Kontrola logu po (snad) odstranění malware

Zpráva

lordboos · #1 Příspěvek od **lordboos** » 19 led 2024 22:47

Dobrý den, bohužel jsem byl napaden malwarem, který jsem doufám odstranil. Prosím o kontrolu logů.

#2 Příspěvek od **Rudy** » 20 led 2024 11:46

Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:

Start¨

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-2223442711-2485559967-1825819073-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-2223442711-2485559967-1825819073-1001\...\Run: [EPSDNMON] => "" (No File)
HKU\S-1-5-21-2223442711-2485559967-1825819073-1001\...\MountPoints2: {12d4841c-b355-11ed-9a7f-841b7707628b} - "E:\Lenovo_Suite.exe"
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
Task: {B3083FF1-231F-4D18-A9AC-D27EF1BAD3CA} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (No File)
Task: {4D821366-E8DF-432E-9625-3B12735987EC} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem122.0.6253.0{478EB379-02C9-4834-AA25-2D4617AE3105} => C:\Program Files (x86)\Google\GoogleUpdater\122.0.6253.0\updater.exe [4652320 2024-01-17] (Google LLC -> Google LLC) <==== ATTENTION
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
S3 cpuz154; \??\C:\WINDOWS\temp\cpuz154\cpuz154_x64.sys [X]
C:\DumpStack.log.tmp
C:\Users\lordb\AppData\Roaming\ffd01bc9-6dc0-4a1b-8a66-c40cdb137b21.tmp
C:\Users\lordb\AppData\Local\2476191251
C:\Users\lordb\AppData\Local\9154164905
C:\Users\lordb\AppData\Local\9618647855
CustomCLSID: HKU\S-1-5-21-2223442711-2485559967-1825819073-1001_Classes\CLSID\{227C9E8F-71A1-4B23-9076-682A1A8EAAED}\localserver32 -> "c:\program files\macrium\common\reflectmonitor.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2223442711-2485559967-1825819073-1001_Classes\CLSID\{23B3E3D8-C162-4A8B-AB0C-0905DCB1DF19}\InprocServer32 -> C:\Users\lordb\AppData\Local\Packages\Microsoft.PowerAutomateDesktop_8wekyb3d8bbwe\TempState\RDP\DVCPlugin\x64\Microsoft.Flow.RPA.Desktop.UIAutomation.RDP.DVC.Plugin.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
HKU\S-1-5-21-2223442711-2485559967-1825819073-1001\Software\Classes\regfile: <==== ATTENTION
HKU\S-1-5-21-2223442711-2485559967-1825819073-1001\Software\Classes\.reg: => <==== ATTENTION
HKU\S-1-5-21-2223442711-2485559967-1825819073-1001\Software\Classes\.bat: => <==== ATTENTION
HKU\S-1-5-21-2223442711-2485559967-1825819073-1001\Software\Classes\.cmd: => <==== ATTENTION
FirewallRules: [UDP Query User{578ECD2F-3882-4558-B418-35366DE2ECE9}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\222.4167.29\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\222.4167.29\bin\idea64.exe => No File
FirewallRules: [TCP Query User{F20B9A4A-7C5C-4ED6-9192-9601A7858DAB}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\222.4167.29\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\222.4167.29\bin\idea64.exe => No File
FirewallRules: [{5322BF47-CBF8-4E53-B519-F4E53D58CCE4}] => (Allow) D:\Games\Steam\steamapps\common\FarCry5\bin\ArcadeEditor64.exe => No File
FirewallRules: [{C6A24B56-F034-4F27-B156-16ED328F2DFC}] => (Allow) D:\Games\Steam\steamapps\common\FarCry5\bin\ArcadeEditor64.exe => No File
FirewallRules: [UDP Query User{53F5ABFD-1D7F-41A4-984B-4BAA0CA47541}D:\games\other\the elder scrolls v skyrim anniversary edition\data\skyrimtogetherreborn\skyrimtogetherserver.exe] => (Allow) D:\games\other\the elder scrolls v skyrim anniversary edition\data\skyrimtogetherreborn\skyrimtogetherserver.exe => No File
FirewallRules: [TCP Query User{EF752D8E-E4A1-4EE9-8582-4A847E42616D}D:\games\other\the elder scrolls v skyrim anniversary edition\data\skyrimtogetherreborn\skyrimtogetherserver.exe] => (Allow) D:\games\other\the elder scrolls v skyrim anniversary edition\data\skyrimtogetherreborn\skyrimtogetherserver.exe => No File
FirewallRules: [TCP Query User{D943F891-D9E1-4FEF-A843-2FDD0D0FECEE}C:\program files\ultimaker cura 5.2.1\ultimaker-cura.exe] => (Allow) C:\program files\ultimaker cura 5.2.1\ultimaker-cura.exe => No File
FirewallRules: [UDP Query User{8027465F-95B0-407C-976C-D10D0B542713}C:\program files\ultimaker cura 5.2.1\ultimaker-cura.exe] => (Allow) C:\program files\ultimaker cura 5.2.1\ultimaker-cura.exe => No File
FirewallRules: [TCP Query User{0739C889-888B-410B-A0E8-809206879A23}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\222.4459.24\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\222.4459.24\bin\idea64.exe => No File
FirewallRules: [UDP Query User{4B53C6C7-595C-47AB-B234-17ECE0172A8A}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\222.4459.24\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\222.4459.24\bin\idea64.exe => No File
FirewallRules: [TCP Query User{02888E26-625F-4E1C-99E5-A7382852B273}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.7571.182\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.7571.182\bin\idea64.exe => No File
FirewallRules: [UDP Query User{C814E613-34C3-4042-AD45-CB5F227DACA5}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.7571.182\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.7571.182\bin\idea64.exe => No File
FirewallRules: [UDP Query User{47CF52E7-B40E-4344-9B8B-515F4F791AFA}D:\games\xbox\high on life\content\oregon\binaries\wingdk\oregon-wingdk-shipping.exe] => (Allow) D:\games\xbox\high on life\content\oregon\binaries\wingdk\oregon-wingdk-shipping.exe => No File
FirewallRules: [TCP Query User{1ABDC8E1-3C76-44D1-9CCF-44FF7AA90018}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.8214.52\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.8214.52\bin\idea64.exe => No File
FirewallRules: [UDP Query User{E6E2D12D-B2A4-4260-A49B-7352A8155BC6}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.8214.52\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.8214.52\bin\idea64.exe => No File
FirewallRules: [TCP Query User{9EBFC167-5C30-4A7B-B7B3-0F7BA260683F}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.8617.56\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.8617.56\bin\idea64.exe => No File
FirewallRules: [UDP Query User{0E966533-22AF-4189-9671-9C3E7ED535A8}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.8617.56\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.8617.56\bin\idea64.exe => No File
FirewallRules: [{399BF436-BD1A-4AFF-A6A5-AF4303D057F5}] => (Allow) D:\Games\Steam\steamapps\common\Don't Starve Together Dedicated Server\bin64\dontstarve_dedicated_server_nullrenderer_x64.exe => No File
FirewallRules: [{29127FE8-CF05-456C-BE89-FADB5CB82F5B}] => (Allow) D:\Games\Steam\steamapps\common\Don't Starve Together Dedicated Server\bin64\dontstarve_dedicated_server_nullrenderer_x64.exe => No File
FirewallRules: [TCP Query User{BFA2B806-0475-4948-B961-6424CDF3EF1E}D:\aplikace\bambustudio-softfever\bambu-studio.exe] => (Allow) D:\aplikace\bambustudio-softfever\bambu-studio.exe => No File
FirewallRules: [UDP Query User{0BA300D7-1170-4F4E-B5F0-7A91F730A64E}D:\aplikace\bambustudio-softfever\bambu-studio.exe] => (Allow) D:\aplikace\bambustudio-softfever\bambu-studio.exe => No File
FirewallRules: [{C99267E9-C992-40C1-824D-2C6E504771B1}] => (Allow) D:\Games\Steam\steamapps\common\Don't Starve Together\bin64\dontstarve_steam_x64.exe => No File
FirewallRules: [{E64DDAA1-8646-41C1-BC5C-11A173A1341F}] => (Allow) D:\Games\Steam\steamapps\common\Don't Starve Together\bin64\dontstarve_steam_x64.exe => No File
FirewallRules: [{0AE97012-0BA8-44AE-8184-C1D099D2E3DB}] => (Allow) D:\Games\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe => No File
FirewallRules: [{A97F5D1D-A231-46E4-824D-657555EE9E32}] => (Allow) D:\Games\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe => No File
FirewallRules: [{6DDDC6C9-4EB4-44BF-86F3-6FC9F7E16CC0}] => (Allow) D:\Games\Steam\steamapps\common\Deep Rock Galactic\Legacy\FSD.exe => No File
FirewallRules: [{74937F8D-BD2D-4A2A-A746-3FC1F193AA7D}] => (Allow) D:\Games\Steam\steamapps\common\Deep Rock Galactic\Legacy\FSD.exe => No File
FirewallRules: [TCP Query User{4FDB9E67-43F7-496E-9B0B-0458705972DC}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.8836.35\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.8836.35\bin\idea64.exe => No File
FirewallRules: [UDP Query User{907068CB-47F3-455F-8EF6-A036AA18845C}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.8836.35\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.8836.35\bin\idea64.exe => No File
FirewallRules: [TCP Query User{92404D55-A718-4D8B-9FB8-2E64117DE5CE}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.8836.41\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.8836.41\bin\idea64.exe => No File
FirewallRules: [UDP Query User{8EE8865F-CF5E-45D7-A7EC-64C5AF48ACE4}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.8836.41\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.8836.41\bin\idea64.exe => No File
FirewallRules: [TCP Query User{7946ADC2-48A8-4AB5-AC23-2E6C93110BCD}D:\aplikace\orcaslicer_v1.5.0_win64\orca-slicer.exe] => (Allow) D:\aplikace\orcaslicer_v1.5.0_win64\orca-slicer.exe => No File
FirewallRules: [UDP Query User{FDCEAA6E-8102-4664-B135-04B2A49F887E}D:\aplikace\orcaslicer_v1.5.0_win64\orca-slicer.exe] => (Allow) D:\aplikace\orcaslicer_v1.5.0_win64\orca-slicer.exe => No File
FirewallRules: [TCP Query User{5AC0DFA4-349F-4A2E-9A0A-E4B9224881F4}D:\games\other\diablo iv - beta\diablo iv.exe] => (Allow) D:\games\other\diablo iv - beta\diablo iv.exe => No File
FirewallRules: [UDP Query User{B72C5B56-DA0E-4C05-9CB5-8CD543E9DAD2}D:\games\other\diablo iv - beta\diablo iv.exe] => (Allow) D:\games\other\diablo iv - beta\diablo iv.exe => No File
FirewallRules: [TCP Query User{CE5E7416-BFB5-48D4-882D-4EAD6E75F798}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.8109.175\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.8109.175\bin\idea64.exe => No File
FirewallRules: [UDP Query User{9F1DFE99-4570-4931-9A23-F4BA180F8EFB}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.8109.175\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.8109.175\bin\idea64.exe => No File
FirewallRules: [TCP Query User{2F7B8EA2-4D2C-4FDA-AFBC-1291BF117809}D:\aplikace\orcaslicer\orca-slicer.exe] => (Allow) D:\aplikace\orcaslicer\orca-slicer.exe => No File
FirewallRules: [UDP Query User{42EC0560-908C-4A17-8AAD-22739F4AB042}D:\aplikace\orcaslicer\orca-slicer.exe] => (Allow) D:\aplikace\orcaslicer\orca-slicer.exe => No File
FirewallRules: [TCP Query User{3EA814DE-D13F-44DB-A927-871AE48A37F4}C:\xboxgames\everspace™ 2\content\es2\binaries\wingdk\es2-wingdk-shipping.exe] => (Allow) C:\xboxgames\everspace™ 2\content\es2\binaries\wingdk\es2-wingdk-shipping.exe => No File
FirewallRules: [UDP Query User{03A77843-0A08-408B-8877-EFF35EB74E39}C:\xboxgames\everspace™ 2\content\es2\binaries\wingdk\es2-wingdk-shipping.exe] => (Allow) C:\xboxgames\everspace™ 2\content\es2\binaries\wingdk\es2-wingdk-shipping.exe => No File
FirewallRules: [TCP Query User{9AFDE247-2CA7-44AB-9C8E-41F428504318}D:\games\xbox\minecraft legends - windows\content\minecraftlegends.windows.exe] => (Allow) D:\games\xbox\minecraft legends - windows\content\minecraftlegends.windows.exe => No File
FirewallRules: [UDP Query User{F4F0160C-3CFA-4A20-93E8-1F875AFAFCA1}D:\games\xbox\minecraft legends - windows\content\minecraftlegends.windows.exe] => (Allow) D:\games\xbox\minecraft legends - windows\content\minecraftlegends.windows.exe => No File
FirewallRules: [TCP Query User{ED490338-9416-47BB-B9C0-9893D0D5E650}D:\games\xbox\atomic heart\content\atomicheart\binaries\wingdk\atomicheart-wingdk-shipping.exe] => (Allow) D:\games\xbox\atomic heart\content\atomicheart\binaries\wingdk\atomicheart-wingdk-shipping.exe => No File
FirewallRules: [UDP Query User{3EA3601B-23F0-4709-B1F5-9AC48A609B28}D:\games\xbox\atomic heart\content\atomicheart\binaries\wingdk\atomicheart-wingdk-shipping.exe] => (Allow) D:\games\xbox\atomic heart\content\atomicheart\binaries\wingdk\atomicheart-wingdk-shipping.exe => No File
FirewallRules: [TCP Query User{2561D3D4-355D-4A4C-AA9F-8AC1A228FF3A}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.8770.65\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.8770.65\bin\idea64.exe => No File
FirewallRules: [UDP Query User{D2549FF8-0019-4B6C-9736-0065B6899ABF}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.8770.65\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.8770.65\bin\idea64.exe => No File
FirewallRules: [TCP Query User{F1BCCED2-91F5-488F-9EC8-A0B1698BE9EF}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.9011.34\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.9011.34\bin\idea64.exe => No File
FirewallRules: [UDP Query User{D02C1148-45C7-48A4-BF10-90C28F26CA96}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.9011.34\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.9011.34\bin\idea64.exe => No File
FirewallRules: [TCP Query User{74C2EA40-CA3C-44B7-ACE7-FF18FB9C13AA}D:\games\xbox\solasta\content\solasta.exe] => (Allow) D:\games\xbox\solasta\content\solasta.exe => No File
FirewallRules: [UDP Query User{C9C9DC4B-C8A4-402A-B5E0-2E8FF34D5B43}D:\games\xbox\solasta\content\solasta.exe] => (Allow) D:\games\xbox\solasta\content\solasta.exe => No File
FirewallRules: [TCP Query User{AD194796-42A9-4AA4-B085-909B8EB2BF6B}D:\games\other\diablo iv\diablo iv.exe] => (Allow) D:\games\other\diablo iv\diablo iv.exe => No File
FirewallRules: [UDP Query User{F372F33E-03A5-4771-952C-4EDD7895681D}D:\games\other\diablo iv\diablo iv.exe] => (Allow) D:\games\other\diablo iv\diablo iv.exe => No File
FirewallRules: [TCP Query User{4B10D797-00D8-417E-90F9-EEBCE81D9D55}C:\users\lordb\appdata\local\vortxengine\app-2.2.31\signal-x64\signalrgb.exe] => (Allow) C:\users\lordb\appdata\local\vortxengine\app-2.2.31\signal-x64\signalrgb.exe => No File
FirewallRules: [UDP Query User{7E182060-4E6D-43C8-A9EA-19E6DC0931A2}C:\users\lordb\appdata\local\vortxengine\app-2.2.31\signal-x64\signalrgb.exe] => (Allow) C:\users\lordb\appdata\local\vortxengine\app-2.2.31\signal-x64\signalrgb.exe => No File
FirewallRules: [TCP Query User{D3842EB0-3B9D-49DB-B349-1850A994B773}D:\games\steam\steamapps\common\remnant\remnant\binaries\win64\remnant-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\remnant\remnant\binaries\win64\remnant-win64-shipping.exe => No File
FirewallRules: [UDP Query User{810C4144-5524-4D76-8972-552B8C0DC8B6}D:\games\steam\steamapps\common\remnant\remnant\binaries\win64\remnant-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\remnant\remnant\binaries\win64\remnant-win64-shipping.exe => No File
FirewallRules: [TCP Query User{510633C8-A435-4C70-9622-DA51028BDF25}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.9161.38\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.9161.38\bin\idea64.exe => No File
FirewallRules: [UDP Query User{A37994F6-835C-4D59-9354-D83FC647A7EB}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.9161.38\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.9161.38\bin\idea64.exe => No File
FirewallRules: [TCP Query User{F46484C5-946B-4B4A-B43A-8A973AF77282}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.9225.16\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.9225.16\bin\idea64.exe => No File
FirewallRules: [UDP Query User{B08A3C54-369D-4F9C-AFAB-C4DBC141282E}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.9225.16\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.9225.16\bin\idea64.exe => No File
FirewallRules: [TCP Query User{639547B8-EA93-4EA2-94D8-EE0A9B2AA9A2}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.8660.185\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.8660.185\bin\idea64.exe => No File
FirewallRules: [UDP Query User{60AAD151-A3F9-4AFB-AA00-E1534EE452B5}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.8660.185\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.8660.185\bin\idea64.exe => No File
irewallRules: [{c24c6848-ddbc-4ebe-9ad9-0f89e5da41b3}] => (Allow) C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe => No File
FirewallRules: [{78f4462c-89d1-43e9-b97b-757ea72e2a58}] => (Allow) C:\Program Files\ldplayer9box\VBoxNetNAT.exe => No File
FirewallRules: [{b053b005-678c-47a2-9f35-19bf587bf422}] => (Allow) D:\Aplikace\LDPlayer\LDPlayer9\dnplayer.exe => No File
FirewallRules: [{988C44D1-97D1-4038-B4C3-4617F37B920F}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerMirror\ApowerMirror.exe => No File
FirewallRules: [{B4791209-C012-4DC3-9EF1-11F270934CE2}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerMirror\ApowerMirror.exe => No File
FirewallRules: [TCP Query User{8B8907CA-C42F-4918-9C90-79F8A1E38094}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.9559.62\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.9559.62\bin\idea64.exe => No File
FirewallRules: [UDP Query User{E529E2E9-C274-445F-8C48-D71D5533DFFB}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.9559.62\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.9559.62\bin\idea64.exe => No File
FirewallRules: [TCP Query User{117372C0-04D5-46D1-AB4B-DEC66ECF041B}C:\users\lordb\appdata\local\postman\app-10.17.4\postman.exe] => (Allow) C:\users\lordb\appdata\local\postman\app-10.17.4\postman.exe => No File
FirewallRules: [UDP Query User{BF6829C7-FB6E-4F3A-95E7-ABE63DF3BB33}C:\users\lordb\appdata\local\postman\app-10.17.4\postman.exe] => (Allow) C:\users\lordb\appdata\local\postman\app-10.17.4\postman.exe => No File
FirewallRules: [TCP Query User{DDE5DC9C-9A1C-4C30-ACC5-04EB7ED97AF3}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.9921.47\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.9921.47\bin\idea64.exe => No File
FirewallRules: [UDP Query User{5274B9C0-6716-452C-888A-59A4C66E4285}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.9921.47\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.9921.47\bin\idea64.exe => No File
FirewallRules: [TCP Query User{741B6DB8-FB05-4F75-B900-C9E2EE76B7FD}D:\aplikace\stable diffusion webui\system\python\python.exe] => (Allow) D:\aplikace\stable diffusion webui\system\python\python.exe => No File
FirewallRules: [UDP Query User{9B19B4B4-B533-470E-B8E4-497B197335DB}D:\aplikace\stable diffusion webui\system\python\python.exe] => (Allow) D:\aplikace\stable diffusion webui\system\python\python.exe => No File
FirewallRules: [TCP Query User{C5DAB566-8042-4BB2-A018-E752328E25CA}C:\users\lordb\appdata\local\postman\app-10.18.6\postman.exe] => (Allow) C:\users\lordb\appdata\local\postman\app-10.18.6\postman.exe => No File
FirewallRules: [UDP Query User{BED6100D-2240-4869-9D08-816924910D5A}C:\users\lordb\appdata\local\postman\app-10.18.6\postman.exe] => (Allow) C:\users\lordb\appdata\local\postman\app-10.18.6\postman.exe => No File
FirewallRules: [TCP Query User{69D76C89-5706-4976-98C2-85255D612B6E}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.10072.27\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.10072.27\bin\idea64.exe => No File
FirewallRules: [UDP Query User{1000B128-9EA9-46B6-90BD-B79BA30B4651}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.10072.27\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.10072.27\bin\idea64.exe => No File
FirewallRules: [TCP Query User{56B295D4-041A-4FFF-8814-028EE745C5D3}C:\users\lordb\appdata\local\postman\app-10.18.10\postman.exe] => (Allow) C:\users\lordb\appdata\local\postman\app-10.18.10\postman.exe => No File
FirewallRules: [UDP Query User{29E1B3CE-2D11-45AB-BCE8-18A0C5173FC2}C:\users\lordb\appdata\local\postman\app-10.18.10\postman.exe] => (Allow) C:\users\lordb\appdata\local\postman\app-10.18.10\postman.exe => No File
FirewallRules: [TCP Query User{18DE50F8-12CD-423D-88D7-C28D614DCDB8}C:\users\lordb\appdata\local\postman\app-10.19.0\postman.exe] => (Allow) C:\users\lordb\appdata\local\postman\app-10.19.0\postman.exe => No File
FirewallRules: [UDP Query User{6D699F09-906C-4355-AE1C-AE88F9D78666}C:\users\lordb\appdata\local\postman\app-10.19.0\postman.exe] => (Allow) C:\users\lordb\appdata\local\postman\app-10.19.0\postman.exe => No File
FirewallRules: [TCP Query User{FA2F214D-760F-4635-ADFF-DCB2255E86EA}D:\games\xbox\serious sam- siberian mayhem\content\samsm.exe] => (Allow) D:\games\xbox\serious sam- siberian mayhem\content\samsm.exe => No File
FirewallRules: [UDP Query User{1C380CF5-0AC7-4FD9-986E-D39D1407FC35}D:\games\xbox\serious sam- siberian mayhem\content\samsm.exe] => (Allow) D:\games\xbox\serious sam- siberian mayhem\content\samsm.exe => No File
FirewallRules: [TCP Query User{AB266E4E-3463-424A-85CA-387E19BED059}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.10203.10\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.10203.10\bin\idea64.exe => No File
FirewallRules: [UDP Query User{D7F37705-CA3C-4B62-B127-D1131A91B573}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.10203.10\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.10203.10\bin\idea64.exe => No File
FirewallRules: [TCP Query User{B1A6A86E-3281-469B-B3AD-AAE35C866D15}C:\users\lordb\appdata\local\postman\app-10.19.7\postman.exe] => (Allow) C:\users\lordb\appdata\local\postman\app-10.19.7\postman.exe => No File
FirewallRules: [UDP Query User{072E580A-1921-4D23-A4C0-9180509EBE44}C:\users\lordb\appdata\local\postman\app-10.19.7\postman.exe] => (Allow) C:\users\lordb\appdata\local\postman\app-10.19.7\postman.exe => No File
FirewallRules: [{7DDB9D45-F5CA-4857-A77C-70830BEC6A4F}] => (Allow) D:\Games\Epic Games\AvatarFrontiersofPandora\Rogue_x64_Release.exe => No File
FirewallRules: [{742283DF-4267-48C3-8B70-C738C198DFD0}] => (Allow) C:\Program Files (x86)\Overwolf\0.240.0.6\OverwolfBrowser.exe => No File
FirewallRules: [{CA58B97D-2A4C-4C4D-A835-08D3595D673D}] => (Allow) C:\Program Files (x86)\Overwolf\0.240.0.6\OverwolfBrowser.exe => No File
FirewallRules: [{578F2729-CA53-420E-9DAC-9805238782C5}] => (Block) C:\Program Files (x86)\Overwolf\0.240.0.6\OverwolfBrowser.exe => No File
FirewallRules: [{7E0EF48C-6591-44D1-9F92-BCB69D3186E4}] => (Block) C:\Program Files (x86)\Overwolf\0.240.0.6\OverwolfBrowser.exe => No File

EmptyTemp:
Hosts:
End

Uložte do D:\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

lordboos · #3 Příspěvek od **lordboos** » 20 led 2024 13:50

Děkuji, přikládám fixlog.txt:

Fix result of Farbar Recovery Scan Tool (x64) Version: 16.01.2024
Ran by lordb (20-01-2024 13:44:17) Run:1
Running from D:\Downloads
Loaded Profiles: lordb
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start¨

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-2223442711-2485559967-1825819073-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-2223442711-2485559967-1825819073-1001\...\Run: [EPSDNMON] => "" (No File)
HKU\S-1-5-21-2223442711-2485559967-1825819073-1001\...\MountPoints2: {12d4841c-b355-11ed-9a7f-841b7707628b} - "E:\Lenovo_Suite.exe"
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
Task: {B3083FF1-231F-4D18-A9AC-D27EF1BAD3CA} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (No File)
Task: {4D821366-E8DF-432E-9625-3B12735987EC} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem122.0.6253.0{478EB379-02C9-4834-AA25-2D4617AE3105} => C:\Program Files (x86)\Google\GoogleUpdater\122.0.6253.0\updater.exe [4652320 2024-01-17] (Google LLC -> Google LLC) <==== ATTENTION
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
S3 cpuz154; \??\C:\WINDOWS\temp\cpuz154\cpuz154_x64.sys [X]
C:\DumpStack.log.tmp
C:\Users\lordb\AppData\Roaming\ffd01bc9-6dc0-4a1b-8a66-c40cdb137b21.tmp
C:\Users\lordb\AppData\Local\2476191251
C:\Users\lordb\AppData\Local\9154164905
C:\Users\lordb\AppData\Local\9618647855
CustomCLSID: HKU\S-1-5-21-2223442711-2485559967-1825819073-1001_Classes\CLSID\{227C9E8F-71A1-4B23-9076-682A1A8EAAED}\localserver32 -> "c:\program files\macrium\common\reflectmonitor.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2223442711-2485559967-1825819073-1001_Classes\CLSID\{23B3E3D8-C162-4A8B-AB0C-0905DCB1DF19}\InprocServer32 -> C:\Users\lordb\AppData\Local\Packages\Microsoft.PowerAutomateDesktop_8wekyb3d8bbwe\TempState\RDP\DVCPlugin\x64\Microsoft.Flow.RPA.Desktop.UIAutomation.RDP.DVC.Plugin.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
HKU\S-1-5-21-2223442711-2485559967-1825819073-1001\Software\Classes\regfile: <==== ATTENTION
HKU\S-1-5-21-2223442711-2485559967-1825819073-1001\Software\Classes\.reg: => <==== ATTENTION
HKU\S-1-5-21-2223442711-2485559967-1825819073-1001\Software\Classes\.bat: => <==== ATTENTION
HKU\S-1-5-21-2223442711-2485559967-1825819073-1001\Software\Classes\.cmd: => <==== ATTENTION
FirewallRules: [UDP Query User{578ECD2F-3882-4558-B418-35366DE2ECE9}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\222.4167.29\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\222.4167.29\bin\idea64.exe => No File
FirewallRules: [TCP Query User{F20B9A4A-7C5C-4ED6-9192-9601A7858DAB}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\222.4167.29\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\222.4167.29\bin\idea64.exe => No File
FirewallRules: [{5322BF47-CBF8-4E53-B519-F4E53D58CCE4}] => (Allow) D:\Games\Steam\steamapps\common\FarCry5\bin\ArcadeEditor64.exe => No File
FirewallRules: [{C6A24B56-F034-4F27-B156-16ED328F2DFC}] => (Allow) D:\Games\Steam\steamapps\common\FarCry5\bin\ArcadeEditor64.exe => No File
FirewallRules: [UDP Query User{53F5ABFD-1D7F-41A4-984B-4BAA0CA47541}D:\games\other\the elder scrolls v skyrim anniversary edition\data\skyrimtogetherreborn\skyrimtogetherserver.exe] => (Allow) D:\games\other\the elder scrolls v skyrim anniversary edition\data\skyrimtogetherreborn\skyrimtogetherserver.exe => No File
FirewallRules: [TCP Query User{EF752D8E-E4A1-4EE9-8582-4A847E42616D}D:\games\other\the elder scrolls v skyrim anniversary edition\data\skyrimtogetherreborn\skyrimtogetherserver.exe] => (Allow) D:\games\other\the elder scrolls v skyrim anniversary edition\data\skyrimtogetherreborn\skyrimtogetherserver.exe => No File
FirewallRules: [TCP Query User{D943F891-D9E1-4FEF-A843-2FDD0D0FECEE}C:\program files\ultimaker cura 5.2.1\ultimaker-cura.exe] => (Allow) C:\program files\ultimaker cura 5.2.1\ultimaker-cura.exe => No File
FirewallRules: [UDP Query User{8027465F-95B0-407C-976C-D10D0B542713}C:\program files\ultimaker cura 5.2.1\ultimaker-cura.exe] => (Allow) C:\program files\ultimaker cura 5.2.1\ultimaker-cura.exe => No File
FirewallRules: [TCP Query User{0739C889-888B-410B-A0E8-809206879A23}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\222.4459.24\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\222.4459.24\bin\idea64.exe => No File
FirewallRules: [UDP Query User{4B53C6C7-595C-47AB-B234-17ECE0172A8A}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\222.4459.24\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\222.4459.24\bin\idea64.exe => No File
FirewallRules: [TCP Query User{02888E26-625F-4E1C-99E5-A7382852B273}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.7571.182\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.7571.182\bin\idea64.exe => No File
FirewallRules: [UDP Query User{C814E613-34C3-4042-AD45-CB5F227DACA5}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.7571.182\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.7571.182\bin\idea64.exe => No File
FirewallRules: [UDP Query User{47CF52E7-B40E-4344-9B8B-515F4F791AFA}D:\games\xbox\high on life\content\oregon\binaries\wingdk\oregon-wingdk-shipping.exe] => (Allow) D:\games\xbox\high on life\content\oregon\binaries\wingdk\oregon-wingdk-shipping.exe => No File
FirewallRules: [TCP Query User{1ABDC8E1-3C76-44D1-9CCF-44FF7AA90018}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.8214.52\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.8214.52\bin\idea64.exe => No File
FirewallRules: [UDP Query User{E6E2D12D-B2A4-4260-A49B-7352A8155BC6}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.8214.52\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.8214.52\bin\idea64.exe => No File
FirewallRules: [TCP Query User{9EBFC167-5C30-4A7B-B7B3-0F7BA260683F}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.8617.56\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.8617.56\bin\idea64.exe => No File
FirewallRules: [UDP Query User{0E966533-22AF-4189-9671-9C3E7ED535A8}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.8617.56\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.8617.56\bin\idea64.exe => No File
FirewallRules: [{399BF436-BD1A-4AFF-A6A5-AF4303D057F5}] => (Allow) D:\Games\Steam\steamapps\common\Don't Starve Together Dedicated Server\bin64\dontstarve_dedicated_server_nullrenderer_x64.exe => No File
FirewallRules: [{29127FE8-CF05-456C-BE89-FADB5CB82F5B}] => (Allow) D:\Games\Steam\steamapps\common\Don't Starve Together Dedicated Server\bin64\dontstarve_dedicated_server_nullrenderer_x64.exe => No File
FirewallRules: [TCP Query User{BFA2B806-0475-4948-B961-6424CDF3EF1E}D:\aplikace\bambustudio-softfever\bambu-studio.exe] => (Allow) D:\aplikace\bambustudio-softfever\bambu-studio.exe => No File
FirewallRules: [UDP Query User{0BA300D7-1170-4F4E-B5F0-7A91F730A64E}D:\aplikace\bambustudio-softfever\bambu-studio.exe] => (Allow) D:\aplikace\bambustudio-softfever\bambu-studio.exe => No File
FirewallRules: [{C99267E9-C992-40C1-824D-2C6E504771B1}] => (Allow) D:\Games\Steam\steamapps\common\Don't Starve Together\bin64\dontstarve_steam_x64.exe => No File
FirewallRules: [{E64DDAA1-8646-41C1-BC5C-11A173A1341F}] => (Allow) D:\Games\Steam\steamapps\common\Don't Starve Together\bin64\dontstarve_steam_x64.exe => No File
FirewallRules: [{0AE97012-0BA8-44AE-8184-C1D099D2E3DB}] => (Allow) D:\Games\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe => No File
FirewallRules: [{A97F5D1D-A231-46E4-824D-657555EE9E32}] => (Allow) D:\Games\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe => No File
FirewallRules: [{6DDDC6C9-4EB4-44BF-86F3-6FC9F7E16CC0}] => (Allow) D:\Games\Steam\steamapps\common\Deep Rock Galactic\Legacy\FSD.exe => No File
FirewallRules: [{74937F8D-BD2D-4A2A-A746-3FC1F193AA7D}] => (Allow) D:\Games\Steam\steamapps\common\Deep Rock Galactic\Legacy\FSD.exe => No File
FirewallRules: [TCP Query User{4FDB9E67-43F7-496E-9B0B-0458705972DC}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.8836.35\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.8836.35\bin\idea64.exe => No File
FirewallRules: [UDP Query User{907068CB-47F3-455F-8EF6-A036AA18845C}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.8836.35\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.8836.35\bin\idea64.exe => No File
FirewallRules: [TCP Query User{92404D55-A718-4D8B-9FB8-2E64117DE5CE}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.8836.41\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.8836.41\bin\idea64.exe => No File
FirewallRules: [UDP Query User{8EE8865F-CF5E-45D7-A7EC-64C5AF48ACE4}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.8836.41\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.8836.41\bin\idea64.exe => No File
FirewallRules: [TCP Query User{7946ADC2-48A8-4AB5-AC23-2E6C93110BCD}D:\aplikace\orcaslicer_v1.5.0_win64\orca-slicer.exe] => (Allow) D:\aplikace\orcaslicer_v1.5.0_win64\orca-slicer.exe => No File
FirewallRules: [UDP Query User{FDCEAA6E-8102-4664-B135-04B2A49F887E}D:\aplikace\orcaslicer_v1.5.0_win64\orca-slicer.exe] => (Allow) D:\aplikace\orcaslicer_v1.5.0_win64\orca-slicer.exe => No File
FirewallRules: [TCP Query User{5AC0DFA4-349F-4A2E-9A0A-E4B9224881F4}D:\games\other\diablo iv - beta\diablo iv.exe] => (Allow) D:\games\other\diablo iv - beta\diablo iv.exe => No File
FirewallRules: [UDP Query User{B72C5B56-DA0E-4C05-9CB5-8CD543E9DAD2}D:\games\other\diablo iv - beta\diablo iv.exe] => (Allow) D:\games\other\diablo iv - beta\diablo iv.exe => No File
FirewallRules: [TCP Query User{CE5E7416-BFB5-48D4-882D-4EAD6E75F798}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.8109.175\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.8109.175\bin\idea64.exe => No File
FirewallRules: [UDP Query User{9F1DFE99-4570-4931-9A23-F4BA180F8EFB}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.8109.175\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.8109.175\bin\idea64.exe => No File
FirewallRules: [TCP Query User{2F7B8EA2-4D2C-4FDA-AFBC-1291BF117809}D:\aplikace\orcaslicer\orca-slicer.exe] => (Allow) D:\aplikace\orcaslicer\orca-slicer.exe => No File
FirewallRules: [UDP Query User{42EC0560-908C-4A17-8AAD-22739F4AB042}D:\aplikace\orcaslicer\orca-slicer.exe] => (Allow) D:\aplikace\orcaslicer\orca-slicer.exe => No File
FirewallRules: [TCP Query User{3EA814DE-D13F-44DB-A927-871AE48A37F4}C:\xboxgames\everspace™ 2\content\es2\binaries\wingdk\es2-wingdk-shipping.exe] => (Allow) C:\xboxgames\everspace™ 2\content\es2\binaries\wingdk\es2-wingdk-shipping.exe => No File
FirewallRules: [UDP Query User{03A77843-0A08-408B-8877-EFF35EB74E39}C:\xboxgames\everspace™ 2\content\es2\binaries\wingdk\es2-wingdk-shipping.exe] => (Allow) C:\xboxgames\everspace™ 2\content\es2\binaries\wingdk\es2-wingdk-shipping.exe => No File
FirewallRules: [TCP Query User{9AFDE247-2CA7-44AB-9C8E-41F428504318}D:\games\xbox\minecraft legends - windows\content\minecraftlegends.windows.exe] => (Allow) D:\games\xbox\minecraft legends - windows\content\minecraftlegends.windows.exe => No File
FirewallRules: [UDP Query User{F4F0160C-3CFA-4A20-93E8-1F875AFAFCA1}D:\games\xbox\minecraft legends - windows\content\minecraftlegends.windows.exe] => (Allow) D:\games\xbox\minecraft legends - windows\content\minecraftlegends.windows.exe => No File
FirewallRules: [TCP Query User{ED490338-9416-47BB-B9C0-9893D0D5E650}D:\games\xbox\atomic heart\content\atomicheart\binaries\wingdk\atomicheart-wingdk-shipping.exe] => (Allow) D:\games\xbox\atomic heart\content\atomicheart\binaries\wingdk\atomicheart-wingdk-shipping.exe => No File
FirewallRules: [UDP Query User{3EA3601B-23F0-4709-B1F5-9AC48A609B28}D:\games\xbox\atomic heart\content\atomicheart\binaries\wingdk\atomicheart-wingdk-shipping.exe] => (Allow) D:\games\xbox\atomic heart\content\atomicheart\binaries\wingdk\atomicheart-wingdk-shipping.exe => No File
FirewallRules: [TCP Query User{2561D3D4-355D-4A4C-AA9F-8AC1A228FF3A}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.8770.65\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.8770.65\bin\idea64.exe => No File
FirewallRules: [UDP Query User{D2549FF8-0019-4B6C-9736-0065B6899ABF}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.8770.65\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.8770.65\bin\idea64.exe => No File
FirewallRules: [TCP Query User{F1BCCED2-91F5-488F-9EC8-A0B1698BE9EF}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.9011.34\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.9011.34\bin\idea64.exe => No File
FirewallRules: [UDP Query User{D02C1148-45C7-48A4-BF10-90C28F26CA96}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.9011.34\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.9011.34\bin\idea64.exe => No File
FirewallRules: [TCP Query User{74C2EA40-CA3C-44B7-ACE7-FF18FB9C13AA}D:\games\xbox\solasta\content\solasta.exe] => (Allow) D:\games\xbox\solasta\content\solasta.exe => No File
FirewallRules: [UDP Query User{C9C9DC4B-C8A4-402A-B5E0-2E8FF34D5B43}D:\games\xbox\solasta\content\solasta.exe] => (Allow) D:\games\xbox\solasta\content\solasta.exe => No File
FirewallRules: [TCP Query User{AD194796-42A9-4AA4-B085-909B8EB2BF6B}D:\games\other\diablo iv\diablo iv.exe] => (Allow) D:\games\other\diablo iv\diablo iv.exe => No File
FirewallRules: [UDP Query User{F372F33E-03A5-4771-952C-4EDD7895681D}D:\games\other\diablo iv\diablo iv.exe] => (Allow) D:\games\other\diablo iv\diablo iv.exe => No File
FirewallRules: [TCP Query User{4B10D797-00D8-417E-90F9-EEBCE81D9D55}C:\users\lordb\appdata\local\vortxengine\app-2.2.31\signal-x64\signalrgb.exe] => (Allow) C:\users\lordb\appdata\local\vortxengine\app-2.2.31\signal-x64\signalrgb.exe => No File
FirewallRules: [UDP Query User{7E182060-4E6D-43C8-A9EA-19E6DC0931A2}C:\users\lordb\appdata\local\vortxengine\app-2.2.31\signal-x64\signalrgb.exe] => (Allow) C:\users\lordb\appdata\local\vortxengine\app-2.2.31\signal-x64\signalrgb.exe => No File
FirewallRules: [TCP Query User{D3842EB0-3B9D-49DB-B349-1850A994B773}D:\games\steam\steamapps\common\remnant\remnant\binaries\win64\remnant-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\remnant\remnant\binaries\win64\remnant-win64-shipping.exe => No File
FirewallRules: [UDP Query User{810C4144-5524-4D76-8972-552B8C0DC8B6}D:\games\steam\steamapps\common\remnant\remnant\binaries\win64\remnant-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\remnant\remnant\binaries\win64\remnant-win64-shipping.exe => No File
FirewallRules: [TCP Query User{510633C8-A435-4C70-9622-DA51028BDF25}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.9161.38\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.9161.38\bin\idea64.exe => No File
FirewallRules: [UDP Query User{A37994F6-835C-4D59-9354-D83FC647A7EB}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.9161.38\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.9161.38\bin\idea64.exe => No File
FirewallRules: [TCP Query User{F46484C5-946B-4B4A-B43A-8A973AF77282}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.9225.16\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.9225.16\bin\idea64.exe => No File
FirewallRules: [UDP Query User{B08A3C54-369D-4F9C-AFAB-C4DBC141282E}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.9225.16\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.9225.16\bin\idea64.exe => No File
FirewallRules: [TCP Query User{639547B8-EA93-4EA2-94D8-EE0A9B2AA9A2}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.8660.185\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.8660.185\bin\idea64.exe => No File
FirewallRules: [UDP Query User{60AAD151-A3F9-4AFB-AA00-E1534EE452B5}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.8660.185\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.8660.185\bin\idea64.exe => No File
irewallRules: [{c24c6848-ddbc-4ebe-9ad9-0f89e5da41b3}] => (Allow) C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe => No File
FirewallRules: [{78f4462c-89d1-43e9-b97b-757ea72e2a58}] => (Allow) C:\Program Files\ldplayer9box\VBoxNetNAT.exe => No File
FirewallRules: [{b053b005-678c-47a2-9f35-19bf587bf422}] => (Allow) D:\Aplikace\LDPlayer\LDPlayer9\dnplayer.exe => No File
FirewallRules: [{988C44D1-97D1-4038-B4C3-4617F37B920F}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerMirror\ApowerMirror.exe => No File
FirewallRules: [{B4791209-C012-4DC3-9EF1-11F270934CE2}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerMirror\ApowerMirror.exe => No File
FirewallRules: [TCP Query User{8B8907CA-C42F-4918-9C90-79F8A1E38094}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.9559.62\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.9559.62\bin\idea64.exe => No File
FirewallRules: [UDP Query User{E529E2E9-C274-445F-8C48-D71D5533DFFB}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.9559.62\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.9559.62\bin\idea64.exe => No File
FirewallRules: [TCP Query User{117372C0-04D5-46D1-AB4B-DEC66ECF041B}C:\users\lordb\appdata\local\postman\app-10.17.4\postman.exe] => (Allow) C:\users\lordb\appdata\local\postman\app-10.17.4\postman.exe => No File
FirewallRules: [UDP Query User{BF6829C7-FB6E-4F3A-95E7-ABE63DF3BB33}C:\users\lordb\appdata\local\postman\app-10.17.4\postman.exe] => (Allow) C:\users\lordb\appdata\local\postman\app-10.17.4\postman.exe => No File
FirewallRules: [TCP Query User{DDE5DC9C-9A1C-4C30-ACC5-04EB7ED97AF3}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.9921.47\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.9921.47\bin\idea64.exe => No File
FirewallRules: [UDP Query User{5274B9C0-6716-452C-888A-59A4C66E4285}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.9921.47\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.9921.47\bin\idea64.exe => No File
FirewallRules: [TCP Query User{741B6DB8-FB05-4F75-B900-C9E2EE76B7FD}D:\aplikace\stable diffusion webui\system\python\python.exe] => (Allow) D:\aplikace\stable diffusion webui\system\python\python.exe => No File
FirewallRules: [UDP Query User{9B19B4B4-B533-470E-B8E4-497B197335DB}D:\aplikace\stable diffusion webui\system\python\python.exe] => (Allow) D:\aplikace\stable diffusion webui\system\python\python.exe => No File
FirewallRules: [TCP Query User{C5DAB566-8042-4BB2-A018-E752328E25CA}C:\users\lordb\appdata\local\postman\app-10.18.6\postman.exe] => (Allow) C:\users\lordb\appdata\local\postman\app-10.18.6\postman.exe => No File
FirewallRules: [UDP Query User{BED6100D-2240-4869-9D08-816924910D5A}C:\users\lordb\appdata\local\postman\app-10.18.6\postman.exe] => (Allow) C:\users\lordb\appdata\local\postman\app-10.18.6\postman.exe => No File
FirewallRules: [TCP Query User{69D76C89-5706-4976-98C2-85255D612B6E}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.10072.27\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.10072.27\bin\idea64.exe => No File
FirewallRules: [UDP Query User{1000B128-9EA9-46B6-90BD-B79BA30B4651}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.10072.27\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.10072.27\bin\idea64.exe => No File
FirewallRules: [TCP Query User{56B295D4-041A-4FFF-8814-028EE745C5D3}C:\users\lordb\appdata\local\postman\app-10.18.10\postman.exe] => (Allow) C:\users\lordb\appdata\local\postman\app-10.18.10\postman.exe => No File
FirewallRules: [UDP Query User{29E1B3CE-2D11-45AB-BCE8-18A0C5173FC2}C:\users\lordb\appdata\local\postman\app-10.18.10\postman.exe] => (Allow) C:\users\lordb\appdata\local\postman\app-10.18.10\postman.exe => No File
FirewallRules: [TCP Query User{18DE50F8-12CD-423D-88D7-C28D614DCDB8}C:\users\lordb\appdata\local\postman\app-10.19.0\postman.exe] => (Allow) C:\users\lordb\appdata\local\postman\app-10.19.0\postman.exe => No File
FirewallRules: [UDP Query User{6D699F09-906C-4355-AE1C-AE88F9D78666}C:\users\lordb\appdata\local\postman\app-10.19.0\postman.exe] => (Allow) C:\users\lordb\appdata\local\postman\app-10.19.0\postman.exe => No File
FirewallRules: [TCP Query User{FA2F214D-760F-4635-ADFF-DCB2255E86EA}D:\games\xbox\serious sam- siberian mayhem\content\samsm.exe] => (Allow) D:\games\xbox\serious sam- siberian mayhem\content\samsm.exe => No File
FirewallRules: [UDP Query User{1C380CF5-0AC7-4FD9-986E-D39D1407FC35}D:\games\xbox\serious sam- siberian mayhem\content\samsm.exe] => (Allow) D:\games\xbox\serious sam- siberian mayhem\content\samsm.exe => No File
FirewallRules: [TCP Query User{AB266E4E-3463-424A-85CA-387E19BED059}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.10203.10\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.10203.10\bin\idea64.exe => No File
FirewallRules: [UDP Query User{D7F37705-CA3C-4B62-B127-D1131A91B573}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.10203.10\bin\idea64.exe] => (Allow) C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.10203.10\bin\idea64.exe => No File
FirewallRules: [TCP Query User{B1A6A86E-3281-469B-B3AD-AAE35C866D15}C:\users\lordb\appdata\local\postman\app-10.19.7\postman.exe] => (Allow) C:\users\lordb\appdata\local\postman\app-10.19.7\postman.exe => No File
FirewallRules: [UDP Query User{072E580A-1921-4D23-A4C0-9180509EBE44}C:\users\lordb\appdata\local\postman\app-10.19.7\postman.exe] => (Allow) C:\users\lordb\appdata\local\postman\app-10.19.7\postman.exe => No File
FirewallRules: [{7DDB9D45-F5CA-4857-A77C-70830BEC6A4F}] => (Allow) D:\Games\Epic Games\AvatarFrontiersofPandora\Rogue_x64_Release.exe => No File
FirewallRules: [{742283DF-4267-48C3-8B70-C738C198DFD0}] => (Allow) C:\Program Files (x86)\Overwolf\0.240.0.6\OverwolfBrowser.exe => No File
FirewallRules: [{CA58B97D-2A4C-4C4D-A835-08D3595D673D}] => (Allow) C:\Program Files (x86)\Overwolf\0.240.0.6\OverwolfBrowser.exe => No File
FirewallRules: [{578F2729-CA53-420E-9DAC-9805238782C5}] => (Block) C:\Program Files (x86)\Overwolf\0.240.0.6\OverwolfBrowser.exe => No File
FirewallRules: [{7E0EF48C-6591-44D1-9F92-BCB69D3186E4}] => (Block) C:\Program Files (x86)\Overwolf\0.240.0.6\OverwolfBrowser.exe => No File

EmptyTemp:
Hosts:
End
*****************

Start¨ => Error: No automatic fix found for this entry.
Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate => removed successfully
"HKU\S-1-5-21-2223442711-2485559967-1825819073-1001\Software\Microsoft\Windows\CurrentVersion\Run\\GalaxyClient" => removed successfully
"HKU\S-1-5-21-2223442711-2485559967-1825819073-1001\Software\Microsoft\Windows\CurrentVersion\Run\\EPSDNMON" => removed successfully
HKU\S-1-5-21-2223442711-2485559967-1825819073-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{12d4841c-b355-11ed-9a7f-841b7707628b} => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Edge => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B3083FF1-231F-4D18-A9AC-D27EF1BAD3CA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B3083FF1-231F-4D18-A9AC-D27EF1BAD3CA}" => removed successfully
C:\WINDOWS\System32\Tasks\ASUS\P508PowerAgent_sdk => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS\P508PowerAgent_sdk" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4D821366-E8DF-432E-9625-3B12735987EC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D821366-E8DF-432E-9625-3B12735987EC}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem122.0.6253.0{478EB379-02C9-4834-AA25-2D4617AE3105} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem122.0.6253.0{478EB379-02C9-4834-AA25-2D4617AE3105}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
HKLM\System\CurrentControlSet\Services\cpuz154 => removed successfully
cpuz154 => service removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
C:\Users\lordb\AppData\Roaming\ffd01bc9-6dc0-4a1b-8a66-c40cdb137b21.tmp => moved successfully
C:\Users\lordb\AppData\Local\2476191251 => moved successfully
C:\Users\lordb\AppData\Local\9154164905 => moved successfully
C:\Users\lordb\AppData\Local\9618647855 => moved successfully
HKU\S-1-5-21-2223442711-2485559967-1825819073-1001_Classes\CLSID\{227C9E8F-71A1-4B23-9076-682A1A8EAAED} => removed successfully
HKU\S-1-5-21-2223442711-2485559967-1825819073-1001_Classes\CLSID\{23B3E3D8-C162-4A8B-AB0C-0905DCB1DF19} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKU\S-1-5-21-2223442711-2485559967-1825819073-1001\Software\Classes\regfile => removed successfully
HKU\S-1-5-21-2223442711-2485559967-1825819073-1001\Software\Classes\.reg => removed successfully
HKU\S-1-5-21-2223442711-2485559967-1825819073-1001\Software\Classes\.bat => removed successfully
HKU\S-1-5-21-2223442711-2485559967-1825819073-1001\Software\Classes\.cmd => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{578ECD2F-3882-4558-B418-35366DE2ECE9}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\222.4167.29\bin\idea64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F20B9A4A-7C5C-4ED6-9192-9601A7858DAB}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\222.4167.29\bin\idea64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5322BF47-CBF8-4E53-B519-F4E53D58CCE4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C6A24B56-F034-4F27-B156-16ED328F2DFC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{53F5ABFD-1D7F-41A4-984B-4BAA0CA47541}D:\games\other\the elder scrolls v skyrim anniversary edition\data\skyrimtogetherreborn\skyrimtogetherserver.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{EF752D8E-E4A1-4EE9-8582-4A847E42616D}D:\games\other\the elder scrolls v skyrim anniversary edition\data\skyrimtogetherreborn\skyrimtogetherserver.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D943F891-D9E1-4FEF-A843-2FDD0D0FECEE}C:\program files\ultimaker cura 5.2.1\ultimaker-cura.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8027465F-95B0-407C-976C-D10D0B542713}C:\program files\ultimaker cura 5.2.1\ultimaker-cura.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0739C889-888B-410B-A0E8-809206879A23}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\222.4459.24\bin\idea64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4B53C6C7-595C-47AB-B234-17ECE0172A8A}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\222.4459.24\bin\idea64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{02888E26-625F-4E1C-99E5-A7382852B273}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.7571.182\bin\idea64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C814E613-34C3-4042-AD45-CB5F227DACA5}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.7571.182\bin\idea64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{47CF52E7-B40E-4344-9B8B-515F4F791AFA}D:\games\xbox\high on life\content\oregon\binaries\wingdk\oregon-wingdk-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{1ABDC8E1-3C76-44D1-9CCF-44FF7AA90018}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.8214.52\bin\idea64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E6E2D12D-B2A4-4260-A49B-7352A8155BC6}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.8214.52\bin\idea64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9EBFC167-5C30-4A7B-B7B3-0F7BA260683F}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.8617.56\bin\idea64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0E966533-22AF-4189-9671-9C3E7ED535A8}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.8617.56\bin\idea64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{399BF436-BD1A-4AFF-A6A5-AF4303D057F5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{29127FE8-CF05-456C-BE89-FADB5CB82F5B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{BFA2B806-0475-4948-B961-6424CDF3EF1E}D:\aplikace\bambustudio-softfever\bambu-studio.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0BA300D7-1170-4F4E-B5F0-7A91F730A64E}D:\aplikace\bambustudio-softfever\bambu-studio.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C99267E9-C992-40C1-824D-2C6E504771B1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E64DDAA1-8646-41C1-BC5C-11A173A1341F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0AE97012-0BA8-44AE-8184-C1D099D2E3DB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A97F5D1D-A231-46E4-824D-657555EE9E32}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6DDDC6C9-4EB4-44BF-86F3-6FC9F7E16CC0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{74937F8D-BD2D-4A2A-A746-3FC1F193AA7D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4FDB9E67-43F7-496E-9B0B-0458705972DC}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.8836.35\bin\idea64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{907068CB-47F3-455F-8EF6-A036AA18845C}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.8836.35\bin\idea64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{92404D55-A718-4D8B-9FB8-2E64117DE5CE}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.8836.41\bin\idea64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8EE8865F-CF5E-45D7-A7EC-64C5AF48ACE4}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\223.8836.41\bin\idea64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7946ADC2-48A8-4AB5-AC23-2E6C93110BCD}D:\aplikace\orcaslicer_v1.5.0_win64\orca-slicer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FDCEAA6E-8102-4664-B135-04B2A49F887E}D:\aplikace\orcaslicer_v1.5.0_win64\orca-slicer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5AC0DFA4-349F-4A2E-9A0A-E4B9224881F4}D:\games\other\diablo iv - beta\diablo iv.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B72C5B56-DA0E-4C05-9CB5-8CD543E9DAD2}D:\games\other\diablo iv - beta\diablo iv.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CE5E7416-BFB5-48D4-882D-4EAD6E75F798}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.8109.175\bin\idea64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9F1DFE99-4570-4931-9A23-F4BA180F8EFB}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.8109.175\bin\idea64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2F7B8EA2-4D2C-4FDA-AFBC-1291BF117809}D:\aplikace\orcaslicer\orca-slicer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{42EC0560-908C-4A17-8AAD-22739F4AB042}D:\aplikace\orcaslicer\orca-slicer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3EA814DE-D13F-44DB-A927-871AE48A37F4}C:\xboxgames\everspace™ 2\content\es2\binaries\wingdk\es2-wingdk-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{03A77843-0A08-408B-8877-EFF35EB74E39}C:\xboxgames\everspace™ 2\content\es2\binaries\wingdk\es2-wingdk-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9AFDE247-2CA7-44AB-9C8E-41F428504318}D:\games\xbox\minecraft legends - windows\content\minecraftlegends.windows.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F4F0160C-3CFA-4A20-93E8-1F875AFAFCA1}D:\games\xbox\minecraft legends - windows\content\minecraftlegends.windows.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{ED490338-9416-47BB-B9C0-9893D0D5E650}D:\games\xbox\atomic heart\content\atomicheart\binaries\wingdk\atomicheart-wingdk-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3EA3601B-23F0-4709-B1F5-9AC48A609B28}D:\games\xbox\atomic heart\content\atomicheart\binaries\wingdk\atomicheart-wingdk-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2561D3D4-355D-4A4C-AA9F-8AC1A228FF3A}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.8770.65\bin\idea64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D2549FF8-0019-4B6C-9736-0065B6899ABF}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.8770.65\bin\idea64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F1BCCED2-91F5-488F-9EC8-A0B1698BE9EF}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.9011.34\bin\idea64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D02C1148-45C7-48A4-BF10-90C28F26CA96}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.9011.34\bin\idea64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{74C2EA40-CA3C-44B7-ACE7-FF18FB9C13AA}D:\games\xbox\solasta\content\solasta.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C9C9DC4B-C8A4-402A-B5E0-2E8FF34D5B43}D:\games\xbox\solasta\content\solasta.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{AD194796-42A9-4AA4-B085-909B8EB2BF6B}D:\games\other\diablo iv\diablo iv.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F372F33E-03A5-4771-952C-4EDD7895681D}D:\games\other\diablo iv\diablo iv.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4B10D797-00D8-417E-90F9-EEBCE81D9D55}C:\users\lordb\appdata\local\vortxengine\app-2.2.31\signal-x64\signalrgb.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7E182060-4E6D-43C8-A9EA-19E6DC0931A2}C:\users\lordb\appdata\local\vortxengine\app-2.2.31\signal-x64\signalrgb.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D3842EB0-3B9D-49DB-B349-1850A994B773}D:\games\steam\steamapps\common\remnant\remnant\binaries\win64\remnant-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{810C4144-5524-4D76-8972-552B8C0DC8B6}D:\games\steam\steamapps\common\remnant\remnant\binaries\win64\remnant-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{510633C8-A435-4C70-9622-DA51028BDF25}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.9161.38\bin\idea64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A37994F6-835C-4D59-9354-D83FC647A7EB}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.9161.38\bin\idea64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F46484C5-946B-4B4A-B43A-8A973AF77282}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.9225.16\bin\idea64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B08A3C54-369D-4F9C-AFAB-C4DBC141282E}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\231.9225.16\bin\idea64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{639547B8-EA93-4EA2-94D8-EE0A9B2AA9A2}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.8660.185\bin\idea64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{60AAD151-A3F9-4AFB-AA00-E1534EE452B5}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.8660.185\bin\idea64.exe" => removed successfully
irewallRules: [{c24c6848-ddbc-4ebe-9ad9-0f89e5da41b3}] => (Allow) C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe => No File => Error: No automatic fix found for this entry.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{78f4462c-89d1-43e9-b97b-757ea72e2a58}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{b053b005-678c-47a2-9f35-19bf587bf422}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{988C44D1-97D1-4038-B4C3-4617F37B920F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B4791209-C012-4DC3-9EF1-11F270934CE2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8B8907CA-C42F-4918-9C90-79F8A1E38094}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.9559.62\bin\idea64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E529E2E9-C274-445F-8C48-D71D5533DFFB}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.9559.62\bin\idea64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{117372C0-04D5-46D1-AB4B-DEC66ECF041B}C:\users\lordb\appdata\local\postman\app-10.17.4\postman.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BF6829C7-FB6E-4F3A-95E7-ABE63DF3BB33}C:\users\lordb\appdata\local\postman\app-10.17.4\postman.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DDE5DC9C-9A1C-4C30-ACC5-04EB7ED97AF3}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.9921.47\bin\idea64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5274B9C0-6716-452C-888A-59A4C66E4285}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.9921.47\bin\idea64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{741B6DB8-FB05-4F75-B900-C9E2EE76B7FD}D:\aplikace\stable diffusion webui\system\python\python.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9B19B4B4-B533-470E-B8E4-497B197335DB}D:\aplikace\stable diffusion webui\system\python\python.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C5DAB566-8042-4BB2-A018-E752328E25CA}C:\users\lordb\appdata\local\postman\app-10.18.6\postman.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BED6100D-2240-4869-9D08-816924910D5A}C:\users\lordb\appdata\local\postman\app-10.18.6\postman.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{69D76C89-5706-4976-98C2-85255D612B6E}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.10072.27\bin\idea64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1000B128-9EA9-46B6-90BD-B79BA30B4651}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.10072.27\bin\idea64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{56B295D4-041A-4FFF-8814-028EE745C5D3}C:\users\lordb\appdata\local\postman\app-10.18.10\postman.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{29E1B3CE-2D11-45AB-BCE8-18A0C5173FC2}C:\users\lordb\appdata\local\postman\app-10.18.10\postman.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{18DE50F8-12CD-423D-88D7-C28D614DCDB8}C:\users\lordb\appdata\local\postman\app-10.19.0\postman.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6D699F09-906C-4355-AE1C-AE88F9D78666}C:\users\lordb\appdata\local\postman\app-10.19.0\postman.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{FA2F214D-760F-4635-ADFF-DCB2255E86EA}D:\games\xbox\serious sam- siberian mayhem\content\samsm.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1C380CF5-0AC7-4FD9-986E-D39D1407FC35}D:\games\xbox\serious sam- siberian mayhem\content\samsm.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{AB266E4E-3463-424A-85CA-387E19BED059}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.10203.10\bin\idea64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D7F37705-CA3C-4B62-B127-D1131A91B573}C:\users\lordb\appdata\local\jetbrains\toolbox\apps\idea-u\ch-0\232.10203.10\bin\idea64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B1A6A86E-3281-469B-B3AD-AAE35C866D15}C:\users\lordb\appdata\local\postman\app-10.19.7\postman.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{072E580A-1921-4D23-A4C0-9180509EBE44}C:\users\lordb\appdata\local\postman\app-10.19.7\postman.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7DDB9D45-F5CA-4857-A77C-70830BEC6A4F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{742283DF-4267-48C3-8B70-C738C198DFD0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CA58B97D-2A4C-4C4D-A835-08D3595D673D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{578F2729-CA53-420E-9DAC-9805238782C5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7E0EF48C-6591-44D1-9F92-BCB69D3186E4}" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 147753903 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 494692987 B
Windows/system/drivers => 10319452 B
Edge => 0 B
Chrome => 2139765840 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 16410 B
NetworkService => 755072 B
lordb => 27622690 B
MariaDB => 27622690 B

RecycleBin => 0 B
EmptyTemp: => 2.7 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 20-01-2024 13:49:55)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 13:49:55 ====

#4 Příspěvek od **Rudy** » 20 led 2024 15:00

Smazáno, log by již měl být OK. Vše v pořádku?

lordboos · #5 Příspěvek od **lordboos** » 20 led 2024 15:05

Zatím ano, snad se to nevrátí. Děkuji.
Bylo by prosím ještě možné zkontrolovat logy z druhého PC na stejné síti, jestli se tam něco nedostalo? Sice se zdá že je OK, ale rád bych byl jistější.

#6 Příspěvek od **Rudy** » 20 led 2024 16:00

OK, mohu. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [748624 2023-10-04] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
Task: {74F64942-4B99-42DF-96C2-9212CA876E4F} - System32\Tasks\ArkServerManager\AutoBackup_4ad645d133a7c15835508c23774ff7f4 => D:\Hry\ArkServerManager\ARK Server Manager.exe -ab (No File)
Task: {C4228792-0149-41BB-A56C-90F99AFD1EC2} - System32\Tasks\ArkServerManager\AutoUpdate_4ad645d133a7c15835508c23774ff7f4 => D:\Hry\ArkServerManager\ARK Server Manager.exe -au (No File)
Task: {77C49AF8-2048-43DF-8B87-281691728EC2} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem122.0.6253.0{23CA0DB1-6CCA-46F8-B399-1A395D455EB5} => C:\Program Files (x86)\Google\GoogleUpdater\122.0.6253.0\updater.exe [4652320 2024-01-17] (Google LLC -> Google LLC) <==== ATTENTION
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
FCheck: C:\WINDOWS\SysWOW64\mfc110esn.dll [2013-06-09] <==== ATTENTION (zero byte File/Folder)
FCheck: C:\WINDOWS\SysWOW64\mfc110ita.dll [2013-06-09] <==== ATTENTION (zero byte File/Folder)
FirewallRules: [TCP Query User{44B2C7F4-4EAB-4BD2-A185-07972D3698BE}C:\program files\kdenlive\bin\kdenlive.exe] => (Allow) C:\program files\kdenlive\bin\kdenlive.exe => No File
FirewallRules: [UDP Query User{DAA126AC-4D02-473D-94C0-67E700178C23}C:\program files\kdenlive\bin\kdenlive.exe] => (Allow) C:\program files\kdenlive\bin\kdenlive.exe => No File
FirewallRules: [{14D6C308-84FA-491D-9419-0B82312C4C55}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.133\msedgewebview2.exe (Microsoft Corporat

EmptyTemp:
Hosts:
End

Uložte do D:\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

lordboos · #7 Příspěvek od **lordboos** » 20 led 2024 16:46

Tady je výstupní fixlog, díky:

Fix result of Farbar Recovery Scan Tool (x64) Version: 16.01.2024
Ran by ellie (20-01-2024 16:30:42) Run:1
Running from D:\Downloads
Loaded Profiles: ellie
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [748624 2023-10-04] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
Task: {74F64942-4B99-42DF-96C2-9212CA876E4F} - System32\Tasks\ArkServerManager\AutoBackup_4ad645d133a7c15835508c23774ff7f4 => D:\Hry\ArkServerManager\ARK Server Manager.exe -ab (No File)
Task: {C4228792-0149-41BB-A56C-90F99AFD1EC2} - System32\Tasks\ArkServerManager\AutoUpdate_4ad645d133a7c15835508c23774ff7f4 => D:\Hry\ArkServerManager\ARK Server Manager.exe -au (No File)
Task: {77C49AF8-2048-43DF-8B87-281691728EC2} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem122.0.6253.0{23CA0DB1-6CCA-46F8-B399-1A395D455EB5} => C:\Program Files (x86)\Google\GoogleUpdater\122.0.6253.0\updater.exe [4652320 2024-01-17] (Google LLC -> Google LLC) <==== ATTENTION
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
FCheck: C:\WINDOWS\SysWOW64\mfc110esn.dll [2013-06-09] <==== ATTENTION (zero byte File/Folder)
FCheck: C:\WINDOWS\SysWOW64\mfc110ita.dll [2013-06-09] <==== ATTENTION (zero byte File/Folder)
FirewallRules: [TCP Query User{44B2C7F4-4EAB-4BD2-A185-07972D3698BE}C:\program files\kdenlive\bin\kdenlive.exe] => (Allow) C:\program files\kdenlive\bin\kdenlive.exe => No File
FirewallRules: [UDP Query User{DAA126AC-4D02-473D-94C0-67E700178C23}C:\program files\kdenlive\bin\kdenlive.exe] => (Allow) C:\program files\kdenlive\bin\kdenlive.exe => No File
FirewallRules: [{14D6C308-84FA-491D-9419-0B82312C4C55}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.133\msedgewebview2.exe (Microsoft Corporat

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
HKLM-x32...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [748624 2023-10-04] (Oracle America, Inc. -> Oracle Corporation) => Error: No automatic fix found for this entry.
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{74F64942-4B99-42DF-96C2-9212CA876E4F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{74F64942-4B99-42DF-96C2-9212CA876E4F}" => removed successfully
C:\WINDOWS\System32\Tasks\ArkServerManager\AutoBackup_4ad645d133a7c15835508c23774ff7f4 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ArkServerManager\AutoBackup_4ad645d133a7c15835508c23774ff7f4" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C4228792-0149-41BB-A56C-90F99AFD1EC2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C4228792-0149-41BB-A56C-90F99AFD1EC2}" => removed successfully
C:\WINDOWS\System32\Tasks\ArkServerManager\AutoUpdate_4ad645d133a7c15835508c23774ff7f4 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ArkServerManager\AutoUpdate_4ad645d133a7c15835508c23774ff7f4" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{77C49AF8-2048-43DF-8B87-281691728EC2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{77C49AF8-2048-43DF-8B87-281691728EC2}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem122.0.6253.0{23CA0DB1-6CCA-46F8-B399-1A395D455EB5} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem122.0.6253.0{23CA0DB1-6CCA-46F8-B399-1A395D455EB5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
C:\WINDOWS\SysWOW64\mfc110esn.dll => moved successfully
C:\WINDOWS\SysWOW64\mfc110ita.dll => moved successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{44B2C7F4-4EAB-4BD2-A185-07972D3698BE}C:\program files\kdenlive\bin\kdenlive.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DAA126AC-4D02-473D-94C0-67E700178C23}C:\program files\kdenlive\bin\kdenlive.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{14D6C308-84FA-491D-9419-0B82312C4C55}" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 319788968 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 1041267613 B
Windows/system/drivers => 20309143 B
Edge => 0 B
Chrome => 1094463430 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 610011 B
systemprofile32 => 610011 B
LocalService => 614261 B
NetworkService => 875205 B
ellie => 539985063 B

RecycleBin => 2770249163 B
EmptyTemp: => 5.4 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 16:39:41 ====

#8 Příspěvek od **Rudy** » 20 led 2024 16:52

Vše smazáno, log bude již OK.

VIRY.CZ

Kontrola logu po (snad) odstranění malware

Kontrola logu po (snad) odstranění malware

Re: Kontrola logu po (snad) odstranění malware

Re: Kontrola logu po (snad) odstranění malware

Re: Kontrola logu po (snad) odstranění malware

Re: Kontrola logu po (snad) odstranění malware

Re: Kontrola logu po (snad) odstranění malware

Re: Kontrola logu po (snad) odstranění malware

Re: Kontrola logu po (snad) odstranění malware