VIRY.CZ

Dobrý deň, prosím o kontrolu logu z dôvodu pomalého počítača. Ďakujem

Logy.rar: (40.73 KiB) Staženo 63 x

Dobry den.

Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.

Logs.rar: (1.98 KiB) Staženo 66 x

Tak teda posielam, dúfam že to je správne.

Ano, su spravne. Mozem, prosim, poprosit o nove logy FRST + ADDITION?

Samozrejme.

Diallix píše: ↑05 čer 2021 16:36 Ano, su spravne. Mozem, prosim, poprosit o nove logy FRST + ADDITION?

Posielam znova, kedže sa pôvodné nejako zle odoslali

Logy virycz.rar: (40.24 KiB) Staženo 62 x

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {032435BF-B3E7-4267-9F7C-6ACECDC3EA06} - System32\Tasks\Opera scheduled assistant Autoupdate 1616416552 => C:\Users\HP\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\HP\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {21DB8893-F20A-4F6E-934F-26D53B59937D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {0D7EA97A-0A6C-41D3-8562-F6E72A966B26} - System32\Tasks\Opera scheduled Autoupdate 1616416544 => C:\Users\HP\AppData\Local\Programs\Opera\launcher.exe
Task: {406EE30A-036F-4688-9648-70817AB1F571} - System32\Tasks\Opera scheduled assistant Autoupdate 1613585807 => C:\Users\HP\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\HP\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {46BEBC81-E676-4C23-9419-01F07DFB92F4} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2493272 2021-05-18] (Overwolf Ltd -> Overwolf LTD)
Task: {68B35E6F-3D8E-40FF-9A9C-FC2C20C0F956} - System32\Tasks\Opera scheduled assistant Autoupdate 1615056220 => C:\Users\HP\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\HP\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {5C5956F5-A3F9-49B7-96C2-566D2957A906} - System32\Tasks\Opera scheduled Autoupdate 1613585797 => C:\Users\HP\AppData\Local\Programs\Opera\launcher.exe
Task: {8094E15C-C9B4-4370-B555-9F6CF7B1AE18} - System32\Tasks\Opera scheduled Autoupdate 1615729237 => C:\Users\HP\AppData\Local\Programs\Opera\launcher.exe
Task: {A5683E32-74A9-4324-BD4E-DE8F7C5DEE68} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-20] (Google LLC -> Google LLC)
Task: {AAA4F552-E52D-44E5-B859-687F9586BE91} - System32\Tasks\Opera scheduled assistant Autoupdate 1615729246 => C:\Users\HP\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\HP\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {BA3152C2-A02A-4F62-81A0-E1D96F7E683A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-20] (Google LLC -> Google LLC)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
CHR Notifications: Default -> hxxps://www74.darenjarvis.pro
S3 RivaTuner64; \??\E:\RIVA\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [X]
Task: {6431D597-9A49-4E75-9758-CDAECDF8F7A4} - System32\Tasks\RTSS => E:\Riva No fake\RivaTuner Statistics Server\RTSS.exe [261264 2019-09-09] (Alexey Nicolaychuk -> )
HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "RadminVPN"
HKU\S-1-5-21-3196039111-1982186927-2852310541-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-3196039111-1982186927-2852310541-1001\...\StartupApproved\Run: => "SIMDashboardServer"
HKU\S-1-5-21-3196039111-1982186927-2852310541-1001\...\StartupApproved\Run: => "Spotify"
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [488]
FirewallRules: [{6F25BCAE-81B2-4CD3-99A9-8471EE1DC2B4}] => (Allow) C:\Users\HP\AppData\Local\Programs\Opera\74.0.3911.139\opera.exe => No File
FirewallRules: [{E9432CBD-CCA1-4316-A835-E189022F9A14}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe => No File
FirewallRules: [UDP Query User{6E65B35D-7B1C-40C5-B23A-EDDF41C60914}C:\users\hp\.lunarclient\jre\zulu8.50.0.53-ca-fx-jre8.0.275-win_x64\bin\javaw.exe] => (Allow) C:\users\hp\.lunarclient\jre\zulu8.50.0.53-ca-fx-jre8.0.275-win_x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{00CF5812-9051-498A-A1EC-3EAB8E046BA5}C:\users\hp\.lunarclient\jre\zulu8.50.0.53-ca-fx-jre8.0.275-win_x64\bin\javaw.exe] => (Allow) C:\users\hp\.lunarclient\jre\zulu8.50.0.53-ca-fx-jre8.0.275-win_x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{00CF5812-9051-498A-A1EC-3EAB8E046BA5}C:\users\hp\.lunarclient\jre\zulu8.50.0.53-ca-fx-jre8.0.275-win_x64\bin\javaw.exe] => (Allow) C:\users\hp\.lunarclient\jre\zulu8.50.0.53-ca-fx-jre8.0.275-win_x64\bin\javaw.exe => No File
FirewallRules: [{732E3A9C-4F9C-428D-8A06-3EF6A8982D00}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{CCEE9EC1-F27E-4710-8139-8116C7A0D1C4}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{924AB1BA-A4F5-4B14-B4A9-DC201D3F9BE9}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{9F6DAF95-2725-49D4-92A5-BEE9D43820E0}E:\muszynaa\aria2c.exe] => (Allow) E:\muszynaa\aria2c.exe => No File
FirewallRules: [TCP Query User{20C50109-F6E9-494C-AD34-D94AB20FF585}E:\muszynaa\aria2c.exe] => (Allow) E:\muszynaa\aria2c.exe => No File
FirewallRules: [{5A00857F-F577-4F2C-9CCB-8FF9048E59FB}] => (Allow) LPort=8317
FirewallRules: [{897020E7-EF45-4195-A974-ACB8144050AC}] => (Allow) LPort=8321
FirewallRules: [{71EA636F-2AED-44B7-BE5B-5D47D13E812E}] => (Allow) C:\Users\HP\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{61D13419-4222-4CDB-8EDE-3C40D81615A6}] => (Allow) C:\Users\HP\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{BF74313C-C6E9-4B57-8FA4-0F3450B95C2C}] => (Allow) E:\Steam\steamapps\common\Business Tour\BusinessTour.exe => No File
FirewallRules: [{1E0536A6-903E-462E-B3DE-48804F948D0D}] => (Allow) E:\Steam\steamapps\common\Business Tour\BusinessTour.exe => No File
FirewallRules: [UDP Query User{7F5B2D56-3E2F-41B5-A4AB-6ED2E9005FD7}E:\tanky xd\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) E:\tanky xd\wargaming.net\gamecenter\dlls\wgc_renderer.exe => No File
FirewallRules: [TCP Query User{96925CA7-8850-4C14-8694-A409C9DAAE67}E:\tanky xd\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) E:\tanky xd\wargaming.net\gamecenter\dlls\wgc_renderer.exe => No File
FirewallRules: [UDP Query User{FA43E5EC-F13D-4D38-BEE5-00000E4B136B}E:\civilization 6\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe] => (Allow) E:\civilization 6\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe => No File
FirewallRules: [TCP Query User{A292C440-3626-4423-8989-D15C8972229B}E:\civilization 6\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe] => (Allow) E:\civilization 6\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe => No File
FirewallRules: [UDP Query User{439D1DA3-D258-4156-8305-798C35BD744E}C:\program files\java\jre1.8.0_251\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_251\bin\javaw.exe => No File
FirewallRules: [TCP Query User{CD549AAE-9449-4708-BB5A-4967DBA1160C}C:\program files\java\jre1.8.0_251\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_251\bin\javaw.exe => No File
FirewallRules: [UDP Query User{83974DB5-6433-4FEF-B7A1-97F0AA46BCC8}E:\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) E:\steam\steamapps\common\war thunder\win64\aces.exe => No File
FirewallRules: [TCP Query User{4EEBBA88-54A0-478D-A03B-22326E3F6B6D}E:\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) E:\steam\steamapps\common\war thunder\win64\aces.exe => No File
FirewallRules: [{0339CE6C-4140-4F6F-8896-90003F0D33FD}] => (Allow) E:\Steam\steamapps\common\War Thunder\launcher.exe => No File
FirewallRules: [{900C7958-866B-46F5-9467-8D641A32F8CC}] => (Allow) E:\Steam\steamapps\common\War Thunder\launcher.exe => No File
FirewallRules: [{93D06912-E1E9-446B-A111-651A59E4E529}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\CDAS2PC\Xerox.CDAS2PC.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{7DD42B98-BCF9-4045-AF7D-760B25803DD4}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\CDAS2PC\Xerox.CDAS2PC.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{682B8C99-FB32-4E53-94B2-DB612A59C679}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\uninstall.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{323C7B84-EB18-452B-A2E4-4D51047B828E}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\uninstall.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{43E727E8-317A-432A-B6F6-F974CB57CFF1}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Alert.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{3915B04A-DA81-40FB-BF8E-33EC31EC853B}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Alert.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{AB0AF94E-D358-443E-82EB-14A13663E747}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.OrderSupplies.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{584CCB32-BA2A-465D-8852-C191A1C0C301}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.OrderSupplies.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{1EB45B36-015A-41D2-8828-FE2BD5BF9329}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Application.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{FCA7613A-D595-4A9C-926F-82360C570787}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Application.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{1656BE3C-725D-4460-A510-AED664C6E9CB}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{01A9F9DA-42CA-44E2-BE9B-0BBA9B6728DD}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{CA25105E-9302-41E3-A733-68F484755F83}C:\users\hp\desktop\anydesk.exe] => (Allow) C:\users\hp\desktop\anydesk.exe => No File
FirewallRules: [UDP Query User{EC0E8DC1-B289-4B97-94BB-E6E5602696EB}C:\users\hp\desktop\anydesk.exe] => (Allow) C:\users\hp\desktop\anydesk.exe => No File
FirewallRules: [{0AA0B297-7F8E-4A31-BE39-09F20D2A6B97}] => (Allow) C:\Users\HP\AppData\Local\Programs\Opera\74.0.3911.203\opera.exe => No File
FirewallRules: [TCP Query User{9595F069-827C-43BE-814E-A655A98A0981}C:\users\hp\downloads\mapyczforts.exe] => (Allow) C:\users\hp\downloads\mapyczforts.exe => No File
FirewallRules: [UDP Query User{8DFF68D7-64BC-42AC-8DD0-A39D72657F15}C:\users\hp\downloads\mapyczforts.exe] => (Allow) C:\users\hp\downloads\mapyczforts.exe => No File
FirewallRules: [{103D2127-1F60-4D32-A4EC-E486FF05ED8F}] => (Allow) C:\Users\HP\AppData\Roaming\uTorrent Web\utweb.exe => No File
FirewallRules: [{D0A9B7D8-4EE8-4412-8402-516837BD8BAD}] => (Allow) C:\Users\HP\AppData\Roaming\uTorrent Web\utweb.exe => No File
FirewallRules: [{96822F68-15D5-4994-9480-244410EEDDD4}] => (Allow) C:\Users\HP\AppData\Local\Programs\Opera\74.0.3911.203_0\opera.exe => No File
FirewallRules: [TCP Query User{9B43EF9E-F6C3-43F2-85D7-939A00BAA461}C:\program files\java\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_281\bin\javaw.exe => No File
FirewallRules: [UDP Query User{D31A038F-9437-46C4-B299-324E274623CB}C:\program files\java\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_281\bin\javaw.exe => No File
FirewallRules: [{8C7F5F84-48C6-4639-827E-E97CDA8E1E14}] => (Allow) C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{C63F3316-ABEF-41D2-83CD-2EEF95F1E1AC}] => (Allow) C:\Users\HP\AppData\Local\Programs\Opera\74.0.3911.232\opera.exe => No File
FirewallRules: [{2608BA71-A2C0-435D-923B-6B65A46A18CE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{391FEBAB-5879-4AB4-8D95-4E05344889B7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{078C9388-3DE3-430D-BBB8-25CEF20E008C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6624F3B9-B539-4228-9E6A-5E0E41248F88}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

EmptyTemp:
Hosts:

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.

Kód: Vybrat vše

Fix result of Farbar Recovery Scan Tool (x64) Version: 20-06-2021
Ran by HP (21-06-2021 18:39:33) Run:2
Running from C:\Users\HP\Desktop\FRST
Loaded Profiles: HP & postgres
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {032435BF-B3E7-4267-9F7C-6ACECDC3EA06} - System32\Tasks\Opera scheduled assistant Autoupdate 1616416552 => C:\Users\HP\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\HP\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {21DB8893-F20A-4F6E-934F-26D53B59937D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {0D7EA97A-0A6C-41D3-8562-F6E72A966B26} - System32\Tasks\Opera scheduled Autoupdate 1616416544 => C:\Users\HP\AppData\Local\Programs\Opera\launcher.exe
Task: {406EE30A-036F-4688-9648-70817AB1F571} - System32\Tasks\Opera scheduled assistant Autoupdate 1613585807 => C:\Users\HP\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\HP\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {46BEBC81-E676-4C23-9419-01F07DFB92F4} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2493272 2021-05-18] (Overwolf Ltd -> Overwolf LTD)
Task: {68B35E6F-3D8E-40FF-9A9C-FC2C20C0F956} - System32\Tasks\Opera scheduled assistant Autoupdate 1615056220 => C:\Users\HP\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\HP\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {5C5956F5-A3F9-49B7-96C2-566D2957A906} - System32\Tasks\Opera scheduled Autoupdate 1613585797 => C:\Users\HP\AppData\Local\Programs\Opera\launcher.exe
Task: {8094E15C-C9B4-4370-B555-9F6CF7B1AE18} - System32\Tasks\Opera scheduled Autoupdate 1615729237 => C:\Users\HP\AppData\Local\Programs\Opera\launcher.exe
Task: {A5683E32-74A9-4324-BD4E-DE8F7C5DEE68} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-20] (Google LLC -> Google LLC)
Task: {AAA4F552-E52D-44E5-B859-687F9586BE91} - System32\Tasks\Opera scheduled assistant Autoupdate 1615729246 => C:\Users\HP\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\HP\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {BA3152C2-A02A-4F62-81A0-E1D96F7E683A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-20] (Google LLC -> Google LLC)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
CHR Notifications: Default -> hxxps://www74.darenjarvis.pro
S3 RivaTuner64; \??\E:\RIVA\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [X]
Task: {6431D597-9A49-4E75-9758-CDAECDF8F7A4} - System32\Tasks\RTSS => E:\Riva No fake\RivaTuner Statistics Server\RTSS.exe [261264 2019-09-09] (Alexey Nicolaychuk -> )
HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "RadminVPN"
HKU\S-1-5-21-3196039111-1982186927-2852310541-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-3196039111-1982186927-2852310541-1001\...\StartupApproved\Run: => "SIMDashboardServer"
HKU\S-1-5-21-3196039111-1982186927-2852310541-1001\...\StartupApproved\Run: => "Spotify"
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [488]
FirewallRules: [{6F25BCAE-81B2-4CD3-99A9-8471EE1DC2B4}] => (Allow) C:\Users\HP\AppData\Local\Programs\Opera\74.0.3911.139\opera.exe => No File
FirewallRules: [{E9432CBD-CCA1-4316-A835-E189022F9A14}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe => No File
FirewallRules: [UDP Query User{6E65B35D-7B1C-40C5-B23A-EDDF41C60914}C:\users\hp\.lunarclient\jre\zulu8.50.0.53-ca-fx-jre8.0.275-win_x64\bin\javaw.exe] => (Allow) C:\users\hp\.lunarclient\jre\zulu8.50.0.53-ca-fx-jre8.0.275-win_x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{00CF5812-9051-498A-A1EC-3EAB8E046BA5}C:\users\hp\.lunarclient\jre\zulu8.50.0.53-ca-fx-jre8.0.275-win_x64\bin\javaw.exe] => (Allow) C:\users\hp\.lunarclient\jre\zulu8.50.0.53-ca-fx-jre8.0.275-win_x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{00CF5812-9051-498A-A1EC-3EAB8E046BA5}C:\users\hp\.lunarclient\jre\zulu8.50.0.53-ca-fx-jre8.0.275-win_x64\bin\javaw.exe] => (Allow) C:\users\hp\.lunarclient\jre\zulu8.50.0.53-ca-fx-jre8.0.275-win_x64\bin\javaw.exe => No File
FirewallRules: [{732E3A9C-4F9C-428D-8A06-3EF6A8982D00}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{CCEE9EC1-F27E-4710-8139-8116C7A0D1C4}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{924AB1BA-A4F5-4B14-B4A9-DC201D3F9BE9}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{9F6DAF95-2725-49D4-92A5-BEE9D43820E0}E:\muszynaa\aria2c.exe] => (Allow) E:\muszynaa\aria2c.exe => No File
FirewallRules: [TCP Query User{20C50109-F6E9-494C-AD34-D94AB20FF585}E:\muszynaa\aria2c.exe] => (Allow) E:\muszynaa\aria2c.exe => No File
FirewallRules: [{5A00857F-F577-4F2C-9CCB-8FF9048E59FB}] => (Allow) LPort=8317
FirewallRules: [{897020E7-EF45-4195-A974-ACB8144050AC}] => (Allow) LPort=8321
FirewallRules: [{71EA636F-2AED-44B7-BE5B-5D47D13E812E}] => (Allow) C:\Users\HP\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{61D13419-4222-4CDB-8EDE-3C40D81615A6}] => (Allow) C:\Users\HP\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{BF74313C-C6E9-4B57-8FA4-0F3450B95C2C}] => (Allow) E:\Steam\steamapps\common\Business Tour\BusinessTour.exe => No File
FirewallRules: [{1E0536A6-903E-462E-B3DE-48804F948D0D}] => (Allow) E:\Steam\steamapps\common\Business Tour\BusinessTour.exe => No File
FirewallRules: [UDP Query User{7F5B2D56-3E2F-41B5-A4AB-6ED2E9005FD7}E:\tanky xd\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) E:\tanky xd\wargaming.net\gamecenter\dlls\wgc_renderer.exe => No File
FirewallRules: [TCP Query User{96925CA7-8850-4C14-8694-A409C9DAAE67}E:\tanky xd\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) E:\tanky xd\wargaming.net\gamecenter\dlls\wgc_renderer.exe => No File
FirewallRules: [UDP Query User{FA43E5EC-F13D-4D38-BEE5-00000E4B136B}E:\civilization 6\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe] => (Allow) E:\civilization 6\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe => No File
FirewallRules: [TCP Query User{A292C440-3626-4423-8989-D15C8972229B}E:\civilization 6\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe] => (Allow) E:\civilization 6\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe => No File
FirewallRules: [UDP Query User{439D1DA3-D258-4156-8305-798C35BD744E}C:\program files\java\jre1.8.0_251\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_251\bin\javaw.exe => No File
FirewallRules: [TCP Query User{CD549AAE-9449-4708-BB5A-4967DBA1160C}C:\program files\java\jre1.8.0_251\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_251\bin\javaw.exe => No File
FirewallRules: [UDP Query User{83974DB5-6433-4FEF-B7A1-97F0AA46BCC8}E:\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) E:\steam\steamapps\common\war thunder\win64\aces.exe => No File
FirewallRules: [TCP Query User{4EEBBA88-54A0-478D-A03B-22326E3F6B6D}E:\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) E:\steam\steamapps\common\war thunder\win64\aces.exe => No File
FirewallRules: [{0339CE6C-4140-4F6F-8896-90003F0D33FD}] => (Allow) E:\Steam\steamapps\common\War Thunder\launcher.exe => No File
FirewallRules: [{900C7958-866B-46F5-9467-8D641A32F8CC}] => (Allow) E:\Steam\steamapps\common\War Thunder\launcher.exe => No File
FirewallRules: [{93D06912-E1E9-446B-A111-651A59E4E529}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\CDAS2PC\Xerox.CDAS2PC.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{7DD42B98-BCF9-4045-AF7D-760B25803DD4}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\CDAS2PC\Xerox.CDAS2PC.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{682B8C99-FB32-4E53-94B2-DB612A59C679}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\uninstall.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{323C7B84-EB18-452B-A2E4-4D51047B828E}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\uninstall.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{43E727E8-317A-432A-B6F6-F974CB57CFF1}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Alert.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{3915B04A-DA81-40FB-BF8E-33EC31EC853B}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Alert.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{AB0AF94E-D358-443E-82EB-14A13663E747}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.OrderSupplies.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{584CCB32-BA2A-465D-8852-C191A1C0C301}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.OrderSupplies.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{1EB45B36-015A-41D2-8828-FE2BD5BF9329}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Application.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{FCA7613A-D595-4A9C-926F-82360C570787}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Application.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{1656BE3C-725D-4460-A510-AED664C6E9CB}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{01A9F9DA-42CA-44E2-BE9B-0BBA9B6728DD}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{CA25105E-9302-41E3-A733-68F484755F83}C:\users\hp\desktop\anydesk.exe] => (Allow) C:\users\hp\desktop\anydesk.exe => No File
FirewallRules: [UDP Query User{EC0E8DC1-B289-4B97-94BB-E6E5602696EB}C:\users\hp\desktop\anydesk.exe] => (Allow) C:\users\hp\desktop\anydesk.exe => No File
FirewallRules: [{0AA0B297-7F8E-4A31-BE39-09F20D2A6B97}] => (Allow) C:\Users\HP\AppData\Local\Programs\Opera\74.0.3911.203\opera.exe => No File
FirewallRules: [TCP Query User{9595F069-827C-43BE-814E-A655A98A0981}C:\users\hp\downloads\mapyczforts.exe] => (Allow) C:\users\hp\downloads\mapyczforts.exe => No File
FirewallRules: [UDP Query User{8DFF68D7-64BC-42AC-8DD0-A39D72657F15}C:\users\hp\downloads\mapyczforts.exe] => (Allow) C:\users\hp\downloads\mapyczforts.exe => No File
FirewallRules: [{103D2127-1F60-4D32-A4EC-E486FF05ED8F}] => (Allow) C:\Users\HP\AppData\Roaming\uTorrent Web\utweb.exe => No File
FirewallRules: [{D0A9B7D8-4EE8-4412-8402-516837BD8BAD}] => (Allow) C:\Users\HP\AppData\Roaming\uTorrent Web\utweb.exe => No File
FirewallRules: [{96822F68-15D5-4994-9480-244410EEDDD4}] => (Allow) C:\Users\HP\AppData\Local\Programs\Opera\74.0.3911.203_0\opera.exe => No File
FirewallRules: [TCP Query User{9B43EF9E-F6C3-43F2-85D7-939A00BAA461}C:\program files\java\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_281\bin\javaw.exe => No File
FirewallRules: [UDP Query User{D31A038F-9437-46C4-B299-324E274623CB}C:\program files\java\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_281\bin\javaw.exe => No File
FirewallRules: [{8C7F5F84-48C6-4639-827E-E97CDA8E1E14}] => (Allow) C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{C63F3316-ABEF-41D2-83CD-2EEF95F1E1AC}] => (Allow) C:\Users\HP\AppData\Local\Programs\Opera\74.0.3911.232\opera.exe => No File
FirewallRules: [{2608BA71-A2C0-435D-923B-6B65A46A18CE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{391FEBAB-5879-4AB4-8D95-4E05344889B7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{078C9388-3DE3-430D-BBB8-25CEF20E008C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6624F3B9-B539-4228-9E6A-5E0E41248F88}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

EmptyTemp:
Hosts:

*****************

Processes closed successfully.
Restore point was successfully created.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{032435BF-B3E7-4267-9F7C-6ACECDC3EA06}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{032435BF-B3E7-4267-9F7C-6ACECDC3EA06}" => removed successfully
C:\WINDOWS\System32\Tasks\Opera scheduled assistant Autoupdate 1616416552 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled assistant Autoupdate 1616416552" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{21DB8893-F20A-4F6E-934F-26D53B59937D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{21DB8893-F20A-4F6E-934F-26D53B59937D}" => removed successfully
C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0D7EA97A-0A6C-41D3-8562-F6E72A966B26}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D7EA97A-0A6C-41D3-8562-F6E72A966B26}" => removed successfully
C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1616416544 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1616416544" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{406EE30A-036F-4688-9648-70817AB1F571}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{406EE30A-036F-4688-9648-70817AB1F571}" => removed successfully
C:\WINDOWS\System32\Tasks\Opera scheduled assistant Autoupdate 1613585807 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled assistant Autoupdate 1613585807" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{46BEBC81-E676-4C23-9419-01F07DFB92F4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{46BEBC81-E676-4C23-9419-01F07DFB92F4}" => removed successfully
C:\WINDOWS\System32\Tasks\Overwolf Updater Task => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Overwolf Updater Task" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{68B35E6F-3D8E-40FF-9A9C-FC2C20C0F956}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{68B35E6F-3D8E-40FF-9A9C-FC2C20C0F956}" => removed successfully
C:\WINDOWS\System32\Tasks\Opera scheduled assistant Autoupdate 1615056220 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled assistant Autoupdate 1615056220" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5C5956F5-A3F9-49B7-96C2-566D2957A906}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C5956F5-A3F9-49B7-96C2-566D2957A906}" => removed successfully
C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1613585797 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1613585797" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8094E15C-C9B4-4370-B555-9F6CF7B1AE18}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8094E15C-C9B4-4370-B555-9F6CF7B1AE18}" => removed successfully
C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1615729237 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1615729237" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A5683E32-74A9-4324-BD4E-DE8F7C5DEE68}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A5683E32-74A9-4324-BD4E-DE8F7C5DEE68}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AAA4F552-E52D-44E5-B859-687F9586BE91}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AAA4F552-E52D-44E5-B859-687F9586BE91}" => removed successfully
C:\WINDOWS\System32\Tasks\Opera scheduled assistant Autoupdate 1615729246 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled assistant Autoupdate 1615729246" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BA3152C2-A02A-4F62-81A0-E1D96F7E683A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BA3152C2-A02A-4F62-81A0-E1D96F7E683A}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
"Chrome Notifications" => removed successfully
HKLM\System\CurrentControlSet\Services\RivaTuner64 => removed successfully
RivaTuner64 => service removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6431D597-9A49-4E75-9758-CDAECDF8F7A4}" => not found
C:\WINDOWS\System32\Tasks\RTSS => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RTSS" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Riot Vanguard" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Riot Vanguard" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\LogMeIn Hamachi Ui" => removed successfully
"HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\LogMeIn Hamachi Ui" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\RadminVPN" => removed successfully
"HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\RadminVPN" => removed successfully
C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk => moved successfully
"HKU\S-1-5-21-3196039111-1982186927-2852310541-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder\\MEGAsync.lnk" => removed successfully
"HKU\S-1-5-21-3196039111-1982186927-2852310541-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\SIMDashboardServer" => removed successfully
"HKU\S-1-5-21-3196039111-1982186927-2852310541-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\SIMDashboardServer" => removed successfully
"HKU\S-1-5-21-3196039111-1982186927-2852310541-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Spotify" => removed successfully
"HKU\S-1-5-21-3196039111-1982186927-2852310541-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Spotify" => removed successfully
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6F25BCAE-81B2-4CD3-99A9-8471EE1DC2B4}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E9432CBD-CCA1-4316-A835-E189022F9A14}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6E65B35D-7B1C-40C5-B23A-EDDF41C60914}C:\users\hp\.lunarclient\jre\zulu8.50.0.53-ca-fx-jre8.0.275-win_x64\bin\javaw.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{00CF5812-9051-498A-A1EC-3EAB8E046BA5}C:\users\hp\.lunarclient\jre\zulu8.50.0.53-ca-fx-jre8.0.275-win_x64\bin\javaw.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{00CF5812-9051-498A-A1EC-3EAB8E046BA5}C:\users\hp\.lunarclient\jre\zulu8.50.0.53-ca-fx-jre8.0.275-win_x64\bin\javaw.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{732E3A9C-4F9C-428D-8A06-3EF6A8982D00}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CCEE9EC1-F27E-4710-8139-8116C7A0D1C4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{924AB1BA-A4F5-4B14-B4A9-DC201D3F9BE9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9F6DAF95-2725-49D4-92A5-BEE9D43820E0}E:\muszynaa\aria2c.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{20C50109-F6E9-494C-AD34-D94AB20FF585}E:\muszynaa\aria2c.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5A00857F-F577-4F2C-9CCB-8FF9048E59FB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{897020E7-EF45-4195-A974-ACB8144050AC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{71EA636F-2AED-44B7-BE5B-5D47D13E812E}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{61D13419-4222-4CDB-8EDE-3C40D81615A6}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BF74313C-C6E9-4B57-8FA4-0F3450B95C2C}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1E0536A6-903E-462E-B3DE-48804F948D0D}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7F5B2D56-3E2F-41B5-A4AB-6ED2E9005FD7}E:\tanky xd\wargaming.net\gamecenter\dlls\wgc_renderer.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{96925CA7-8850-4C14-8694-A409C9DAAE67}E:\tanky xd\wargaming.net\gamecenter\dlls\wgc_renderer.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FA43E5EC-F13D-4D38-BEE5-00000E4B136B}E:\civilization 6\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A292C440-3626-4423-8989-D15C8972229B}E:\civilization 6\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{439D1DA3-D258-4156-8305-798C35BD744E}C:\program files\java\jre1.8.0_251\bin\javaw.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CD549AAE-9449-4708-BB5A-4967DBA1160C}C:\program files\java\jre1.8.0_251\bin\javaw.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{83974DB5-6433-4FEF-B7A1-97F0AA46BCC8}E:\steam\steamapps\common\war thunder\win64\aces.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4EEBBA88-54A0-478D-A03B-22326E3F6B6D}E:\steam\steamapps\common\war thunder\win64\aces.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0339CE6C-4140-4F6F-8896-90003F0D33FD}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{900C7958-866B-46F5-9467-8D641A32F8CC}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{93D06912-E1E9-446B-A111-651A59E4E529}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7DD42B98-BCF9-4045-AF7D-760B25803DD4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{682B8C99-FB32-4E53-94B2-DB612A59C679}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{323C7B84-EB18-452B-A2E4-4D51047B828E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{43E727E8-317A-432A-B6F6-F974CB57CFF1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3915B04A-DA81-40FB-BF8E-33EC31EC853B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AB0AF94E-D358-443E-82EB-14A13663E747}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{584CCB32-BA2A-465D-8852-C191A1C0C301}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1EB45B36-015A-41D2-8828-FE2BD5BF9329}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FCA7613A-D595-4A9C-926F-82360C570787}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1656BE3C-725D-4460-A510-AED664C6E9CB}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{01A9F9DA-42CA-44E2-BE9B-0BBA9B6728DD}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CA25105E-9302-41E3-A733-68F484755F83}C:\users\hp\desktop\anydesk.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{EC0E8DC1-B289-4B97-94BB-E6E5602696EB}C:\users\hp\desktop\anydesk.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0AA0B297-7F8E-4A31-BE39-09F20D2A6B97}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9595F069-827C-43BE-814E-A655A98A0981}C:\users\hp\downloads\mapyczforts.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8DFF68D7-64BC-42AC-8DD0-A39D72657F15}C:\users\hp\downloads\mapyczforts.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{103D2127-1F60-4D32-A4EC-E486FF05ED8F}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D0A9B7D8-4EE8-4412-8402-516837BD8BAD}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{96822F68-15D5-4994-9480-244410EEDDD4}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9B43EF9E-F6C3-43F2-85D7-939A00BAA461}C:\program files\java\jre1.8.0_281\bin\javaw.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D31A038F-9437-46C4-B299-324E274623CB}C:\program files\java\jre1.8.0_281\bin\javaw.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8C7F5F84-48C6-4639-827E-E97CDA8E1E14}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C63F3316-ABEF-41D2-83CD-2EEF95F1E1AC}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2608BA71-A2C0-435D-923B-6B65A46A18CE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{391FEBAB-5879-4AB4-8D95-4E05344889B7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{078C9388-3DE3-430D-BBB8-25CEF20E008C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6624F3B9-B539-4228-9E6A-5E0E41248F88}" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 34915274 B
Java, Flash, Steam htmlcache => 469045434 B
Windows/system/drivers => 0 B
Edge => 32295 B
Chrome => 465637536 B
Firefox => 0 B
Opera => 4996987 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 5072 B
HP => 1460641508 B
postgres => 1460641508 B

RecycleBin => 340 B
EmptyTemp: => 3.6 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:41:43 ====

Mozem poprosit o nove logy FRST + ADDITION?

Diallix píše: ↑21 čer 2021 17:52 Mozem poprosit o nove logy FRST + ADDITION?

Samozrejme

Nová položka WinRAR archiv.rar: (30.54 KiB) Staženo 63 x

tieto veci poznate?

FirewallRules: [{0D0C3C8A-CA07-4E6B-9DDC-050E3DB12B14}] => (Allow) E:\Davinvii\DPDecoder.exe () [File not signed]
FirewallRules: [{8817B291-C82D-44CB-8011-B16AB0953283}] => (Allow) E:\Davinvii\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [{3CAD9FF0-26E0-45EE-A95D-59A7DBD36B2D}] => (Allow) E:\Davinvii\TangentPanelDaemon.exe () [File not signed]
FirewallRules: [{B6355857-2721-4244-BAB2-5385ACDE316E}] => (Allow) E:\Davinvii\EuphonixPanelDaemon.exe () [File not signed]
FirewallRules: [{DBED2285-71BF-419A-A3FC-06553F52AE80}] => (Allow) E:\Davinvii\JLCooperPanelDaemon.exe () [File not signed]
FirewallRules: [{26190E13-BD3E-42E7-B531-B465D2180E05}] => (Allow) E:\Davinvii\DaVinciPanelDaemon.exe () [File not signed]
FirewallRules: [{0190D909-CADE-4082-A003-03991725E21E}] => (Allow) E:\Davinvii\bmdpaneld.exe () [File not signed]
FirewallRules: [{4F8EC546-4888-4247-8EFA-CD109B2F047D}] => (Allow) E:\Davinvii\Resolve.exe (Blackmagic Design Pty. Ltd.) [File not signed]

Diallix píše: ↑24 čer 2021 17:59 tieto veci poznate?

FirewallRules: [{0D0C3C8A-CA07-4E6B-9DDC-050E3DB12B14}] => (Allow) E:\Davinvii\DPDecoder.exe () [File not signed]
FirewallRules: [{8817B291-C82D-44CB-8011-B16AB0953283}] => (Allow) E:\Davinvii\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [{3CAD9FF0-26E0-45EE-A95D-59A7DBD36B2D}] => (Allow) E:\Davinvii\TangentPanelDaemon.exe () [File not signed]
FirewallRules: [{B6355857-2721-4244-BAB2-5385ACDE316E}] => (Allow) E:\Davinvii\EuphonixPanelDaemon.exe () [File not signed]
FirewallRules: [{DBED2285-71BF-419A-A3FC-06553F52AE80}] => (Allow) E:\Davinvii\JLCooperPanelDaemon.exe () [File not signed]
FirewallRules: [{26190E13-BD3E-42E7-B531-B465D2180E05}] => (Allow) E:\Davinvii\DaVinciPanelDaemon.exe () [File not signed]
FirewallRules: [{0190D909-CADE-4082-A003-03991725E21E}] => (Allow) E:\Davinvii\bmdpaneld.exe () [File not signed]
FirewallRules: [{4F8EC546-4888-4247-8EFA-CD109B2F047D}] => (Allow) E:\Davinvii\Resolve.exe (Blackmagic Design Pty. Ltd.) [File not signed]

Pravdepodobne to patrí programu Davinci Resolve 17.

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

Task: {7AB51301-DEAA-4E4E-8182-5C4E886DBDFA} - \RTSS -> No File <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}

EmptyTemp:

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.

VIRY.CZ

Kontrola Logu :)

Kontrola Logu :)

Re: Kontrola Logu :)

Re: Kontrola Logu :)

Re: Kontrola Logu :)

Re: Kontrola Logu :)

Re: Kontrola Logu :)

Re: Kontrola Logu :)

Re: Kontrola Logu :)

Re: Kontrola Logu :)

Re: Kontrola Logu :)

Re: Kontrola Logu :)

Re: Kontrola Logu :)

Re: Kontrola Logu :)