preventivní kontrola rsit a frst64
Napsal: 20 bře 2023 18:44
VIRY.CZ
Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/
preventivní kontrola rsit a frst64
Stránka 1 z 1
Re: preventivní kontrola rsit a frst64
Napsal: 20 bře 2023 19:28
Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:
Otevřte poznámkový blok a zkopírujte do něj:
Uložte do D:\stahované soubory Šimon jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\Update\OneDriveSetup.exe" (No File)
HKLM\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {9A082987-5A93-4AFD-8F32-3B0C875D9D65} - System32\Tasks\Opera scheduled Autoupdate 1643828851 => C:\Users\hvojn\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
ContextMenuHandlers1_S-1-5-21-1059078134-1858205780-1447121356-1003: [ExpressZip] -> {8EEA165E-0B8B-4BA7-9796-50214C767171} => -> No File
ContextMenuHandlers6_S-1-5-21-1059078134-1858205780-1447121356-1003: [ExpressZip] -> {8EEA165E-0B8B-4BA7-9796-50214C767171} => -> No File
AlternateDataStreams: C:\ProgramData:err [1612]
AlternateDataStreams: C:\Users\All Users:err [1612]
AlternateDataStreams: C:\ProgramData\Data aplikací:err [1612]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [4282]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Badlion Client.lnk:8BD81608B2 [4282]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [4282]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk:F20EF51E1F [4282]
AlternateDataStreams: C:\Users\hvojn\Data aplikací:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\hvojn\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [2714]
FirewallRules: [UDP Query User{40428084-7E87-4165-9D26-96E426C9026B}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{341A2BD8-086E-4F17-A3B5-E5925796EB59}C:\users\hvojn\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hvojn\appdata\roaming\spotify\spotify.exe => No File
FirewallRules: [UDP Query User{79671C20-F97A-4613-B9AD-262F271D6F04}C:\users\hvojn\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hvojn\appdata\roaming\spotify\spotify.exe => No File
FirewallRules: [TCP Query User{21A4F674-39FD-43EA-9D6A-F3DFCB6A5A48}C:\users\hvojn\appdata\local\fivem\nová složka\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\hvojn\appdata\local\fivem\nová složka\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [UDP Query User{0E361CE6-D225-4AA2-B4D7-78A83B14E5AC}C:\users\hvojn\appdata\local\fivem\nová složka\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\hvojn\appdata\local\fivem\nová složka\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [TCP Query User{C749DE1A-39C5-4E3C-B77B-53B97ABF726C}C:\users\hvojn\appdata\local\fivem\nová složka\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\hvojn\appdata\local\fivem\nová složka\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe => No File
FirewallRules: [UDP Query User{7D18B48F-FABE-451D-BE49-C2D67F9ABB27}C:\users\hvojn\appdata\local\fivem\nová složka\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\hvojn\appdata\local\fivem\nová složka\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe => No File
FirewallRules: [TCP Query User{97C22F27-B17D-46E9-B7B4-20BE7E001DC3}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe => No File
FirewallRules: [UDP Query User{D5BB8BE3-933E-4091-816A-4D27B18E0B48}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe => No File
FirewallRules: [TCP Query User{94B37D8B-4E7D-4FDF-929B-584DABE0BB3D}C:\users\hvojn\appdata\local\fivem\nová složka\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\hvojn\appdata\local\fivem\nová složka\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [UDP Query User{1575D2BE-C453-4845-9009-BAEA513F4224}C:\users\hvojn\appdata\local\fivem\nová složka\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\hvojn\appdata\local\fivem\nová složka\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [TCP Query User{C2793088-E74F-47A2-BFC6-9B848792C4FC}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [UDP Query User{681F6927-3617-49AF-B60B-E209D7FA2846}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [TCP Query User{45588A53-9035-4427-A1EA-F3450555DF7B}C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [UDP Query User{5218FCC9-4335-4A4D-A6A1-326AEAA1A257}C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [TCP Query User{8B9B8F55-842E-47EC-A5FB-7F01ECACEEFC}C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [UDP Query User{A86A93EE-E029-4D60-BC85-16276FC9CC3B}C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [TCP Query User{42605B7D-1C37-453E-A0F0-4517E46F77A3}C:6\forzahorizon5.exe] => (Allow) C:6\forzahorizon5.exe => No File
FirewallRules: [UDP Query User{BC6D2591-EB6E-467A-8031-320086199606}C:6\forzahorizon5.exe] => (Allow) C:6\forzahorizon5.exe => No File
FirewallRules: [{516879A0-E2B1-4DA3-A5EE-22056168DA82}] => (Allow) C:\Users\hvojn\AppData\Local\Programs\Opera\83.0.4254.27\opera.exe => No File
FirewallRules: [TCP Query User{4D943C63-CCC8-47D6-B49E-558B145E7EFA}C:15\forzahorizon5.exe] => (Allow) C:15\forzahorizon5.exe => No File
FirewallRules: [UDP Query User{4930AAD3-B642-4BD9-ACD3-F381716D9952}C:15\forzahorizon5.exe] => (Allow) C:15\forzahorizon5.exe => No File
FirewallRules: [TCP Query User{652D2CD6-00CE-4C6A-B419-0C73249201C3}C:\users\hvojn\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\hvojn\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [UDP Query User{A6DE2245-0DDF-466D-AC53-846638DE779C}C:\users\hvojn\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\hvojn\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [TCP Query User{BC82519E-3424-40C0-95DB-C977C9899FEA}C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe => No File
FirewallRules: [UDP Query User{CD6FE455-6164-42DD-A191-59B313BF33F4}C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe => No File
FirewallRules: [TCP Query User{F96182C7-1748-41A9-A8FC-84A206623D9B}C:\program files\epic games\fortnite\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files\epic games\fortnite\engine\binaries\win64\epicwebhelper.exe => No File
FirewallRules: [UDP Query User{60379D53-28B7-4E2C-8C94-ADC1135CDF4D}C:\program files\epic games\fortnite\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files\epic games\fortnite\engine\binaries\win64\epicwebhelper.exe => No File
FirewallRules: [TCP Query User{E6CE4699-184B-42FE-A921-6608AC2E14C9}C:\users\hvojn\appdata\local\medal\app-4.1000.0\medal.exe] => (Block) C:\users\hvojn\appdata\local\medal\app-4.1000.0\medal.exe => No File
FirewallRules: [UDP Query User{F00C1FD7-F99E-40A8-826F-1096A46A52AD}C:\users\hvojn\appdata\local\medal\app-4.1000.0\medal.exe] => (Block) C:\users\hvojn\appdata\local\medal\app-4.1000.0\medal.exe => No File
FirewallRules: [TCP Query User{43E514E7-1353-469C-AD7C-29EEC627A09F}C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2612_gtaprocess.exe] => (Block) C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2612_gtaprocess.exe => No File
FirewallRules: [UDP Query User{E2662099-E31B-4B61-A4BD-3CC749011FA7}C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2612_gtaprocess.exe] => (Block) C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2612_gtaprocess.exe => No File
FirewallRules: [{18505620-0A70-4D56-B8A5-88472B7413AD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{66C563F1-F9B9-429E-B0F8-E8EDEFCDB398}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{DEE34AC7-DB79-4AF3-84D5-FC243C2CDE21}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{03EC7DB4-7119-4513-BFA3-5FB8B76AA946}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [TCP Query User{E550BD4D-75DB-4D03-89CC-0473F119681C}C:8\forzahorizon5.exe] => (Block) C:8\forzahorizon5.exe => No File
FirewallRules: [{7430C20A-D0DD-4B82-912C-B1DBAC86F1AC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{980CC067-5C57-4369-B582-65DCDE7DFBDD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{EFBBE676-7D37-4605-8C19-E46F0CDFBC8E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{264E3ECD-4DEA-4D2D-B64F-075C64A321F5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
EmptyTemp:
End
Re: preventivní kontrola rsit a frst64
Napsal: 24 bře 2023 13:24
Fix result of Farbar Recovery Scan Tool (x64) Version: 22-03-2023
Ran by hvojn (24-03-2023 13:18:53) Run:1
Running from D:\stahované soubory Šimon
Loaded Profiles: hvojn
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\Update\OneDriveSetup.exe" (No File)
HKLM\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {9A082987-5A93-4AFD-8F32-3B0C875D9D65} - System32\Tasks\Opera scheduled Autoupdate 1643828851 => C:\Users\hvojn\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
ContextMenuHandlers1_S-1-5-21-1059078134-1858205780-1447121356-1003: [ExpressZip] -> {8EEA165E-0B8B-4BA7-9796-50214C767171} => -> No File
ContextMenuHandlers6_S-1-5-21-1059078134-1858205780-1447121356-1003: [ExpressZip] -> {8EEA165E-0B8B-4BA7-9796-50214C767171} => -> No File
AlternateDataStreams: C:\ProgramData:err [1612]
AlternateDataStreams: C:\Users\All Users:err [1612]
AlternateDataStreams: C:\ProgramData\Data aplikací:err [1612]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [4282]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Badlion Client.lnk:8BD81608B2 [4282]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [4282]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk:F20EF51E1F [4282]
AlternateDataStreams: C:\Users\hvojn\Data aplikací:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\hvojn\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [2714]
FirewallRules: [UDP Query User{40428084-7E87-4165-9D26-96E426C9026B}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{341A2BD8-086E-4F17-A3B5-E5925796EB59}C:\users\hvojn\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hvojn\appdata\roaming\spotify\spotify.exe => No File
FirewallRules: [UDP Query User{79671C20-F97A-4613-B9AD-262F271D6F04}C:\users\hvojn\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hvojn\appdata\roaming\spotify\spotify.exe => No File
FirewallRules: [TCP Query User{21A4F674-39FD-43EA-9D6A-F3DFCB6A5A48}C:\users\hvojn\appdata\local\fivem\nová složka\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\hvojn\appdata\local\fivem\nová složka\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [UDP Query User{0E361CE6-D225-4AA2-B4D7-78A83B14E5AC}C:\users\hvojn\appdata\local\fivem\nová složka\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\hvojn\appdata\local\fivem\nová složka\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [TCP Query User{C749DE1A-39C5-4E3C-B77B-53B97ABF726C}C:\users\hvojn\appdata\local\fivem\nová složka\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\hvojn\appdata\local\fivem\nová složka\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe => No File
FirewallRules: [UDP Query User{7D18B48F-FABE-451D-BE49-C2D67F9ABB27}C:\users\hvojn\appdata\local\fivem\nová složka\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\hvojn\appdata\local\fivem\nová složka\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe => No File
FirewallRules: [TCP Query User{97C22F27-B17D-46E9-B7B4-20BE7E001DC3}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe => No File
FirewallRules: [UDP Query User{D5BB8BE3-933E-4091-816A-4D27B18E0B48}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe => No File
FirewallRules: [TCP Query User{94B37D8B-4E7D-4FDF-929B-584DABE0BB3D}C:\users\hvojn\appdata\local\fivem\nová složka\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\hvojn\appdata\local\fivem\nová složka\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [UDP Query User{1575D2BE-C453-4845-9009-BAEA513F4224}C:\users\hvojn\appdata\local\fivem\nová složka\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\hvojn\appdata\local\fivem\nová složka\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [TCP Query User{C2793088-E74F-47A2-BFC6-9B848792C4FC}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [UDP Query User{681F6927-3617-49AF-B60B-E209D7FA2846}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [TCP Query User{45588A53-9035-4427-A1EA-F3450555DF7B}C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [UDP Query User{5218FCC9-4335-4A4D-A6A1-326AEAA1A257}C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [TCP Query User{8B9B8F55-842E-47EC-A5FB-7F01ECACEEFC}C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [UDP Query User{A86A93EE-E029-4D60-BC85-16276FC9CC3B}C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [TCP Query User{42605B7D-1C37-453E-A0F0-4517E46F77A3}C:6\forzahorizon5.exe] => (Allow) C:6\forzahorizon5.exe => No File
FirewallRules: [UDP Query User{BC6D2591-EB6E-467A-8031-320086199606}C:6\forzahorizon5.exe] => (Allow) C:6\forzahorizon5.exe => No File
FirewallRules: [{516879A0-E2B1-4DA3-A5EE-22056168DA82}] => (Allow) C:\Users\hvojn\AppData\Local\Programs\Opera\83.0.4254.27\opera.exe => No File
FirewallRules: [TCP Query User{4D943C63-CCC8-47D6-B49E-558B145E7EFA}C:15\forzahorizon5.exe] => (Allow) C:15\forzahorizon5.exe => No File
FirewallRules: [UDP Query User{4930AAD3-B642-4BD9-ACD3-F381716D9952}C:15\forzahorizon5.exe] => (Allow) C:15\forzahorizon5.exe => No File
FirewallRules: [TCP Query User{652D2CD6-00CE-4C6A-B419-0C73249201C3}C:\users\hvojn\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\hvojn\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [UDP Query User{A6DE2245-0DDF-466D-AC53-846638DE779C}C:\users\hvojn\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\hvojn\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [TCP Query User{BC82519E-3424-40C0-95DB-C977C9899FEA}C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe => No File
FirewallRules: [UDP Query User{CD6FE455-6164-42DD-A191-59B313BF33F4}C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe => No File
FirewallRules: [TCP Query User{F96182C7-1748-41A9-A8FC-84A206623D9B}C:\program files\epic games\fortnite\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files\epic games\fortnite\engine\binaries\win64\epicwebhelper.exe => No File
FirewallRules: [UDP Query User{60379D53-28B7-4E2C-8C94-ADC1135CDF4D}C:\program files\epic games\fortnite\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files\epic games\fortnite\engine\binaries\win64\epicwebhelper.exe => No File
FirewallRules: [TCP Query User{E6CE4699-184B-42FE-A921-6608AC2E14C9}C:\users\hvojn\appdata\local\medal\app-4.1000.0\medal.exe] => (Block) C:\users\hvojn\appdata\local\medal\app-4.1000.0\medal.exe => No File
FirewallRules: [UDP Query User{F00C1FD7-F99E-40A8-826F-1096A46A52AD}C:\users\hvojn\appdata\local\medal\app-4.1000.0\medal.exe] => (Block) C:\users\hvojn\appdata\local\medal\app-4.1000.0\medal.exe => No File
FirewallRules: [TCP Query User{43E514E7-1353-469C-AD7C-29EEC627A09F}C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2612_gtaprocess.exe] => (Block) C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2612_gtaprocess.exe => No File
FirewallRules: [UDP Query User{E2662099-E31B-4B61-A4BD-3CC749011FA7}C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2612_gtaprocess.exe] => (Block) C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2612_gtaprocess.exe => No File
FirewallRules: [{18505620-0A70-4D56-B8A5-88472B7413AD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{66C563F1-F9B9-429E-B0F8-E8EDEFCDB398}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{DEE34AC7-DB79-4AF3-84D5-FC243C2CDE21}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{03EC7DB4-7119-4513-BFA3-5FB8B76AA946}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [TCP Query User{E550BD4D-75DB-4D03-89CC-0473F119681C}C:8\forzahorizon5.exe] => (Block) C:8\forzahorizon5.exe => No File
FirewallRules: [{7430C20A-D0DD-4B82-912C-B1DBAC86F1AC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{980CC067-5C57-4369-B582-65DCDE7DFBDD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{EFBBE676-7D37-4605-8C19-E46F0CDFBC8E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{264E3ECD-4DEA-4D2D-B64F-075C64A321F5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce => Access Denied
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce => Access Denied
HKLM\SOFTWARE\Policies\Mozilla => could not remove. Access Denied.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9A082987-5A93-4AFD-8F32-3B0C875D9D65} => could not remove. Access Denied.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A082987-5A93-4AFD-8F32-3B0C875D9D65} => could not remove. Access Denied.
Could not move "C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1643828851" => Scheduled to move on reboot.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1643828851 => could not remove. Access Denied.
HKU\S-1-5-21-1059078134-1858205780-1447121356-1003\Software\Classes\*\ShellEx\ContextMenuHandlers\ExpressZip => removed successfully
HKU\S-1-5-21-1059078134-1858205780-1447121356-1003\SOFTWARE\Classes\CLSID\{8EEA165E-0B8B-4BA7-9796-50214C767171} => removed successfully
HKU\S-1-5-21-1059078134-1858205780-1447121356-1003\Software\Classes\Folder\ShellEx\ContextMenuHandlers\ExpressZip => removed successfully
C:\ProgramData => ":err" ADS could not remove.
C:\Users\All Users => ":err" ADS could not remove.
C:\ProgramData\Data aplikací => ":err" ADS could not remove.
C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini => ":B1DA6C571C" ADS could not remove.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Badlion Client.lnk => ":8BD81608B2" ADS could not remove.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk => ":BE32D07BC5" ADS could not remove.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk => ":F20EF51E1F" ADS could not remove.
C:\Users\hvojn\Data aplikací => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS removed successfully
"C:\Users\hvojn\AppData\Roaming" => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS not found.
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13862389 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 1309836582 B
Windows/system/drivers => 0 B
Edge => 0 B
Chrome => 2261221 B
Firefox => 0 B
Opera => 5208376 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
LocalService => 0 B
NetworkService => 0 B
hvojn => 11182173 B
yddur => 11182173 B
RecycleBin => 0 B
EmptyTemp: => 1.3 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 24-03-2023 13:24:01)
C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1643828851 => Could not move
Result of scheduled keys to remove after reboot:
HKLM\SOFTWARE\Policies\Mozilla => could not remove. Access Denied.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9A082987-5A93-4AFD-8F32-3B0C875D9D65} => could not remove. Access Denied.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A082987-5A93-4AFD-8F32-3B0C875D9D65} => could not remove. Access Denied.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1643828851 => could not remove. Access Denied.
==== End of Fixlog 13:24:01 ====
Ran by hvojn (24-03-2023 13:18:53) Run:1
Running from D:\stahované soubory Šimon
Loaded Profiles: hvojn
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\Update\OneDriveSetup.exe" (No File)
HKLM\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {9A082987-5A93-4AFD-8F32-3B0C875D9D65} - System32\Tasks\Opera scheduled Autoupdate 1643828851 => C:\Users\hvojn\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
ContextMenuHandlers1_S-1-5-21-1059078134-1858205780-1447121356-1003: [ExpressZip] -> {8EEA165E-0B8B-4BA7-9796-50214C767171} => -> No File
ContextMenuHandlers6_S-1-5-21-1059078134-1858205780-1447121356-1003: [ExpressZip] -> {8EEA165E-0B8B-4BA7-9796-50214C767171} => -> No File
AlternateDataStreams: C:\ProgramData:err [1612]
AlternateDataStreams: C:\Users\All Users:err [1612]
AlternateDataStreams: C:\ProgramData\Data aplikací:err [1612]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [4282]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Badlion Client.lnk:8BD81608B2 [4282]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [4282]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk:F20EF51E1F [4282]
AlternateDataStreams: C:\Users\hvojn\Data aplikací:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\hvojn\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [2714]
FirewallRules: [UDP Query User{40428084-7E87-4165-9D26-96E426C9026B}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{341A2BD8-086E-4F17-A3B5-E5925796EB59}C:\users\hvojn\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hvojn\appdata\roaming\spotify\spotify.exe => No File
FirewallRules: [UDP Query User{79671C20-F97A-4613-B9AD-262F271D6F04}C:\users\hvojn\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hvojn\appdata\roaming\spotify\spotify.exe => No File
FirewallRules: [TCP Query User{21A4F674-39FD-43EA-9D6A-F3DFCB6A5A48}C:\users\hvojn\appdata\local\fivem\nová složka\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\hvojn\appdata\local\fivem\nová složka\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [UDP Query User{0E361CE6-D225-4AA2-B4D7-78A83B14E5AC}C:\users\hvojn\appdata\local\fivem\nová složka\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\hvojn\appdata\local\fivem\nová složka\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [TCP Query User{C749DE1A-39C5-4E3C-B77B-53B97ABF726C}C:\users\hvojn\appdata\local\fivem\nová složka\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\hvojn\appdata\local\fivem\nová složka\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe => No File
FirewallRules: [UDP Query User{7D18B48F-FABE-451D-BE49-C2D67F9ABB27}C:\users\hvojn\appdata\local\fivem\nová složka\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\hvojn\appdata\local\fivem\nová složka\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe => No File
FirewallRules: [TCP Query User{97C22F27-B17D-46E9-B7B4-20BE7E001DC3}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe => No File
FirewallRules: [UDP Query User{D5BB8BE3-933E-4091-816A-4D27B18E0B48}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe => No File
FirewallRules: [TCP Query User{94B37D8B-4E7D-4FDF-929B-584DABE0BB3D}C:\users\hvojn\appdata\local\fivem\nová složka\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\hvojn\appdata\local\fivem\nová složka\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [UDP Query User{1575D2BE-C453-4845-9009-BAEA513F4224}C:\users\hvojn\appdata\local\fivem\nová složka\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\hvojn\appdata\local\fivem\nová složka\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [TCP Query User{C2793088-E74F-47A2-BFC6-9B848792C4FC}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [UDP Query User{681F6927-3617-49AF-B60B-E209D7FA2846}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [TCP Query User{45588A53-9035-4427-A1EA-F3450555DF7B}C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [UDP Query User{5218FCC9-4335-4A4D-A6A1-326AEAA1A257}C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [TCP Query User{8B9B8F55-842E-47EC-A5FB-7F01ECACEEFC}C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [UDP Query User{A86A93EE-E029-4D60-BC85-16276FC9CC3B}C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [TCP Query User{42605B7D-1C37-453E-A0F0-4517E46F77A3}C:6\forzahorizon5.exe] => (Allow) C:6\forzahorizon5.exe => No File
FirewallRules: [UDP Query User{BC6D2591-EB6E-467A-8031-320086199606}C:6\forzahorizon5.exe] => (Allow) C:6\forzahorizon5.exe => No File
FirewallRules: [{516879A0-E2B1-4DA3-A5EE-22056168DA82}] => (Allow) C:\Users\hvojn\AppData\Local\Programs\Opera\83.0.4254.27\opera.exe => No File
FirewallRules: [TCP Query User{4D943C63-CCC8-47D6-B49E-558B145E7EFA}C:15\forzahorizon5.exe] => (Allow) C:15\forzahorizon5.exe => No File
FirewallRules: [UDP Query User{4930AAD3-B642-4BD9-ACD3-F381716D9952}C:15\forzahorizon5.exe] => (Allow) C:15\forzahorizon5.exe => No File
FirewallRules: [TCP Query User{652D2CD6-00CE-4C6A-B419-0C73249201C3}C:\users\hvojn\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\hvojn\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [UDP Query User{A6DE2245-0DDF-466D-AC53-846638DE779C}C:\users\hvojn\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\hvojn\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [TCP Query User{BC82519E-3424-40C0-95DB-C977C9899FEA}C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe => No File
FirewallRules: [UDP Query User{CD6FE455-6164-42DD-A191-59B313BF33F4}C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe => No File
FirewallRules: [TCP Query User{F96182C7-1748-41A9-A8FC-84A206623D9B}C:\program files\epic games\fortnite\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files\epic games\fortnite\engine\binaries\win64\epicwebhelper.exe => No File
FirewallRules: [UDP Query User{60379D53-28B7-4E2C-8C94-ADC1135CDF4D}C:\program files\epic games\fortnite\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files\epic games\fortnite\engine\binaries\win64\epicwebhelper.exe => No File
FirewallRules: [TCP Query User{E6CE4699-184B-42FE-A921-6608AC2E14C9}C:\users\hvojn\appdata\local\medal\app-4.1000.0\medal.exe] => (Block) C:\users\hvojn\appdata\local\medal\app-4.1000.0\medal.exe => No File
FirewallRules: [UDP Query User{F00C1FD7-F99E-40A8-826F-1096A46A52AD}C:\users\hvojn\appdata\local\medal\app-4.1000.0\medal.exe] => (Block) C:\users\hvojn\appdata\local\medal\app-4.1000.0\medal.exe => No File
FirewallRules: [TCP Query User{43E514E7-1353-469C-AD7C-29EEC627A09F}C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2612_gtaprocess.exe] => (Block) C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2612_gtaprocess.exe => No File
FirewallRules: [UDP Query User{E2662099-E31B-4B61-A4BD-3CC749011FA7}C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2612_gtaprocess.exe] => (Block) C:\users\hvojn\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2612_gtaprocess.exe => No File
FirewallRules: [{18505620-0A70-4D56-B8A5-88472B7413AD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{66C563F1-F9B9-429E-B0F8-E8EDEFCDB398}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{DEE34AC7-DB79-4AF3-84D5-FC243C2CDE21}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{03EC7DB4-7119-4513-BFA3-5FB8B76AA946}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [TCP Query User{E550BD4D-75DB-4D03-89CC-0473F119681C}C:8\forzahorizon5.exe] => (Block) C:8\forzahorizon5.exe => No File
FirewallRules: [{7430C20A-D0DD-4B82-912C-B1DBAC86F1AC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{980CC067-5C57-4369-B582-65DCDE7DFBDD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{EFBBE676-7D37-4605-8C19-E46F0CDFBC8E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{264E3ECD-4DEA-4D2D-B64F-075C64A321F5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce => Access Denied
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce => Access Denied
HKLM\SOFTWARE\Policies\Mozilla => could not remove. Access Denied.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9A082987-5A93-4AFD-8F32-3B0C875D9D65} => could not remove. Access Denied.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A082987-5A93-4AFD-8F32-3B0C875D9D65} => could not remove. Access Denied.
Could not move "C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1643828851" => Scheduled to move on reboot.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1643828851 => could not remove. Access Denied.
HKU\S-1-5-21-1059078134-1858205780-1447121356-1003\Software\Classes\*\ShellEx\ContextMenuHandlers\ExpressZip => removed successfully
HKU\S-1-5-21-1059078134-1858205780-1447121356-1003\SOFTWARE\Classes\CLSID\{8EEA165E-0B8B-4BA7-9796-50214C767171} => removed successfully
HKU\S-1-5-21-1059078134-1858205780-1447121356-1003\Software\Classes\Folder\ShellEx\ContextMenuHandlers\ExpressZip => removed successfully
C:\ProgramData => ":err" ADS could not remove.
C:\Users\All Users => ":err" ADS could not remove.
C:\ProgramData\Data aplikací => ":err" ADS could not remove.
C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini => ":B1DA6C571C" ADS could not remove.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Badlion Client.lnk => ":8BD81608B2" ADS could not remove.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk => ":BE32D07BC5" ADS could not remove.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk => ":F20EF51E1F" ADS could not remove.
C:\Users\hvojn\Data aplikací => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS removed successfully
"C:\Users\hvojn\AppData\Roaming" => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS not found.
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules => Access Denied
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13862389 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 1309836582 B
Windows/system/drivers => 0 B
Edge => 0 B
Chrome => 2261221 B
Firefox => 0 B
Opera => 5208376 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
LocalService => 0 B
NetworkService => 0 B
hvojn => 11182173 B
yddur => 11182173 B
RecycleBin => 0 B
EmptyTemp: => 1.3 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 24-03-2023 13:24:01)
C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1643828851 => Could not move
Result of scheduled keys to remove after reboot:
HKLM\SOFTWARE\Policies\Mozilla => could not remove. Access Denied.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9A082987-5A93-4AFD-8F32-3B0C875D9D65} => could not remove. Access Denied.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A082987-5A93-4AFD-8F32-3B0C875D9D65} => could not remove. Access Denied.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1643828851 => could not remove. Access Denied.
==== End of Fixlog 13:24:01 ====
Re: preventivní kontrola rsit a frst64
Napsal: 24 bře 2023 15:17
Smazáno, log by již měl být OK.
Re: preventivní kontrola rsit a frst64
Napsal: 24 bře 2023 18:57
děkuji.Ještě bych se rád zeptal.Syn tvrdí,že když vleze do správce úloh a po otevření se zobrazí procesy 100% a ty okamžitě klesnou na minimum třeba 5-10% tak je PC zavirované.Je to podle tohoto možné poznat nebo je fake 
?
?Re: preventivní kontrola rsit a frst64
Napsal: 24 bře 2023 20:11
Nepředpokládám. Zkuste ještě spustit tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Re: preventivní kontrola rsit a frst64
Napsal: 24 bře 2023 20:54
Re: preventivní kontrola rsit a frst64
Napsal: 24 bře 2023 21:02
??
Re: preventivní kontrola rsit a frst64
Napsal: 24 bře 2023 21:31
Zatím jen 
protože k PC se dostanu až ráno a hned to udělám zatím díky
protože k PC se dostanu až ráno a hned to udělám zatím díkyRe: preventivní kontrola rsit a frst64
Napsal: 25 bře 2023 09:47
oprava neproběhla pouze to šlo do karantény
# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-25-2023
# Duration: 00:00:00
# OS: Windows 10 (Build 19045.2728)
# Cleaned: 0
# Failed: 1
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
Not Deleted Amazon Assistant for Chrome - pbjikboenpfhbbejgkoklgkhjpfogcam
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1478 octets] - [25/03/2023 09:39:14]
AdwCleaner[C00].txt - [1648 octets] - [25/03/2023 09:41:50]
AdwCleaner[S01].txt - [1600 octets] - [25/03/2023 09:43:06]
AdwCleaner[S02].txt - [1661 octets] - [25/03/2023 09:45:22]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-25-2023
# Duration: 00:00:00
# OS: Windows 10 (Build 19045.2728)
# Cleaned: 0
# Failed: 1
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
Not Deleted Amazon Assistant for Chrome - pbjikboenpfhbbejgkoklgkhjpfogcam
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1478 octets] - [25/03/2023 09:39:14]
AdwCleaner[C00].txt - [1648 octets] - [25/03/2023 09:41:50]
AdwCleaner[S01].txt - [1600 octets] - [25/03/2023 09:43:06]
AdwCleaner[S02].txt - [1661 octets] - [25/03/2023 09:45:22]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########
Re: preventivní kontrola rsit a frst64
Napsal: 25 bře 2023 16:46
Dejte nové logy FRST+Addition.