Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu, vyskakují webové stránky

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Nicolas77
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 16 zář 2020 16:23

Prosím o kontrolu logu, vyskakují webové stránky

#1 Příspěvek od Nicolas77 »

Prosím o kontrolu, synek si asi něco natáhl do notebooku a otevírají se pořád webové stránky a na některých stránkách nejd eklikat na menu atd. Něco jsem už odstranil, ale určitě to nebude všechno.
Předem děkuji.


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-09-2020
Ran by inComputer (16-09-2020 17:15:22)
Running from C:\Users\inComputer\Downloads
Windows 10 Pro Version 2004 19041.508 (X64) (2020-07-04 09:14:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2005927889-2017481889-354987220-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2005927889-2017481889-354987220-503 - Limited - Disabled)
Guest (S-1-5-21-2005927889-2017481889-354987220-501 - Limited - Disabled)
inComputer (S-1-5-21-2005927889-2017481889-354987220-1001 - Administrator - Enabled) => C:\Users\inComputer
WDAGUtilityAccount (S-1-5-21-2005927889-2017481889-354987220-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)


==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.433 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.433 - Adobe)
AVG Secure Browser (HKLM-x32\...\AVG Secure Browser) (Version: 83.0.4529.99 - Autoři prohlížeče AVG Secure Browser)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Camtasia 9 (HKLM\...\{8AD50DED-EE14-4FEC-BC2C-F229C3BEFE58}) (Version: 9.0.3.1627 - TechSmith Corporation)
Clownfish Voice Changer (HKLM\...\ClownfishVoiceChanger) (Version: - )
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.11.10.2264 - Steinberg Media Technologies GmbH)
emPlayer 0.8.19.212 (HKLM-x32\...\{2A2BE4A15-5317-4526-92C9-9685E7AF5F5A}_is1) (Version: - emPlayer)
Epic Games Launcher (HKLM-x32\...\{0EE6DDEF-E36B-45EB-9E03-5A266EC8A8F8}) (Version: 1.1.279.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Free Screen Recorder v2.9 (HKLM-x32\...\Free Screen Recorder_is1) (Version: 2.9 - Nbxsoft Software Development)
GameMaker 8.1 (HKU\S-1-5-21-2005927889-2017481889-354987220-1001\...\GameMaker81) (Version: - )
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Hi uninstall (HKLM-x32\...\Hiru) (Version: - )
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{F46EF80D-07F0-4E56-B9B3-8EDB759B52D8}) (Version: 5.0.10.2850 - Intel Corporation)
Java 8 Update 241 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
Krita (x64) 4.2.8 (HKLM\...\Krita_x64) (Version: 4.2.8.0 - Krita Foundation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo Solution Center (HKLM\...\{06913C0C-88EB-42AF-9D94-3E9136CEE9BC}) (Version: 3.6.002.003 - Lenovo)
LibreOffice 6.3.5.2 (HKLM\...\{9FEFBA80-8687-4AC1-83F7-3CD3E9BAF275}) (Version: 6.3.5.2 - The Document Foundation)
Main service (HKLM-x32\...\{00A87612-4B46-42E9-8F81-3A5BAC996C18}) (Version: - )
MEmu (HKLM-x32\...\MEmu) (Version: 7.1.6.0 - Microvirt Software Technology Co. Ltd.)
Microsoft OneDrive (HKU\S-1-5-21-2005927889-2017481889-354987220-1001\...\OneDriveSetup.exe) (Version: 20.143.0716.0003 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Minecraft Note Block Studio version 3.3.4 (HKLM-x32\...\{0E1D8C28-6DCF-452D-A0C4-E08A0E252FE8}_is1) (Version: 3.3.4 - Stuff by David)
Mozilla Firefox 80.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 80.0.1 (x64 cs)) (Version: 80.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0.1 - Mozilla)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Pic version 10.2 (HKLM-x32\...\{13E374E4-E610-4F9E-ACC4-E461DA17D869}_is1) (Version: 10.2 - Pics)
Pivot Animator version 4.2.7 (HKLM-x32\...\Pivot Animator_is1) (Version: 4.2.7 - Motus Software Ltd)
PogoBunny (HKU\S-1-5-21-2005927889-2017481889-354987220-1001\...\PogoBunny) (Version: - )
Roblox Player for inComputer (HKU\S-1-5-21-2005927889-2017481889-354987220-1001\...\roblox-player) (Version: - Roblox Corporation)
Roblox Studio for inComputer (HKU\S-1-5-21-2005927889-2017481889-354987220-1001\...\roblox-studio) (Version: - Roblox Corporation)
ScrSnap (HKLM-x32\...\ScrSnap) (Version: - ) <==== ATTENTION
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steinberg Cubase LE AI Elements 10.5 (HKLM\...\{1904C5A5-33A9-4176-AD05-2F46E5C1C962}) (Version: 10.5.12 - Steinberg Media Technologies GmbH)
Steinberg Generic Lower Latency ASIO Driver 64bit (HKLM\...\{16D5A798-10BE-4FF3-BB71-54C012CD0D7D}) (Version: 1.0.12 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE 64bit (HKLM\...\{A5AB0D21-21BD-4DB8-F097-02E8FC8C486A}) (Version: 5.0.20 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Acoustic Agent (HKLM-x32\...\{F34EA13C-F078-4003-AE21-43EAB2680EC5}) (Version: 1.0.3 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 3 Component (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 3.3.1 - Steinberg Media Technologies GmbH)
Steinberg Library Manager (HKLM\...\{AA78592A-F13C-4C8E-B849-7A398001FA7F}) (Version: 3.0.25 - Steinberg Media Technologies GmbH)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.115 - Synaptics Incorporated)
Unity Hub 2.1.0 (HKLM\...\Unity Technologies - Hub) (Version: 2.1.0 - Unity Technologies Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{C4BE7550-ECE1-417D-A787-01266DC1F5A6}) (Version: 1.22.0.0 - Microsoft Corporation) Hidden
Voicemod (HKLM\...\{8435A407-F778-4647-9CDB-46E5EC50BAD0}_is1) (Version: 2.0.5.1 - Voicemod S.L.)
War Leaders - Clash of Nations (HKLM-x32\...\{A1B72584-0322-4D98-A247-9052370A1844}) (Version: 1.0 - )
WebM Media Foundation Components (HKLM-x32\...\webmmf) (Version: 1.0.1.2 - WebM Project)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
WO Mic Client (HKLM-x32\...\WOMic) (Version: - )
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)

Packages:
=========
ACG Player -> C:\Program Files\WindowsApps\41038AXILESOFT.ACGMEDIAPLAYER_1.15.17606.0_x64__wxjjre7dryqb6 [2020-06-12] (Axilesoft)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_5.3.0.0_x86__h6adky7gbf63m [2020-08-27] (Gameloft SE)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.4.255.0_x64__rz1tebttyb220 [2020-08-31] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2019-02-15] (Fitbit)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_115.1.152.0_x64__v10z8vjag6ke6 [2020-08-06] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-15] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-08-20] (Microsoft Studios) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_3.21.1.0_x64__nfy108tqq3p12 [2020-08-27] (Thumbmunkeys Ltd)
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2018-09-19] (Plex)
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2019-02-18] (Samsung Electronics Co. Ltd.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2005927889-2017481889-354987220-1001_Classes\CLSID\{930e604a-cc01-4d06-8d7a-5a07914f3afb}\localserver32 -> "C:\Program Files\TechSmith\Camtasia 2019\CamtasiaStudio.exe" -ToastActivated => No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\inComputer\Desktop\Nová složka\Myinstants App.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kkbdhocbbhmkmffdaomickppbnhhickc
ShortcutWithArgument: C:\Users\inComputer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Myinstants App.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kkbdhocbbhmkmffdaomickppbnhhickc

==================== Loaded Modules (Whitelisted) =============

2020-09-03 18:08 - 2020-09-03 18:09 - 096130560 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12315\libcef.dll
2020-09-03 18:09 - 2020-09-03 18:09 - 000117760 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12315\libEGL.dll
2020-09-03 18:09 - 2020-09-03 18:09 - 004342784 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12315\libGLESv2.dll
2020-07-03 13:33 - 2020-07-03 13:34 - 098275328 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
2020-07-03 13:34 - 2020-07-03 13:34 - 000092672 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll
2020-07-03 13:34 - 2020-07-03 13:34 - 003922432 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll
2020-09-15 19:31 - 2020-09-15 19:31 - 003430912 ___RH () [File not signed] C:\ProgramData\023EBD17\02B36209.dll
2020-09-15 20:17 - 2020-09-15 20:17 - 000342528 _____ () [File not signed] C:\ProgramData\AppmallosayoV\OntoHatity.dll
2020-09-03 18:09 - 2020-09-03 18:09 - 000188928 _____ (Mercer Road Corp) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12315\ortp.dll
2020-09-03 18:09 - 2020-09-03 18:09 - 004362752 _____ (Mercer Road Corp) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12315\vivoxsdk.dll
2020-09-03 18:08 - 2020-09-03 18:08 - 000760832 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12315\chrome_elf.dll
2020-07-03 13:33 - 2020-07-03 13:33 - 000547840 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\chrome_elf.dll
2020-09-03 18:08 - 2020-09-03 18:08 - 000047104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12315\audio\qtaudio_windows.dll
2020-09-03 18:08 - 2020-09-03 18:08 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12315\imageformats\qgif.dll
2020-09-03 18:08 - 2020-09-03 18:08 - 000027136 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12315\imageformats\qico.dll
2020-09-03 18:08 - 2020-09-03 18:08 - 000243712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12315\imageformats\qjpeg.dll
2020-09-03 18:08 - 2020-09-03 18:08 - 000223744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12315\imageformats\qmng.dll
2020-09-03 18:08 - 2020-09-03 18:08 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12315\imageformats\qsvg.dll
2020-09-03 18:08 - 2020-09-03 18:08 - 000332288 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12315\imageformats\qtiff.dll
2020-09-03 18:09 - 2020-09-03 18:09 - 001140224 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12315\platforms\qwindows.dll
2020-09-03 18:09 - 2020-09-03 18:09 - 000041984 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12315\qml\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2020-09-03 18:09 - 2020-09-03 18:09 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12315\qml\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2020-09-03 18:09 - 2020-09-03 18:09 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12315\qml\QtQml\Models.2\modelsplugin.dll
2020-09-03 18:09 - 2020-09-03 18:09 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12315\qml\QtQuick.2\qtquick2plugin.dll
2020-09-03 18:09 - 2020-09-03 18:09 - 000084480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12315\qml\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2020-09-03 18:09 - 2020-09-03 18:09 - 000267776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12315\qml\QtQuick\Controls\qtquickcontrolsplugin.dll
2020-09-03 18:09 - 2020-09-03 18:09 - 000071680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12315\qml\QtQuick\Layouts\qquicklayoutsplugin.dll
2020-09-03 18:09 - 2020-09-03 18:09 - 000211456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12315\qml\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2020-09-03 18:09 - 2020-09-03 18:09 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12315\qml\QtQuick\Window.2\windowplugin.dll
2020-09-03 18:09 - 2020-09-03 18:09 - 004943360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12315\Qt5Core.dll
2020-09-03 18:09 - 2020-09-03 18:09 - 005022208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12315\Qt5Gui.dll
2020-09-03 18:09 - 2020-09-03 18:09 - 000626176 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12315\Qt5Multimedia.dll
2020-09-03 18:09 - 2020-09-03 18:09 - 000877056 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12315\Qt5Network.dll
2020-09-03 18:09 - 2020-09-03 18:09 - 002908672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12315\Qt5Qml.dll
2020-09-03 18:09 - 2020-09-03 18:09 - 003078656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12315\Qt5Quick.dll
2020-09-03 18:09 - 2020-09-03 18:09 - 000096256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12315\Qt5QuickControls2.dll
2020-09-03 18:09 - 2020-09-03 18:09 - 000681472 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12315\Qt5QuickTemplates2.dll
2020-09-03 18:09 - 2020-09-03 18:09 - 000259072 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12315\Qt5Svg.dll
2020-09-03 18:09 - 2020-09-03 18:09 - 004718080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12315\Qt5Widgets.dll
2020-09-03 18:09 - 2020-09-03 18:09 - 000439296 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12315\Qt5WinExtras.dll
2020-09-03 18:09 - 2020-09-03 18:09 - 000159232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.12315\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\inComputer:.repos [616612]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [478]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-2005927889-2017481889-354987220-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxldvM_sEGJZAe-DrsrKlUb6RowjnlFNKeOKdx9S5IshcTcC8okTJ7h4GLOr-KjVS45JcJQpWTY-k2LyavOW63A1WMNJzzfwL6x5Rs8yNrOhA4oR_czGRLTvDGtX8hI_9MFwJPvZ-gcNhWobXwOJDqiAsKltvjqPsHUs,&q={searchTerms}
HKU\S-1-5-21-2005927889-2017481889-354987220-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxldvM_sEGJZAe-DrsrKlUb6RowjnlFNKeOKdx9S5IshcTcC8okTJ7h4GLOr-KjVS45JcJQpWTY-k2LyWxL6cSS9BWwS_udu8BM-pdNbn6aXOTieu3IeP03mgiLMzUyFMdE9kfqtD7VKzZdYLrHD_LDjtKZJtMJH8DfY,
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxldvM_sEGJZAe-DrsrKlUb6RowjnlFNKeOKdx9S5IshcTcC8okTJ7h4GLOr-KjVS45JcJQpWTY-k2LyavOW63A1WMNJzzfwL6x5Rs8yNrOhA4oR_czGRLTvDGtX8hI_9MFwJPvZ-gcNhWobXwOJDqiAsKltvjqPsHUs,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2005927889-2017481889-354987220-1001 -> DefaultScope {ielnksrch} URL = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxldvM_sEGJZAe-DrsrKlUb6RowjnlFNKeOKdx9S5IshcTcC8okTJ7h4GLOr-KjVS45JcJQpWTY-k2LyavOW63A1WMNJzzfwL6x5Rs8yNrOhA4oR_czGRLTvDGtX8hI_9MFwJPvZ-gcNhWobXwOJDqiAsKltvjqPsHUs,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2005927889-2017481889-354987220-1001 -> {ielnksrch} URL = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxldvM_sEGJZAe-DrsrKlUb6RowjnlFNKeOKdx9S5IshcTcC8okTJ7h4GLOr-KjVS45JcJQpWTY-k2LyavOW63A1WMNJzzfwL6x5Rs8yNrOhA4oR_czGRLTvDGtX8hI_9MFwJPvZ-gcNhWobXwOJDqiAsKltvjqPsHUs,&q={searchTerms}
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\ssv.dll [2020-03-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-03-17] (Oracle America, Inc. -> Oracle Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 01:38 - 2020-09-12 07:05 - 000001032 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 ultramediaburner.com
127.0.0.1 pro-zipper.com
127.0.0.1 productsdetails.online
127.0.0.1 post-back-url.com
127.0.0.1 rothsideadome.pw
127.0.0.1 room1.360dev.info
127.0.0.1 telechargini.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2005927889-2017481889-354987220-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\inComputer\Desktop\mapconverter\map.jpg
DNS Servers: 10.10.10.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "kissq"
HKU\S-1-5-21-2005927889-2017481889-354987220-1001\...\StartupApproved\Run: => "mqqwoyrb"
HKU\S-1-5-21-2005927889-2017481889-354987220-1001\...\StartupApproved\Run: => "6218266"
HKU\S-1-5-21-2005927889-2017481889-354987220-1001\...\StartupApproved\Run: => "1666105"
HKU\S-1-5-21-2005927889-2017481889-354987220-1001\...\StartupApproved\Run: => "3525376"
HKU\S-1-5-21-2005927889-2017481889-354987220-1001\...\StartupApproved\Run: => "8984564"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{92DEFE60-7D8E-4153-8982-71A49925F581}] => (Allow) C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe (AVG Technologies USA, LLC -> AVG Technologies)
FirewallRules: [{13B495C4-1079-4C5E-8FB1-1644EE7E589B}] => (Allow) C:\Program Files (x86)\WOMic\womicclient.exe () [File not signed]
FirewallRules: [{3A2DD15F-1C37-41A1-90DE-E7B955411F2C}] => (Allow) LPort=8318
FirewallRules: [UDP Query User{56B2AFB5-52B8-4465-80E8-E224277A0CAF}C:\users\incomputer\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\users\incomputer\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe
FirewallRules: [TCP Query User{FE28FC7A-4526-4BEC-B505-7260337E86EE}C:\users\incomputer\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\users\incomputer\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe
FirewallRules: [UDP Query User{B4F7F2BA-0C05-4E45-BBBE-CB4E059CA3E6}C:\program files (x86)\java\jre1.8.0_241\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_241\bin\java.exe
FirewallRules: [TCP Query User{40DFDF48-6186-4159-A74C-0CEB4A47878F}C:\program files (x86)\java\jre1.8.0_241\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_241\bin\java.exe
FirewallRules: [UDP Query User{7E50365B-AB4B-4A60-86A7-B379C43A8243}C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe
FirewallRules: [TCP Query User{E3207E70-4429-4E5F-B9D9-96BA861E5903}C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe
FirewallRules: [UDP Query User{83382D4B-FE5D-42CE-9CA5-CE9F60B3DEFF}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [TCP Query User{436F5830-4847-4CA3-8492-A8D0092B2D42}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [{BFE3F626-D118-473C-8A81-7E7C82C534E4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BC1E6160-9418-4BFA-9933-19B36004E754}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F031C392-9A17-4C9E-9C95-EAEDFB569507}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{62E66940-4CFB-4390-A35A-B2C1F47EDB9E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{CCA7E7FF-1911-4A62-92DA-35A484E84615}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{9166F891-F857-4B62-B9C1-844CAE57D167}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{39E5F34B-4331-41FA-904A-115623F5C59C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe => No File
FirewallRules: [{E727EA3D-1C9F-4C0D-91F5-D411668E6763}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe => No File
FirewallRules: [{B5C7D938-174E-46A0-ABB2-5F6DBE1FA2DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe => No File
FirewallRules: [{609A0826-7631-4FF6-B22C-C7E3FF2FADBC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe => No File
FirewallRules: [{A181CC1A-9D1A-48B8-BB3B-192F4BAE61B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{119B9235-70E2-4808-8658-B4CCEE50CA73}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{77A9D203-DABD-4E37-B5CC-D4528C16FAE5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassins Creed\AssassinsCreed_Game.exe => No File
FirewallRules: [{C791C44B-9852-4445-B23B-44316B04DED8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassins Creed\AssassinsCreed_Game.exe => No File
FirewallRules: [TCP Query User{6EA0E5C4-5E23-4E8E-8526-7C46286B1057}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe => No File
FirewallRules: [UDP Query User{2110F1BA-2491-431C-848E-E0DE9265214E}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe => No File
FirewallRules: [{D64658C7-58E5-43A2-82F4-6FC8286CA30A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe => No File
FirewallRules: [{08029281-B077-4734-821A-003B7EBB8A0B}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe => No File
FirewallRules: [TCP Query User{DA65DF37-6765-445D-90BD-B851AC5F5300}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe => No File
FirewallRules: [UDP Query User{874322DB-4873-49CF-B65C-6BA5E3707912}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe => No File
FirewallRules: [TCP Query User{BCA53DD5-6D06-41DF-8DED-8FCE1F7232FE}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe => No File
FirewallRules: [UDP Query User{47B1F6F6-88B9-4807-B9C5-31620D3C15A0}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe => No File
FirewallRules: [TCP Query User{24090DEE-7E53-4CE1-93DF-7264A7BC2444}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe => No File
FirewallRules: [UDP Query User{EBDC7BC8-1BC4-4E36-811B-AB56DC3959C9}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe => No File
FirewallRules: [{969CD9C2-8D9B-4419-8F32-2DC36E5AFBAF}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Player.exe => No File
FirewallRules: [TCP Query User{956AAD38-36B4-4146-9F68-C822C55BA2DD}C:\users\incomputer\appdata\local\roblox\versions\version-6d02431b656044a6\robloxstudiobeta.exe] => (Allow) C:\users\incomputer\appdata\local\roblox\versions\version-6d02431b656044a6\robloxstudiobeta.exe => No File
FirewallRules: [UDP Query User{395ADC4A-F1A6-4B88-BF53-884ED9E9C4EB}C:\users\incomputer\appdata\local\roblox\versions\version-6d02431b656044a6\robloxstudiobeta.exe] => (Allow) C:\users\incomputer\appdata\local\roblox\versions\version-6d02431b656044a6\robloxstudiobeta.exe => No File
FirewallRules: [TCP Query User{6245B64A-F5C3-430E-ACD4-90D960E7116B}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{C8B99D87-0E3C-4DD3-9603-5F17744400CD}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{534A754B-4071-4DE1-856A-DBF5689FF448}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Block) C:\program files (x86)\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{551F1072-A5A7-4942-A2CC-17B34E4C1F2D}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Block) C:\program files (x86)\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{AEA565A9-2039-4ACB-ADF4-9EB193D745F0}C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe => No File
FirewallRules: [UDP Query User{E00CDC95-FECB-4A68-99BC-C0F636EF35BE}C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe => No File
FirewallRules: [TCP Query User{995AEFCD-6F48-406A-BF91-9328E7EFAC90}C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe => No File
FirewallRules: [UDP Query User{FCD1D789-B94A-4139-92BE-5EB629F2DAF7}C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe => No File
FirewallRules: [{78C26C27-5386-47C9-B8AE-E39052C8EE13}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{E69D3FDB-147B-4EEC-AFF6-AFF188EFA6CD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{E37D1D70-4AD3-4A0C-AC4A-0124B6578648}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRChat\VRChat.exe () [File not signed]
FirewallRules: [{C25EE3E9-0243-4242-8305-9BF57CF09D7B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRChat\VRChat.exe () [File not signed]
FirewallRules: [{3B51AED9-FD9A-4BC5-95C8-54329BBD1BFA}] => (Allow) C:\Program Files\Unity Hub\Unity Hub.exe (Unity Technologies SF -> Unity Technologies Inc.)
FirewallRules: [TCP Query User{805E3DAC-1959-4B06-BFE0-639BA73A41C7}C:\program files\unity hub\unity hub.exe] => (Allow) C:\program files\unity hub\unity hub.exe (Unity Technologies SF -> Unity Technologies Inc.)
FirewallRules: [UDP Query User{0B7609B4-F18C-4F94-9D02-88F6BBB72295}C:\program files\unity hub\unity hub.exe] => (Allow) C:\program files\unity hub\unity hub.exe (Unity Technologies SF -> Unity Technologies Inc.)
FirewallRules: [{62B38548-8706-42A8-86C7-B4887ACBEC3B}] => (Block) C:\program files\unity hub\unity hub.exe (Unity Technologies SF -> Unity Technologies Inc.)
FirewallRules: [{FBEE16CD-7AA1-4982-A8F8-3392F97C6BC8}] => (Block) C:\program files\unity hub\unity hub.exe (Unity Technologies SF -> Unity Technologies Inc.)
FirewallRules: [TCP Query User{709CF5FB-C35A-4F1A-A64C-9233BC77DFAB}C:\users\incomputer\desktop\scrap.mechanic.v0.3.5\release\scrapmechanic.exe] => (Allow) C:\users\incomputer\desktop\scrap.mechanic.v0.3.5\release\scrapmechanic.exe => No File
FirewallRules: [UDP Query User{D56357B5-E29F-44ED-97AF-92C9D56A8136}C:\users\incomputer\desktop\scrap.mechanic.v0.3.5\release\scrapmechanic.exe] => (Allow) C:\users\incomputer\desktop\scrap.mechanic.v0.3.5\release\scrapmechanic.exe => No File
FirewallRules: [TCP Query User{61EEDD21-ED82-4958-9E89-6E04856CC747}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe => No File
FirewallRules: [UDP Query User{3BA07C5B-1A8E-4B97-95D9-2A279C8965C0}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe => No File
FirewallRules: [{8F3B3458-16F5-4FDB-8B49-46DB7D91176A}] => (Block) C:\riot games\league of legends\game\league of legends.exe => No File
FirewallRules: [{2ED3060C-BA9D-45E2-A529-D788F60F4802}] => (Block) C:\riot games\league of legends\game\league of legends.exe => No File
FirewallRules: [TCP Query User{3C94CA67-83E2-4A05-A0C6-2F537FE670E1}C:\users\incomputer\desktop\storage\all\hry\scp\scp - containment breach multiplayer\multiplayer.exe] => (Block) C:\users\incomputer\desktop\storage\all\hry\scp\scp - containment breach multiplayer\multiplayer.exe => No File
FirewallRules: [UDP Query User{CF24236C-EF5B-4D42-AD8B-D184567BFE34}C:\users\incomputer\desktop\storage\all\hry\scp\scp - containment breach multiplayer\multiplayer.exe] => (Block) C:\users\incomputer\desktop\storage\all\hry\scp\scp - containment breach multiplayer\multiplayer.exe => No File
FirewallRules: [TCP Query User{DBD5320E-C13E-4A3A-8634-06EE2BD21728}C:\program files\epic games\theescapists2\theescapists2.exe] => (Allow) C:\program files\epic games\theescapists2\theescapists2.exe => No File
FirewallRules: [UDP Query User{B3E9A8BA-F65E-4D3F-876A-9BA888A96CD8}C:\program files\epic games\theescapists2\theescapists2.exe] => (Allow) C:\program files\epic games\theescapists2\theescapists2.exe => No File
FirewallRules: [{842DDEB9-8127-48DB-95A4-747091C3399E}] => (Block) C:\program files\epic games\theescapists2\theescapists2.exe => No File
FirewallRules: [{56E54268-13A3-44DB-983B-145943B6E5D3}] => (Block) C:\program files\epic games\theescapists2\theescapists2.exe => No File
FirewallRules: [TCP Query User{BC790F88-A3C0-4887-B9BC-EFD8D9FDB655}C:\program files\epic games\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files\epic games\paladins\binaries\win64\paladins.exe => No File
FirewallRules: [UDP Query User{0FD8396B-DE39-4F16-850D-DD4D39C22708}C:\program files\epic games\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files\epic games\paladins\binaries\win64\paladins.exe => No File
FirewallRules: [TCP Query User{02849BC6-E91D-4792-A8BD-0B3073DF675C}C:\program files\secondlifeviewer\slvoice.exe] => (Allow) C:\program files\secondlifeviewer\slvoice.exe => No File
FirewallRules: [UDP Query User{B7627FE3-6079-4423-B5D7-E2AEE6BBB41D}C:\program files\secondlifeviewer\slvoice.exe] => (Allow) C:\program files\secondlifeviewer\slvoice.exe => No File
FirewallRules: [TCP Query User{8E234A57-1E78-4DDE-B2CE-87EB6BC7B6E3}C:\program files\epic games\thealtocollection\the alto collection.exe] => (Allow) C:\program files\epic games\thealtocollection\the alto collection.exe => No File
FirewallRules: [UDP Query User{45ABD438-372C-4B07-A5B7-27ADCF19F644}C:\program files\epic games\thealtocollection\the alto collection.exe] => (Allow) C:\program files\epic games\thealtocollection\the alto collection.exe => No File
FirewallRules: [{1BECE79A-A0D4-4AC2-B2C9-F6F074ADAE0D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F2952114-9B48-48B9-989A-D6216721C32D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CC2C71EB-4932-4F09-A01C-21326EABB434}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{79A3DE96-CB5B-4A5B-A096-E11F5E26F24D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2C950427-00A6-4918-821A-2C5925F0ABCF}] => (Allow) C:\WINDOWS\rss\csrss.exe => No File
FirewallRules: [{A0E8D980-CBC3-445A-AEC8-531169716959}] => (Allow) C:\Users\inComputer\AppData\Roaming\d2ce149623b7\d2ce149623b7.exe => No File
FirewallRules: [TCP Query User{23B296E2-5332-471D-A8B4-5D42A4FCA82B}C:\windows\syswow64\svchost.exe] => (Block) C:\windows\syswow64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [UDP Query User{EB3D27A1-FA89-4D3C-B561-97BC43248F81}C:\windows\syswow64\svchost.exe] => (Block) C:\windows\syswow64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{DDB25C00-6F73-4034-A7F2-DFB32014681C}] => (Allow) C:\WINDOWS\rss\csrss.exe => No File
FirewallRules: [{269249CE-D929-4526-85FD-32CC58437A3E}] => (Allow) C:\Users\inComputer\AppData\Roaming\d2ce149623b7\d2ce149623b7.exe => No File
FirewallRules: [TCP Query User{EC69E8C0-0623-4143-9ABC-635FCE4329C9}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{1F791454-8382-4BBB-B01D-BBAD950A6F43}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

==================== Restore Points =========================

11-09-2020 19:20:50 Instalační služba modulů systému Windows
16-09-2020 16:21:35 Removed LogMeIn Hamachi

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (09/16/2020 04:34:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AUDIODG.EXE, verze: 10.0.19041.508, časové razítko: 0x58e7c776
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0xc90
Čas spuštění chybující aplikace: 0x01d68c3684bd4611
Cesta k chybující aplikaci: C:\WINDOWS\system32\AUDIODG.EXE
Cesta k chybujícímu modulu: unknown
ID zprávy: e58235b8-52ed-4b80-9a90-b7ae1addcb6d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/16/2020 04:06:41 PM) (Source: Firefox Default Browser Agent) (EventID: 12029) (User: )
Description: Event-ID 12029

Error: (09/16/2020 04:06:41 PM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0

Error: (09/16/2020 04:03:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AUDIODG.EXE, verze: 10.0.19041.508, časové razítko: 0x58e7c776
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0xcb8
Čas spuštění chybující aplikace: 0x01d68c322dd1d97f
Cesta k chybující aplikaci: C:\WINDOWS\system32\AUDIODG.EXE
Cesta k chybujícímu modulu: unknown
ID zprávy: 5972f142-4807-42c2-8bc3-19aeb10b35c4
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/15/2020 08:17:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AUDIODG.EXE, verze: 10.0.19041.508, časové razítko: 0x58e7c776
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0xc9c
Čas spuštění chybující aplikace: 0x01d68b8c76d33d58
Cesta k chybující aplikaci: C:\WINDOWS\system32\AUDIODG.EXE
Cesta k chybujícímu modulu: unknown
ID zprávy: bd075660-fc8a-49c1-a4cf-474046cc70ad
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/15/2020 08:04:08 PM) (Source: Firefox) (EventID: 52) (User: )
Description: Event-ID 52

Error: (09/15/2020 08:04:07 PM) (Source: Firefox) (EventID: 52) (User: )
Description: Event-ID 52

Error: (09/15/2020 08:04:05 PM) (Source: Firefox) (EventID: 52) (User: )
Description: Event-ID 52


System errors:
=============
Error: (09/16/2020 04:36:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba AVG Browser Update (avg) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (09/16/2020 04:36:46 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba AVG Browser Update (avg) bylo dosaženo časového limitu (30000 ms).

Error: (09/16/2020 04:35:15 PM) (Source: Schannel) (EventID: 4108) (User: DESKTOP-VQB5LKI)
Description: Certifikát přijatý od vzdáleného serveru nebyl správně ověřený. Kód chyby je 0x80092013. Žádost o připojení TLS selhala. Připojená data obsahují certifikát serveru.

Error: (09/16/2020 04:34:47 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_5defc byla ukončena s následující chybou:
Zařízení není připraveno.

Error: (09/16/2020 04:05:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba AVG Browser Update (avg) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (09/16/2020 04:05:42 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba AVG Browser Update (avg) bylo dosaženo časového limitu (30000 ms).

Error: (09/16/2020 04:03:43 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_5d7e7 byla ukončena s následující chybou:
Zařízení není připraveno.

Error: (09/15/2020 08:20:44 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Optimalizace doručení se po přijetí pokynu pro vypnutí neukončila správně.


CodeIntegrity:
===================================

Date: 2020-09-16 16:34:52.2950000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SearchIndexer.exe) attempted to load \Device\HarddiskVolume2\ProgramData\AppmallosayoV\OntoHatity.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-16 16:03:48.4470000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SearchIndexer.exe) attempted to load \Device\HarddiskVolume2\ProgramData\AppmallosayoV\OntoHatity.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-15 19:29:14.9150000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SearchIndexer.exe) attempted to load \Device\HarddiskVolume2\ProgramData\Voyasollam\Triolam.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-15 19:11:19.7260000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SearchIndexer.exe) attempted to load \Device\HarddiskVolume2\ProgramData\Voyasollam\Triolam.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-13 12:50:47.4530000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SearchIndexer.exe) attempted to load \Device\HarddiskVolume2\ProgramData\Voyasollam\Triolam.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-13 12:08:02.1930000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SearchIndexer.exe) attempted to load \Device\HarddiskVolume2\ProgramData\Voyasollam\Triolam.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-13 07:48:44.7580000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SearchIndexer.exe) attempted to load \Device\HarddiskVolume2\ProgramData\Voyasollam\Triolam.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-12 16:12:48.6920000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SearchIndexer.exe) attempted to load \Device\HarddiskVolume2\ProgramData\Voyasollam\Triolam.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: LENOVO GLET77WW (2.31 ) 01/27/2015
Motherboard: LENOVO 20AWS1CK0B
Processor: Intel(R) Core(TM) i5-4300M CPU @ 2.60GHz
Percentage of memory in use: 84%
Total physical RAM: 3782.57 MB
Available physical RAM: 579.14 MB
Total Virtual: 7750.57 MB
Available Virtual: 3399.2 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:166.59 GB) (Free:53.02 GB) NTFS

\\?\Volume{c7a7f059-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.54 GB) (Free:0.5 GB) NTFS
\\?\Volume{c7a7f059-0000-0000-0000-00c829000000}\ () (Fixed) (Total:0.55 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 167.7 GB) (Disk ID: C7A7F059)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=166.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=568 MB) - (Type=27)

==================== End of Addition.txt =======================
Přílohy
logs.zip
(38.67 KiB) Staženo 17 x

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 112724
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu, vyskakují webové stránky

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Nicolas77
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 16 zář 2020 16:23

Re: Prosím o kontrolu logu, vyskakují webové stránky

#3 Příspěvek od Nicolas77 »

Jediný log co z toiho vypadnul je tento :

# -------------------------------
# Malwarebytes AdwCleaner 8.0.7.0
# -------------------------------
# Build: 07-22-2020
# Database: 2020-07-20.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-16-2020
# Duration: 00:00:02
# OS: Windows 10 Pro
# Cleaned: 38
# Failed: 1


***** [ Services ] *****

Deleted AppmallosayoV

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Hiru
Deleted C:\Program Files (x86)\MachinerData
Deleted C:\Program Files (x86)\Seed Trade
Deleted C:\ProgramData\AppmallosayoV
Deleted C:\ProgramData\AppmallosayoVs
Deleted C:\ProgramData\CloudPrinter
Deleted C:\ProgramData\Voyasollam
Deleted C:\ProgramData\Voyasollams
Deleted C:\Windows\Temp\Smartbar
Deleted C:\Windows\rss
Not Deleted C:\ProgramData\023EBD17

***** [ Files ] *****

Deleted C:\Users\inComputer\AppData\Local\Main.dat
Deleted C:\Users\inComputer\appdata\local\installationconfiguration.xml
Deleted C:\Windows\SysWOW64\findit.xml

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\SCHEDULEDUPDATE

***** [ Registry ] *****

Deleted HKCU\Environment|SNF
Deleted HKCU\Environment|SNP
Deleted HKCU\Software\DreamTrips
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes|DefaultScope
Deleted HKLM\SOFTWARE\MICROSOFT\Speedycar
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8391C356-2E81-497B-973A-7C6C6565DD0B}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ScheduledUpdate
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs - "C:\ProgramData\AppmallosayoV\OntoHatity.dll"
Deleted HKLM\Software\MICROSOFT\TechnologyDesktopnew
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|DiskFixer
Deleted HKLM\Software\Wow6432Node\Proxy
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes\ielnksrch
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes|DefaultScope
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs - "C:\ProgramData\AppmallosayoV\Overfresh.dll"
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Hiru
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{13E374E4-E610-4F9E-ACC4-E461DA17D869}_is1
Deleted HKLM\Software\Wow6432Node\mtAppmallosayoV
Deleted HKLM\Software\Wow6432Node\mtVoyasollam
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\Application Hosting

***** [ Chromium (and derivatives) ] *****

Deleted NewTab - imhlianhlhdicjchlbmbfaefhhjencbe

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

Deleted findit
Deleted findit

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [4754 octets] - [16/09/2020 19:45:11]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 112724
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu, vyskakují webové stránky

#4 Příspěvek od Rudy »

Ano, to je ten správný. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Nicolas77
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 16 zář 2020 16:23

Re: Prosím o kontrolu logu, vyskakují webové stránky

#5 Příspěvek od Nicolas77 »

Výsledek v příloze...
Přílohy
Logs.rar
(37.39 KiB) Staženo 20 x

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 112724
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu, vyskakují webové stránky

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [kissq] => C:\Users\INCOMP~1\AppData\Local\Temp\kissq.exe*************** <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
C:\Program Files\KG7C69N9GS
C:\Users\inComputer\AppData\Roaming\ci10iiuml0t
C:\Program Files\A3RQMQZQN8
C:\Users\inComputer\AppData\Roaming\amkmbmhmvno
C:\Users\inComputer\AppData\Roaming\g5sirwmp03e
C:\Program Files\7OAXC3U7U4
C:\Users\inComputer\AppData\Roaming\5a45zupmxnf
C:\Program Files\HDY31U76XK
C:\Program Files\SOTT9HJ7NL
C:\Users\inComputer\AppData\Roaming\pltdnwgglcf
C:\Users\inComputer\AppData\Roaming\gbh5mwa0tu4
C:\Program Files\1LFSUCKMJ9
C:\Program Files\XWWBAA94G6
C:\Users\inComputer\AppData\Roaming\s0eoqa3htbj
C:\Users\inComputer\AppData\Roaming\01rqwsiuvbi
C:\Program Files\P3464V6U72
C:\ProgramData\r4s1p4q6s1s1p4q6s1
C:\Users\inComputer\AppData\Roaming\d2ce149623b7
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
CustomCLSID: HKU\S-1-5-21-2005927889-2017481889-354987220-1001_Classes\CLSID\{930e604a-cc01-4d06-8d7a-5a07914f3afb}\localserver32 -> "C:\Program Files\TechSmith\Camtasia 2019\CamtasiaStudio.exe" -ToastActivated => No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
AlternateDataStreams: C:\Users\inComputer:.repos [616612]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [478]
SearchScopes: HKLM-x32 -> DefaultScope value is missing
FirewallRules: [UDP Query User{83382D4B-FE5D-42CE-9CA5-CE9F60B3DEFF}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [TCP Query User{436F5830-4847-4CA3-8492-A8D0092B2D42}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [{39E5F34B-4331-41FA-904A-115623F5C59C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe => No File
FirewallRules: [{E727EA3D-1C9F-4C0D-91F5-D411668E6763}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe => No File
FirewallRules: [{B5C7D938-174E-46A0-ABB2-5F6DBE1FA2DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe => No File
FirewallRules: [{609A0826-7631-4FF6-B22C-C7E3FF2FADBC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe => No File
FirewallRules: [{A181CC1A-9D1A-48B8-BB3B-192F4BAE61B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{119B9235-70E2-4808-8658-B4CCEE50CA73}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{77A9D203-DABD-4E37-B5CC-D4528C16FAE5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassins Creed\AssassinsCreed_Game.exe => No File
FirewallRules: [{C791C44B-9852-4445-B23B-44316B04DED8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassins Creed\AssassinsCreed_Game.exe => No File
FirewallRules: [{39E5F34B-4331-41FA-904A-115623F5C59C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe => No File
FirewallRules: [{E727EA3D-1C9F-4C0D-91F5-D411668E6763}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe => No File
FirewallRules: [{B5C7D938-174E-46A0-ABB2-5F6DBE1FA2DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe => No File
FirewallRules: [{609A0826-7631-4FF6-B22C-C7E3FF2FADBC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe => No File
FirewallRules: [{A181CC1A-9D1A-48B8-BB3B-192F4BAE61B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{119B9235-70E2-4808-8658-B4CCEE50CA73}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{77A9D203-DABD-4E37-B5CC-D4528C16FAE5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassins Creed\AssassinsCreed_Game.exe => No File
FirewallRules: [{C791C44B-9852-4445-B23B-44316B04DED8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassins Creed\AssassinsCreed_Game.exe => No File
FirewallRules: [TCP Query User{6EA0E5C4-5E23-4E8E-8526-7C46286B1057}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe => No File
FirewallRules: [UDP Query User{2110F1BA-2491-431C-848E-E0DE9265214E}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe => No File
FirewallRules: [{D64658C7-58E5-43A2-82F4-6FC8286CA30A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe => No File
FirewallRules: [{08029281-B077-4734-821A-003B7EBB8A0B}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe => No File
FirewallRules: [TCP Query User{DA65DF37-6765-445D-90BD-B851AC5F5300}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe => No File
FirewallRules: [UDP Query User{874322DB-4873-49CF-B65C-6BA5E3707912}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe => No File
FirewallRules: [TCP Query User{BCA53DD5-6D06-41DF-8DED-8FCE1F7232FE}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe => No File
FirewallRules: [UDP Query User{47B1F6F6-88B9-4807-B9C5-31620D3C15A0}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe => No File
FirewallRules: [TCP Query User{24090DEE-7E53-4CE1-93DF-7264A7BC2444}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe => No File
FirewallRules: [UDP Query User{EBDC7BC8-1BC4-4E36-811B-AB56DC3959C9}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe => No File
FirewallRules: [{969CD9C2-8D9B-4419-8F32-2DC36E5AFBAF}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Player.exe => No File
FirewallRules: [TCP Query User{956AAD38-36B4-4146-9F68-C822C55BA2DD}C:\users\incomputer\appdata\local\roblox\versions\version-6d02431b656044a6\robloxstudiobeta.exe] => (Allow) C:\users\incomputer\appdata\local\roblox\versions\version-6d02431b656044a6\robloxstudiobeta.exe => No File
FirewallRules: [UDP Query User{395ADC4A-F1A6-4B88-BF53-884ED9E9C4EB}C:\users\incomputer\appdata\local\roblox\versions\version-6d02431b656044a6\robloxstudiobeta.exe] => (Allow) C:\users\incomputer\appdata\local\roblox\versions\version-6d02431b656044a6\robloxstudiobeta.exe => No File
FirewallRules: [TCP Query User{AEA565A9-2039-4ACB-ADF4-9EB193D745F0}C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe => No File
FirewallRules: [UDP Query User{E00CDC95-FECB-4A68-99BC-C0F636EF35BE}C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe => No File
FirewallRules: [TCP Query User{995AEFCD-6F48-406A-BF91-9328E7EFAC90}C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe => No File
FirewallRules: [UDP Query User{FCD1D789-B94A-4139-92BE-5EB629F2DAF7}C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe => No File
FirewallRules: [{78C26C27-5386-47C9-B8AE-E39052C8EE13}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{E69D3FDB-147B-4EEC-AFF6-AFF188EFA6CD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{709CF5FB-C35A-4F1A-A64C-9233BC77DFAB}C:\users\incomputer\desktop\scrap.mechanic.v0.3.5\release\scrapmechanic.exe] => (Allow) C:\users\incomputer\desktop\scrap.mechanic.v0.3.5\release\scrapmechanic.exe => No File
FirewallRules: [UDP Query User{D56357B5-E29F-44ED-97AF-92C9D56A8136}C:\users\incomputer\desktop\scrap.mechanic.v0.3.5\release\scrapmechanic.exe] => (Allow) C:\users\incomputer\desktop\scrap.mechanic.v0.3.5\release\scrapmechanic.exe => No File
FirewallRules: [TCP Query User{61EEDD21-ED82-4958-9E89-6E04856CC747}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe => No File
FirewallRules: [UDP Query User{3BA07C5B-1A8E-4B97-95D9-2A279C8965C0}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe => No File
FirewallRules: [{8F3B3458-16F5-4FDB-8B49-46DB7D91176A}] => (Block) C:\riot games\league of legends\game\league of legends.exe => No File
FirewallRules: [{2ED3060C-BA9D-45E2-A529-D788F60F4802}] => (Block) C:\riot games\league of legends\game\league of legends.exe => No File
FirewallRules: [TCP Query User{3C94CA67-83E2-4A05-A0C6-2F537FE670E1}C:\users\incomputer\desktop\storage\all\hry\scp\scp - containment breach multiplayer\multiplayer.exe] => (Block) C:\users\incomputer\desktop\storage\all\hry\scp\scp - containment breach multiplayer\multiplayer.exe => No File
FirewallRules: [UDP Query User{CF24236C-EF5B-4D42-AD8B-D184567BFE34}C:\users\incomputer\desktop\storage\all\hry\scp\scp - containment breach multiplayer\multiplayer.exe] => (Block) C:\users\incomputer\desktop\storage\all\hry\scp\scp - containment breach multiplayer\multiplayer.exe => No File
FirewallRules: [TCP Query User{DBD5320E-C13E-4A3A-8634-06EE2BD21728}C:\program files\epic games\theescapists2\theescapists2.exe] => (Allow) C:\program files\epic games\theescapists2\theescapists2.exe => No File
FirewallRules: [UDP Query User{B3E9A8BA-F65E-4D3F-876A-9BA888A96CD8}C:\program files\epic games\theescapists2\theescapists2.exe] => (Allow) C:\program files\epic games\theescapists2\theescapists2.exe => No File
FirewallRules: [{842DDEB9-8127-48DB-95A4-747091C3399E}] => (Block) C:\program files\epic games\theescapists2\theescapists2.exe => No File
FirewallRules: [{56E54268-13A3-44DB-983B-145943B6E5D3}] => (Block) C:\program files\epic games\theescapists2\theescapists2.exe => No File
FirewallRules: [TCP Query User{BC790F88-A3C0-4887-B9BC-EFD8D9FDB655}C:\program files\epic games\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files\epic games\paladins\binaries\win64\paladins.exe => No File
FirewallRules: [UDP Query User{0FD8396B-DE39-4F16-850D-DD4D39C22708}C:\program files\epic games\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files\epic games\paladins\binaries\win64\paladins.exe => No File
FirewallRules: [TCP Query User{02849BC6-E91D-4792-A8BD-0B3073DF675C}C:\program files\secondlifeviewer\slvoice.exe] => (Allow) C:\program files\secondlifeviewer\slvoice.exe => No File
FirewallRules: [UDP Query User{B7627FE3-6079-4423-B5D7-E2AEE6BBB41D}C:\program files\secondlifeviewer\slvoice.exe] => (Allow) C:\program files\secondlifeviewer\slvoice.exe => No File
FirewallRules: [TCP Query User{8E234A57-1E78-4DDE-B2CE-87EB6BC7B6E3}C:\program files\epic games\thealtocollection\the alto collection.exe] => (Allow) C:\program files\epic games\thealtocollection\the alto collection.exe => No File
FirewallRules: [UDP Query User{45ABD438-372C-4B07-A5B7-27ADCF19F644}C:\program files\epic games\thealtocollection\the alto collection.exe] => (Allow) C:\program files\epic games\thealtocollection\the alto collection.exe => No File
FirewallRules: [{2C950427-00A6-4918-821A-2C5925F0ABCF}] => (Allow) C:\WINDOWS\rss\csrss.exe => No File
FirewallRules: [{A0E8D980-CBC3-445A-AEC8-531169716959}] => (Allow) C:\Users\inComputer\AppData\Roaming\d2ce149623b7\d2ce149623b7.exe => No File
FirewallRules: [{DDB25C00-6F73-4034-A7F2-DFB32014681C}] => (Allow) C:\WINDOWS\rss\csrss.exe => No File
FirewallRules: [{269249CE-D929-4526-85FD-32CC58437A3E}] => (Allow) C:\Users\inComputer\AppData\Roaming\d2ce149623b7\d2ce149623b7.exe => No File

EmptyTemp:
Hosts:
End
Uložte do C:\Users\inComputer\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Nicolas77
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 16 zář 2020 16:23

Re: Prosím o kontrolu logu, vyskakují webové stránky

#7 Příspěvek od Nicolas77 »

Fix result of Farbar Recovery Scan Tool (x64) Version: 13-09-2020
Ran by inComputer (16-09-2020 22:53:58) Run:2
Running from C:\Users\inComputer\Downloads
Loaded Profiles: inComputer
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [kissq] => C:\Users\INCOMP~1\AppData\Local\Temp\kissq.exe*************** <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
C:\Program Files\KG7C69N9GS
C:\Users\inComputer\AppData\Roaming\ci10iiuml0t
C:\Program Files\A3RQMQZQN8
C:\Users\inComputer\AppData\Roaming\amkmbmhmvno
C:\Users\inComputer\AppData\Roaming\g5sirwmp03e
C:\Program Files\7OAXC3U7U4
C:\Users\inComputer\AppData\Roaming\5a45zupmxnf
C:\Program Files\HDY31U76XK
C:\Program Files\SOTT9HJ7NL
C:\Users\inComputer\AppData\Roaming\pltdnwgglcf
C:\Users\inComputer\AppData\Roaming\gbh5mwa0tu4
C:\Program Files\1LFSUCKMJ9
C:\Program Files\XWWBAA94G6
C:\Users\inComputer\AppData\Roaming\s0eoqa3htbj
C:\Users\inComputer\AppData\Roaming\01rqwsiuvbi
C:\Program Files\P3464V6U72
C:\ProgramData\r4s1p4q6s1s1p4q6s1
C:\Users\inComputer\AppData\Roaming\d2ce149623b7
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
CustomCLSID: HKU\S-1-5-21-2005927889-2017481889-354987220-1001_Classes\CLSID\{930e604a-cc01-4d06-8d7a-5a07914f3afb}\localserver32 -> "C:\Program Files\TechSmith\Camtasia 2019\CamtasiaStudio.exe" -ToastActivated => No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
AlternateDataStreams: C:\Users\inComputer:.repos [616612]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [478]
SearchScopes: HKLM-x32 -> DefaultScope value is missing
FirewallRules: [UDP Query User{83382D4B-FE5D-42CE-9CA5-CE9F60B3DEFF}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [TCP Query User{436F5830-4847-4CA3-8492-A8D0092B2D42}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [{39E5F34B-4331-41FA-904A-115623F5C59C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe => No File
FirewallRules: [{E727EA3D-1C9F-4C0D-91F5-D411668E6763}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe => No File
FirewallRules: [{B5C7D938-174E-46A0-ABB2-5F6DBE1FA2DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe => No File
FirewallRules: [{609A0826-7631-4FF6-B22C-C7E3FF2FADBC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe => No File
FirewallRules: [{A181CC1A-9D1A-48B8-BB3B-192F4BAE61B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{119B9235-70E2-4808-8658-B4CCEE50CA73}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{77A9D203-DABD-4E37-B5CC-D4528C16FAE5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassins Creed\AssassinsCreed_Game.exe => No File
FirewallRules: [{C791C44B-9852-4445-B23B-44316B04DED8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassins Creed\AssassinsCreed_Game.exe => No File
FirewallRules: [{39E5F34B-4331-41FA-904A-115623F5C59C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe => No File
FirewallRules: [{E727EA3D-1C9F-4C0D-91F5-D411668E6763}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe => No File
FirewallRules: [{B5C7D938-174E-46A0-ABB2-5F6DBE1FA2DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe => No File
FirewallRules: [{609A0826-7631-4FF6-B22C-C7E3FF2FADBC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe => No File
FirewallRules: [{A181CC1A-9D1A-48B8-BB3B-192F4BAE61B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{119B9235-70E2-4808-8658-B4CCEE50CA73}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{77A9D203-DABD-4E37-B5CC-D4528C16FAE5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassins Creed\AssassinsCreed_Game.exe => No File
FirewallRules: [{C791C44B-9852-4445-B23B-44316B04DED8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassins Creed\AssassinsCreed_Game.exe => No File
FirewallRules: [TCP Query User{6EA0E5C4-5E23-4E8E-8526-7C46286B1057}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe => No File
FirewallRules: [UDP Query User{2110F1BA-2491-431C-848E-E0DE9265214E}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe => No File
FirewallRules: [{D64658C7-58E5-43A2-82F4-6FC8286CA30A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe => No File
FirewallRules: [{08029281-B077-4734-821A-003B7EBB8A0B}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe => No File
FirewallRules: [TCP Query User{DA65DF37-6765-445D-90BD-B851AC5F5300}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe => No File
FirewallRules: [UDP Query User{874322DB-4873-49CF-B65C-6BA5E3707912}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe => No File
FirewallRules: [TCP Query User{BCA53DD5-6D06-41DF-8DED-8FCE1F7232FE}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe => No File
FirewallRules: [UDP Query User{47B1F6F6-88B9-4807-B9C5-31620D3C15A0}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe => No File
FirewallRules: [TCP Query User{24090DEE-7E53-4CE1-93DF-7264A7BC2444}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe => No File
FirewallRules: [UDP Query User{EBDC7BC8-1BC4-4E36-811B-AB56DC3959C9}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe => No File
FirewallRules: [{969CD9C2-8D9B-4419-8F32-2DC36E5AFBAF}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Player.exe => No File
FirewallRules: [TCP Query User{956AAD38-36B4-4146-9F68-C822C55BA2DD}C:\users\incomputer\appdata\local\roblox\versions\version-6d02431b656044a6\robloxstudiobeta.exe] => (Allow) C:\users\incomputer\appdata\local\roblox\versions\version-6d02431b656044a6\robloxstudiobeta.exe => No File
FirewallRules: [UDP Query User{395ADC4A-F1A6-4B88-BF53-884ED9E9C4EB}C:\users\incomputer\appdata\local\roblox\versions\version-6d02431b656044a6\robloxstudiobeta.exe] => (Allow) C:\users\incomputer\appdata\local\roblox\versions\version-6d02431b656044a6\robloxstudiobeta.exe => No File
FirewallRules: [TCP Query User{AEA565A9-2039-4ACB-ADF4-9EB193D745F0}C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe => No File
FirewallRules: [UDP Query User{E00CDC95-FECB-4A68-99BC-C0F636EF35BE}C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe => No File
FirewallRules: [TCP Query User{995AEFCD-6F48-406A-BF91-9328E7EFAC90}C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe => No File
FirewallRules: [UDP Query User{FCD1D789-B94A-4139-92BE-5EB629F2DAF7}C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe => No File
FirewallRules: [{78C26C27-5386-47C9-B8AE-E39052C8EE13}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{E69D3FDB-147B-4EEC-AFF6-AFF188EFA6CD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{709CF5FB-C35A-4F1A-A64C-9233BC77DFAB}C:\users\incomputer\desktop\scrap.mechanic.v0.3.5\release\scrapmechanic.exe] => (Allow) C:\users\incomputer\desktop\scrap.mechanic.v0.3.5\release\scrapmechanic.exe => No File
FirewallRules: [UDP Query User{D56357B5-E29F-44ED-97AF-92C9D56A8136}C:\users\incomputer\desktop\scrap.mechanic.v0.3.5\release\scrapmechanic.exe] => (Allow) C:\users\incomputer\desktop\scrap.mechanic.v0.3.5\release\scrapmechanic.exe => No File
FirewallRules: [TCP Query User{61EEDD21-ED82-4958-9E89-6E04856CC747}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe => No File
FirewallRules: [UDP Query User{3BA07C5B-1A8E-4B97-95D9-2A279C8965C0}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe => No File
FirewallRules: [{8F3B3458-16F5-4FDB-8B49-46DB7D91176A}] => (Block) C:\riot games\league of legends\game\league of legends.exe => No File
FirewallRules: [{2ED3060C-BA9D-45E2-A529-D788F60F4802}] => (Block) C:\riot games\league of legends\game\league of legends.exe => No File
FirewallRules: [TCP Query User{3C94CA67-83E2-4A05-A0C6-2F537FE670E1}C:\users\incomputer\desktop\storage\all\hry\scp\scp - containment breach multiplayer\multiplayer.exe] => (Block) C:\users\incomputer\desktop\storage\all\hry\scp\scp - containment breach multiplayer\multiplayer.exe => No File
FirewallRules: [UDP Query User{CF24236C-EF5B-4D42-AD8B-D184567BFE34}C:\users\incomputer\desktop\storage\all\hry\scp\scp - containment breach multiplayer\multiplayer.exe] => (Block) C:\users\incomputer\desktop\storage\all\hry\scp\scp - containment breach multiplayer\multiplayer.exe => No File
FirewallRules: [TCP Query User{DBD5320E-C13E-4A3A-8634-06EE2BD21728}C:\program files\epic games\theescapists2\theescapists2.exe] => (Allow) C:\program files\epic games\theescapists2\theescapists2.exe => No File
FirewallRules: [UDP Query User{B3E9A8BA-F65E-4D3F-876A-9BA888A96CD8}C:\program files\epic games\theescapists2\theescapists2.exe] => (Allow) C:\program files\epic games\theescapists2\theescapists2.exe => No File
FirewallRules: [{842DDEB9-8127-48DB-95A4-747091C3399E}] => (Block) C:\program files\epic games\theescapists2\theescapists2.exe => No File
FirewallRules: [{56E54268-13A3-44DB-983B-145943B6E5D3}] => (Block) C:\program files\epic games\theescapists2\theescapists2.exe => No File
FirewallRules: [TCP Query User{BC790F88-A3C0-4887-B9BC-EFD8D9FDB655}C:\program files\epic games\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files\epic games\paladins\binaries\win64\paladins.exe => No File
FirewallRules: [UDP Query User{0FD8396B-DE39-4F16-850D-DD4D39C22708}C:\program files\epic games\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files\epic games\paladins\binaries\win64\paladins.exe => No File
FirewallRules: [TCP Query User{02849BC6-E91D-4792-A8BD-0B3073DF675C}C:\program files\secondlifeviewer\slvoice.exe] => (Allow) C:\program files\secondlifeviewer\slvoice.exe => No File
FirewallRules: [UDP Query User{B7627FE3-6079-4423-B5D7-E2AEE6BBB41D}C:\program files\secondlifeviewer\slvoice.exe] => (Allow) C:\program files\secondlifeviewer\slvoice.exe => No File
FirewallRules: [TCP Query User{8E234A57-1E78-4DDE-B2CE-87EB6BC7B6E3}C:\program files\epic games\thealtocollection\the alto collection.exe] => (Allow) C:\program files\epic games\thealtocollection\the alto collection.exe => No File
FirewallRules: [UDP Query User{45ABD438-372C-4B07-A5B7-27ADCF19F644}C:\program files\epic games\thealtocollection\the alto collection.exe] => (Allow) C:\program files\epic games\thealtocollection\the alto collection.exe => No File
FirewallRules: [{2C950427-00A6-4918-821A-2C5925F0ABCF}] => (Allow) C:\WINDOWS\rss\csrss.exe => No File
FirewallRules: [{A0E8D980-CBC3-445A-AEC8-531169716959}] => (Allow) C:\Users\inComputer\AppData\Roaming\d2ce149623b7\d2ce149623b7.exe => No File
FirewallRules: [{DDB25C00-6F73-4034-A7F2-DFB32014681C}] => (Allow) C:\WINDOWS\rss\csrss.exe => No File
FirewallRules: [{269249CE-D929-4526-85FD-32CC58437A3E}] => (Allow) C:\Users\inComputer\AppData\Roaming\d2ce149623b7\d2ce149623b7.exe => No File

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => not found
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\kissq" => not found
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => not found
HKLM\SOFTWARE\Policies\Google => not found
"C:\Program Files\KG7C69N9GS" => not found
"C:\Users\inComputer\AppData\Roaming\ci10iiuml0t" => not found
"C:\Program Files\A3RQMQZQN8" => not found
"C:\Users\inComputer\AppData\Roaming\amkmbmhmvno" => not found
"C:\Users\inComputer\AppData\Roaming\g5sirwmp03e" => not found
"C:\Program Files\7OAXC3U7U4" => not found
"C:\Users\inComputer\AppData\Roaming\5a45zupmxnf" => not found
"C:\Program Files\HDY31U76XK" => not found
"C:\Program Files\SOTT9HJ7NL" => not found
"C:\Users\inComputer\AppData\Roaming\pltdnwgglcf" => not found
"C:\Users\inComputer\AppData\Roaming\gbh5mwa0tu4" => not found
"C:\Program Files\1LFSUCKMJ9" => not found
"C:\Program Files\XWWBAA94G6" => not found
"C:\Users\inComputer\AppData\Roaming\s0eoqa3htbj" => not found
"C:\Users\inComputer\AppData\Roaming\01rqwsiuvbi" => not found
"C:\Program Files\P3464V6U72" => not found
"C:\ProgramData\r4s1p4q6s1s1p4q6s1" => not found
"C:\Users\inComputer\AppData\Roaming\d2ce149623b7" => not found
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
HKU\S-1-5-21-2005927889-2017481889-354987220-1001_Classes\CLSID\{930e604a-cc01-4d06-8d7a-5a07914f3afb} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => not found
"C:\Users\inComputer" => ":.repos" ADS not found.
"C:\Users\Public\Shared Files" => ":VersionCache" ADS not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{83382D4B-FE5D-42CE-9CA5-CE9F60B3DEFF}C:\programdata\wargaming.net\gamecenter\wgc.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{436F5830-4847-4CA3-8492-A8D0092B2D42}C:\programdata\wargaming.net\gamecenter\wgc.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{39E5F34B-4331-41FA-904A-115623F5C59C}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E727EA3D-1C9F-4C0D-91F5-D411668E6763}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B5C7D938-174E-46A0-ABB2-5F6DBE1FA2DF}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{609A0826-7631-4FF6-B22C-C7E3FF2FADBC}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A181CC1A-9D1A-48B8-BB3B-192F4BAE61B9}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{119B9235-70E2-4808-8658-B4CCEE50CA73}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{77A9D203-DABD-4E37-B5CC-D4528C16FAE5}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C791C44B-9852-4445-B23B-44316B04DED8}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{39E5F34B-4331-41FA-904A-115623F5C59C}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E727EA3D-1C9F-4C0D-91F5-D411668E6763}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B5C7D938-174E-46A0-ABB2-5F6DBE1FA2DF}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{609A0826-7631-4FF6-B22C-C7E3FF2FADBC}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A181CC1A-9D1A-48B8-BB3B-192F4BAE61B9}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{119B9235-70E2-4808-8658-B4CCEE50CA73}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{77A9D203-DABD-4E37-B5CC-D4528C16FAE5}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C791C44B-9852-4445-B23B-44316B04DED8}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6EA0E5C4-5E23-4E8E-8526-7C46286B1057}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2110F1BA-2491-431C-848E-E0DE9265214E}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D64658C7-58E5-43A2-82F4-6FC8286CA30A}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{08029281-B077-4734-821A-003B7EBB8A0B}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DA65DF37-6765-445D-90BD-B851AC5F5300}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{874322DB-4873-49CF-B65C-6BA5E3707912}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{BCA53DD5-6D06-41DF-8DED-8FCE1F7232FE}C:\program files (x86)\overwatch\overwatch.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{47B1F6F6-88B9-4807-B9C5-31620D3C15A0}C:\program files (x86)\overwatch\overwatch.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{24090DEE-7E53-4CE1-93DF-7264A7BC2444}C:\program files (x86)\overwatch\overwatch.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{EBDC7BC8-1BC4-4E36-811B-AB56DC3959C9}C:\program files (x86)\overwatch\overwatch.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{969CD9C2-8D9B-4419-8F32-2DC36E5AFBAF}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{956AAD38-36B4-4146-9F68-C822C55BA2DD}C:\users\incomputer\appdata\local\roblox\versions\version-6d02431b656044a6\robloxstudiobeta.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{395ADC4A-F1A6-4B88-BF53-884ED9E9C4EB}C:\users\incomputer\appdata\local\roblox\versions\version-6d02431b656044a6\robloxstudiobeta.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{AEA565A9-2039-4ACB-ADF4-9EB193D745F0}C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E00CDC95-FECB-4A68-99BC-C0F636EF35BE}C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{995AEFCD-6F48-406A-BF91-9328E7EFAC90}C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FCD1D789-B94A-4139-92BE-5EB629F2DAF7}C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{78C26C27-5386-47C9-B8AE-E39052C8EE13}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E69D3FDB-147B-4EEC-AFF6-AFF188EFA6CD}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{709CF5FB-C35A-4F1A-A64C-9233BC77DFAB}C:\users\incomputer\desktop\scrap.mechanic.v0.3.5\release\scrapmechanic.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D56357B5-E29F-44ED-97AF-92C9D56A8136}C:\users\incomputer\desktop\scrap.mechanic.v0.3.5\release\scrapmechanic.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{61EEDD21-ED82-4958-9E89-6E04856CC747}C:\riot games\league of legends\game\league of legends.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3BA07C5B-1A8E-4B97-95D9-2A279C8965C0}C:\riot games\league of legends\game\league of legends.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8F3B3458-16F5-4FDB-8B49-46DB7D91176A}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2ED3060C-BA9D-45E2-A529-D788F60F4802}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3C94CA67-83E2-4A05-A0C6-2F537FE670E1}C:\users\incomputer\desktop\storage\all\hry\scp\scp - containment breach multiplayer\multiplayer.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{CF24236C-EF5B-4D42-AD8B-D184567BFE34}C:\users\incomputer\desktop\storage\all\hry\scp\scp - containment breach multiplayer\multiplayer.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DBD5320E-C13E-4A3A-8634-06EE2BD21728}C:\program files\epic games\theescapists2\theescapists2.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B3E9A8BA-F65E-4D3F-876A-9BA888A96CD8}C:\program files\epic games\theescapists2\theescapists2.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{842DDEB9-8127-48DB-95A4-747091C3399E}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{56E54268-13A3-44DB-983B-145943B6E5D3}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{BC790F88-A3C0-4887-B9BC-EFD8D9FDB655}C:\program files\epic games\paladins\binaries\win64\paladins.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0FD8396B-DE39-4F16-850D-DD4D39C22708}C:\program files\epic games\paladins\binaries\win64\paladins.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{02849BC6-E91D-4792-A8BD-0B3073DF675C}C:\program files\secondlifeviewer\slvoice.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B7627FE3-6079-4423-B5D7-E2AEE6BBB41D}C:\program files\secondlifeviewer\slvoice.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8E234A57-1E78-4DDE-B2CE-87EB6BC7B6E3}C:\program files\epic games\thealtocollection\the alto collection.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{45ABD438-372C-4B07-A5B7-27ADCF19F644}C:\program files\epic games\thealtocollection\the alto collection.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2C950427-00A6-4918-821A-2C5925F0ABCF}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A0E8D980-CBC3-445A-AEC8-531169716959}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DDB25C00-6F73-4034-A7F2-DFB32014681C}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{269249CE-D929-4526-85FD-32CC58437A3E}" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 11034624 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 7455102 B
Java, Flash, Steam htmlcache => 1607201 B
Windows/system/drivers => 0 B
Edge => 8192 B
Chrome => 0 B
Firefox => 17536521 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
inComputer => 3438284 B

RecycleBin => 0 B
EmptyTemp: => 39.2 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 22:56:38 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 112724
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu, vyskakují webové stránky

#8 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna? :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Nicolas77
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 16 zář 2020 16:23

Re: Prosím o kontrolu logu, vyskakují webové stránky

#9 Příspěvek od Nicolas77 »

Díky moc, byl jsem mimo, tak pardon za pozdní odpověď, všechno zatím funguje. :)

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 112724
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu, vyskakují webové stránky

#10 Příspěvek od Rudy »

Nic se neděje, jsem rád, že je problém vyřešen. :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět