Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Kontrola Logu :)
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Kontrola Logu :)
Dobrý deň, prosím o kontrolu logu z dôvodu pomalého počítača. Ďakujem
Re: Kontrola Logu :)
Dobry den.
Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: Kontrola Logu :)
Tak teda posielam, dúfam že to je správne.
Re: Kontrola Logu :)
Ano, su spravne. Mozem, prosim, poprosit o nove logy FRST + ADDITION?
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: Kontrola Logu :)
Samozrejme.
Naposledy upravil(a) Maty44 dne 11 čer 2021 15:13, celkem upraveno 3 x.
Re: Kontrola Logu :)
Do poznamkoveho bloku skopirujte obsah dole:
Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Kód: Vybrat vše
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {032435BF-B3E7-4267-9F7C-6ACECDC3EA06} - System32\Tasks\Opera scheduled assistant Autoupdate 1616416552 => C:\Users\HP\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\HP\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {21DB8893-F20A-4F6E-934F-26D53B59937D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {0D7EA97A-0A6C-41D3-8562-F6E72A966B26} - System32\Tasks\Opera scheduled Autoupdate 1616416544 => C:\Users\HP\AppData\Local\Programs\Opera\launcher.exe
Task: {406EE30A-036F-4688-9648-70817AB1F571} - System32\Tasks\Opera scheduled assistant Autoupdate 1613585807 => C:\Users\HP\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\HP\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {46BEBC81-E676-4C23-9419-01F07DFB92F4} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2493272 2021-05-18] (Overwolf Ltd -> Overwolf LTD)
Task: {68B35E6F-3D8E-40FF-9A9C-FC2C20C0F956} - System32\Tasks\Opera scheduled assistant Autoupdate 1615056220 => C:\Users\HP\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\HP\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {5C5956F5-A3F9-49B7-96C2-566D2957A906} - System32\Tasks\Opera scheduled Autoupdate 1613585797 => C:\Users\HP\AppData\Local\Programs\Opera\launcher.exe
Task: {8094E15C-C9B4-4370-B555-9F6CF7B1AE18} - System32\Tasks\Opera scheduled Autoupdate 1615729237 => C:\Users\HP\AppData\Local\Programs\Opera\launcher.exe
Task: {A5683E32-74A9-4324-BD4E-DE8F7C5DEE68} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-20] (Google LLC -> Google LLC)
Task: {AAA4F552-E52D-44E5-B859-687F9586BE91} - System32\Tasks\Opera scheduled assistant Autoupdate 1615729246 => C:\Users\HP\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\HP\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {BA3152C2-A02A-4F62-81A0-E1D96F7E683A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-20] (Google LLC -> Google LLC)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
CHR Notifications: Default -> hxxps://www74.darenjarvis.pro
S3 RivaTuner64; \??\E:\RIVA\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [X]
Task: {6431D597-9A49-4E75-9758-CDAECDF8F7A4} - System32\Tasks\RTSS => E:\Riva No fake\RivaTuner Statistics Server\RTSS.exe [261264 2019-09-09] (Alexey Nicolaychuk -> )
HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "RadminVPN"
HKU\S-1-5-21-3196039111-1982186927-2852310541-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-3196039111-1982186927-2852310541-1001\...\StartupApproved\Run: => "SIMDashboardServer"
HKU\S-1-5-21-3196039111-1982186927-2852310541-1001\...\StartupApproved\Run: => "Spotify"
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [488]
FirewallRules: [{6F25BCAE-81B2-4CD3-99A9-8471EE1DC2B4}] => (Allow) C:\Users\HP\AppData\Local\Programs\Opera\74.0.3911.139\opera.exe => No File
FirewallRules: [{E9432CBD-CCA1-4316-A835-E189022F9A14}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe => No File
FirewallRules: [UDP Query User{6E65B35D-7B1C-40C5-B23A-EDDF41C60914}C:\users\hp\.lunarclient\jre\zulu8.50.0.53-ca-fx-jre8.0.275-win_x64\bin\javaw.exe] => (Allow) C:\users\hp\.lunarclient\jre\zulu8.50.0.53-ca-fx-jre8.0.275-win_x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{00CF5812-9051-498A-A1EC-3EAB8E046BA5}C:\users\hp\.lunarclient\jre\zulu8.50.0.53-ca-fx-jre8.0.275-win_x64\bin\javaw.exe] => (Allow) C:\users\hp\.lunarclient\jre\zulu8.50.0.53-ca-fx-jre8.0.275-win_x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{00CF5812-9051-498A-A1EC-3EAB8E046BA5}C:\users\hp\.lunarclient\jre\zulu8.50.0.53-ca-fx-jre8.0.275-win_x64\bin\javaw.exe] => (Allow) C:\users\hp\.lunarclient\jre\zulu8.50.0.53-ca-fx-jre8.0.275-win_x64\bin\javaw.exe => No File
FirewallRules: [{732E3A9C-4F9C-428D-8A06-3EF6A8982D00}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{CCEE9EC1-F27E-4710-8139-8116C7A0D1C4}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{924AB1BA-A4F5-4B14-B4A9-DC201D3F9BE9}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{9F6DAF95-2725-49D4-92A5-BEE9D43820E0}E:\muszynaa\aria2c.exe] => (Allow) E:\muszynaa\aria2c.exe => No File
FirewallRules: [TCP Query User{20C50109-F6E9-494C-AD34-D94AB20FF585}E:\muszynaa\aria2c.exe] => (Allow) E:\muszynaa\aria2c.exe => No File
FirewallRules: [{5A00857F-F577-4F2C-9CCB-8FF9048E59FB}] => (Allow) LPort=8317
FirewallRules: [{897020E7-EF45-4195-A974-ACB8144050AC}] => (Allow) LPort=8321
FirewallRules: [{71EA636F-2AED-44B7-BE5B-5D47D13E812E}] => (Allow) C:\Users\HP\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{61D13419-4222-4CDB-8EDE-3C40D81615A6}] => (Allow) C:\Users\HP\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{BF74313C-C6E9-4B57-8FA4-0F3450B95C2C}] => (Allow) E:\Steam\steamapps\common\Business Tour\BusinessTour.exe => No File
FirewallRules: [{1E0536A6-903E-462E-B3DE-48804F948D0D}] => (Allow) E:\Steam\steamapps\common\Business Tour\BusinessTour.exe => No File
FirewallRules: [UDP Query User{7F5B2D56-3E2F-41B5-A4AB-6ED2E9005FD7}E:\tanky xd\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) E:\tanky xd\wargaming.net\gamecenter\dlls\wgc_renderer.exe => No File
FirewallRules: [TCP Query User{96925CA7-8850-4C14-8694-A409C9DAAE67}E:\tanky xd\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) E:\tanky xd\wargaming.net\gamecenter\dlls\wgc_renderer.exe => No File
FirewallRules: [UDP Query User{FA43E5EC-F13D-4D38-BEE5-00000E4B136B}E:\civilization 6\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe] => (Allow) E:\civilization 6\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe => No File
FirewallRules: [TCP Query User{A292C440-3626-4423-8989-D15C8972229B}E:\civilization 6\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe] => (Allow) E:\civilization 6\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe => No File
FirewallRules: [UDP Query User{439D1DA3-D258-4156-8305-798C35BD744E}C:\program files\java\jre1.8.0_251\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_251\bin\javaw.exe => No File
FirewallRules: [TCP Query User{CD549AAE-9449-4708-BB5A-4967DBA1160C}C:\program files\java\jre1.8.0_251\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_251\bin\javaw.exe => No File
FirewallRules: [UDP Query User{83974DB5-6433-4FEF-B7A1-97F0AA46BCC8}E:\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) E:\steam\steamapps\common\war thunder\win64\aces.exe => No File
FirewallRules: [TCP Query User{4EEBBA88-54A0-478D-A03B-22326E3F6B6D}E:\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) E:\steam\steamapps\common\war thunder\win64\aces.exe => No File
FirewallRules: [{0339CE6C-4140-4F6F-8896-90003F0D33FD}] => (Allow) E:\Steam\steamapps\common\War Thunder\launcher.exe => No File
FirewallRules: [{900C7958-866B-46F5-9467-8D641A32F8CC}] => (Allow) E:\Steam\steamapps\common\War Thunder\launcher.exe => No File
FirewallRules: [{93D06912-E1E9-446B-A111-651A59E4E529}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\CDAS2PC\Xerox.CDAS2PC.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{7DD42B98-BCF9-4045-AF7D-760B25803DD4}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\CDAS2PC\Xerox.CDAS2PC.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{682B8C99-FB32-4E53-94B2-DB612A59C679}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\uninstall.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{323C7B84-EB18-452B-A2E4-4D51047B828E}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\uninstall.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{43E727E8-317A-432A-B6F6-F974CB57CFF1}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Alert.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{3915B04A-DA81-40FB-BF8E-33EC31EC853B}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Alert.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{AB0AF94E-D358-443E-82EB-14A13663E747}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.OrderSupplies.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{584CCB32-BA2A-465D-8852-C191A1C0C301}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.OrderSupplies.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{1EB45B36-015A-41D2-8828-FE2BD5BF9329}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Application.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{FCA7613A-D595-4A9C-926F-82360C570787}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Application.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{1656BE3C-725D-4460-A510-AED664C6E9CB}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{01A9F9DA-42CA-44E2-BE9B-0BBA9B6728DD}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{CA25105E-9302-41E3-A733-68F484755F83}C:\users\hp\desktop\anydesk.exe] => (Allow) C:\users\hp\desktop\anydesk.exe => No File
FirewallRules: [UDP Query User{EC0E8DC1-B289-4B97-94BB-E6E5602696EB}C:\users\hp\desktop\anydesk.exe] => (Allow) C:\users\hp\desktop\anydesk.exe => No File
FirewallRules: [{0AA0B297-7F8E-4A31-BE39-09F20D2A6B97}] => (Allow) C:\Users\HP\AppData\Local\Programs\Opera\74.0.3911.203\opera.exe => No File
FirewallRules: [TCP Query User{9595F069-827C-43BE-814E-A655A98A0981}C:\users\hp\downloads\mapyczforts.exe] => (Allow) C:\users\hp\downloads\mapyczforts.exe => No File
FirewallRules: [UDP Query User{8DFF68D7-64BC-42AC-8DD0-A39D72657F15}C:\users\hp\downloads\mapyczforts.exe] => (Allow) C:\users\hp\downloads\mapyczforts.exe => No File
FirewallRules: [{103D2127-1F60-4D32-A4EC-E486FF05ED8F}] => (Allow) C:\Users\HP\AppData\Roaming\uTorrent Web\utweb.exe => No File
FirewallRules: [{D0A9B7D8-4EE8-4412-8402-516837BD8BAD}] => (Allow) C:\Users\HP\AppData\Roaming\uTorrent Web\utweb.exe => No File
FirewallRules: [{96822F68-15D5-4994-9480-244410EEDDD4}] => (Allow) C:\Users\HP\AppData\Local\Programs\Opera\74.0.3911.203_0\opera.exe => No File
FirewallRules: [TCP Query User{9B43EF9E-F6C3-43F2-85D7-939A00BAA461}C:\program files\java\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_281\bin\javaw.exe => No File
FirewallRules: [UDP Query User{D31A038F-9437-46C4-B299-324E274623CB}C:\program files\java\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_281\bin\javaw.exe => No File
FirewallRules: [{8C7F5F84-48C6-4639-827E-E97CDA8E1E14}] => (Allow) C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{C63F3316-ABEF-41D2-83CD-2EEF95F1E1AC}] => (Allow) C:\Users\HP\AppData\Local\Programs\Opera\74.0.3911.232\opera.exe => No File
FirewallRules: [{2608BA71-A2C0-435D-923B-6B65A46A18CE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{391FEBAB-5879-4AB4-8D95-4E05344889B7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{078C9388-3DE3-430D-BBB8-25CEF20E008C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6624F3B9-B539-4228-9E6A-5E0E41248F88}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
EmptyTemp:
Hosts:
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: Kontrola Logu :)
Kód: Vybrat vše
Fix result of Farbar Recovery Scan Tool (x64) Version: 20-06-2021
Ran by HP (21-06-2021 18:39:33) Run:2
Running from C:\Users\HP\Desktop\FRST
Loaded Profiles: HP & postgres
Boot Mode: Normal
==============================================
fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {032435BF-B3E7-4267-9F7C-6ACECDC3EA06} - System32\Tasks\Opera scheduled assistant Autoupdate 1616416552 => C:\Users\HP\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\HP\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {21DB8893-F20A-4F6E-934F-26D53B59937D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {0D7EA97A-0A6C-41D3-8562-F6E72A966B26} - System32\Tasks\Opera scheduled Autoupdate 1616416544 => C:\Users\HP\AppData\Local\Programs\Opera\launcher.exe
Task: {406EE30A-036F-4688-9648-70817AB1F571} - System32\Tasks\Opera scheduled assistant Autoupdate 1613585807 => C:\Users\HP\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\HP\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {46BEBC81-E676-4C23-9419-01F07DFB92F4} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2493272 2021-05-18] (Overwolf Ltd -> Overwolf LTD)
Task: {68B35E6F-3D8E-40FF-9A9C-FC2C20C0F956} - System32\Tasks\Opera scheduled assistant Autoupdate 1615056220 => C:\Users\HP\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\HP\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {5C5956F5-A3F9-49B7-96C2-566D2957A906} - System32\Tasks\Opera scheduled Autoupdate 1613585797 => C:\Users\HP\AppData\Local\Programs\Opera\launcher.exe
Task: {8094E15C-C9B4-4370-B555-9F6CF7B1AE18} - System32\Tasks\Opera scheduled Autoupdate 1615729237 => C:\Users\HP\AppData\Local\Programs\Opera\launcher.exe
Task: {A5683E32-74A9-4324-BD4E-DE8F7C5DEE68} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-20] (Google LLC -> Google LLC)
Task: {AAA4F552-E52D-44E5-B859-687F9586BE91} - System32\Tasks\Opera scheduled assistant Autoupdate 1615729246 => C:\Users\HP\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\HP\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {BA3152C2-A02A-4F62-81A0-E1D96F7E683A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-20] (Google LLC -> Google LLC)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
CHR Notifications: Default -> hxxps://www74.darenjarvis.pro
S3 RivaTuner64; \??\E:\RIVA\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [X]
Task: {6431D597-9A49-4E75-9758-CDAECDF8F7A4} - System32\Tasks\RTSS => E:\Riva No fake\RivaTuner Statistics Server\RTSS.exe [261264 2019-09-09] (Alexey Nicolaychuk -> )
HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "RadminVPN"
HKU\S-1-5-21-3196039111-1982186927-2852310541-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-3196039111-1982186927-2852310541-1001\...\StartupApproved\Run: => "SIMDashboardServer"
HKU\S-1-5-21-3196039111-1982186927-2852310541-1001\...\StartupApproved\Run: => "Spotify"
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [488]
FirewallRules: [{6F25BCAE-81B2-4CD3-99A9-8471EE1DC2B4}] => (Allow) C:\Users\HP\AppData\Local\Programs\Opera\74.0.3911.139\opera.exe => No File
FirewallRules: [{E9432CBD-CCA1-4316-A835-E189022F9A14}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe => No File
FirewallRules: [UDP Query User{6E65B35D-7B1C-40C5-B23A-EDDF41C60914}C:\users\hp\.lunarclient\jre\zulu8.50.0.53-ca-fx-jre8.0.275-win_x64\bin\javaw.exe] => (Allow) C:\users\hp\.lunarclient\jre\zulu8.50.0.53-ca-fx-jre8.0.275-win_x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{00CF5812-9051-498A-A1EC-3EAB8E046BA5}C:\users\hp\.lunarclient\jre\zulu8.50.0.53-ca-fx-jre8.0.275-win_x64\bin\javaw.exe] => (Allow) C:\users\hp\.lunarclient\jre\zulu8.50.0.53-ca-fx-jre8.0.275-win_x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{00CF5812-9051-498A-A1EC-3EAB8E046BA5}C:\users\hp\.lunarclient\jre\zulu8.50.0.53-ca-fx-jre8.0.275-win_x64\bin\javaw.exe] => (Allow) C:\users\hp\.lunarclient\jre\zulu8.50.0.53-ca-fx-jre8.0.275-win_x64\bin\javaw.exe => No File
FirewallRules: [{732E3A9C-4F9C-428D-8A06-3EF6A8982D00}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{CCEE9EC1-F27E-4710-8139-8116C7A0D1C4}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{924AB1BA-A4F5-4B14-B4A9-DC201D3F9BE9}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{9F6DAF95-2725-49D4-92A5-BEE9D43820E0}E:\muszynaa\aria2c.exe] => (Allow) E:\muszynaa\aria2c.exe => No File
FirewallRules: [TCP Query User{20C50109-F6E9-494C-AD34-D94AB20FF585}E:\muszynaa\aria2c.exe] => (Allow) E:\muszynaa\aria2c.exe => No File
FirewallRules: [{5A00857F-F577-4F2C-9CCB-8FF9048E59FB}] => (Allow) LPort=8317
FirewallRules: [{897020E7-EF45-4195-A974-ACB8144050AC}] => (Allow) LPort=8321
FirewallRules: [{71EA636F-2AED-44B7-BE5B-5D47D13E812E}] => (Allow) C:\Users\HP\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{61D13419-4222-4CDB-8EDE-3C40D81615A6}] => (Allow) C:\Users\HP\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{BF74313C-C6E9-4B57-8FA4-0F3450B95C2C}] => (Allow) E:\Steam\steamapps\common\Business Tour\BusinessTour.exe => No File
FirewallRules: [{1E0536A6-903E-462E-B3DE-48804F948D0D}] => (Allow) E:\Steam\steamapps\common\Business Tour\BusinessTour.exe => No File
FirewallRules: [UDP Query User{7F5B2D56-3E2F-41B5-A4AB-6ED2E9005FD7}E:\tanky xd\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) E:\tanky xd\wargaming.net\gamecenter\dlls\wgc_renderer.exe => No File
FirewallRules: [TCP Query User{96925CA7-8850-4C14-8694-A409C9DAAE67}E:\tanky xd\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) E:\tanky xd\wargaming.net\gamecenter\dlls\wgc_renderer.exe => No File
FirewallRules: [UDP Query User{FA43E5EC-F13D-4D38-BEE5-00000E4B136B}E:\civilization 6\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe] => (Allow) E:\civilization 6\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe => No File
FirewallRules: [TCP Query User{A292C440-3626-4423-8989-D15C8972229B}E:\civilization 6\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe] => (Allow) E:\civilization 6\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe => No File
FirewallRules: [UDP Query User{439D1DA3-D258-4156-8305-798C35BD744E}C:\program files\java\jre1.8.0_251\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_251\bin\javaw.exe => No File
FirewallRules: [TCP Query User{CD549AAE-9449-4708-BB5A-4967DBA1160C}C:\program files\java\jre1.8.0_251\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_251\bin\javaw.exe => No File
FirewallRules: [UDP Query User{83974DB5-6433-4FEF-B7A1-97F0AA46BCC8}E:\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) E:\steam\steamapps\common\war thunder\win64\aces.exe => No File
FirewallRules: [TCP Query User{4EEBBA88-54A0-478D-A03B-22326E3F6B6D}E:\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) E:\steam\steamapps\common\war thunder\win64\aces.exe => No File
FirewallRules: [{0339CE6C-4140-4F6F-8896-90003F0D33FD}] => (Allow) E:\Steam\steamapps\common\War Thunder\launcher.exe => No File
FirewallRules: [{900C7958-866B-46F5-9467-8D641A32F8CC}] => (Allow) E:\Steam\steamapps\common\War Thunder\launcher.exe => No File
FirewallRules: [{93D06912-E1E9-446B-A111-651A59E4E529}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\CDAS2PC\Xerox.CDAS2PC.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{7DD42B98-BCF9-4045-AF7D-760B25803DD4}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\CDAS2PC\Xerox.CDAS2PC.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{682B8C99-FB32-4E53-94B2-DB612A59C679}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\uninstall.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{323C7B84-EB18-452B-A2E4-4D51047B828E}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\uninstall.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{43E727E8-317A-432A-B6F6-F974CB57CFF1}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Alert.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{3915B04A-DA81-40FB-BF8E-33EC31EC853B}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Alert.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{AB0AF94E-D358-443E-82EB-14A13663E747}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.OrderSupplies.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{584CCB32-BA2A-465D-8852-C191A1C0C301}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.OrderSupplies.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{1EB45B36-015A-41D2-8828-FE2BD5BF9329}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Application.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{FCA7613A-D595-4A9C-926F-82360C570787}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Application.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{1656BE3C-725D-4460-A510-AED664C6E9CB}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{01A9F9DA-42CA-44E2-BE9B-0BBA9B6728DD}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{CA25105E-9302-41E3-A733-68F484755F83}C:\users\hp\desktop\anydesk.exe] => (Allow) C:\users\hp\desktop\anydesk.exe => No File
FirewallRules: [UDP Query User{EC0E8DC1-B289-4B97-94BB-E6E5602696EB}C:\users\hp\desktop\anydesk.exe] => (Allow) C:\users\hp\desktop\anydesk.exe => No File
FirewallRules: [{0AA0B297-7F8E-4A31-BE39-09F20D2A6B97}] => (Allow) C:\Users\HP\AppData\Local\Programs\Opera\74.0.3911.203\opera.exe => No File
FirewallRules: [TCP Query User{9595F069-827C-43BE-814E-A655A98A0981}C:\users\hp\downloads\mapyczforts.exe] => (Allow) C:\users\hp\downloads\mapyczforts.exe => No File
FirewallRules: [UDP Query User{8DFF68D7-64BC-42AC-8DD0-A39D72657F15}C:\users\hp\downloads\mapyczforts.exe] => (Allow) C:\users\hp\downloads\mapyczforts.exe => No File
FirewallRules: [{103D2127-1F60-4D32-A4EC-E486FF05ED8F}] => (Allow) C:\Users\HP\AppData\Roaming\uTorrent Web\utweb.exe => No File
FirewallRules: [{D0A9B7D8-4EE8-4412-8402-516837BD8BAD}] => (Allow) C:\Users\HP\AppData\Roaming\uTorrent Web\utweb.exe => No File
FirewallRules: [{96822F68-15D5-4994-9480-244410EEDDD4}] => (Allow) C:\Users\HP\AppData\Local\Programs\Opera\74.0.3911.203_0\opera.exe => No File
FirewallRules: [TCP Query User{9B43EF9E-F6C3-43F2-85D7-939A00BAA461}C:\program files\java\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_281\bin\javaw.exe => No File
FirewallRules: [UDP Query User{D31A038F-9437-46C4-B299-324E274623CB}C:\program files\java\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_281\bin\javaw.exe => No File
FirewallRules: [{8C7F5F84-48C6-4639-827E-E97CDA8E1E14}] => (Allow) C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{C63F3316-ABEF-41D2-83CD-2EEF95F1E1AC}] => (Allow) C:\Users\HP\AppData\Local\Programs\Opera\74.0.3911.232\opera.exe => No File
FirewallRules: [{2608BA71-A2C0-435D-923B-6B65A46A18CE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{391FEBAB-5879-4AB4-8D95-4E05344889B7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{078C9388-3DE3-430D-BBB8-25CEF20E008C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6624F3B9-B539-4228-9E6A-5E0E41248F88}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
EmptyTemp:
Hosts:
*****************
Processes closed successfully.
Restore point was successfully created.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{032435BF-B3E7-4267-9F7C-6ACECDC3EA06}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{032435BF-B3E7-4267-9F7C-6ACECDC3EA06}" => removed successfully
C:\WINDOWS\System32\Tasks\Opera scheduled assistant Autoupdate 1616416552 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled assistant Autoupdate 1616416552" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{21DB8893-F20A-4F6E-934F-26D53B59937D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{21DB8893-F20A-4F6E-934F-26D53B59937D}" => removed successfully
C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0D7EA97A-0A6C-41D3-8562-F6E72A966B26}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D7EA97A-0A6C-41D3-8562-F6E72A966B26}" => removed successfully
C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1616416544 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1616416544" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{406EE30A-036F-4688-9648-70817AB1F571}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{406EE30A-036F-4688-9648-70817AB1F571}" => removed successfully
C:\WINDOWS\System32\Tasks\Opera scheduled assistant Autoupdate 1613585807 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled assistant Autoupdate 1613585807" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{46BEBC81-E676-4C23-9419-01F07DFB92F4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{46BEBC81-E676-4C23-9419-01F07DFB92F4}" => removed successfully
C:\WINDOWS\System32\Tasks\Overwolf Updater Task => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Overwolf Updater Task" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{68B35E6F-3D8E-40FF-9A9C-FC2C20C0F956}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{68B35E6F-3D8E-40FF-9A9C-FC2C20C0F956}" => removed successfully
C:\WINDOWS\System32\Tasks\Opera scheduled assistant Autoupdate 1615056220 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled assistant Autoupdate 1615056220" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5C5956F5-A3F9-49B7-96C2-566D2957A906}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C5956F5-A3F9-49B7-96C2-566D2957A906}" => removed successfully
C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1613585797 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1613585797" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8094E15C-C9B4-4370-B555-9F6CF7B1AE18}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8094E15C-C9B4-4370-B555-9F6CF7B1AE18}" => removed successfully
C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1615729237 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1615729237" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A5683E32-74A9-4324-BD4E-DE8F7C5DEE68}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A5683E32-74A9-4324-BD4E-DE8F7C5DEE68}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AAA4F552-E52D-44E5-B859-687F9586BE91}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AAA4F552-E52D-44E5-B859-687F9586BE91}" => removed successfully
C:\WINDOWS\System32\Tasks\Opera scheduled assistant Autoupdate 1615729246 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled assistant Autoupdate 1615729246" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BA3152C2-A02A-4F62-81A0-E1D96F7E683A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BA3152C2-A02A-4F62-81A0-E1D96F7E683A}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
"Chrome Notifications" => removed successfully
HKLM\System\CurrentControlSet\Services\RivaTuner64 => removed successfully
RivaTuner64 => service removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6431D597-9A49-4E75-9758-CDAECDF8F7A4}" => not found
C:\WINDOWS\System32\Tasks\RTSS => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RTSS" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Riot Vanguard" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Riot Vanguard" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\LogMeIn Hamachi Ui" => removed successfully
"HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\LogMeIn Hamachi Ui" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\RadminVPN" => removed successfully
"HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\RadminVPN" => removed successfully
C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk => moved successfully
"HKU\S-1-5-21-3196039111-1982186927-2852310541-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder\\MEGAsync.lnk" => removed successfully
"HKU\S-1-5-21-3196039111-1982186927-2852310541-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\SIMDashboardServer" => removed successfully
"HKU\S-1-5-21-3196039111-1982186927-2852310541-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\SIMDashboardServer" => removed successfully
"HKU\S-1-5-21-3196039111-1982186927-2852310541-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Spotify" => removed successfully
"HKU\S-1-5-21-3196039111-1982186927-2852310541-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Spotify" => removed successfully
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6F25BCAE-81B2-4CD3-99A9-8471EE1DC2B4}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E9432CBD-CCA1-4316-A835-E189022F9A14}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6E65B35D-7B1C-40C5-B23A-EDDF41C60914}C:\users\hp\.lunarclient\jre\zulu8.50.0.53-ca-fx-jre8.0.275-win_x64\bin\javaw.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{00CF5812-9051-498A-A1EC-3EAB8E046BA5}C:\users\hp\.lunarclient\jre\zulu8.50.0.53-ca-fx-jre8.0.275-win_x64\bin\javaw.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{00CF5812-9051-498A-A1EC-3EAB8E046BA5}C:\users\hp\.lunarclient\jre\zulu8.50.0.53-ca-fx-jre8.0.275-win_x64\bin\javaw.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{732E3A9C-4F9C-428D-8A06-3EF6A8982D00}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CCEE9EC1-F27E-4710-8139-8116C7A0D1C4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{924AB1BA-A4F5-4B14-B4A9-DC201D3F9BE9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9F6DAF95-2725-49D4-92A5-BEE9D43820E0}E:\muszynaa\aria2c.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{20C50109-F6E9-494C-AD34-D94AB20FF585}E:\muszynaa\aria2c.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5A00857F-F577-4F2C-9CCB-8FF9048E59FB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{897020E7-EF45-4195-A974-ACB8144050AC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{71EA636F-2AED-44B7-BE5B-5D47D13E812E}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{61D13419-4222-4CDB-8EDE-3C40D81615A6}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BF74313C-C6E9-4B57-8FA4-0F3450B95C2C}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1E0536A6-903E-462E-B3DE-48804F948D0D}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7F5B2D56-3E2F-41B5-A4AB-6ED2E9005FD7}E:\tanky xd\wargaming.net\gamecenter\dlls\wgc_renderer.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{96925CA7-8850-4C14-8694-A409C9DAAE67}E:\tanky xd\wargaming.net\gamecenter\dlls\wgc_renderer.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FA43E5EC-F13D-4D38-BEE5-00000E4B136B}E:\civilization 6\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A292C440-3626-4423-8989-D15C8972229B}E:\civilization 6\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{439D1DA3-D258-4156-8305-798C35BD744E}C:\program files\java\jre1.8.0_251\bin\javaw.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CD549AAE-9449-4708-BB5A-4967DBA1160C}C:\program files\java\jre1.8.0_251\bin\javaw.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{83974DB5-6433-4FEF-B7A1-97F0AA46BCC8}E:\steam\steamapps\common\war thunder\win64\aces.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4EEBBA88-54A0-478D-A03B-22326E3F6B6D}E:\steam\steamapps\common\war thunder\win64\aces.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0339CE6C-4140-4F6F-8896-90003F0D33FD}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{900C7958-866B-46F5-9467-8D641A32F8CC}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{93D06912-E1E9-446B-A111-651A59E4E529}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7DD42B98-BCF9-4045-AF7D-760B25803DD4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{682B8C99-FB32-4E53-94B2-DB612A59C679}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{323C7B84-EB18-452B-A2E4-4D51047B828E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{43E727E8-317A-432A-B6F6-F974CB57CFF1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3915B04A-DA81-40FB-BF8E-33EC31EC853B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AB0AF94E-D358-443E-82EB-14A13663E747}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{584CCB32-BA2A-465D-8852-C191A1C0C301}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1EB45B36-015A-41D2-8828-FE2BD5BF9329}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FCA7613A-D595-4A9C-926F-82360C570787}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1656BE3C-725D-4460-A510-AED664C6E9CB}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{01A9F9DA-42CA-44E2-BE9B-0BBA9B6728DD}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CA25105E-9302-41E3-A733-68F484755F83}C:\users\hp\desktop\anydesk.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{EC0E8DC1-B289-4B97-94BB-E6E5602696EB}C:\users\hp\desktop\anydesk.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0AA0B297-7F8E-4A31-BE39-09F20D2A6B97}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9595F069-827C-43BE-814E-A655A98A0981}C:\users\hp\downloads\mapyczforts.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8DFF68D7-64BC-42AC-8DD0-A39D72657F15}C:\users\hp\downloads\mapyczforts.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{103D2127-1F60-4D32-A4EC-E486FF05ED8F}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D0A9B7D8-4EE8-4412-8402-516837BD8BAD}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{96822F68-15D5-4994-9480-244410EEDDD4}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9B43EF9E-F6C3-43F2-85D7-939A00BAA461}C:\program files\java\jre1.8.0_281\bin\javaw.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D31A038F-9437-46C4-B299-324E274623CB}C:\program files\java\jre1.8.0_281\bin\javaw.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8C7F5F84-48C6-4639-827E-E97CDA8E1E14}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C63F3316-ABEF-41D2-83CD-2EEF95F1E1AC}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2608BA71-A2C0-435D-923B-6B65A46A18CE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{391FEBAB-5879-4AB4-8D95-4E05344889B7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{078C9388-3DE3-430D-BBB8-25CEF20E008C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6624F3B9-B539-4228-9E6A-5E0E41248F88}" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 34915274 B
Java, Flash, Steam htmlcache => 469045434 B
Windows/system/drivers => 0 B
Edge => 32295 B
Chrome => 465637536 B
Firefox => 0 B
Opera => 4996987 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 5072 B
HP => 1460641508 B
postgres => 1460641508 B
RecycleBin => 340 B
EmptyTemp: => 3.6 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 18:41:43 ====
Re: Kontrola Logu :)
Mozem poprosit o nove logy FRST + ADDITION?
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: Kontrola Logu :)
tieto veci poznate?
FirewallRules: [{0D0C3C8A-CA07-4E6B-9DDC-050E3DB12B14}] => (Allow) E:\Davinvii\DPDecoder.exe () [File not signed]
FirewallRules: [{8817B291-C82D-44CB-8011-B16AB0953283}] => (Allow) E:\Davinvii\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [{3CAD9FF0-26E0-45EE-A95D-59A7DBD36B2D}] => (Allow) E:\Davinvii\TangentPanelDaemon.exe () [File not signed]
FirewallRules: [{B6355857-2721-4244-BAB2-5385ACDE316E}] => (Allow) E:\Davinvii\EuphonixPanelDaemon.exe () [File not signed]
FirewallRules: [{DBED2285-71BF-419A-A3FC-06553F52AE80}] => (Allow) E:\Davinvii\JLCooperPanelDaemon.exe () [File not signed]
FirewallRules: [{26190E13-BD3E-42E7-B531-B465D2180E05}] => (Allow) E:\Davinvii\DaVinciPanelDaemon.exe () [File not signed]
FirewallRules: [{0190D909-CADE-4082-A003-03991725E21E}] => (Allow) E:\Davinvii\bmdpaneld.exe () [File not signed]
FirewallRules: [{4F8EC546-4888-4247-8EFA-CD109B2F047D}] => (Allow) E:\Davinvii\Resolve.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [{0D0C3C8A-CA07-4E6B-9DDC-050E3DB12B14}] => (Allow) E:\Davinvii\DPDecoder.exe () [File not signed]
FirewallRules: [{8817B291-C82D-44CB-8011-B16AB0953283}] => (Allow) E:\Davinvii\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [{3CAD9FF0-26E0-45EE-A95D-59A7DBD36B2D}] => (Allow) E:\Davinvii\TangentPanelDaemon.exe () [File not signed]
FirewallRules: [{B6355857-2721-4244-BAB2-5385ACDE316E}] => (Allow) E:\Davinvii\EuphonixPanelDaemon.exe () [File not signed]
FirewallRules: [{DBED2285-71BF-419A-A3FC-06553F52AE80}] => (Allow) E:\Davinvii\JLCooperPanelDaemon.exe () [File not signed]
FirewallRules: [{26190E13-BD3E-42E7-B531-B465D2180E05}] => (Allow) E:\Davinvii\DaVinciPanelDaemon.exe () [File not signed]
FirewallRules: [{0190D909-CADE-4082-A003-03991725E21E}] => (Allow) E:\Davinvii\bmdpaneld.exe () [File not signed]
FirewallRules: [{4F8EC546-4888-4247-8EFA-CD109B2F047D}] => (Allow) E:\Davinvii\Resolve.exe (Blackmagic Design Pty. Ltd.) [File not signed]
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: Kontrola Logu :)
Pravdepodobne to patrí programu Davinci Resolve 17.Diallix píše: ↑24 čer 2021 17:59 tieto veci poznate?
FirewallRules: [{0D0C3C8A-CA07-4E6B-9DDC-050E3DB12B14}] => (Allow) E:\Davinvii\DPDecoder.exe () [File not signed]
FirewallRules: [{8817B291-C82D-44CB-8011-B16AB0953283}] => (Allow) E:\Davinvii\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [{3CAD9FF0-26E0-45EE-A95D-59A7DBD36B2D}] => (Allow) E:\Davinvii\TangentPanelDaemon.exe () [File not signed]
FirewallRules: [{B6355857-2721-4244-BAB2-5385ACDE316E}] => (Allow) E:\Davinvii\EuphonixPanelDaemon.exe () [File not signed]
FirewallRules: [{DBED2285-71BF-419A-A3FC-06553F52AE80}] => (Allow) E:\Davinvii\JLCooperPanelDaemon.exe () [File not signed]
FirewallRules: [{26190E13-BD3E-42E7-B531-B465D2180E05}] => (Allow) E:\Davinvii\DaVinciPanelDaemon.exe () [File not signed]
FirewallRules: [{0190D909-CADE-4082-A003-03991725E21E}] => (Allow) E:\Davinvii\bmdpaneld.exe () [File not signed]
FirewallRules: [{4F8EC546-4888-4247-8EFA-CD109B2F047D}] => (Allow) E:\Davinvii\Resolve.exe (Blackmagic Design Pty. Ltd.) [File not signed]
Re: Kontrola Logu :)
Do poznamkoveho bloku skopirujte obsah dole:
Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Kód: Vybrat vše
Task: {7AB51301-DEAA-4E4E-8182-5C4E886DBDFA} - \RTSS -> No File <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
EmptyTemp:
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky