD55EC62C}C:\program files\ldplayerbox\ldvboxheadless.exe] => (Allow) C:\program files\ldplayerbox\ldvboxheadless.exe => No File
FirewallRules: [TCP Query User{5DC1C3DE-0EB4-41C6-8F86-4095A125B60C}C:\program files\java\jre1.8.0_271\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_271\bin\javaw.exe => No File
FirewallRules: [UDP Query User{6730C93A-E8BF-4D62-9836-2E2DA48DAEC4}C:\program files\java\jre1.8.0_271\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_271\bin\javaw.exe => No File
FirewallRules: [{53214230-514D-4BE7-86F9-10E7FF9EE0E5}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe => No File
FirewallRules: [{3FCD3698-EF99-4A33-8A62-16AABE5B9978}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe => No File
FirewallRules: [{03CC29EA-9CE9-44BF-913A-449D60408935}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe => No File
FirewallRules: [{C4CF68F7-B141-427E-A405-B869C450CD32}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe => No File
FirewallRules: [{7A6B5208-CB8C-4B41-A776-839FB5728524}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe => No File
FirewallRules: [{C197BE58-29D9-460F-9E7D-C5A3B7084327}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe => No File
FirewallRules: [{3EC29D88-4A2F-4815-9C4E-C5B03F9D5D3B}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [{E00A498B-586E-467E-A7F2-8B50E49CCA70}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\OxygenPanelDaemon.exe => No File
FirewallRules: [{447E624C-84BE-441A-BF3D-53AC60250AA4}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe => No File
FirewallRules: [{97F40FB6-0DDA-4960-84AD-C36B03B4D84F}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe => No File
FirewallRules: [TCP Query User{3C974D6E-BA2E-4BB7-B00B-8819B3984C8A}C:\users\milospc\appdata\local\temp\rar$exa20908.17982\among.us.v2020.9.9s\among us.exe] => (Allow) C:\users\milospc\appdata\local\temp\rar$exa20908.17982\among.us.v2020.9.9s\among us.exe => No File
FirewallRules: [UDP Query User{C6C56EF7-4519-46FD-80A7-5973667C6B60}C:\users\milospc\appdata\local\temp\rar$exa20908.17982\among.us.v2020.9.9s\among us.exe] => (Allow) C:\users\milospc\appdata\local\temp\rar$exa20908.17982\among.us.v2020.9.9s\among us.exe => No File
FirewallRules: [TCP Query User{46B484B1-77A6-476E-B4FA-B6AE5953B516}C:\users\milospc\appdata\local\temp\rar$exa18740.39690\among.us.v2020.9.9s\among us.exe] => (Allow) C:\users\milospc\appdata\local\temp\rar$exa18740.39690\among.us.v2020.9.9s\among us.exe => No File
FirewallRules: [UDP Query User{26B717F4-F988-4E6F-B98D-D47DF2C6A632}C:\users\milospc\appdata\local\temp\rar$exa18740.39690\among.us.v2020.9.9s\among us.exe] => (Allow) C:\users\milospc\appdata\local\temp\rar$exa18740.39690\among.us.v2020.9.9s\among us.exe => No File
FirewallRules: [TCP Query User{73C27503-ABD0-4612-8AF6-5F3DDE5AE8F7}C:\users\milospc\appdata\local\temp\rar$exa20712.25099\among.us.v2020.9.9s\among us.exe] => (Allow) C:\users\milospc\appdata\local\temp\rar$exa20712.25099\among.us.v2020.9.9s\among us.exe => No File
FirewallRules: [UDP Query User{496EB067-1019-493E-8A19-AD98A392F96A}C:\users\milospc\appdata\local\temp\rar$exa20712.25099\among.us.v2020.9.9s\among us.exe] => (Allow) C:\users\milospc\appdata\local\temp\rar$exa20712.25099\among.us.v2020.9.9s\among us.exe => No File
FirewallRules: [TCP Query User{837F76C2-FB1F-4805-BDFA-A9E5E310DC05}C:\users\milospc\appdata\local\temp\rar$exa25488.42358\among.us.v2020.9.9s\among us.exe] => (Allow) C:\users\milospc\appdata\local\temp\rar$exa25488.42358\among.us.v2020.9.9s\among us.exe => No File
FirewallRules: [UDP Query User{AEF522F5-3763-425D-B7E6-D31C4AA85AD3}C:\users\milospc\appdata\local\temp\rar$exa25488.42358\among.us.v2020.9.9s\among us.exe] => (Allow) C:\users\milospc\appdata\local\temp\rar$exa25488.42358\among.us.v2020.9.9s\among us.exe => No File
FirewallRules: [TCP Query User{132F0FF0-457F-49EB-A8B7-35E530EB0E9A}C:\users\milospc\appdata\local\temp\rar$exa25488.2409\among.us.v2020.9.9s\among us.exe] => (Allow) C:\users\milospc\appdata\local\temp\rar$exa25488.2409\among.us.v2020.9.9s\among us.exe => No File
FirewallRules: [UDP Query User{257A571E-10E9-46A1-AFCB-CC6E4072DB30}C:\users\milospc\appdata\local\temp\rar$exa25488.2409\among.us.v2020.9.9s\among us.exe] => (Allow) C:\users\milospc\appdata\local\temp\rar$exa25488.2409\among.us.v2020.9.9s\among us.exe => No File
FirewallRules: [TCP Query User{4446389C-7B2E-4CB4-9551-2BC6B2B3A1E1}C:\users\milospc\appdata\local\temp\rar$exa16884.37665\among.us.v2020.9.9s\among us.exe] => (Allow) C:\users\milospc\appdata\local\temp\rar$exa16884.37665\among.us.v2020.9.9s\among us.exe => No File
FirewallRules: [UDP Query User{02273402-D4F3-4CCD-804D-02137FCEF0D2}C:\users\milospc\appdata\local\temp\rar$exa16884.37665\among.us.v2020.9.9s\among us.exe] => (Allow) C:\users\milospc\appdata\local\temp\rar$exa16884.37665\among.us.v2020.9.9s\among us.exe => No File
FirewallRules: [TCP Query User{FDD2AB8F-5216-4246-A646-FBC2FF161B9E}C:\users\milospc\appdata\local\temp\rar$exa584.35676\among.us.v2020.9.9s\among us.exe] => (Allow) C:\users\milospc\appdata\local\temp\rar$exa584.35676\among.us.v2020.9.9s\among us.exe => No File
FirewallRules: [UDP Query User{87FCD6AE-7389-4105-B4F8-C08D7ACB06C2}C:\users\milospc\appdata\local\temp\rar$exa584.35676\among.us.v2020.9.9s\among us.exe] => (Allow) C:\users\milospc\appdata\local\temp\rar$exa584.35676\among.us.v2020.9.9s\among us.exe => No File
FirewallRules: [TCP Query User{C48A9B3A-2086-42BE-B939-FDAED0BAB28C}C:\users\milospc\appdata\local\fivem\fivem.exe] => (Allow) C:\users\milospc\appdata\local\fivem\fivem.exe => No File
FirewallRules: [UDP Query User{E6A4DE44-8012-4AA5-9A42-0188F39F8D04}C:\users\milospc\appdata\local\fivem\fivem.exe] => (Allow) C:\users\milospc\appdata\local\fivem\fivem.exe => No File
FirewallRules: [{D2B1C3EA-23D8-4D2B-8214-48D555A37554}] => (Block) C:\Games\Forza Horizon 4\FH4\Microsoft.SunriseBaseGame_1.332.904.2_x64__8wekyb3d8bbwe.exe => No File
FirewallRules: [{AD718F50-9BEE-4AAE-86B1-8C5BB04CEF5E}] => (Block) C:\Games\Forza Horizon 4\FH4\Microsoft.SunriseBaseGame_1.332.904.2_x64__8wekyb3d8bbwe.exe => No File
FirewallRules: [{4F6E51A6-B9EC-4ECE-84BD-A2C338145992}] => (Block) C:\Games\Forza Horizon 4\FH4\Microsoft.SunriseBaseGame_1.332.904.2_x64__8wekyb3d8bbwe.exe => No File
FirewallRules: [{50531C96-5632-40F3-99CD-57258FB896A2}] => (Block) C:\Games\Forza Horizon 4\FH4\Microsoft.SunriseBaseGame_1.332.904.2_x64__8wekyb3d8bbwe.exe => No File
FirewallRules: [TCP Query User{A01224B8-0BB5-485F-B82E-80951A77C915}C:\users\milospc\appdata\local\temp\rar$exa4532.21716\among.us.v2020.11.17s\among.us.v2020.11.17s\among us.exe] => (Allow) C:\users\milospc\appdata\local\temp\rar$exa4532.21716\among.us.v2020.11.17s\among.us.v2020.11.17s\among us.exe => No File
FirewallRules: [UDP Query User{9EA8B534-9CE4-4C9C-916E-7B4EE5ECBAAD}C:\users\milospc\appdata\local\temp\rar$exa4532.21716\among.us.v2020.11.17s\among.us.v2020.11.17s\among us.exe] => (Allow) C:\users\milospc\appdata\local\temp\rar$exa4532.21716\among.us.v2020.11.17s\among.us.v2020.11.17s\among us.exe => No File
FirewallRules: [TCP Query User{4D70940C-3160-43BD-8E88-4E16A5A450D8}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Block) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe => No File
FirewallRules: [UDP Query User{7492C51B-84D9-439B-87BE-D86EF2593F8B}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Block) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe => No File
FirewallRules: [{C4044891-0EBD-478D-B539-AF6A4B9B1F02}] => (Allow) C:\Users\Milospc\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{8CCFB84D-F0D6-4CAC-B388-D10230CFC185}] => (Allow) C:\Users\Milospc\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{820B1EE6-A03E-419D-9068-51D2CE9EBA9A}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe => No File
FirewallRules: [{68828B5A-2991-4683-94FA-93C454CB1864}] => (Allow) D:\Hry\2019.4.17f1\Editor\Unity.exe => No File
FirewallRules: [{6B55C12F-EFC7-436A-BC5F-285F9F7059EF}] => (Block) D:\Hry\2019.4.17f1\Editor\Unity.exe => No File
FirewallRules: [TCP Query User{5AD036C7-BBDF-431C-903D-6790BC71C6A2}C:\program files\java\jre1.8.0_271\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_271\bin\javaw.exe => No File
FirewallRules: [UDP Query User{2A7DFB4A-911D-444C-B9CF-8917CF10863A}C:\program files\java\jre1.8.0_271\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_271\bin\javaw.exe => No File
FirewallRules: [{ACA880B9-563E-4E1A-8244-AA3F7877C6E6}] => (Allow) C:\WINDOWS\TEMP\nfyc577A.tmp\svchost.exe => No File
FirewallRules: [{91443409-7158-440D-92AF-9543116CF36C}] => (Allow) C:\WINDOWS\TEMP\nfyc577A.tmp\svchost.exe => No File
FirewallRules: [{631757B0-E0AB-4755-A38D-08DF5AE18E32}] => (Allow) C:\WINDOWS\TEMP\flt354IS.tmp\lsass.exe => No File
FirewallRules: [{D1334954-EE6D-403B-A265-F928DD74B3BE}] => (Allow) C:\WINDOWS\TEMP\flt354IS.tmp\lsass.exe => No File
FirewallRules: [{E1954805-B9E7-4802-8BDC-018B3F0491C4}] => (Allow) C:\WINDOWS\TEMP\nfyc577A.tmp\svchost.exe => No File
FirewallRules: [{3257BC98-8A14-4FA6-86D4-A7AEB9C29A82}] => (Allow) C:\WINDOWS\TEMP\nfyc577A.tmp\svchost.exe => No File
FirewallRules: [{0CD2FE39-DC74-4B6A-87E0-24A77320025D}] => (Allow) C:\WINDOWS\TEMP\flt354IS.tmp\lsass.exe => No File
FirewallRules: [{1DC37837-6EAE-448B-B3A1-2FE92EEEE3FE}] => (Allow) C:\WINDOWS\TEMP\flt354IS.tmp\lsass.exe => No File
FirewallRules: [{40411A8E-D43F-46DC-80E2-B8CEE8E8F29F}] => (Allow) C:\WINDOWS\TEMP\nfyc577A.tmp\svchost.exe => No File
FirewallRules: [{BA604527-F345-4CDC-9AF0-295D870084A7}] => (Allow) C:\WINDOWS\TEMP\nfyc577A.tmp\svchost.exe => No File
FirewallRules: [{2E19A69E-7B3D-48FC-AB6D-2E1D07707F11}] => (Allow) C:\WINDOWS\TEMP\flt354IS.tmp\lsass.exe => No File
FirewallRules: [{70CF0488-1AFA-4D27-BC1C-F9B5802C6DA7}] => (Allow) C:\WINDOWS\TEMP\flt354IS.tmp\lsass.exe => No File
FirewallRules: [{6C0637D5-1363-4EDF-936B-DE7B2806EFC5}] => (Allow) C:\WINDOWS\TEMP\nfyc577A.tmp\svchost.exe => No File
FirewallRules: [{B4E40423-F0BD-47FE-8586-599FF0974766}] => (Allow) C:\WINDOWS\TEMP\nfyc577A.tmp\svchost.exe => No File
FirewallRules: [{E93FFC9F-EE0A-40BE-9282-6988F1DD2A97}] => (Allow) C:\WINDOWS\TEMP\flt354IS.tmp\lsass.exe => No File
FirewallRules: [{6A56C4B8-3285-48A9-BCA7-AC6143AD799A}] => (Allow) C:\WINDOWS\TEMP\flt354IS.tmp\lsass.exe => No File
FirewallRules: [{4172AA0E-03DC-459E-857F-978BA8F2A2C5}] => (Allow) C:\WINDOWS\TEMP\nfyc577A.tmp\svchost.exe => No File
FirewallRules: [{3C9AF9D4-1AC1-4C78-B616-C6D09C865C8D}] => (Allow) C:\WINDOWS\TEMP\nfyc577A.tmp\svchost.exe => No File
FirewallRules: [{73515F63-3676-4396-A7BA-4D32EFD6AEDA}] => (Allow) C:\WINDOWS\TEMP\flt354IS.tmp\lsass.exe => No File
FirewallRules: [{F7E2A10C-EACE-42B7-ACD3-1639D49E0C2B}] => (Allow) C:\WINDOWS\TEMP\flt354IS.tmp\lsass.exe => No File
FirewallRules: [TCP Query User{33594C29-E494-4D8E-ACD1-3E727712BBB7}C:\program files (x86)\cobian backup 11\cbremotemanager.exe] => (Block) C:\program files (x86)\cobian backup 11\cbremotemanager.exe => No File
FirewallRules: [UDP Query User{63A03A73-0FD4-48FC-AE3A-6277AD0F2381}C:\program files (x86)\cobian backup 11\cbremotemanager.exe] => (Block) C:\program files (x86)\cobian backup 11\cbremotemanager.exe => No File

EmptyTemp:
End

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118191
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Někdo je v mém PC

#52 Příspěvek od Rudy »

Nemám slov. To je fixlist. Potřebuji vidět fixlog a ten vypadá např. takto: https://forum.viry.cz/viewtopic.php?p=1541010#p1541010 . Doporučuji vám znovu, aby si za váš PC sedl po dobu čištění někdo, kdo pochopí mé velmi jednoduché instrukce. Vy to nezvládáte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

not_ketchupp
5. stupeň - BAN
Příspěvky: 38
Registrován: 05 dub 2021 18:31

Re: Někdo je v mém PC

#53 Příspěvek od not_ketchupp »

Tady je fixlog

Fix result of Farbar Recovery Scan Tool (x64) Version: 05-04-2021
Ran by Milospc (10-04-2021 10:38:45) Run:1
Running from C:\Users\Milospc\Desktop\logs
Loaded Profiles: defaultuser0 & Milospc & zimul & postgres
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-12-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-20\...\Policies\system: []
HKU\S-1-5-21-1212909314-1353993095-2117482179-1001\...\Policies\system: []
HKU\S-1-5-21-1212909314-1353993095-2117482179-1001\...\MountPoints2: {0a8c0ab8-f8d2-11e9-bb97-90b11c8dc496} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1212909314-1353993095-2117482179-1001\...\MountPoints2: {37fb3f5a-5b62-11ea-bbb0-001a7dda7111} - "F:\setup.exe"
HKU\S-1-5-21-1212909314-1353993095-2117482179-1001\...\MountPoints2: {393bbffe-687f-11eb-bd62-90b11c8dc496} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1212909314-1353993095-2117482179-1001\...\MountPoints2: {cc47666b-0d5d-11eb-bccb-90b11c8dc496} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1212909314-1353993095-2117482179-1001\...\MountPoints2: {da0f45c8-aaf8-11ea-bc54-90b11c8dc496} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-19\...\Policies\system: []
HKU\S-1-5-18\...\Policies\system: []
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
C:\Users\Milospc\AppData\Roaming\UgwIPUUWRxfZSNm
C:\Users\Milospc\AppData\Roaming\Kasuoreo
C:\Users\Milospc\AppData\Roaming\dxpiaLbEQTovDGYYL
C:\Users\Milospc\AppData\Roaming\Onagf
C:\Users\Milospc\AppData\Roaming\OIsXCbJHBYPenw
CustomCLSID: HKU\S-1-5-21-1212909314-1353993095-2117482179-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Milospc\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Milospc\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Milospc\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Milospc\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Milospc\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Milospc\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Milospc\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Milospc\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
AlternateDataStreams: C:\Users\Milospc:Heroes & Generals [0]
AlternateDataStreams: C:\Users\Milospc\AppData\Local\Temp:$DATA​ [0]
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
FirewallRules: [TCP Query User{358A8AE0-28E7-412A-90EF-4E175E4ACA86}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [UDP Query User{7E36775F-A79B-42EC-A808-9EC9DCDE001B}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [{A6E411D0-6081-4944-92F0-27219938A279}] => (Allow) C:\Program Files\Epic Games\AssassinsCreedSyndicate\ACS.exe => No File
FirewallRules: [{9F2E6941-E215-4820-B609-8D060C0D95B3}] => (Allow) C:\Users\zimul\AppData\Local\Programs\Opera\68.0.3618.104\opera.exe => No File
FirewallRules: [{60254BAD-1547-45C8-BF58-19862F7E2003}] => (Allow) C:\Users\zimul\AppData\Local\Programs\Opera\68.0.3618.125\opera.exe => No File
FirewallRules: [{83CCC72F-05C7-44B0-8061-62263894C280}] => (Allow) C:\Program Files\Epic Games\TrackmaniaNext\trackmania.exe => No File
FirewallRules: [{5882A00B-22F9-42F6-9099-E508983DC7EB}] => (Allow) C:\Program Files\Epic Games\TrackmaniaNext\trackmania.exe => No File
FirewallRules: [TCP Query User{69BB3FBB-73C1-47EE-BAD4-C84646D5AEDA}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [UDP Query User{C9BDB66D-8B73-4D45-859C-C152F016FF2C}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [TCP Query User{AED3B6CD-93C6-49FD-9DE9-13F44F4C8D6A}C:\program files\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_51\bin\javaw.exe => No File
FirewallRules: [UDP Query User{E9608693-A0D2-4207-B6D7-BBD15D240B27}C:\program files\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_51\bin\javaw.exe => No File
FirewallRules: [TCP Query User{0A99E0AA-1711-4546-849F-33F0B5080696}C:\program files\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_51\bin\javaw.exe => No File
FirewallRules: [UDP Query User{2BF27D67-4FD8-47F5-80D1-D6110B3B943F}C:\program files\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_51\bin\javaw.exe => No File
FirewallRules: [TCP Query User{25A62816-B8B7-464E-BE3A-DB05216D4636}C:\users\milospc\downloads\skate-3.exe] => (Allow) C:\users\milospc\downloads\skate-3.exe => No File
FirewallRules: [UDP Query User{772A50AB-0A51-49F8-ABD6-C1507CF18A53}C:\users\milospc\downloads\skate-3.exe] => (Allow) C:\users\milospc\downloads\skate-3.exe => No File
FirewallRules: [TCP Query User{89C79B61-BCD3-4FD0-BA96-FA6CCDA96752}C:\users\milospc\downloads\anydesk.exe] => (Allow) C:\users\milospc\downloads\anydesk.exe => No File
FirewallRules: [UDP Query User{495345E8-77D3-41BE-B53E-41A7813AD51B}C:\users\milospc\downloads\anydesk.exe] => (Allow) C:\users\milospc\downloads\anydesk.exe => No File
FirewallRules: [TCP Query User{BC075250-1BDD-4881-905D-2731537F3F3D}C:\program files\ldplayerbox\ldvboxheadless.exe] => (Allow) C:\program files\ldplayerbox\ldvboxheadless.exe => No File
FirewallRules: [UDP Query User{FB3E2067-E892-4FBE-B52C-942AD55EC62C}C:\program files\ldplayerbox\ldvboxheadless.exe] => (Allow) C:\program files\ldplayerbox\ldvboxheadless.exe => No File
FirewallRules: [TCP Query User{5DC1C3DE-0EB4-41C6-8F86-4095A125B60C}C:\program files\java\jre1.8.0_271\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_271\bin\javaw.exe => No File
FirewallRules: [UDP Query User{6730C93A-E8BF-4D62-9836-2E2DA48DAEC4}C:\program files\java\jre1.8.0_271\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_271\bin\javaw.exe => No File
FirewallRules: [{53214230-514D-4BE7-86F9-10E7FF9EE0E5}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe => No File
FirewallRules: [{3FCD3698-EF99-4A33-8A62-16AABE5B9978}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe => No File
FirewallRules: [{03CC29EA-9CE9-44BF-913A-449D60408935}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe => No File
FirewallRules: [{C4CF68F7-B141-427E-A405-B869C450CD32}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe => No File
FirewallRules: [{7A6B5208-CB8C-4B41-A776-839FB5728524}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe => No File
FirewallRules: [{C197BE58-29D9-460F-9E7D-C5A3B7084327}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe => No File
FirewallRules: [{3EC29D88-4A2F-4815-9C4E-C5B03F9D5D3B}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [{E00A498B-586E-467E-A7F2-8B50E49CCA70}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\OxygenPanelDaemon.exe => No File
FirewallRules: [{447E624C-84BE-441A-BF3D-53AC60250AA4}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe => No File
FirewallRules: [{97F40FB6-0DDA-4960-84AD-C36B03B4D84F}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe => No File
FirewallRules: [TCP Query User{3C974D6E-BA2E-4BB7-B00B-8819B3984C8A}C:\users\milospc\appdata\local\temp\rar$exa20908.17982\among.us.v2020.9.9s\among us.exe] => (Allow) C:\users\milospc\appdata\local\temp\rar$exa20908.17982\among.us.v2020.9.9s\among us.exe => No File
FirewallRules: [UDP Query User{C6C56EF7-4519-46FD-80A7-5973667C6B60}C:\users\milospc\appdata\local\temp\rar$exa20908.17982\among.us.v2020.9.9s\among us.exe] => (Allow) C:\users\milospc\appdata\local\temp\rar$exa20908.17982\among.us.v2020.9.9s\among us.exe => No File
FirewallRules: [TCP Query User{46B484B1-77A6-476E-B4FA-B6AE5953B516}C:\users\milospc\appdata\local\temp\rar$exa18740.39690\among.us.v2020.9.9s\among us.exe] => (Allow) C:\users\milospc\appdata\local\temp\rar$exa18740.39690\among.us.v2020.9.9s\among us.exe => No File
FirewallRules: [UDP Query User{26B717F4-F988-4E6F-B98D-D47DF2C6A632}C:\users\milospc\appdata\local\temp\rar$exa18740.39690\among.us.v2020.9.9s\among us.exe] => (Allow) C:\users\milospc\appdata\local\temp\rar$exa18740.39690\among.us.v2020.9.9s\among us.exe => No File
FirewallRules: [TCP Query User{73C27503-ABD0-4612-8AF6-5F3DDE5AE8F7}C:\users\milospc\appdata\local\temp\rar$exa20712.25099\among.us.v2020.9.9s\among us.exe] => (Allow) C:\users\milospc\appdata\local\temp\rar$exa20712.25099\among.us.v2020.9.9s\among us.exe => No File
FirewallRules: [UDP Query User{496EB067-1019-493E-8A19-AD98A392F96A}C:\users\milospc\appdata\local\temp\rar$exa20712.25099\among.us.v2020.9.9s\among us.exe] => (Allow) C:\users\milospc\appdata\local\temp\rar$exa20712.25099\among.us.v2020.9.9s\among us.exe => No File
FirewallRules: [TCP Query User{837F76C2-FB1F-4805-BDFA-A9E5E310DC05}C:\users\milospc\appdata\local\temp\rar$exa25488.42358\among.us.v2020.9.9s\among us.exe] => (Allow) C:\users\milospc\appdata\local\temp\rar$exa25488.42358\among.us.v2020.9.9s\among us.exe => No File
FirewallRules: [UDP Query User{AEF522F5-3763-425D-B7E6-D31C4AA85AD3}C:\users\milospc\appdata\local\temp\rar$exa25488.42358\among.us.v2020.9.9s\among us.exe] => (Allow) C:\users\milospc\appdata\local\temp\rar$exa25488.42358\among.us.v2020.9.9s\among us.exe => No File
FirewallRules: [TCP Query User{132F0FF0-457F-49EB-A8B7-35E530EB0E9A}C:\users\milospc\appdata\local\temp\rar$exa25488.2409\among.us.v2020.9.9s\among us.exe] => (Allow) C:\users\milospc\appdata\local\temp\rar$exa25488.2409\among.us.v2020.9.9s\among us.exe => No File
FirewallRules: [UDP Query User{257A571E-10E9-46A1-AFCB-CC6E4072DB30}C:\users\milospc\appdata\local\temp\rar$exa25488.2409\among.us.v2020.9.9s\among us.exe] => (Allow) C:\users\milospc\appdata\local\temp\rar$exa25488.2409\among.us.v2020.9.9s\among us.exe => No File
FirewallRules: [TCP Query User{4446389C-7B2E-4CB4-9551-2BC6B2B3A1E1}C:\users\milospc\appdata\local\temp\rar$exa16884.37665\among.us.v2020.9.9s\among us.exe] => (Allow) C:\users\milospc\appdata\local\temp\rar$exa16884.37665\among.us.v2020.9.9s\among us.exe => No File
FirewallRules: [UDP Query User{02273402-D4F3-4CCD-804D-02137FCEF0D2}C:\users\milospc\appdata\local\temp\rar$exa16884.37665\among.us.v2020.9.9s\among us.exe] => (Allow) C:\users\milospc\appdata\local\temp\rar$exa16884.37665\among.us.v2020.9.9s\among us.exe => No File
FirewallRules: [TCP Query User{FDD2AB8F-5216-4246-A646-FBC2FF161B9E}C:\users\milospc\appdata\local\temp\rar$exa584.35676\among.us.v2020.9.9s\among us.exe] => (Allow) C:\users\milospc\appdata\local\temp\rar$exa584.35676\among.us.v2020.9.9s\among us.exe => No File
FirewallRules: [UDP Query User{87FCD6AE-7389-4105-B4F8-C08D7ACB06C2}C:\users\milospc\appdata\local\temp\rar$exa584.35676\among.us.v2020.9.9s\among us.exe] => (Allow) C:\users\milospc\appdata\local\temp\rar$exa584.35676\among.us.v2020.9.9s\among us.exe => No File
FirewallRules: [TCP Query User{C48A9B3A-2086-42BE-B939-FDAED0BAB28C}C:\users\milospc\appdata\local\fivem\fivem.exe] => (Allow) C:\users\milospc\appdata\local\fivem\fivem.exe => No File
FirewallRules: [UDP Query User{E6A4DE44-8012-4AA5-9A42-0188F39F8D04}C:\users\milospc\appdata\local\fivem\fivem.exe] => (Allow) C:\users\milospc\appdata\local\fivem\fivem.exe => No File
FirewallRules: [{D2B1C3EA-23D8-4D2B-8214-48D555A37554}] => (Block) C:\Games\Forza Horizon 4\FH4\Microsoft.SunriseBaseGame_1.332.904.2_x64__8wekyb3d8bbwe.exe => No File
FirewallRules: [{AD718F50-9BEE-4AAE-86B1-8C5BB04CEF5E}] => (Block) C:\Games\Forza Horizon 4\FH4\Microsoft.SunriseBaseGame_1.332.904.2_x64__8wekyb3d8bbwe.exe => No File
FirewallRules: [{4F6E51A6-B9EC-4ECE-84BD-A2C338145992}] => (Block) C:\Games\Forza Horizon 4\FH4\Microsoft.SunriseBaseGame_1.332.904.2_x64__8wekyb3d8bbwe.exe => No File
FirewallRules: [{50531C96-5632-40F3-99CD-57258FB896A2}] => (Block) C:\Games\Forza Horizon 4\FH4\Microsoft.SunriseBaseGame_1.332.904.2_x64__8wekyb3d8bbwe.exe => No File
FirewallRules: [TCP Query User{A01224B8-0BB5-485F-B82E-80951A77C915}C:\users\milospc\appdata\local\temp\rar$exa4532.21716\among.us.v2020.11.17s\among.us.v2020.11.17s\among us.exe] => (Allow) C:\users\milospc\appdata\local\temp\rar$exa4532.21716\among.us.v2020.11.17s\among.us.v2020.11.17s\among us.exe => No File
FirewallRules: [UDP Query User{9EA8B534-9CE4-4C9C-916E-7B4EE5ECBAAD}C:\users\milospc\appdata\local\temp\rar$exa4532.21716\among.us.v2020.11.17s\among.us.v2020.11.17s\among us.exe] => (Allow) C:\users\milospc\appdata\local\temp\rar$exa4532.21716\among.us.v2020.11.17s\among.us.v2020.11.17s\among us.exe => No File
FirewallRules: [TCP Query User{4D70940C-3160-43BD-8E88-4E16A5A450D8}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Block) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe => No File
FirewallRules: [UDP Query User{7492C51B-84D9-439B-87BE-D86EF2593F8B}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Block) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe => No File
FirewallRules: [{C4044891-0EBD-478D-B539-AF6A4B9B1F02}] => (Allow) C:\Users\Milospc\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{8CCFB84D-F0D6-4CAC-B388-D10230CFC185}] => (Allow) C:\Users\Milospc\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{820B1EE6-A03E-419D-9068-51D2CE9EBA9A}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe => No File
FirewallRules: [{68828B5A-2991-4683-94FA-93C454CB1864}] => (Allow) D:\Hry\2019.4.17f1\Editor\Unity.exe => No File
FirewallRules: [{6B55C12F-EFC7-436A-BC5F-285F9F7059EF}] => (Block) D:\Hry\2019.4.17f1\Editor\Unity.exe => No File
FirewallRules: [TCP Query User{5AD036C7-BBDF-431C-903D-6790BC71C6A2}C:\program files\java\jre1.8.0_271\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_271\bin\javaw.exe => No File
FirewallRules: [UDP Query User{2A7DFB4A-911D-444C-B9CF-8917CF10863A}C:\program files\java\jre1.8.0_271\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_271\bin\javaw.exe => No File
FirewallRules: [{ACA880B9-563E-4E1A-8244-AA3F7877C6E6}] => (Allow) C:\WINDOWS\TEMP\nfyc577A.tmp\svchost.exe => No File
FirewallRules: [{91443409-7158-440D-92AF-9543116CF36C}] => (Allow) C:\WINDOWS\TEMP\nfyc577A.tmp\svchost.exe => No File
FirewallRules: [{631757B0-E0AB-4755-A38D-08DF5AE18E32}] => (Allow) C:\WINDOWS\TEMP\flt354IS.tmp\lsass.exe => No File
FirewallRules: [{D1334954-EE6D-403B-A265-F928DD74B3BE}] => (Allow) C:\WINDOWS\TEMP\flt354IS.tmp\lsass.exe => No File
FirewallRules: [{E1954805-B9E7-4802-8BDC-018B3F0491C4}] => (Allow) C:\WINDOWS\TEMP\nfyc577A.tmp\svchost.exe => No File
FirewallRules: [{3257BC98-8A14-4FA6-86D4-A7AEB9C29A82}] => (Allow) C:\WINDOWS\TEMP\nfyc577A.tmp\svchost.exe => No File
FirewallRules: [{0CD2FE39-DC74-4B6A-87E0-24A77320025D}] => (Allow) C:\WINDOWS\TEMP\flt354IS.tmp\lsass.exe => No File
FirewallRules: [{1DC37837-6EAE-448B-B3A1-2FE92EEEE3FE}] => (Allow) C:\WINDOWS\TEMP\flt354IS.tmp\lsass.exe => No File
FirewallRules: [{40411A8E-D43F-46DC-80E2-B8CEE8E8F29F}] => (Allow) C:\WINDOWS\TEMP\nfyc577A.tmp\svchost.exe => No File
FirewallRules: [{BA604527-F345-4CDC-9AF0-295D870084A7}] => (Allow) C:\WINDOWS\TEMP\nfyc577A.tmp\svchost.exe => No File
FirewallRules: [{2E19A69E-7B3D-48FC-AB6D-2E1D07707F11}] => (Allow) C:\WINDOWS\TEMP\flt354IS.tmp\lsass.exe => No File
FirewallRules: [{70CF0488-1AFA-4D27-BC1C-F9B5802C6DA7}] => (Allow) C:\WINDOWS\TEMP\flt354IS.tmp\lsass.exe => No File
FirewallRules: [{6C0637D5-1363-4EDF-936B-DE7B2806EFC5}] => (Allow) C:\WINDOWS\TEMP\nfyc577A.tmp\svchost.exe => No File
FirewallRules: [{B4E40423-F0BD-47FE-8586-599FF0974766}] => (Allow) C:\WINDOWS\TEMP\nfyc577A.tmp\svchost.exe => No File
FirewallRules: [{E93FFC9F-EE0A-40BE-9282-6988F1DD2A97}] => (Allow) C:\WINDOWS\TEMP\flt354IS.tmp\lsass.exe => No File
FirewallRules: [{6A56C4B8-3285-48A9-BCA7-AC6143AD799A}] => (Allow) C:\WINDOWS\TEMP\flt354IS.tmp\lsass.exe => No File
FirewallRules: [{4172AA0E-03DC-459E-857F-978BA8F2A2C5}] => (Allow) C:\WINDOWS\TEMP\nfyc577A.tmp\svchost.exe => No File
FirewallRules: [{3C9AF9D4-1AC1-4C78-B616-C6D09C865C8D}] => (Allow) C:\WINDOWS\TEMP\nfyc577A.tmp\svchost.exe => No File
FirewallRules: [{73515F63-3676-4396-A7BA-4D32EFD6AEDA}] => (Allow) C:\WINDOWS\TEMP\flt354IS.tmp\lsass.exe => No File
FirewallRules: [{F7E2A10C-EACE-42B7-ACD3-1639D49E0C2B}] => (Allow) C:\WINDOWS\TEMP\flt354IS.tmp\lsass.exe => No File
FirewallRules: [TCP Query User{33594C29-E494-4D8E-ACD1-3E727712BBB7}C:\program files (x86)\cobian backup 11\cbremotemanager.exe] => (Block) C:\program files (x86)\cobian backup 11\cbremotemanager.exe => No File
FirewallRules: [UDP Query User{63A03A73-0FD4-48FC-AE3A-6277AD0F2381}C:\program files (x86)\cobian backup 11\cbremotemanager.exe] => (Block) C:\program files (x86)\cobian backup 11\cbremotemanager.exe => No File

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
"HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\system\\HKU\S-1-5-20\...\Policies\system: []" => not found
"HKU\S-1-5-21-1212909314-1353993095-2117482179-1001\Software\Microsoft\Windows\CurrentVersion\Policies\system\\HKU\S-1-5-21-1212909314-1353993095-2117482179-1001\...\Policies\system: []" => not found
HKU\S-1-5-21-1212909314-1353993095-2117482179-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0a8c0ab8-f8d2-11e9-bb97-90b11c8dc496} => removed successfully
HKU\S-1-5-21-1212909314-1353993095-2117482179-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{37fb3f5a-5b62-11ea-bbb0-001a7dda7111} => removed successfully
HKU\S-1-5-21-1212909314-1353993095-2117482179-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{393bbffe-687f-11eb-bd62-90b11c8dc496} => removed successfully
HKU\S-1-5-21-1212909314-1353993095-2117482179-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cc47666b-0d5d-11eb-bccb-90b11c8dc496} => removed successfully
HKU\S-1-5-21-1212909314-1353993095-2117482179-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{da0f45c8-aaf8-11ea-bc54-90b11c8dc496} => removed successfully
"HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\system\\HKU\S-1-5-19\...\Policies\system: []" => not found
"HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\system\\HKU\S-1-5-18\...\Policies\system: []" => not found
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\system32\GroupPolicy\User => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
C:\Users\Milospc\AppData\Roaming\UgwIPUUWRxfZSNm => moved successfully
C:\Users\Milospc\AppData\Roaming\Kasuoreo => moved successfully
C:\Users\Milospc\AppData\Roaming\dxpiaLbEQTovDGYYL => moved successfully
C:\Users\Milospc\AppData\Roaming\Onagf => moved successfully
C:\Users\Milospc\AppData\Roaming\OIsXCbJHBYPenw => moved successfully
HKU\S-1-5-21-1212909314-1353993095-2117482179-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => subkey with invalid name -> removed successfully
HKLM\Software\Classes\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => subkey with invalid name -> removed successfully
HKLM\Software\Classes\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => subkey with invalid name -> removed successfully
HKLM\Software\Classes\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\CLSID\{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => removed successfully
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
C:\Users\Milospc => ":Heroes & Generals" ADS removed successfully
C:\Users\Milospc\AppData\Local\Temp => ":$DATA​" ADS removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{358A8AE0-28E7-412A-90EF-4E175E4ACA86}C:\programdata\wargaming.net\gamecenter\wgc.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7E36775F-A79B-42EC-A808-9EC9DCDE001B}C:\programdata\wargaming.net\gamecenter\wgc.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A6E411D0-6081-4944-92F0-27219938A279}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9F2E6941-E215-4820-B609-8D060C0D95B3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{60254BAD-1547-45C8-BF58-19862F7E2003}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{83CCC72F-05C7-44B0-8061-62263894C280}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5882A00B-22F9-42F6-9099-E508983DC7EB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{69BB3FBB-73C1-47EE-BAD4-C84646D5AEDA}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C9BDB66D-8B73-4D45-859C-C152F016FF2C}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{AED3B6CD-93C6-49FD-9DE9-13F44F4C8D6A}C:\program files\java\jre1.8.0_51\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E9608693-A0D2-4207-B6D7-BBD15D240B27}C:\program files\java\jre1.8.0_51\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0A99E0AA-1711-4546-849F-33F0B5080696}C:\program files\java\jre1.8.0_51\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2BF27D67-4FD8-47F5-80D1-D6110B3B943F}C:\program files\java\jre1.8.0_51\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{25A62816-B8B7-464E-BE3A-DB05216D4636}C:\users\milospc\downloads\skate-3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{772A50AB-0A51-49F8-ABD6-C1507CF18A53}C:\users\milospc\downloads\skate-3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{89C79B61-BCD3-4FD0-BA96-FA6CCDA96752}C:\users\milospc\downloads\anydesk.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{495345E8-77D3-41BE-B53E-41A7813AD51B}C:\users\milospc\downloads\anydesk.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{BC075250-1BDD-4881-905D-2731537F3F3D}C:\program files\ldplayerbox\ldvboxheadless.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FB3E2067-E892-4FBE-B52C-942AD55EC62C}C:\program files\ldplayerbox\ldvboxheadless.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5DC1C3DE-0EB4-41C6-8F86-4095A125B60C}C:\program files\java\jre1.8.0_271\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6730C93A-E8BF-4D62-9836-2E2DA48DAEC4}C:\program files\java\jre1.8.0_271\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{53214230-514D-4BE7-86F9-10E7FF9EE0E5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3FCD3698-EF99-4A33-8A62-16AABE5B9978}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{03CC29EA-9CE9-44BF-913A-449D60408935}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C4CF68F7-B141-427E-A405-B869C450CD32}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7A6B5208-CB8C-4B41-A776-839FB5728524}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C197BE58-29D9-460F-9E7D-C5A3B7084327}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3EC29D88-4A2F-4815-9C4E-C5B03F9D5D3B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E00A498B-586E-467E-A7F2-8B50E49CCA70}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{447E624C-84BE-441A-BF3D-53AC60250AA4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{97F40FB6-0DDA-4960-84AD-C36B03B4D84F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3C974D6E-BA2E-4BB7-B00B-8819B3984C8A}C:\users\milospc\appdata\local\temp\rar$exa20908.17982\among.us.v2020.9.9s\among us.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C6C56EF7-4519-46FD-80A7-5973667C6B60}C:\users\milospc\appdata\local\temp\rar$exa20908.17982\among.us.v2020.9.9s\among us.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{46B484B1-77A6-476E-B4FA-B6AE5953B516}C:\users\milospc\appdata\local\temp\rar$exa18740.39690\among.us.v2020.9.9s\among us.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{26B717F4-F988-4E6F-B98D-D47DF2C6A632}C:\users\milospc\appdata\local\temp\rar$exa18740.39690\among.us.v2020.9.9s\among us.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{73C27503-ABD0-4612-8AF6-5F3DDE5AE8F7}C:\users\milospc\appdata\local\temp\rar$exa20712.25099\among.us.v2020.9.9s\among us.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{496EB067-1019-493E-8A19-AD98A392F96A}C:\users\milospc\appdata\local\temp\rar$exa20712.25099\among.us.v2020.9.9s\among us.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{837F76C2-FB1F-4805-BDFA-A9E5E310DC05}C:\users\milospc\appdata\local\temp\rar$exa25488.42358\among.us.v2020.9.9s\among us.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{AEF522F5-3763-425D-B7E6-D31C4AA85AD3}C:\users\milospc\appdata\local\temp\rar$exa25488.42358\among.us.v2020.9.9s\among us.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{132F0FF0-457F-49EB-A8B7-35E530EB0E9A}C:\users\milospc\appdata\local\temp\rar$exa25488.2409\among.us.v2020.9.9s\among us.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{257A571E-10E9-46A1-AFCB-CC6E4072DB30}C:\users\milospc\appdata\local\temp\rar$exa25488.2409\among.us.v2020.9.9s\among us.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4446389C-7B2E-4CB4-9551-2BC6B2B3A1E1}C:\users\milospc\appdata\local\temp\rar$exa16884.37665\among.us.v2020.9.9s\among us.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{02273402-D4F3-4CCD-804D-02137FCEF0D2}C:\users\milospc\appdata\local\temp\rar$exa16884.37665\among.us.v2020.9.9s\among us.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{FDD2AB8F-5216-4246-A646-FBC2FF161B9E}C:\users\milospc\appdata\local\temp\rar$exa584.35676\among.us.v2020.9.9s\among us.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{87FCD6AE-7389-4105-B4F8-C08D7ACB06C2}C:\users\milospc\appdata\local\temp\rar$exa584.35676\among.us.v2020.9.9s\among us.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C48A9B3A-2086-42BE-B939-FDAED0BAB28C}C:\users\milospc\appdata\local\fivem\fivem.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E6A4DE44-8012-4AA5-9A42-0188F39F8D04}C:\users\milospc\appdata\local\fivem\fivem.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D2B1C3EA-23D8-4D2B-8214-48D555A37554}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AD718F50-9BEE-4AAE-86B1-8C5BB04CEF5E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4F6E51A6-B9EC-4ECE-84BD-A2C338145992}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{50531C96-5632-40F3-99CD-57258FB896A2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A01224B8-0BB5-485F-B82E-80951A77C915}C:\users\milospc\appdata\local\temp\rar$exa4532.21716\among.us.v2020.11.17s\among.us.v2020.11.17s\among us.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9EA8B534-9CE4-4C9C-916E-7B4EE5ECBAAD}C:\users\milospc\appdata\local\temp\rar$exa4532.21716\among.us.v2020.11.17s\among.us.v2020.11.17s\among us.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4D70940C-3160-43BD-8E88-4E16A5A450D8}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7492C51B-84D9-439B-87BE-D86EF2593F8B}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C4044891-0EBD-478D-B539-AF6A4B9B1F02}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8CCFB84D-F0D6-4CAC-B388-D10230CFC185}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{820B1EE6-A03E-419D-9068-51D2CE9EBA9A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{68828B5A-2991-4683-94FA-93C454CB1864}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6B55C12F-EFC7-436A-BC5F-285F9F7059EF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5AD036C7-BBDF-431C-903D-6790BC71C6A2}C:\program files\java\jre1.8.0_271\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2A7DFB4A-911D-444C-B9CF-8917CF10863A}C:\program files\java\jre1.8.0_271\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ACA880B9-563E-4E1A-8244-AA3F7877C6E6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{91443409-7158-440D-92AF-9543116CF36C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{631757B0-E0AB-4755-A38D-08DF5AE18E32}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D1334954-EE6D-403B-A265-F928DD74B3BE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E1954805-B9E7-4802-8BDC-018B3F0491C4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3257BC98-8A14-4FA6-86D4-A7AEB9C29A82}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0CD2FE39-DC74-4B6A-87E0-24A77320025D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1DC37837-6EAE-448B-B3A1-2FE92EEEE3FE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{40411A8E-D43F-46DC-80E2-B8CEE8E8F29F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BA604527-F345-4CDC-9AF0-295D870084A7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2E19A69E-7B3D-48FC-AB6D-2E1D07707F11}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{70CF0488-1AFA-4D27-BC1C-F9B5802C6DA7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6C0637D5-1363-4EDF-936B-DE7B2806EFC5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B4E40423-F0BD-47FE-8586-599FF0974766}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E93FFC9F-EE0A-40BE-9282-6988F1DD2A97}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6A56C4B8-3285-48A9-BCA7-AC6143AD799A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4172AA0E-03DC-459E-857F-978BA8F2A2C5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3C9AF9D4-1AC1-4C78-B616-C6D09C865C8D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{73515F63-3676-4396-A7BA-4D32EFD6AEDA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F7E2A10C-EACE-42B7-ACD3-1639D49E0C2B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{33594C29-E494-4D8E-ACD1-3E727712BBB7}C:\program files (x86)\cobian backup 11\cbremotemanager.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{63A03A73-0FD4-48FC-AE3A-6277AD0F2381}C:\program files (x86)\cobian backup 11\cbremotemanager.exe" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 96065152 B
Java, Flash, Steam htmlcache => 162576853 B
Windows/system/drivers => 102214541 B
Edge => 13021612 B
Chrome => 599900579 B
Firefox => 124912392 B
Opera => 255934 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 855389790 B
systemprofile32 => 855389790 B
LocalService => 855752314 B
NetworkService => 868930602 B
defaultuser0 => 868930602 B
Milospc => 1693646609 B
zimul => 1848581292 B
postgres => 1848581292 B

RecycleBin => 5308430098 B
EmptyTemp: => 15 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 10:40:08 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118191
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Někdo je v mém PC

#54 Příspěvek od Rudy »

No konečně jsme se dobrali k cíli! Log by již měl být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

not_ketchupp
5. stupeň - BAN
Příspěvky: 38
Registrován: 05 dub 2021 18:31

Re: Někdo je v mém PC

#55 Příspěvek od not_ketchupp »

takže v mém PC není?

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118191
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Někdo je v mém PC

#56 Příspěvek od Rudy »

Sice nevím co, nebo kdo, ale nenašel jsem nic, co by tomu nasvědčovalo. Smazané položky jsou běžné zbytečnosti, které se v delší dobu nečištěném stroji usazují.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět