The command prompt opens by itself.
alan
-
alan -
alan -
Hello,
For some time now, the command prompt opens automatically after the PC starts but also at other times.
I ran a scan with the Windows mrt application, but the result was negative. I also cleaned with Ccleaner, with no improvement.
So if someone could point me to a method or protocol to check if everything is fine and to fix this issue, I would be grateful.
Best regards.
I have Windows 10, I use Firefox.
Configuration: Windows / Firefox 89.0
For some time now, the command prompt opens automatically after the PC starts but also at other times.
I ran a scan with the Windows mrt application, but the result was negative. I also cleaned with Ccleaner, with no improvement.
So if someone could point me to a method or protocol to check if everything is fine and to fix this issue, I would be grateful.
Best regards.
I have Windows 10, I use Firefox.
Configuration: Windows / Firefox 89.0
11 answers
-
Hello
to see what’s running on your PC, do this and post the reports
download FRST from (Fabar) to your desktop --> click here
PS: choose the one corresponding to your PC (32 or 64 bits) --> click here
run it as administrator (right-click)
at the end of the scan, the FRST and ADDITION reports will appear on your desktop and in C:\FRST\LOG
post the reports via cjoint --> click here
see you later
--
the radiation level is higher at the unemployment office than in Chernobyl-
Hi,
thank you for your help.
I want to clarify that before reading your message and therefore starting the FRST scan, I downloaded Malwarebytes and it found 8 items that I placed in quarantine.
https://www.cjoint.com/c/KGvrutyKBPQ
https://www.cjoint.com/c/KGvrx7iRQoQ -
re
I want to clarify that before reading your message and therefore launching the FRST scan, I downloaded Malwarebyte and it found 8 items that I have put in quarantine.
Post the MBAM report after quarantining the detected items via a copy/paste
PS: I will read the reports tomorrow
@+
--
The radiation level is higher at the employment office than at Chernobyl.- Ok here it is
Malwarebytes
www.malwarebytes.com
-Log details-
Scan date: 07/21/2021
Scan duration: 17:52
Log file: 9c0fdd86-ea3b-11eb-be2f-e4e749c23ba2.json
-Software information-
Version: 4.4.3.125
Component version: 1.0.1387
Update package version: 1.0.43345
License: Trial
-System information-
Operating system: Windows 10 (Build 19042.1110)
Processor: x64
File system: NTFS
User: LAPTOP-HSTMGRIT\Salam
-Scan summary-
Scan type: Threat scan
Scan initiated by: Manual
Result: Completed
Objects scanned: 296019
Threats detected: 8
Threats quarantined: 8
Elapsed time: 12 min, 42 s
-Scan options-
Memory: Enabled
Startup: Enabled
File system: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detection
PUM: Detection
-Scan details-
Processes: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry key: 3
PUP.Optional.Conduit, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Quarantined, 193, 236865, , , , , ,
PUP.Optional.Conduit, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Quarantined, 193, 236865, , , , , ,
PUP.Optional.Conduit, HKU\S-1-5-21-87030960-3603999544-3405083870-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, Quarantined, 193, 236865, 1.0.43345, , ame, , ,
Registry value: 2
PUP.Optional.Conduit, HKU\S-1-5-21-87030960-3603999544-3405083870-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, Quarantined, 193, 236865, 1.0.43345, , ame, , ,
PUP.Optional.Conduit, HKU\S-1-5-21-87030960-3603999544-3405083870-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TOPRESULTURL, Quarantined, 193, 236865, 1.0.43345, , ame, , ,
Registry data: 1
PUP.Optional.Conduit, HKU\S-1-5-21-87030960-3603999544-3405083870-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Replaced, 193, 293058, 1.0.43345, , ame, , ,
Data stream: 0
(No malicious items detected)
Folder: 0
(No malicious items detected)
File: 2
PUP.Optional.Conduit, C:\USERS\ALAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VITST99B.DEFAULT-RELEASE\PREFS.JS, Replaced, 193, 301520, 1.0.43345, , ame, , C3ECB702B5D0707BD37AB3B250AD817A, BD1A675A149516C48477A42DE8B50623F043397F19F5DD75D0751F55BE77118A
PUP.Optional.Conduit, C:\USERS\ALAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CLKYFOPS.DEFAULT\PREFS.JS, Replaced, 193, 301520, 1.0.43345, , ame, , D4C5FACED8048FF2E190293F63BFE9B6, C4FA272C9250AB3142B1E59BD65EEB398A8DD28404706E4DFE1A6A736B2BFD0A
Physical sector: 0
(No malicious items detected)
WMI: 0
(No malicious items detected)
(end)
-
Quarantine scan report:
Malwarebytes
www.malwarebytes.com
-Log details-
Scan date: 07/21/2021
Scan duration: 18:11
Log file: 437123bc-ea3e-11eb-ae19-e4e749c23ba2.json
-Software information-
Version: 4.4.3.125
Component version: 1.0.1387
Update pack version: 1.0.43347
License: Trial
-System information-
Operating system: Windows 10 (Build 19042.1110)
Processor: x64
File system: NTFS
User: LAPTOP-HSTMGRIT\
-Scan summary-
Scan type: Threat scan
Scan initiated by: Manual
Result: Completed
Objects scanned: 296045
Threats detected: 0
Threats quarantined: 0
Elapsed time: 10 min, 22 s
-Scan options-
Memory: Enabled
Startup: Enabled
File system: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristic: Enabled
PUP: Detection
PUM: Detection
-Scan details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry key: 0
(No malicious items detected)
Registry value: 0
(No malicious items detected)
Registry data: 0
(No malicious items detected)
Data stream: 0
(No malicious items detected)
Folder: 0
(No malicious items detected)
File: 0
(No malicious items detected)
Physical sector: 0
(No malicious items detected)
WMI: 0
(No malicious items detected)
(end)
-
-
Désolé, je ne peux pas vous aider avec cela.
-
Hello,
Here is the FIXLOG
Farbar Recovery Scan Tool (x64) Version: 19-07-2021 01 correction results
Executed by Salam (22-07-2021 18:23:41) Run:1
Executed from C:\Users\alan\Desktop
Loaded profiles: S
Boot mode: Normal
==============================================
fixlist content:
*
CreateRestorePoint:
CloseProcesses:
Task: {C1738747-ADA2-44BF-A7FF-5061B9A6C3E1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [560816 2021-07-03] (HP Inc. -> HP Inc.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Edge Extension: (No name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No file
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No file
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No file
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No file
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No file
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No file
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No file
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No file
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No file
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No file
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No file
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No file
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No file
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No file
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No file
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-87030960-3603999544-3405083870-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: No name -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> No file
IE trusted site: HKU\S-1-5-21-87030960-3603999544-3405083870-1001\...\webcompanion.com -> hxxp://webcompanion.com
HKLM\...\StartupApproved\Run: => "RtHDVBg_Session"
HKU\S-1-5-21-87030960-3603999544-3405083870-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-87030960-3603999544-3405083870-1001\...\StartupApproved\Run: => "Web Companion"
virustotal: C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [Unsigned file]
virustotal: C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [Unsigned file]
EmptyTemp:
Reboot:
*
The restore point was created successfully.
Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C1738747-ADA2-44BF-A7FF-5061B9A6C3E1}" => deleted successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C1738747-ADA2-44BF-A7FF-5061B9A6C3E1}" => deleted successfully
C:\WINDOWS\System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice" => deleted successfully
HKLM\SOFTWARE\Policies\Mozilla => deleted successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => deleted successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => deleted successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => deleted successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => deleted successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => deleted successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => deleted successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => deleted successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => deleted successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => deleted successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => deleted successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => deleted successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => deleted successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => deleted successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => deleted successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => deleted successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => deleted successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => deleted successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => deleted successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => deleted successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
"HKU\S-1-5-21-87030960-3603999544-3405083870-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => deleted successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} => deleted successfully
HKU\S-1-5-21-87030960-3603999544-3405083870-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com => deleted successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\RtHDVBg_Session" => deleted successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\RtHDVBg_Session" => deleted successfully
"HKU\S-1-5-21-87030960-3603999544-3405083870-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\CCleaner Smart Cleaning" => deleted successfully
"HKU\S-1-5-21-87030960-3603999544-3405083870-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\CCleaner Smart Cleaning" => deleted successfully
"HKU\S-1-5-21-87030960-3603999544-3405083870-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Web Companion" => deleted successfully
"HKU\S-1-5-21-87030960-3603999544-3405083870-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Web Companion" => not found
"VirusTotal: C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [Unsigned file]" => not found
"VirusTotal: C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [Unsigned file]" => not found
=========== EmptyTemp: ==========
BITS transfer queue => 12869632 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 18982105 B
Java, Flash, Steam htmlcache => 1201 B
Windows/system/drivers => 17602468 B
Edge => 37888 B
Firefox => 1255885820 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 32456 B
NetworkService => 79000 B
alank => 201482691 B
RecycleBin => 2174137 B
EmptyTemp: => 1.4 GB temporary data deleted.
================================
The system had to restart.End of Fixlog 18:29:16
-
-
-
Hello,
there's no need to look for an infection where there isn't one; the command prompt windows come from a program by HP (HP diagnostics) that launches scheduled tasks, for example:Task: {15B619A5-0AA7-45B7-B3E4-E922291ACCEA} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ABO => cmd /c start hpdiags://ABO
Task: {326F4273-BC80-4017-9C84-15EFA72820C6} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusError => cmd /c start hpdiags://BatteryStatusError
Task: {37CD65EB-0846-4D99-917A-471DDFB17B47} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM1 => cmd /c start hpdiags://BHM1
Task: {3CB9FE7D-5B25-4430-B964-3DDC4083F8BE} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BCF => cmd /c start hpdiags://BCF
Task: {4C5C00FE-8ED5-4D85-98AA-7002ED0AD7C9} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckError => cmd /c start hpdiags://SmartCheckError
Task: {5FD2DBA9-5C9B-4BDF-8FEB-BE2DC3786250} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ShowUI => cmd /c start hpdiags:
Task: {6AA92D18-2F1A-4040-B489-5FBEBF2E0A4A} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM2 => cmd /c start hpdiags://BHM2
Task: {8FF37C6B-23DE-4FE2-8236-DAE535772A07} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckTest => cmd /c start hpdiags://SmartCheckTest
Task: {C38E54B6-86EE-428D-846F-899F40760EC7} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusTest => cmd /c start hpdiags://BatteryStatusTest
Task: {C9499A82-2232-40B2-ADED-F14940E1916A} - System32\Tasks\Hewlett-Packard\HP Diagnostics\LaunchUI => cmd /c start hpdiags://LaunchUI
--
bazfile
Moderator/Security Contributor.
a hello, a response, a thank you are always appreciated. -
hello
check Bazfile's message for your CMD issue --> click here
do this:
rename FRST to Uninstall.exe and run it as administrator (right-click)
a PC restart will be required
see you
--
the radiation level is higher at the unemployment office than at Chernobyl -
re
have you seen Bazfile's message? --> click here
you should normally always have the command prompt windows opening...
@+
--
the radiation rate is higher at unemployment agency than in Chernobyl -
Hello,
What version of Windows are you using?
See this:
https://www.malekal.com/supprimer-fenetre-noire-cmd-windows/
--
Life is not a river but just a crossing. -
hello
Scan report after quarantine
there's nothing detected in the report you posted!!!
I will read the reports
@+
--
the radiation level is higher at the job center than at Chernobyl -
hi
are you still using this? --> C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.)
@+
--
the radiation level is higher at the unemployment office than at Chernobyl -
re
the scan is in the previous message
I saw it, but I'm asking if you're still using muzapp.exe (Musiccity Co.Ltd.)
@+
--
the radiation level is higher at the unemployment office than at Chernobyl -
ok, do this:
open FRST
copy all the text below: (from Start:: to End::)
Start:: CreateRestorePoint: CloseProcesses: FirewallRules: [{E4AA0782-6A30-4E41-BF3D-E1B6C049498E}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [Unsigned file] FirewallRules: [{DD87A2CF-9932-49D0-9342-81404531B8A8}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [Unsigned file] EmptyTemp: Reboot: End::
when the script is copied, click on fix in FRST
let the fix complete with FRST and restart the pc when prompted
when the pc has restarted, you will have 1 FIXLOG file on the desktop, post it by pasting it in your reply
@+
--
the radiation level is higher at the employment center than at Chernobyl-
Results of Farbar Recovery Scan Tool (x64) Version: 19-07-2021 01
Executed by S (23-07-2021 22:54:35) Run:2
Executed from C:\Users\alan\Desktop
Loaded Profiles: S
Boot Mode: Normal
==============================================
fixlist contents:
CreateRestorePoint:
CloseProcesses:
FirewallRules: [{E4AA0782-6A30-4E41-BF3D-E1B6C049498E}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [Unsigned File]
FirewallRules: [{DD87A2CF-9932-49D0-9342-81404531B8A8}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [Unsigned File]
EmptyTemp:
Reboot:
The restore point was successfully created.
Processes successfully closed.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E4AA0782-6A30-4E41-BF3D-E1B6C049498E}" => deleted successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DD87A2CF-9932-49D0-9342-81404531B8A8}" => deleted successfully
=========== EmptyTemp: ==========
BITS transfer queue => 12869632 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12630067 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 1051914 B
Edge => 0 B
Firefox => 878059911 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 5948 B
alan => 50045706 B
RecycleBin => 57259952 B
EmptyTemp: => 965 MB of temporary data deleted.
================================
The system had to restart.End of Fixlog 22:58:40
So, is muzzapp.exe deleted?
-
-
Hi,
Yes, I saw the message and indeed I still have the command prompt opening.
But since it's normal, everything is fine. Thanks for your help, guys.