Zdravím,
Stala se mi nemilá věc, poprvé v životě. Pravděpodobně kvůli neoficiální češtině nebo updatu do hry se mi někdo během dvou dnů dostal na Discord a Instagram a rozesílal z něj podvodné fotky ohledně crypta. Změnil jsem všude heslo a nastavil 2FA.
Windows Defender mi zablokoval po včerejším spuštění PC 2 soubory, s názvem
Trojan:Script/Phonzy.B!ml
Trojan:Win32/Wacatac
Kamarád mi vás doporučil, že by jste dokázali zjistit zda se problém vyřešil, nebo furt přetrvává.
Děkuji Vám moc za pomoc.
MALWARE V PC
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
MALWARE V PC
- Přílohy
-
- FRST a Addition.zip
- FRST a Addition
- (21.94 KiB) Staženo 3 x
-
Rudy
- Site Admin
- Příspěvky: 120008
- Registrován: 30 Říj 2003 13:42
- Místo/Bydliště: Plzeň
- Kontaktovat uživatele:
Re: MALWARE V PC
Zdravím!
Udělejte sken ADWC:
Udělejte sken ADWC:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: MALWARE V PC
Zde je log------
# -------------------------------
# Malwarebytes AdwCleaner 8.8.1.639
# -------------------------------
# Build: 05-13-2026
# Database: 2026-05-07.3 (Cloud)
# Support: https://help.malwarebytes.com/
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-16-2026
# Duration: 00:00:00
# OS: Windows 11 (Build 26200.8655)
# Cleaned: 0
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1416 octets] - [16/06/2026 16:57:37]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 8.8.1.639
# -------------------------------
# Build: 05-13-2026
# Database: 2026-05-07.3 (Cloud)
# Support: https://help.malwarebytes.com/
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-16-2026
# Duration: 00:00:00
# OS: Windows 11 (Build 26200.8655)
# Cleaned: 0
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1416 octets] - [16/06/2026 16:57:37]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 120008
- Registrován: 30 Říj 2003 13:42
- Místo/Bydliště: Plzeň
- Kontaktovat uživatele:
Re: MALWARE V PC
Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:
Uložte do C:\Users\mijas\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
S3 EAAntiCheat; system32\drivers\eaanticheat.sys (No File)
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [4282]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z.lnk:718E15FDE8 [4282]
AlternateDataStreams: C:\Users\mijas\Downloads\FRST64.exe:MBAM.Zone.Identifier [450]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [6772]
FirewallRules: [UDP Query User{9F128EE7-7BCF-44D5-9F71-097F229BA018}C:\program files (x86)\steam\steamapps\common\blackmythwukong\b1\binaries\win64\b1-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\blackmythwukong\b1\binaries\win64\b1-win64-shipping.exe => No File
FirewallRules: [TCP Query User{27D8A1D9-9E4D-4B6E-AED9-F60CC8CBFC2C}C:\program files (x86)\steam\steamapps\common\blackmythwukong\b1\binaries\win64\b1-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\blackmythwukong\b1\binaries\win64\b1-win64-shipping.exe => No File
FirewallRules: [UDP Query User{CE986848-109C-483C-B8DF-09205DBB460D}C:\programdata\sony interactive entertainment inc\pspc_sdk\s22\2.50.00.10\webview2runtime\msedgewebview2.exe] => (Allow) C:\programdata\sony interactive entertainment inc\pspc_sdk\s22\2.50.00.10\webview2runtime\msedgewebview2.exe => No File
FirewallRules: [TCP Query User{A61795AC-094F-47D3-98B2-0460B5E169D6}C:\programdata\sony interactive entertainment inc\pspc_sdk\s22\2.50.00.10\webview2runtime\msedgewebview2.exe] => (Allow) C:\programdata\sony interactive entertainment inc\pspc_sdk\s22\2.50.00.10\webview2runtime\msedgewebview2.exe => No File
FirewallRules: [UDP Query User{D40BAC1F-2C9B-470A-98EC-15D78DB8BCB6}C:\users\mijas\appdata\local\discord\app-1.0.9159\discord.exe] => (Allow) C:\users\mijas\appdata\local\discord\app-1.0.9159\discord.exe => No File
FirewallRules: [TCP Query User{FCC07ED9-AC77-4767-88A7-3C1DD32B9D3F}C:\users\mijas\appdata\local\discord\app-1.0.9159\discord.exe] => (Allow) C:\users\mijas\appdata\local\discord\app-1.0.9159\discord.exe => No File
FirewallRules: [UDP Query User{72C549CA-8100-4B5A-B70D-629898620239}C:\users\mijas\appdata\local\discord\app-1.0.9155\discord.exe] => (Block) C:\users\mijas\appdata\local\discord\app-1.0.9155\discord.exe => No File
FirewallRules: [TCP Query User{9AA6CAE6-6AC6-4EEB-8BDE-BD9C60A9CAEC}C:\users\mijas\appdata\local\discord\app-1.0.9155\discord.exe] => (Block) C:\users\mijas\appdata\local\discord\app-1.0.9155\discord.exe => No File
FirewallRules: [UDP Query User{16DFEF5A-D940-45B5-B293-CFFE615F8057}C:\program files (x86)\dodi-repacks\total war warhammer ii\warhammer2.exe] => (Allow) C:\program files (x86)\dodi-repacks\total war warhammer ii\warhammer2.exe => No File
FirewallRules: [TCP Query User{5CE8FFF5-E524-4274-AC7A-01A76991A673}C:\program files (x86)\dodi-repacks\total war warhammer ii\warhammer2.exe] => (Allow) C:\program files (x86)\dodi-repacks\total war warhammer ii\warhammer2.exe => No File
FirewallRules: [UDP Query User{9E23A91C-2195-4378-B6E7-85DE51C52F01}C:\games\baldurs gate 3\bin\bg3_dx11.exe] => (Allow) C:\games\baldurs gate 3\bin\bg3_dx11.exe => No File
FirewallRules: [TCP Query User{CEF5D7AA-7618-46C1-A45F-F4D6039C88BA}C:\games\baldurs gate 3\bin\bg3_dx11.exe] => (Allow) C:\games\baldurs gate 3\bin\bg3_dx11.exe => No File
FirewallRules: [UDP Query User{943B8667-7682-4DA9-9B90-08478332EA93}C:\games\baldurs gate 3\bin\bg3.exe] => (Allow) C:\games\baldurs gate 3\bin\bg3.exe => No File
FirewallRules: [TCP Query User{453FEDCD-C75C-4FDA-B250-7ABC6D50BE95}C:\games\baldurs gate 3\bin\bg3.exe] => (Allow) C:\games\baldurs gate 3\bin\bg3.exe => No File
FirewallRules: [{D603CC5E-9889-47BD-A243-667E0695907E}] => (Allow) C:\Users\mijas\AppData\Roaming\bittorrent\BitTorrent.exe => No File
FirewallRules: [{1E993C6A-8FCA-4562-AD09-38A500DFC283}] => (Allow) C:\Users\mijas\AppData\Roaming\bittorrent\BitTorrent.exe => No File
FirewallRules: [{234E976A-F2B5-438C-83C5-57A8677A2404}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ELDEN RING\Game\start_protected_game.exe => No File
FirewallRules: [{431ED0B1-8196-4B4D-9A98-60061210701B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ELDEN RING\Game\start_protected_game.exe => No File
FirewallRules: [UDP Query User{DF608FCE-7556-4B1F-B760-8EA0920750BB}C:\program files (x86)\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [TCP Query User{EE9CC988-7955-4470-9E6E-5A65982190B0}C:\program files (x86)\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [{C9B072EA-B302-48F9-82CE-7B51260270C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{049F53B4-C106-45EB-8940-FDD158612426}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [UDP Query User{5C4FC96E-64EE-49FD-B52C-BB4FD4C03DF2}C:\users\mijas\appdata\roaming\bittorrent\updates\bittorrent.exe] => (Allow) C:\users\mijas\appdata\roaming\bittorrent\updates\bittorrent.exe => No File
FirewallRules: [TCP Query User{C615E07E-30ED-41EE-937D-F89023068E67}C:\users\mijas\appdata\roaming\bittorrent\updates\bittorrent.exe] => (Allow) C:\users\mijas\appdata\roaming\bittorrent\updates\bittorrent.exe => No File
FirewallRules: [UDP Query User{73F7C471-FF91-45AC-8061-46CCEBE21151}C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe => No File
FirewallRules: [TCP Query User{C2E985AF-89A7-4334-B2B3-6A185D25D746}C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe => No File
FirewallRules: [{3522DF03-BD0E-43AE-8BC7-22141B58168F}] => (Allow) C:\Users\mijas\AppData\Local\Temp\bittorrent\bittorrent.exe => No File
FirewallRules: [{8A1024C9-7B16-46E6-95EB-F71C2B1CD91F}] => (Allow) C:\Users\mijas\AppData\Local\Temp\bittorrent\bittorrent.exe => No File
FirewallRules: [{7AAA622F-2719-4185-9795-3535D05A8B1B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{278D06D3-F396-454C-B196-A681D4DBF2DE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{C1F049DA-59C3-4BED-A6A6-C67212931477}C:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [UDP Query User{4CFF4A76-21E2-444C-B90D-C95CCDB19807}C:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [TCP Query User{A5605D34-859F-4D56-8138-9F03FF65EB88}C:\program files\ea games\battlefield 6 event\bf6event.exe] => (Allow) C:\program files\ea games\battlefield 6 event\bf6event.exe => No File
FirewallRules: [UDP Query User{4077B534-F539-4D49-A537-2BB43755A02F}C:\program files\ea games\battlefield 6 event\bf6event.exe] => (Allow) C:\program files\ea games\battlefield 6 event\bf6event.exe => No File
FirewallRules: [TCP Query User{1B5F5B31-DCDA-48C9-BFFC-B3888A3FCBF4}C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe => No File
FirewallRules: [UDP Query User{B1020FC8-F5B7-46B3-9CC5-D9C3EE062A8D}C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe => No File
FirewallRules: [TCP Query User{460ECCEB-89C6-4EF9-8A3F-49EFF80F19E5}C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe => No File
FirewallRules: [UDP Query User{859399C1-4C2A-4D39-96CC-181350DCE894}C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe => No File
FirewallRules: [{6D309ACE-30AD-4E26-8799-27B8623C66CC}] => (Allow) C:\Program Files (x86)\Overwolf\0.296.3.3\OverwolfBrowser.exe => No File
FirewallRules: [{F6A30B24-C7C3-4B75-A39A-1E0870E48F5C}] => (Allow) C:\Program Files (x86)\Overwolf\0.296.3.3\OverwolfBrowser.exe => No File
FirewallRules: [{E91BD361-121A-4713-939E-5E0708C3213A}] => (Block) C:\Program Files (x86)\Overwolf\0.296.3.3\OverwolfBrowser.exe => No File
FirewallRules: [{AB0D5655-CCAE-4FF9-845E-C999C0FCCE89}] => (Block) C:\Program Files (x86)\Overwolf\0.296.3.3\OverwolfBrowser.exe => No File
C:\Users\mijas\AppData\Roaming\Microsoft\Crypto\svchost.cmd
C:\Users\mijas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\svchost.lnk
C:\Users\mijas\AppData\Roaming\Microsoft\Windows\Start
C:\Users\mijas\AppData\Roaming\Microsoft\Crypto\svchost.cmd
\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\MSBuild.exe
EmptyTemp:
Hosts:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: MALWARE V PC
Snad posílám správný, toto by měl být on.
Fix result of Farbar Recovery Scan Tool (x64) Version: 16-06-2026
Ran by mijas (16-06-2026 18:22:13) Run:1
Running from C:\Users\mijas\Downloads
Loaded Profiles: mijas
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
S3 EAAntiCheat; system32\drivers\eaanticheat.sys (No File)
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [4282]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z.lnk:718E15FDE8 [4282]
AlternateDataStreams: C:\Users\mijas\Downloads\FRST64.exe:MBAM.Zone.Identifier [450]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [6772]
FirewallRules: [UDP Query User{9F128EE7-7BCF-44D5-9F71-097F229BA018}C:\program files (x86)\steam\steamapps\common\blackmythwukong\b1\binaries\win64\b1-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\blackmythwukong\b1\binaries\win64\b1-win64-shipping.exe => No File
FirewallRules: [TCP Query User{27D8A1D9-9E4D-4B6E-AED9-F60CC8CBFC2C}C:\program files (x86)\steam\steamapps\common\blackmythwukong\b1\binaries\win64\b1-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\blackmythwukong\b1\binaries\win64\b1-win64-shipping.exe => No File
FirewallRules: [UDP Query User{CE986848-109C-483C-B8DF-09205DBB460D}C:\programdata\sony interactive entertainment inc\pspc_sdk\s22\2.50.00.10\webview2runtime\msedgewebview2.exe] => (Allow) C:\programdata\sony interactive entertainment inc\pspc_sdk\s22\2.50.00.10\webview2runtime\msedgewebview2.exe => No File
FirewallRules: [TCP Query User{A61795AC-094F-47D3-98B2-0460B5E169D6}C:\programdata\sony interactive entertainment inc\pspc_sdk\s22\2.50.00.10\webview2runtime\msedgewebview2.exe] => (Allow) C:\programdata\sony interactive entertainment inc\pspc_sdk\s22\2.50.00.10\webview2runtime\msedgewebview2.exe => No File
FirewallRules: [UDP Query User{D40BAC1F-2C9B-470A-98EC-15D78DB8BCB6}C:\users\mijas\appdata\local\discord\app-1.0.9159\discord.exe] => (Allow) C:\users\mijas\appdata\local\discord\app-1.0.9159\discord.exe => No File
FirewallRules: [TCP Query User{FCC07ED9-AC77-4767-88A7-3C1DD32B9D3F}C:\users\mijas\appdata\local\discord\app-1.0.9159\discord.exe] => (Allow) C:\users\mijas\appdata\local\discord\app-1.0.9159\discord.exe => No File
FirewallRules: [UDP Query User{72C549CA-8100-4B5A-B70D-629898620239}C:\users\mijas\appdata\local\discord\app-1.0.9155\discord.exe] => (Block) C:\users\mijas\appdata\local\discord\app-1.0.9155\discord.exe => No File
FirewallRules: [TCP Query User{9AA6CAE6-6AC6-4EEB-8BDE-BD9C60A9CAEC}C:\users\mijas\appdata\local\discord\app-1.0.9155\discord.exe] => (Block) C:\users\mijas\appdata\local\discord\app-1.0.9155\discord.exe => No File
FirewallRules: [UDP Query User{16DFEF5A-D940-45B5-B293-CFFE615F8057}C:\program files (x86)\dodi-repacks\total war warhammer ii\warhammer2.exe] => (Allow) C:\program files (x86)\dodi-repacks\total war warhammer ii\warhammer2.exe => No File
FirewallRules: [TCP Query User{5CE8FFF5-E524-4274-AC7A-01A76991A673}C:\program files (x86)\dodi-repacks\total war warhammer ii\warhammer2.exe] => (Allow) C:\program files (x86)\dodi-repacks\total war warhammer ii\warhammer2.exe => No File
FirewallRules: [UDP Query User{9E23A91C-2195-4378-B6E7-85DE51C52F01}C:\games\baldurs gate 3\bin\bg3_dx11.exe] => (Allow) C:\games\baldurs gate 3\bin\bg3_dx11.exe => No File
FirewallRules: [TCP Query User{CEF5D7AA-7618-46C1-A45F-F4D6039C88BA}C:\games\baldurs gate 3\bin\bg3_dx11.exe] => (Allow) C:\games\baldurs gate 3\bin\bg3_dx11.exe => No File
FirewallRules: [UDP Query User{943B8667-7682-4DA9-9B90-08478332EA93}C:\games\baldurs gate 3\bin\bg3.exe] => (Allow) C:\games\baldurs gate 3\bin\bg3.exe => No File
FirewallRules: [TCP Query User{453FEDCD-C75C-4FDA-B250-7ABC6D50BE95}C:\games\baldurs gate 3\bin\bg3.exe] => (Allow) C:\games\baldurs gate 3\bin\bg3.exe => No File
FirewallRules: [{D603CC5E-9889-47BD-A243-667E0695907E}] => (Allow) C:\Users\mijas\AppData\Roaming\bittorrent\BitTorrent.exe => No File
FirewallRules: [{1E993C6A-8FCA-4562-AD09-38A500DFC283}] => (Allow) C:\Users\mijas\AppData\Roaming\bittorrent\BitTorrent.exe => No File
FirewallRules: [{234E976A-F2B5-438C-83C5-57A8677A2404}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ELDEN RING\Game\start_protected_game.exe => No File
FirewallRules: [{431ED0B1-8196-4B4D-9A98-60061210701B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ELDEN RING\Game\start_protected_game.exe => No File
FirewallRules: [UDP Query User{DF608FCE-7556-4B1F-B760-8EA0920750BB}C:\program files (x86)\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [TCP Query User{EE9CC988-7955-4470-9E6E-5A65982190B0}C:\program files (x86)\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [{C9B072EA-B302-48F9-82CE-7B51260270C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{049F53B4-C106-45EB-8940-FDD158612426}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [UDP Query User{5C4FC96E-64EE-49FD-B52C-BB4FD4C03DF2}C:\users\mijas\appdata\roaming\bittorrent\updates\bittorrent.exe] => (Allow) C:\users\mijas\appdata\roaming\bittorrent\updates\bittorrent.exe => No File
FirewallRules: [TCP Query User{C615E07E-30ED-41EE-937D-F89023068E67}C:\users\mijas\appdata\roaming\bittorrent\updates\bittorrent.exe] => (Allow) C:\users\mijas\appdata\roaming\bittorrent\updates\bittorrent.exe => No File
FirewallRules: [UDP Query User{73F7C471-FF91-45AC-8061-46CCEBE21151}C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe => No File
FirewallRules: [TCP Query User{C2E985AF-89A7-4334-B2B3-6A185D25D746}C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe => No File
FirewallRules: [{3522DF03-BD0E-43AE-8BC7-22141B58168F}] => (Allow) C:\Users\mijas\AppData\Local\Temp\bittorrent\bittorrent.exe => No File
FirewallRules: [{8A1024C9-7B16-46E6-95EB-F71C2B1CD91F}] => (Allow) C:\Users\mijas\AppData\Local\Temp\bittorrent\bittorrent.exe => No File
FirewallRules: [{7AAA622F-2719-4185-9795-3535D05A8B1B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{278D06D3-F396-454C-B196-A681D4DBF2DE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{C1F049DA-59C3-4BED-A6A6-C67212931477}C:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [UDP Query User{4CFF4A76-21E2-444C-B90D-C95CCDB19807}C:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [TCP Query User{A5605D34-859F-4D56-8138-9F03FF65EB88}C:\program files\ea games\battlefield 6 event\bf6event.exe] => (Allow) C:\program files\ea games\battlefield 6 event\bf6event.exe => No File
FirewallRules: [UDP Query User{4077B534-F539-4D49-A537-2BB43755A02F}C:\program files\ea games\battlefield 6 event\bf6event.exe] => (Allow) C:\program files\ea games\battlefield 6 event\bf6event.exe => No File
FirewallRules: [TCP Query User{1B5F5B31-DCDA-48C9-BFFC-B3888A3FCBF4}C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe => No File
FirewallRules: [UDP Query User{B1020FC8-F5B7-46B3-9CC5-D9C3EE062A8D}C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe => No File
FirewallRules: [TCP Query User{460ECCEB-89C6-4EF9-8A3F-49EFF80F19E5}C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe => No File
FirewallRules: [UDP Query User{859399C1-4C2A-4D39-96CC-181350DCE894}C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe => No File
FirewallRules: [{6D309ACE-30AD-4E26-8799-27B8623C66CC}] => (Allow) C:\Program Files (x86)\Overwolf\0.296.3.3\OverwolfBrowser.exe => No File
FirewallRules: [{F6A30B24-C7C3-4B75-A39A-1E0870E48F5C}] => (Allow) C:\Program Files (x86)\Overwolf\0.296.3.3\OverwolfBrowser.exe => No File
FirewallRules: [{E91BD361-121A-4713-939E-5E0708C3213A}] => (Block) C:\Program Files (x86)\Overwolf\0.296.3.3\OverwolfBrowser.exe => No File
FirewallRules: [{AB0D5655-CCAE-4FF9-845E-C999C0FCCE89}] => (Block) C:\Program Files (x86)\Overwolf\0.296.3.3\OverwolfBrowser.exe => No File
C:\Users\mijas\AppData\Roaming\Microsoft\Crypto\svchost.cmd
C:\Users\mijas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\svchost.lnk
C:\Users\mijas\AppData\Roaming\Microsoft\Windows\Start
C:\Users\mijas\AppData\Roaming\Microsoft\Crypto\svchost.cmd
\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\MSBuild.exe
EmptyTemp:
Hosts:
End
*****************
Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{077BA067-7C15-40F0-B22E-C9DC2A54B4A2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{077BA067-7C15-40F0-B22E-C9DC2A54B4A2}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Location\Notifications => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Location\Notifications" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
HKLM\System\CurrentControlSet\Services\EAAntiCheat => removed successfully
EAAntiCheat => service removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk => ":BE32D07BC5" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z.lnk => ":718E15FDE8" ADS removed successfully
"C:\Users\mijas\Downloads\FRST64.exe" => ":MBAM.Zone.Identifier" ADS not found.
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9F128EE7-7BCF-44D5-9F71-097F229BA018}C:\program files (x86)\steam\steamapps\common\blackmythwukong\b1\binaries\win64\b1-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{27D8A1D9-9E4D-4B6E-AED9-F60CC8CBFC2C}C:\program files (x86)\steam\steamapps\common\blackmythwukong\b1\binaries\win64\b1-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{CE986848-109C-483C-B8DF-09205DBB460D}C:\programdata\sony interactive entertainment inc\pspc_sdk\s22\2.50.00.10\webview2runtime\msedgewebview2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A61795AC-094F-47D3-98B2-0460B5E169D6}C:\programdata\sony interactive entertainment inc\pspc_sdk\s22\2.50.00.10\webview2runtime\msedgewebview2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D40BAC1F-2C9B-470A-98EC-15D78DB8BCB6}C:\users\mijas\appdata\local\discord\app-1.0.9159\discord.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{FCC07ED9-AC77-4767-88A7-3C1DD32B9D3F}C:\users\mijas\appdata\local\discord\app-1.0.9159\discord.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{72C549CA-8100-4B5A-B70D-629898620239}C:\users\mijas\appdata\local\discord\app-1.0.9155\discord.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9AA6CAE6-6AC6-4EEB-8BDE-BD9C60A9CAEC}C:\users\mijas\appdata\local\discord\app-1.0.9155\discord.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{16DFEF5A-D940-45B5-B293-CFFE615F8057}C:\program files (x86)\dodi-repacks\total war warhammer ii\warhammer2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5CE8FFF5-E524-4274-AC7A-01A76991A673}C:\program files (x86)\dodi-repacks\total war warhammer ii\warhammer2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9E23A91C-2195-4378-B6E7-85DE51C52F01}C:\games\baldurs gate 3\bin\bg3_dx11.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CEF5D7AA-7618-46C1-A45F-F4D6039C88BA}C:\games\baldurs gate 3\bin\bg3_dx11.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{943B8667-7682-4DA9-9B90-08478332EA93}C:\games\baldurs gate 3\bin\bg3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{453FEDCD-C75C-4FDA-B250-7ABC6D50BE95}C:\games\baldurs gate 3\bin\bg3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D603CC5E-9889-47BD-A243-667E0695907E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1E993C6A-8FCA-4562-AD09-38A500DFC283}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{234E976A-F2B5-438C-83C5-57A8677A2404}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{431ED0B1-8196-4B4D-9A98-60061210701B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DF608FCE-7556-4B1F-B760-8EA0920750BB}C:\program files (x86)\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{EE9CC988-7955-4470-9E6E-5A65982190B0}C:\program files (x86)\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C9B072EA-B302-48F9-82CE-7B51260270C5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{049F53B4-C106-45EB-8940-FDD158612426}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5C4FC96E-64EE-49FD-B52C-BB4FD4C03DF2}C:\users\mijas\appdata\roaming\bittorrent\updates\bittorrent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C615E07E-30ED-41EE-937D-F89023068E67}C:\users\mijas\appdata\roaming\bittorrent\updates\bittorrent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{73F7C471-FF91-45AC-8061-46CCEBE21151}C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C2E985AF-89A7-4334-B2B3-6A185D25D746}C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3522DF03-BD0E-43AE-8BC7-22141B58168F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8A1024C9-7B16-46E6-95EB-F71C2B1CD91F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7AAA622F-2719-4185-9795-3535D05A8B1B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{278D06D3-F396-454C-B196-A681D4DBF2DE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C1F049DA-59C3-4BED-A6A6-C67212931477}C:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4CFF4A76-21E2-444C-B90D-C95CCDB19807}C:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A5605D34-859F-4D56-8138-9F03FF65EB88}C:\program files\ea games\battlefield 6 event\bf6event.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4077B534-F539-4D49-A537-2BB43755A02F}C:\program files\ea games\battlefield 6 event\bf6event.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{1B5F5B31-DCDA-48C9-BFFC-B3888A3FCBF4}C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B1020FC8-F5B7-46B3-9CC5-D9C3EE062A8D}C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{460ECCEB-89C6-4EF9-8A3F-49EFF80F19E5}C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{859399C1-4C2A-4D39-96CC-181350DCE894}C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6D309ACE-30AD-4E26-8799-27B8623C66CC}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F6A30B24-C7C3-4B75-A39A-1E0870E48F5C}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E91BD361-121A-4713-939E-5E0708C3213A}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AB0D5655-CCAE-4FF9-845E-C999C0FCCE89}" => not found
"C:\Users\mijas\AppData\Roaming\Microsoft\Crypto\svchost.cmd" => not found
"C:\Users\mijas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\svchost.lnk" => not found
"C:\Users\mijas\AppData\Roaming\Microsoft\Windows\Start" => not found
"C:\Users\mijas\AppData\Roaming\Microsoft\Crypto\svchost.cmd" => not found
\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\MSBuild.exe => Error: No automatic fix found for this entry.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 717941055 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 926829524 B
Windows/system/drivers => 17735288 B
Edge => 625041350 B
Chrome => 1149748276 B
Firefox => 0 B
Opera => 0 B
Local\Temp, Local\*.tmp, LocalLow\Temp, Roaming\Temp, Roaming\*.tmp , IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 2276 B
systemprofile32 => 0 B
LocalService => 33950 B
NetworkService => 481302 B
mijas => 1247115905 B
RecycleBin => 0 B
EmptyTemp: => 4.4 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 18:23:51 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 16-06-2026
Ran by mijas (16-06-2026 18:22:13) Run:1
Running from C:\Users\mijas\Downloads
Loaded Profiles: mijas
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
S3 EAAntiCheat; system32\drivers\eaanticheat.sys (No File)
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [4282]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z.lnk:718E15FDE8 [4282]
AlternateDataStreams: C:\Users\mijas\Downloads\FRST64.exe:MBAM.Zone.Identifier [450]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [6772]
FirewallRules: [UDP Query User{9F128EE7-7BCF-44D5-9F71-097F229BA018}C:\program files (x86)\steam\steamapps\common\blackmythwukong\b1\binaries\win64\b1-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\blackmythwukong\b1\binaries\win64\b1-win64-shipping.exe => No File
FirewallRules: [TCP Query User{27D8A1D9-9E4D-4B6E-AED9-F60CC8CBFC2C}C:\program files (x86)\steam\steamapps\common\blackmythwukong\b1\binaries\win64\b1-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\blackmythwukong\b1\binaries\win64\b1-win64-shipping.exe => No File
FirewallRules: [UDP Query User{CE986848-109C-483C-B8DF-09205DBB460D}C:\programdata\sony interactive entertainment inc\pspc_sdk\s22\2.50.00.10\webview2runtime\msedgewebview2.exe] => (Allow) C:\programdata\sony interactive entertainment inc\pspc_sdk\s22\2.50.00.10\webview2runtime\msedgewebview2.exe => No File
FirewallRules: [TCP Query User{A61795AC-094F-47D3-98B2-0460B5E169D6}C:\programdata\sony interactive entertainment inc\pspc_sdk\s22\2.50.00.10\webview2runtime\msedgewebview2.exe] => (Allow) C:\programdata\sony interactive entertainment inc\pspc_sdk\s22\2.50.00.10\webview2runtime\msedgewebview2.exe => No File
FirewallRules: [UDP Query User{D40BAC1F-2C9B-470A-98EC-15D78DB8BCB6}C:\users\mijas\appdata\local\discord\app-1.0.9159\discord.exe] => (Allow) C:\users\mijas\appdata\local\discord\app-1.0.9159\discord.exe => No File
FirewallRules: [TCP Query User{FCC07ED9-AC77-4767-88A7-3C1DD32B9D3F}C:\users\mijas\appdata\local\discord\app-1.0.9159\discord.exe] => (Allow) C:\users\mijas\appdata\local\discord\app-1.0.9159\discord.exe => No File
FirewallRules: [UDP Query User{72C549CA-8100-4B5A-B70D-629898620239}C:\users\mijas\appdata\local\discord\app-1.0.9155\discord.exe] => (Block) C:\users\mijas\appdata\local\discord\app-1.0.9155\discord.exe => No File
FirewallRules: [TCP Query User{9AA6CAE6-6AC6-4EEB-8BDE-BD9C60A9CAEC}C:\users\mijas\appdata\local\discord\app-1.0.9155\discord.exe] => (Block) C:\users\mijas\appdata\local\discord\app-1.0.9155\discord.exe => No File
FirewallRules: [UDP Query User{16DFEF5A-D940-45B5-B293-CFFE615F8057}C:\program files (x86)\dodi-repacks\total war warhammer ii\warhammer2.exe] => (Allow) C:\program files (x86)\dodi-repacks\total war warhammer ii\warhammer2.exe => No File
FirewallRules: [TCP Query User{5CE8FFF5-E524-4274-AC7A-01A76991A673}C:\program files (x86)\dodi-repacks\total war warhammer ii\warhammer2.exe] => (Allow) C:\program files (x86)\dodi-repacks\total war warhammer ii\warhammer2.exe => No File
FirewallRules: [UDP Query User{9E23A91C-2195-4378-B6E7-85DE51C52F01}C:\games\baldurs gate 3\bin\bg3_dx11.exe] => (Allow) C:\games\baldurs gate 3\bin\bg3_dx11.exe => No File
FirewallRules: [TCP Query User{CEF5D7AA-7618-46C1-A45F-F4D6039C88BA}C:\games\baldurs gate 3\bin\bg3_dx11.exe] => (Allow) C:\games\baldurs gate 3\bin\bg3_dx11.exe => No File
FirewallRules: [UDP Query User{943B8667-7682-4DA9-9B90-08478332EA93}C:\games\baldurs gate 3\bin\bg3.exe] => (Allow) C:\games\baldurs gate 3\bin\bg3.exe => No File
FirewallRules: [TCP Query User{453FEDCD-C75C-4FDA-B250-7ABC6D50BE95}C:\games\baldurs gate 3\bin\bg3.exe] => (Allow) C:\games\baldurs gate 3\bin\bg3.exe => No File
FirewallRules: [{D603CC5E-9889-47BD-A243-667E0695907E}] => (Allow) C:\Users\mijas\AppData\Roaming\bittorrent\BitTorrent.exe => No File
FirewallRules: [{1E993C6A-8FCA-4562-AD09-38A500DFC283}] => (Allow) C:\Users\mijas\AppData\Roaming\bittorrent\BitTorrent.exe => No File
FirewallRules: [{234E976A-F2B5-438C-83C5-57A8677A2404}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ELDEN RING\Game\start_protected_game.exe => No File
FirewallRules: [{431ED0B1-8196-4B4D-9A98-60061210701B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ELDEN RING\Game\start_protected_game.exe => No File
FirewallRules: [UDP Query User{DF608FCE-7556-4B1F-B760-8EA0920750BB}C:\program files (x86)\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [TCP Query User{EE9CC988-7955-4470-9E6E-5A65982190B0}C:\program files (x86)\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [{C9B072EA-B302-48F9-82CE-7B51260270C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{049F53B4-C106-45EB-8940-FDD158612426}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [UDP Query User{5C4FC96E-64EE-49FD-B52C-BB4FD4C03DF2}C:\users\mijas\appdata\roaming\bittorrent\updates\bittorrent.exe] => (Allow) C:\users\mijas\appdata\roaming\bittorrent\updates\bittorrent.exe => No File
FirewallRules: [TCP Query User{C615E07E-30ED-41EE-937D-F89023068E67}C:\users\mijas\appdata\roaming\bittorrent\updates\bittorrent.exe] => (Allow) C:\users\mijas\appdata\roaming\bittorrent\updates\bittorrent.exe => No File
FirewallRules: [UDP Query User{73F7C471-FF91-45AC-8061-46CCEBE21151}C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe => No File
FirewallRules: [TCP Query User{C2E985AF-89A7-4334-B2B3-6A185D25D746}C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe => No File
FirewallRules: [{3522DF03-BD0E-43AE-8BC7-22141B58168F}] => (Allow) C:\Users\mijas\AppData\Local\Temp\bittorrent\bittorrent.exe => No File
FirewallRules: [{8A1024C9-7B16-46E6-95EB-F71C2B1CD91F}] => (Allow) C:\Users\mijas\AppData\Local\Temp\bittorrent\bittorrent.exe => No File
FirewallRules: [{7AAA622F-2719-4185-9795-3535D05A8B1B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{278D06D3-F396-454C-B196-A681D4DBF2DE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{C1F049DA-59C3-4BED-A6A6-C67212931477}C:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [UDP Query User{4CFF4A76-21E2-444C-B90D-C95CCDB19807}C:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [TCP Query User{A5605D34-859F-4D56-8138-9F03FF65EB88}C:\program files\ea games\battlefield 6 event\bf6event.exe] => (Allow) C:\program files\ea games\battlefield 6 event\bf6event.exe => No File
FirewallRules: [UDP Query User{4077B534-F539-4D49-A537-2BB43755A02F}C:\program files\ea games\battlefield 6 event\bf6event.exe] => (Allow) C:\program files\ea games\battlefield 6 event\bf6event.exe => No File
FirewallRules: [TCP Query User{1B5F5B31-DCDA-48C9-BFFC-B3888A3FCBF4}C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe => No File
FirewallRules: [UDP Query User{B1020FC8-F5B7-46B3-9CC5-D9C3EE062A8D}C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe => No File
FirewallRules: [TCP Query User{460ECCEB-89C6-4EF9-8A3F-49EFF80F19E5}C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe => No File
FirewallRules: [UDP Query User{859399C1-4C2A-4D39-96CC-181350DCE894}C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe => No File
FirewallRules: [{6D309ACE-30AD-4E26-8799-27B8623C66CC}] => (Allow) C:\Program Files (x86)\Overwolf\0.296.3.3\OverwolfBrowser.exe => No File
FirewallRules: [{F6A30B24-C7C3-4B75-A39A-1E0870E48F5C}] => (Allow) C:\Program Files (x86)\Overwolf\0.296.3.3\OverwolfBrowser.exe => No File
FirewallRules: [{E91BD361-121A-4713-939E-5E0708C3213A}] => (Block) C:\Program Files (x86)\Overwolf\0.296.3.3\OverwolfBrowser.exe => No File
FirewallRules: [{AB0D5655-CCAE-4FF9-845E-C999C0FCCE89}] => (Block) C:\Program Files (x86)\Overwolf\0.296.3.3\OverwolfBrowser.exe => No File
C:\Users\mijas\AppData\Roaming\Microsoft\Crypto\svchost.cmd
C:\Users\mijas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\svchost.lnk
C:\Users\mijas\AppData\Roaming\Microsoft\Windows\Start
C:\Users\mijas\AppData\Roaming\Microsoft\Crypto\svchost.cmd
\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\MSBuild.exe
EmptyTemp:
Hosts:
End
*****************
Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{077BA067-7C15-40F0-B22E-C9DC2A54B4A2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{077BA067-7C15-40F0-B22E-C9DC2A54B4A2}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Location\Notifications => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Location\Notifications" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
HKLM\System\CurrentControlSet\Services\EAAntiCheat => removed successfully
EAAntiCheat => service removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk => ":BE32D07BC5" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z.lnk => ":718E15FDE8" ADS removed successfully
"C:\Users\mijas\Downloads\FRST64.exe" => ":MBAM.Zone.Identifier" ADS not found.
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9F128EE7-7BCF-44D5-9F71-097F229BA018}C:\program files (x86)\steam\steamapps\common\blackmythwukong\b1\binaries\win64\b1-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{27D8A1D9-9E4D-4B6E-AED9-F60CC8CBFC2C}C:\program files (x86)\steam\steamapps\common\blackmythwukong\b1\binaries\win64\b1-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{CE986848-109C-483C-B8DF-09205DBB460D}C:\programdata\sony interactive entertainment inc\pspc_sdk\s22\2.50.00.10\webview2runtime\msedgewebview2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A61795AC-094F-47D3-98B2-0460B5E169D6}C:\programdata\sony interactive entertainment inc\pspc_sdk\s22\2.50.00.10\webview2runtime\msedgewebview2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D40BAC1F-2C9B-470A-98EC-15D78DB8BCB6}C:\users\mijas\appdata\local\discord\app-1.0.9159\discord.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{FCC07ED9-AC77-4767-88A7-3C1DD32B9D3F}C:\users\mijas\appdata\local\discord\app-1.0.9159\discord.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{72C549CA-8100-4B5A-B70D-629898620239}C:\users\mijas\appdata\local\discord\app-1.0.9155\discord.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9AA6CAE6-6AC6-4EEB-8BDE-BD9C60A9CAEC}C:\users\mijas\appdata\local\discord\app-1.0.9155\discord.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{16DFEF5A-D940-45B5-B293-CFFE615F8057}C:\program files (x86)\dodi-repacks\total war warhammer ii\warhammer2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5CE8FFF5-E524-4274-AC7A-01A76991A673}C:\program files (x86)\dodi-repacks\total war warhammer ii\warhammer2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9E23A91C-2195-4378-B6E7-85DE51C52F01}C:\games\baldurs gate 3\bin\bg3_dx11.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CEF5D7AA-7618-46C1-A45F-F4D6039C88BA}C:\games\baldurs gate 3\bin\bg3_dx11.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{943B8667-7682-4DA9-9B90-08478332EA93}C:\games\baldurs gate 3\bin\bg3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{453FEDCD-C75C-4FDA-B250-7ABC6D50BE95}C:\games\baldurs gate 3\bin\bg3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D603CC5E-9889-47BD-A243-667E0695907E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1E993C6A-8FCA-4562-AD09-38A500DFC283}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{234E976A-F2B5-438C-83C5-57A8677A2404}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{431ED0B1-8196-4B4D-9A98-60061210701B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DF608FCE-7556-4B1F-B760-8EA0920750BB}C:\program files (x86)\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{EE9CC988-7955-4470-9E6E-5A65982190B0}C:\program files (x86)\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C9B072EA-B302-48F9-82CE-7B51260270C5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{049F53B4-C106-45EB-8940-FDD158612426}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5C4FC96E-64EE-49FD-B52C-BB4FD4C03DF2}C:\users\mijas\appdata\roaming\bittorrent\updates\bittorrent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C615E07E-30ED-41EE-937D-F89023068E67}C:\users\mijas\appdata\roaming\bittorrent\updates\bittorrent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{73F7C471-FF91-45AC-8061-46CCEBE21151}C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C2E985AF-89A7-4334-B2B3-6A185D25D746}C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3522DF03-BD0E-43AE-8BC7-22141B58168F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8A1024C9-7B16-46E6-95EB-F71C2B1CD91F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7AAA622F-2719-4185-9795-3535D05A8B1B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{278D06D3-F396-454C-B196-A681D4DBF2DE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C1F049DA-59C3-4BED-A6A6-C67212931477}C:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4CFF4A76-21E2-444C-B90D-C95CCDB19807}C:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A5605D34-859F-4D56-8138-9F03FF65EB88}C:\program files\ea games\battlefield 6 event\bf6event.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4077B534-F539-4D49-A537-2BB43755A02F}C:\program files\ea games\battlefield 6 event\bf6event.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{1B5F5B31-DCDA-48C9-BFFC-B3888A3FCBF4}C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B1020FC8-F5B7-46B3-9CC5-D9C3EE062A8D}C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{460ECCEB-89C6-4EF9-8A3F-49EFF80F19E5}C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{859399C1-4C2A-4D39-96CC-181350DCE894}C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6D309ACE-30AD-4E26-8799-27B8623C66CC}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F6A30B24-C7C3-4B75-A39A-1E0870E48F5C}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E91BD361-121A-4713-939E-5E0708C3213A}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AB0D5655-CCAE-4FF9-845E-C999C0FCCE89}" => not found
"C:\Users\mijas\AppData\Roaming\Microsoft\Crypto\svchost.cmd" => not found
"C:\Users\mijas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\svchost.lnk" => not found
"C:\Users\mijas\AppData\Roaming\Microsoft\Windows\Start" => not found
"C:\Users\mijas\AppData\Roaming\Microsoft\Crypto\svchost.cmd" => not found
\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\MSBuild.exe => Error: No automatic fix found for this entry.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 717941055 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 926829524 B
Windows/system/drivers => 17735288 B
Edge => 625041350 B
Chrome => 1149748276 B
Firefox => 0 B
Opera => 0 B
Local\Temp, Local\*.tmp, LocalLow\Temp, Roaming\Temp, Roaming\*.tmp , IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 2276 B
systemprofile32 => 0 B
LocalService => 33950 B
NetworkService => 481302 B
mijas => 1247115905 B
RecycleBin => 0 B
EmptyTemp: => 4.4 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 18:23:51 ====
-
Rudy
- Site Admin
- Příspěvky: 120008
- Registrován: 30 Říj 2003 13:42
- Místo/Bydliště: Plzeň
- Kontaktovat uživatele:
Re: MALWARE V PC
Je to ten správný a vše bylo smazáno. Pokud se něco v PC neskrývá, mělo by být čisto.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: MALWARE V PC
Myslíte tím, že vše bylo smazáno, že se jednalo i o nějaké infikované? Nebo je to myšleno obecně?
Každopádně děkuji Vám moc!! oceňuji práci
Každopádně děkuji Vám moc!! oceňuji práci
-
Rudy
- Site Admin
- Příspěvky: 120008
- Registrován: 30 Říj 2003 13:42
- Místo/Bydliště: Plzeň
- Kontaktovat uživatele:
Re: MALWARE V PC
Je to myšleno tak, že FRST smazal především všechny zbytečnosti a zbytky po něčem, co by nemuselo být právě košér. Samozřejmě existuje malware. které se skrývá před běžnými detektory. Pokud by se něco projevilo, ozvěte se, museli bychom použít soft, který je odkryje a smaže. Většinou postačí tyto skeny. Vtip je v tom, že chodíte/chodil jste na péčka a používáte torrent. To jsou nejnebezpečnější destinace na internetu. Nemáte zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?