Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

hrozně zpomalený NTB W10

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
dulen.dulen
Návštěvník
Návštěvník
Příspěvky: 56
Registrován: 03 črc 2009 10:51

hrozně zpomalený NTB W10

#1 Příspěvek od dulen.dulen »

Dobrý den,
během zřejmě neodborného uklidu prostřednictvím CCleaneru hrozně mrzne a 35 minnajiždí NTB, nejedou ani videa (NETFLIX...)
Prosím o kontrolu, díky.Data v příloze.
Přílohy
Logs.zip
(45.74 KiB) Staženo 54 x

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: hrozně zpomalený NTB W10

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

dulen.dulen
Návštěvník
Návštěvník
Příspěvky: 56
Registrován: 03 črc 2009 10:51

Re: hrozně zpomalený NTB W10

#3 Příspěvek od dulen.dulen »

# -------------------------------
# Malwarebytes AdwCleaner 8.0.5.0
# -------------------------------
# Build: 05-25-2020
# Database: 2020-06-15.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-01-2020
# Duration: 00:01:21
# OS: Windows 7 Home Premium
# Cleaned: 86
# Failed: 4


***** [ Services ] *****

Deleted WCAssistantService

***** [ Folders ] *****

Deleted C:\Program Files (x86)\DiskFixer
Deleted C:\Program Files (x86)\MachinerData
Deleted C:\Program Files (x86)\Seed Trade
Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion
Deleted C:\ProgramData\CloudPrinter
Deleted C:\ProgramData\Garbage Cleaner
Deleted C:\ProgramData\Lavasoft\Web Companion
Deleted C:\ProgramData\Logic Cramble
Deleted C:\ProgramData\Mbappert
Deleted C:\ProgramData\Mbapperts
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Deleted C:\Users\Dalin\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG
Deleted C:\Users\Dalin\AppData\Roaming\Lavasoft\Web Companion
Deleted C:\Users\Dalin\AppData\Roaming\RHEng
Deleted C:\Windows\rss
Deleted C:\extensions
Not Deleted C:\Program Files (x86)\Lavasoft\Web Companion
Not Deleted C:\ProgramData\6E94CB68

***** [ Files ] *****

Deleted C:\Users\Dalin\AppData\Local\Main.dat
Deleted C:\Users\Dalin\AppData\Local\Temp\WebCompanion.zip
Deleted C:\Users\Dalin\Desktop\DiskFixer.lnk
Deleted C:\Users\Dalin\Desktop\Garbage Cleaner.lnk
Deleted C:\Users\Dalin\appdata\local\installationconfiguration.xml
Deleted C:\Windows\SysWOW64\findit.xml
Deleted C:\Windows\System32\drivers\Winmon.sys
Deleted C:\Windows\System32\drivers\WinmonFS.sys
Deleted C:\Windows\System32\drivers\WinmonProcessMonitor.sys

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
Deleted C:\Users\Dalin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Deleted C:\Users\Dalin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Deleted C:\Users\Dalin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
Deleted C:\Users\Dalin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Deleted C:\Users\Public\Desktop\Google Chrome.lnk

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Environment|SNF
Deleted HKCU\Environment|SNP
Deleted HKCU\SOFTWARE\1863170D0E397B7F15B3
Deleted HKCU\Software\DreamTrips
Deleted HKCU\Software\GCleaner
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Etsy
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes|DefaultScope
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com
Deleted HKCU\Software\Seznam.cz
Deleted HKCU\Software\mtMbappert
Deleted HKLM\SOFTWARE\MICROSOFT\Speedycar
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{36940B6B-22EB-417A-A5D1-3593FFA0E1D6}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1C882E1E-4DAC-47B5-B03C-79CC4C0FA262}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{36940B6B-22EB-417A-A5D1-3593FFA0E1D6}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ScheduledUpdate
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Time Trigger Task
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs - "C:\ProgramData\Mbappert\Silverstock.dll"
Deleted HKLM\Software\MICROSOFT\TechnologyDesktopnew
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\FreeFallProtection
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{332f74c4-c7d0-4516-973b-24e81e9a9ac4}|DisplayIcon
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{332f74c4-c7d0-4516-973b-24e81e9a9ac4}|DisplayName
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{332f74c4-c7d0-4516-973b-24e81e9a9ac4}|UninstallString
Deleted HKLM\Software\Wow6432Node\Proxy
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes\ielnksrch
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes|DefaultScope
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs - "C:\ProgramData\Mbappert\Tintowarm.dll"
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\DiskFixer_is1
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{13E374E4-E610-4F9E-ACC4-E461DA17D869}_is1
Deleted HKLM\Software\Wow6432Node\mtMbappert
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\Application Hosting
Deleted HKU\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\Web Assistant
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com

***** [ Chromium (and derivatives) ] *****

Deleted Bazz Search SafeFinder - inafjghmmkmiobijhbgkfekenbfbklhb

***** [ Chromium URLs ] *****

Deleted WebSearch

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.DellQuickset Folder C:\Program Files\DELL\QUICKSET
Deleted Preinstalled.DellQuickset Folder C:\ProgramData\DELL\QUICKSET
Deleted Preinstalled.DellSupportCenter File C:\Users\Public\Desktop\Dell Support Center.lnk
Deleted Preinstalled.DellSupportCenter Folder C:\Program Files (x86)\DELL SUPPORT CENTER
Deleted Preinstalled.DellSupportCenter Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELL SUPPORT CENTER
Deleted Preinstalled.DellUpdateforWindows10 Folder C:\Program Files (x86)\DELL\UPDATE
Deleted Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\DELL\UPDATE
Deleted Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELL\UPDATE
Deleted Preinstalled.DellUpdateforWindows10 Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{5EBBC1DA-975F-44A0-B438-F325BCD45577}
Deleted Preinstalled.SamsungEasyDocumentCreator Folder C:\Program Files (x86)\SAMSUNG\EASY DOCUMENT CREATOR
Deleted Preinstalled.SamsungEasyDocumentCreator Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Samsung Easy Document Creator
Deleted Preinstalled.SamsungEasyDocumentCreator Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}
Not Deleted Preinstalled.DellUpdateforWindows10 Folder C:\Program Files (x86)\DELL\UPDATESERVICE
Not Deleted Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\DELL\UPDATESERVICE


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [9830 octets] - [01/07/2020 10:31:29]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: hrozně zpomalený NTB W10

#4 Příspěvek od Rudy »

OK. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

dulen.dulen
Návštěvník
Návštěvník
Příspěvky: 56
Registrován: 03 črc 2009 10:51

Re: hrozně zpomalený NTB W10

#5 Příspěvek od dulen.dulen »

# -------------------------------
# Malwarebytes AdwCleaner 8.0.5.0
# -------------------------------
# Build: 05-25-2020
# Database: 2020-06-15.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-01-2020
# Duration: 00:00:02
# OS: Windows 7 Home Premium
# Cleaned: 8
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Lavasoft\Web Companion
Deleted C:\ProgramData\6E94CB68

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
Deleted C:\Users\Dalin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Deleted C:\Users\Dalin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Deleted C:\Users\Dalin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
Deleted C:\Users\Dalin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Deleted C:\Users\Public\Desktop\Google Chrome.lnk

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [9830 octets] - [01/07/2020 10:31:29]
AdwCleaner[C00].txt - [8818 octets] - [01/07/2020 10:42:23]
AdwCleaner[S01].txt - [2466 octets] - [01/07/2020 15:27:35]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########


=============== P . S .========================
nevím je li to možné, ale nějak přestl fungovat háček (diakritika) ze samostatné klávesy, = nejde napsat třeba ď/Ď.... :)

dulen.dulen
Návštěvník
Návštěvník
Příspěvky: 56
Registrován: 03 črc 2009 10:51

Re: hrozně zpomalený NTB W10

#6 Příspěvek od dulen.dulen »

# -------------------------------
# Malwarebytes AdwCleaner 8.0.5.0
# -------------------------------
# Build: 05-25-2020
# Database: 2020-06-15.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 07-01-2020
# Duration: 00:01:46
# OS: Windows 7 Home Premium
# Scanned: 31836
# Detected: 10


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Adware.Heuristic C:\ProgramData\6E94CB68
PUP.Optional.WebCompanion C:\Program Files (x86)\Lavasoft\Web Companion

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

PUP.Optional.SafeFinder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
PUP.Optional.SafeFinder C:\Users\Dalin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
PUP.Optional.SafeFinder C:\Users\Dalin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
PUP.Optional.SafeFinder C:\Users\Dalin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
PUP.Optional.SafeFinder C:\Users\Dalin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
PUP.Optional.SafeFinder C:\Users\Public\Desktop\Google Chrome.lnk

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.DellUpdateforWindows10 Folder C:\Program Files (x86)\DELL\UPDATESERVICE
Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\DELL\UPDATESERVICE


AdwCleaner[S00].txt - [9830 octets] - [01/07/2020 10:31:29]
AdwCleaner[C00].txt - [8818 octets] - [01/07/2020 10:42:23]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: hrozně zpomalený NTB W10

#7 Příspěvek od Rudy »

Rudy píše: 01 črc 2020 13:49 OK. Dejte nové logy FRST+Addition.
Toto jsou logy z ADW.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

dulen.dulen
Návštěvník
Návštěvník
Příspěvky: 56
Registrován: 03 črc 2009 10:51

Re: hrozně zpomalený NTB W10

#8 Příspěvek od dulen.dulen »

Omlouvám se :o
logs 01.zip
(44.14 KiB) Staženo 74 x

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: hrozně zpomalený NTB W10

#9 Příspěvek od Rudy »

OK. Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\...\Run: [Srv] => C:\Users\Dalin\AppData\Roaming\taskhost.exe [47104 2018-03-24] (Microsoft Corporation) [File not signed] <==== ATTENTION
HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\...\Policies\Explorer: []
HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\...\MountPoints2: {0bbeb6cd-6a52-11e7-afad-806e6f6e6963} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\...\MountPoints2: {7e4e2025-46ba-11e7-b721-bc77370d2fa4} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\...\MountPoints2: {7e840e56-2e6e-11e2-94b0-bc77370d2fa4} - F:\CrossLink.exe
HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\...\MountPoints2: {a5aebb30-e4b9-11e1-ba33-806e6f6e6963} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL D:\start.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
Startup: C:\Users\Dalin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\taskhost.exe [2018-03-24] (Microsoft Corporation) [File not signed] <==== ATTENTION
Startup: C:\Users\Dalin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\uwjsiccc.lnk [2020-07-01]
ShortcutAndArgument: uwjsiccc.lnk -> C:\Windows\System32\cmd.exe => /c start "" "C:\Users\Dalin\AppData\Roaming\Microsoft\Windows\uwjsiccc\agbgbbsj.exe"
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
CHR HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {05C1772D-7F20-41CA-A302-92D502928DE2} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {0C0F820A-DCB9-47D8-88FB-7F6E9BF635F7} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {152EE6E2-89F8-4648-938D-3FEC2D04C3CF} - \AdobeAAMUpdater-1.0-Dalin-Ntb-Dalin -> No File <==== ATTENTION
Task: {1F24E4A3-9637-46EA-8E5F-2D50D8FAA586} - \DropboxUpdateTaskUserS-1-5-21-2595959808-3299349116-3294144044-1000Core1d2371b2bca5088 -> No File <==== ATTENTION
Task: {2027495C-5F94-4D29-9A76-4237D820539A} - \{352F8712-E510-440D-86D0-1442F8C17FD2} -> No File <==== ATTENTION
Task: {29C7B8F9-E5E0-4918-8C2E-D8A3BD6AF355} - \GoogleUpdateTaskMachineUA1d1e95890c83b3c -> No File <==== ATTENTION
Task: {29D306C1-D54B-48CB-AE25-961ECD39F281} - \{451BE33B-9BE7-4D55-9386-C04D225300A7} -> No File <==== ATTENTION
Task: {2A4B56E4-5606-4A4D-8779-ECD4E7E14F0C} - \MicrosoftEdgeUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {35891521-9EC8-4B89-8808-839D4DDC88F5} - \CCleaner Update -> No File <==== ATTENTION
Task: {46B23593-C74F-45E3-8A47-9EF2E3E4C57D} - \AvastUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {53C422FC-BFDC-4E9C-B57B-F93725C57D75} - \DivXUpdate -> No File <==== ATTENTION
Task: {588DACD0-2EC1-4EEB-AAFA-9EF0F9423F8D} - \Adobe Acrobat Update Task -> No File <==== ATTENTION
Task: {5F509C03-981C-447B-8FB6-FA248707E0DE} - \avastBCLRestartS-1-5-21-2595959808-3299349116-3294144044-1000 -> No File <==== ATTENTION
Task: {6112626D-C51C-4FC9-8C0C-2CF43CB0FB9F} - \Opera scheduled Autoupdate 1593514112 -> No File <==== ATTENTION
Task: {6FE883BE-4446-4E2C-8D2B-116CBDB3257F} - \MicrosoftEdgeUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {7EB9848E-58EF-48B9-8831-07B57B371BFD} - \GoogleUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {8736F159-9E6D-4361-8129-9C14356AF470} - \csrss -> No File <==== ATTENTION
Task: {8F397401-0364-4AF1-BAA8-C5403106E15B} - \Avast TUNEUP Update -> No File <==== ATTENTION
Task: {985A0D63-F100-48C9-BC08-B2892ADB6309} - \NvNgxUpdateCheckDaily_{78821544-1544-1544-1544-788215441544} -> No File <==== ATTENTION
Task: {98A422C6-B2C4-4176-BA9D-9EA4E50885A8} - \McAfee Remediation (Prepare) -> No File <==== ATTENTION
Task: {9B757B8A-87AF-483E-A128-92F929F3DEE7} - \GoogleUpdateTaskMachineCore1d1e9588fa317e2 -> No File <==== ATTENTION
Task: {A2F6985B-356C-4F7B-9A5A-647BE28BBB50} - \{0D59C018-8C18-49B3-A780-1C628D1E0E12} -> No File <==== ATTENTION
Task: {A8A4CD96-7C07-48E8-838C-A6E8AC6F6562} - \DropboxUpdateTaskUserS-1-5-21-2595959808-3299349116-3294144044-1000UA1d2371b2e7ad49d -> No File <==== ATTENTION
Task: {AA1C7B07-2A33-4D78-98FD-DDB4534FA72F} - \AvastUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {B6E77808-0536-427E-8081-C56B45A65A4A} - \Avast Secure Browser Heartbeat Task (Hourly) -> No File <==== ATTENTION
Task: {BB44684C-0430-46F8-83BC-B64724513A21} - \Opera scheduled Autoupdate 711520318 -> No File <==== ATTENTION
Task: {C3391346-B5B4-4664-8F5D-8A9367CBA8B4} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
Task: {D1AFECBD-8D74-46D8-A8DC-A2FCA8F162AD} - \AdobeGCInvoker-1.0 -> No File <==== ATTENTION
Task: {D228A536-02BB-4476-80BC-F5489040E851} - \Avast Secure Browser Heartbeat Task (Logon) -> No File <==== ATTENTION
Task: {DF815079-3F4A-407E-B9FD-8D12C36B18EE} - \{37484A6B-1E93-4B09-8824-B159975CD2F0} -> No File <==== ATTENTION
Task: {E6709CD2-03DF-4BE5-BBA1-0AE7FC22A5AC} - \{85C2E0D6-54AE-49B6-B305-3B615328D359} -> No File <==== ATTENTION
Task: {F49E4E71-8FCB-49E5-A112-55C83BEC38C2} - \Red Giant Link -> No File <==== ATTENTION
Task: {F5F6BB10-42EF-4495-B5F8-2B9B6940726C} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBHN-2kkRkOz2F0hKTkxJLwEPLm2WYUvsJ7WzFpFSkqcHm4Oj6U5AZZMJ3FvOzZUcnOP1xvJy527Uhr3_WOuWTWpWSGEXJGAAP58X-3cenceWGtBIVbRhcHVj1UNldotJb62g0L_yw9trJJ64ftGovlmZtyL24omEeOErNrGdBefIXfF5T-B9x_Pg,,&q={searchTerms}
HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBHN-2kkRkOz2F0hKTkxJLwEPLm2WYUvsJ7WzFpFSkqcHm4Oj6U5AZZMJ3FvOzZUcnOP1xvJy527Uhr3_WOuWTWpWSGEXJKoZcIHK9EjzTSBz1Gh0S-Mspp4bD8e4n7wHl9I0LbTsTImMdDpCpGOz59zB_deVOUOdSEtoBjLhn3Y74TcNq0-69iOQ,,
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: No Name -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll [2010-04-13] (TechSmith Corporation -> TechSmith Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - No Name - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - No File
Toolbar: HKU\S-1-5-21-2595959808-3299349116-3294144044-1000 -> No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
Toolbar: HKU\S-1-5-21-2595959808-3299349116-3294144044-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Edge HomePage: Default -> hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBHN-2kkRkOz2F0hKTkxJLwEPLm2WYUvsJ7WzFpFSkqcHm4Oj6U5AZZMJ3FvOzZUcnOP1xvJy527Uhr3_WOuWTWpWSGEXJKoZcIHK9EjzTSBz1Gh0S-Mspp4bD8e4n7wHl9I0LbTsTImMdDpCpGOz59zB_deVOUOdSEtoBjLhn3Y74TcNq0-69iOQ,,
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin HKU\S-1-5-21-2595959808-3299349116-3294144044-1000: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
CHR StartupUrls: Default -> "hxxps://www.google.com/?trackid=sp-006"
CHR DefaultSearchURL: Default -> hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBHN-2kkRkOz2F0hKTkxJLwEPLm2WYUvsJ7WzFpFSkqcHm4Oj6U5AZZMJ3FvOzZUcnOP1xvJy527Uhr3_WOuWTWpWSGEXJGF7O4k6UyCrH9pFBRcYfSlpk-dnFVLKM5AXRS8XjeWEA6ALp1nvTRDr60-FFXkhQphOx3JBWjWBqdloCXatqrH9FKtg,,&q={searchTerms}
"{45487F67-EC9F-4449-A6F2-2D0970F9B80B}" => service could not be unlocked. <==== ATTENTION
R2 FlexGridService; C:\ProgramData\FlexGridService\FlexGridService.exe [1306112 2020-06-29] (Freemake) [File not signed] <==== ATTENTION
HKLM\SYSTEM\ControlSet001\Services\{45487F67-EC9F-4449-A6F2-2D0970F9B80B} => C:\Windows\System32\drivers\Wdf16712.sys [6559120 2020-06-29] (Access Denied) [File not signed] <==== ATTENTION (Rootkit!/Locked Service)
S3 GPU-Z; \??\C:\Users\Dalin\AppData\Local\Temp\GPU-Z.sys [X] <==== ATTENTION
NETSVC: SearchIndexer -> no filepath.
C:\Windows\system32\HZhzW9iA8.exe
C:\Program Files\KD786ZTGN8
C:\Program Files\38877I5M78
C:\Users\Dalin\AppData\Local\5aec903c-eb4f-452b-a156-683306e332b1
C:\Program Files (x86)\GUT3D9.tmp
C:\Program Files (x86)\GUM3D8.tmp
C:\Program Files (x86)\GUT708A.tmp
C:\Program Files (x86)\GUM7089.tmp
C:\Program Files (x86)\GUT15A9.tmp
C:\Program Files (x86)\GUM15A8.tmp
C:\Program Files (x86)\GUT5D7B.tmp
C:\Program Files (x86)\GUM5D5B.tmp
C:\Program Files (x86)\GUT615.tmp
C:\Program Files (x86)\GUM614.tmp
C:\Program Files (x86)\GUT266B.tmp
C:\Program Files (x86)\GUM266A.tmp
C:\Program Files (x86)\GUTC783.tmp
c:\Program Files (x86)\GUMC773.tmp
C:\Program Files (x86)\GUTC401.tmp
C:\Program Files (x86)\GUMC400.tmp
C:\Program Files (x86)\GUT2878.tmp
C:\Program Files (x86)\GUM2819.tmp
C:\Program Files (x86)\GUTEF96.tmp
C:\Program Files (x86)\GUMEF95.tmp
C:\Program Files (x86)\GUT2F10.tmp
C:\Program Files (x86)\GUM2F0F.tmp
C:\Program Files (x86)\GUM61AD.tmp
C:\Program Files (x86)\GUT61AE.tmp
C:\Program Files (x86)\GUT8C22.tmp
C:\Program Files (x86)\GUM8C21.tmp
C:\Program Files (x86)\GUT6377.tmp
C:\Program Files (x86)\GUM6376.tmp
C:\Program Files (x86)\GUTCCA.tmp
C:\Program Files (x86)\GUMCC9.tmp
C:\Program Files (x86)\GUTC1A2.tmp
C:\Program Files (x86)\GUMC191.tmp
C:\Program Files (x86)\GUT3B5D.tmp
C:\Program Files (x86)\GUM3B5C.tmp
C:\Program Files (x86)\GUTCCDD.tmp
C:\Program Files (x86)\GUMCCCC.tmp
C:\Program Files (x86)\GUT6C22.tmp
C:\Program Files (x86)\GUM6C21.tmp
C:\Program Files (x86)\GUT15A9.tmp
C:\Program Files (x86)\GUT266B.tmp
C:\Program Files (x86)\GUT2878.tmp
C:\Program Files (x86)\GUT2F10.tmp
C:\Program Files (x86)\GUT3B5D.tmp
C:\Program Files (x86)\GUT3D9.tmp
C:\Program Files (x86)\GUT5D1.tmp
C:\Program Files (x86)\GUT5D7B.tmp
C:\Program Files (x86)\GUT615.tmp
C:\Program Files (x86)\GUT61AE.tmp
C:\Program Files (x86)\GUT6377.tmp
C:\Program Files (x86)\GUT6C22.tmp
C:\Program Files (x86)\GUT708A.tmp
C:\Program Files (x86)\GUT8C22.tmp
C:\Program Files (x86)\GUT9F8E.tmp
C:\Program Files (x86)\GUTC1A2.tmp
C:\Program Files (x86)\GUTC401.tmp
C:\Program Files (x86)\GUTC783.tmp
C:\Program Files (x86)\GUTCCA.tmp
C:\Program Files (x86)\GUTCCDD.tmp
C:\Program Files (x86)\GUTEF96.tmp
C:\Users\Dalin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
AlternateDataStreams: C:\Windows:nlsPreferences [0]
AlternateDataStreams: C:\ProgramData\Temp:5A775C3F [372]
FirewallRules: [{61727AC4-8C5A-42A1-BB29-F9EF3B12DAF7}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe => No File
FirewallRules: [{A19E4996-2DD1-43E1-BE80-5853C17C0672}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe => No File
FirewallRules: [TCP Query User{583710E9-0A26-4CFC-84F7-9C81B6329728}C:\program files (x86)\samsung\easy document creator\edc.exe] => (Allow) C:\program files (x86)\samsung\easy document creator\edc.exe => No File
FirewallRules: [UDP Query User{B750D9A8-A8A1-409A-8943-D744A7853A39}C:\program files (x86)\samsung\easy document creator\edc.exe] => (Allow) C:\program files (x86)\samsung\easy document creator\edc.exe => No File
FirewallRules: [{53A8731A-4903-45E3-ADB7-26391FEC8399}] => (Allow) C:\Windows\rss\csrss.exe => No File
FirewallRules: [{E300B854-B466-4F23-BB22-F64D22175388}] => (Allow) C:\Windows\rss\csrss.exe => No File
FirewallRules: [{610C6410-7D76-4C30-9FCF-50F851C26A0B}] => (Allow) C:\Windows\rss\csrss.exe => No File
FirewallRules: [{3AFB193F-DE0D-4D98-BEDD-361ABE3C2361}] => (Allow) C:\Windows\rss\csrss.exe => No File
FirewallRules: [{AAE9F45D-4B21-4B6E-AED7-6F2D680C8994}] => (Allow) C:\Users\Dalin\AppData\Roaming\641ca7643cfa\641ca7643cfa\641ca7643cfa.exe => No File
FirewallRules: [{ECD811C4-0F7E-433E-97F1-BC0361083953}] => (Allow) C:\Windows\rss\csrss.exe => No File
FirewallRules: [{A47EEBF3-E1F2-451C-BF95-C758BA317EB6}] => (Allow) C:\Users\Dalin\AppData\Roaming\641ca7643cfa\641ca7643cfa\641ca7643cfa.exe => No File
FirewallRules: [{4DECE51C-6FB3-400F-A3F3-1759809F20A2}] => (Allow) C:\Windows\rss\csrss.exe => No File
FirewallRules: [{E5007A5A-CA6A-4511-A876-91260593A819}] => (Allow) C:\Users\Dalin\AppData\Roaming\641ca7643cfa\641ca7643cfa\641ca7643cfa.exe => No File

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

dulen.dulen
Návštěvník
Návštěvník
Příspěvky: 56
Registrován: 03 črc 2009 10:51

Re: hrozně zpomalený NTB W10

#10 Příspěvek od dulen.dulen »

Fix result of Farbar Recovery Scan Tool (x64) Version: 30-06-2020
Ran by Dalin (01-07-2020 19:29:41) Run:1
Running from C:\Users\Dalin\Desktop
Loaded Profiles: Dalin
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\...\Run: [Srv] => C:\Users\Dalin\AppData\Roaming\taskhost.exe [47104 2018-03-24] (Microsoft Corporation) [File not signed] <==== ATTENTION
HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\...\Policies\Explorer: []
HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\...\MountPoints2: {0bbeb6cd-6a52-11e7-afad-806e6f6e6963} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\...\MountPoints2: {7e4e2025-46ba-11e7-b721-bc77370d2fa4} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\...\MountPoints2: {7e840e56-2e6e-11e2-94b0-bc77370d2fa4} - F:\CrossLink.exe
HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\...\MountPoints2: {a5aebb30-e4b9-11e1-ba33-806e6f6e6963} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL D:\start.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
Startup: C:\Users\Dalin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\taskhost.exe [2018-03-24] (Microsoft Corporation) [File not signed] <==== ATTENTION
Startup: C:\Users\Dalin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\uwjsiccc.lnk [2020-07-01]
ShortcutAndArgument: uwjsiccc.lnk -> C:\Windows\System32\cmd.exe => /c start "" "C:\Users\Dalin\AppData\Roaming\Microsoft\Windows\uwjsiccc\agbgbbsj.exe"
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
CHR HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {05C1772D-7F20-41CA-A302-92D502928DE2} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {0C0F820A-DCB9-47D8-88FB-7F6E9BF635F7} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {152EE6E2-89F8-4648-938D-3FEC2D04C3CF} - \AdobeAAMUpdater-1.0-Dalin-Ntb-Dalin -> No File <==== ATTENTION
Task: {1F24E4A3-9637-46EA-8E5F-2D50D8FAA586} - \DropboxUpdateTaskUserS-1-5-21-2595959808-3299349116-3294144044-1000Core1d2371b2bca5088 -> No File <==== ATTENTION
Task: {2027495C-5F94-4D29-9A76-4237D820539A} - \{352F8712-E510-440D-86D0-1442F8C17FD2} -> No File <==== ATTENTION
Task: {29C7B8F9-E5E0-4918-8C2E-D8A3BD6AF355} - \GoogleUpdateTaskMachineUA1d1e95890c83b3c -> No File <==== ATTENTION
Task: {29D306C1-D54B-48CB-AE25-961ECD39F281} - \{451BE33B-9BE7-4D55-9386-C04D225300A7} -> No File <==== ATTENTION
Task: {2A4B56E4-5606-4A4D-8779-ECD4E7E14F0C} - \MicrosoftEdgeUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {35891521-9EC8-4B89-8808-839D4DDC88F5} - \CCleaner Update -> No File <==== ATTENTION
Task: {46B23593-C74F-45E3-8A47-9EF2E3E4C57D} - \AvastUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {53C422FC-BFDC-4E9C-B57B-F93725C57D75} - \DivXUpdate -> No File <==== ATTENTION
Task: {588DACD0-2EC1-4EEB-AAFA-9EF0F9423F8D} - \Adobe Acrobat Update Task -> No File <==== ATTENTION
Task: {5F509C03-981C-447B-8FB6-FA248707E0DE} - \avastBCLRestartS-1-5-21-2595959808-3299349116-3294144044-1000 -> No File <==== ATTENTION
Task: {6112626D-C51C-4FC9-8C0C-2CF43CB0FB9F} - \Opera scheduled Autoupdate 1593514112 -> No File <==== ATTENTION
Task: {6FE883BE-4446-4E2C-8D2B-116CBDB3257F} - \MicrosoftEdgeUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {7EB9848E-58EF-48B9-8831-07B57B371BFD} - \GoogleUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {8736F159-9E6D-4361-8129-9C14356AF470} - \csrss -> No File <==== ATTENTION
Task: {8F397401-0364-4AF1-BAA8-C5403106E15B} - \Avast TUNEUP Update -> No File <==== ATTENTION
Task: {985A0D63-F100-48C9-BC08-B2892ADB6309} - \NvNgxUpdateCheckDaily_{78821544-1544-1544-1544-788215441544} -> No File <==== ATTENTION
Task: {98A422C6-B2C4-4176-BA9D-9EA4E50885A8} - \McAfee Remediation (Prepare) -> No File <==== ATTENTION
Task: {9B757B8A-87AF-483E-A128-92F929F3DEE7} - \GoogleUpdateTaskMachineCore1d1e9588fa317e2 -> No File <==== ATTENTION
Task: {A2F6985B-356C-4F7B-9A5A-647BE28BBB50} - \{0D59C018-8C18-49B3-A780-1C628D1E0E12} -> No File <==== ATTENTION
Task: {A8A4CD96-7C07-48E8-838C-A6E8AC6F6562} - \DropboxUpdateTaskUserS-1-5-21-2595959808-3299349116-3294144044-1000UA1d2371b2e7ad49d -> No File <==== ATTENTION
Task: {AA1C7B07-2A33-4D78-98FD-DDB4534FA72F} - \AvastUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {B6E77808-0536-427E-8081-C56B45A65A4A} - \Avast Secure Browser Heartbeat Task (Hourly) -> No File <==== ATTENTION
Task: {BB44684C-0430-46F8-83BC-B64724513A21} - \Opera scheduled Autoupdate 711520318 -> No File <==== ATTENTION
Task: {C3391346-B5B4-4664-8F5D-8A9367CBA8B4} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
Task: {D1AFECBD-8D74-46D8-A8DC-A2FCA8F162AD} - \AdobeGCInvoker-1.0 -> No File <==== ATTENTION
Task: {D228A536-02BB-4476-80BC-F5489040E851} - \Avast Secure Browser Heartbeat Task (Logon) -> No File <==== ATTENTION
Task: {DF815079-3F4A-407E-B9FD-8D12C36B18EE} - \{37484A6B-1E93-4B09-8824-B159975CD2F0} -> No File <==== ATTENTION
Task: {E6709CD2-03DF-4BE5-BBA1-0AE7FC22A5AC} - \{85C2E0D6-54AE-49B6-B305-3B615328D359} -> No File <==== ATTENTION
Task: {F49E4E71-8FCB-49E5-A112-55C83BEC38C2} - \Red Giant Link -> No File <==== ATTENTION
Task: {F5F6BB10-42EF-4495-B5F8-2B9B6940726C} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBHN-2kkRkOz2F0hKTkxJLwEPLm2WYUvsJ7WzFpFSkqcHm4Oj6U5AZZMJ3FvOzZUcnOP1xvJy527Uhr3_WOuWTWpWSGEXJGAAP58X-3cenceWGtBIVbRhcHVj1UNldotJb62g0L_yw9trJJ64ftGovlmZtyL24omEeOErNrGdBefIXfF5T-B9x_Pg,,&q={searchTerms}
HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBHN-2kkRkOz2F0hKTkxJLwEPLm2WYUvsJ7WzFpFSkqcHm4Oj6U5AZZMJ3FvOzZUcnOP1xvJy527Uhr3_WOuWTWpWSGEXJKoZcIHK9EjzTSBz1Gh0S-Mspp4bD8e4n7wHl9I0LbTsTImMdDpCpGOz59zB_deVOUOdSEtoBjLhn3Y74TcNq0-69iOQ,,
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: No Name -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll [2010-04-13] (TechSmith Corporation -> TechSmith Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - No Name - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - No File
Toolbar: HKU\S-1-5-21-2595959808-3299349116-3294144044-1000 -> No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
Toolbar: HKU\S-1-5-21-2595959808-3299349116-3294144044-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Edge HomePage: Default -> hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBHN-2kkRkOz2F0hKTkxJLwEPLm2WYUvsJ7WzFpFSkqcHm4Oj6U5AZZMJ3FvOzZUcnOP1xvJy527Uhr3_WOuWTWpWSGEXJKoZcIHK9EjzTSBz1Gh0S-Mspp4bD8e4n7wHl9I0LbTsTImMdDpCpGOz59zB_deVOUOdSEtoBjLhn3Y74TcNq0-69iOQ,,
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin HKU\S-1-5-21-2595959808-3299349116-3294144044-1000: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
CHR StartupUrls: Default -> "hxxps://www.google.com/?trackid=sp-006"
CHR DefaultSearchURL: Default -> hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBHN-2kkRkOz2F0hKTkxJLwEPLm2WYUvsJ7WzFpFSkqcHm4Oj6U5AZZMJ3FvOzZUcnOP1xvJy527Uhr3_WOuWTWpWSGEXJGF7O4k6UyCrH9pFBRcYfSlpk-dnFVLKM5AXRS8XjeWEA6ALp1nvTRDr60-FFXkhQphOx3JBWjWBqdloCXatqrH9FKtg,,&q={searchTerms}
"{45487F67-EC9F-4449-A6F2-2D0970F9B80B}" => service could not be unlocked. <==== ATTENTION
R2 FlexGridService; C:\ProgramData\FlexGridService\FlexGridService.exe [1306112 2020-06-29] (Freemake) [File not signed] <==== ATTENTION
HKLM\SYSTEM\ControlSet001\Services\{45487F67-EC9F-4449-A6F2-2D0970F9B80B} => C:\Windows\System32\drivers\Wdf16712.sys [6559120 2020-06-29] (Access Denied) [File not signed] <==== ATTENTION (Rootkit!/Locked Service)
S3 GPU-Z; \??\C:\Users\Dalin\AppData\Local\Temp\GPU-Z.sys [X] <==== ATTENTION
NETSVC: SearchIndexer -> no filepath.
C:\Windows\system32\HZhzW9iA8.exe
C:\Program Files\KD786ZTGN8
C:\Program Files\38877I5M78
C:\Users\Dalin\AppData\Local\5aec903c-eb4f-452b-a156-683306e332b1
C:\Program Files (x86)\GUT3D9.tmp
C:\Program Files (x86)\GUM3D8.tmp
C:\Program Files (x86)\GUT708A.tmp
C:\Program Files (x86)\GUM7089.tmp
C:\Program Files (x86)\GUT15A9.tmp
C:\Program Files (x86)\GUM15A8.tmp
C:\Program Files (x86)\GUT5D7B.tmp
C:\Program Files (x86)\GUM5D5B.tmp
C:\Program Files (x86)\GUT615.tmp
C:\Program Files (x86)\GUM614.tmp
C:\Program Files (x86)\GUT266B.tmp
C:\Program Files (x86)\GUM266A.tmp
C:\Program Files (x86)\GUTC783.tmp
c:\Program Files (x86)\GUMC773.tmp
C:\Program Files (x86)\GUTC401.tmp
C:\Program Files (x86)\GUMC400.tmp
C:\Program Files (x86)\GUT2878.tmp
C:\Program Files (x86)\GUM2819.tmp
C:\Program Files (x86)\GUTEF96.tmp
C:\Program Files (x86)\GUMEF95.tmp
C:\Program Files (x86)\GUT2F10.tmp
C:\Program Files (x86)\GUM2F0F.tmp
C:\Program Files (x86)\GUM61AD.tmp
C:\Program Files (x86)\GUT61AE.tmp
C:\Program Files (x86)\GUT8C22.tmp
C:\Program Files (x86)\GUM8C21.tmp
C:\Program Files (x86)\GUT6377.tmp
C:\Program Files (x86)\GUM6376.tmp
C:\Program Files (x86)\GUTCCA.tmp
C:\Program Files (x86)\GUMCC9.tmp
C:\Program Files (x86)\GUTC1A2.tmp
C:\Program Files (x86)\GUMC191.tmp
C:\Program Files (x86)\GUT3B5D.tmp
C:\Program Files (x86)\GUM3B5C.tmp
C:\Program Files (x86)\GUTCCDD.tmp
C:\Program Files (x86)\GUMCCCC.tmp
C:\Program Files (x86)\GUT6C22.tmp
C:\Program Files (x86)\GUM6C21.tmp
C:\Program Files (x86)\GUT15A9.tmp
C:\Program Files (x86)\GUT266B.tmp
C:\Program Files (x86)\GUT2878.tmp
C:\Program Files (x86)\GUT2F10.tmp
C:\Program Files (x86)\GUT3B5D.tmp
C:\Program Files (x86)\GUT3D9.tmp
C:\Program Files (x86)\GUT5D1.tmp
C:\Program Files (x86)\GUT5D7B.tmp
C:\Program Files (x86)\GUT615.tmp
C:\Program Files (x86)\GUT61AE.tmp
C:\Program Files (x86)\GUT6377.tmp
C:\Program Files (x86)\GUT6C22.tmp
C:\Program Files (x86)\GUT708A.tmp
C:\Program Files (x86)\GUT8C22.tmp
C:\Program Files (x86)\GUT9F8E.tmp
C:\Program Files (x86)\GUTC1A2.tmp
C:\Program Files (x86)\GUTC401.tmp
C:\Program Files (x86)\GUTC783.tmp
C:\Program Files (x86)\GUTCCA.tmp
C:\Program Files (x86)\GUTCCDD.tmp
C:\Program Files (x86)\GUTEF96.tmp
C:\Users\Dalin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
AlternateDataStreams: C:\Windows:nlsPreferences [0]
AlternateDataStreams: C:\ProgramData\Temp:5A775C3F [372]
FirewallRules: [{61727AC4-8C5A-42A1-BB29-F9EF3B12DAF7}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe => No File
FirewallRules: [{A19E4996-2DD1-43E1-BE80-5853C17C0672}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe => No File
FirewallRules: [TCP Query User{583710E9-0A26-4CFC-84F7-9C81B6329728}C:\program files (x86)\samsung\easy document creator\edc.exe] => (Allow) C:\program files (x86)\samsung\easy document creator\edc.exe => No File
FirewallRules: [UDP Query User{B750D9A8-A8A1-409A-8943-D744A7853A39}C:\program files (x86)\samsung\easy document creator\edc.exe] => (Allow) C:\program files (x86)\samsung\easy document creator\edc.exe => No File
FirewallRules: [{53A8731A-4903-45E3-ADB7-26391FEC8399}] => (Allow) C:\Windows\rss\csrss.exe => No File
FirewallRules: [{E300B854-B466-4F23-BB22-F64D22175388}] => (Allow) C:\Windows\rss\csrss.exe => No File
FirewallRules: [{610C6410-7D76-4C30-9FCF-50F851C26A0B}] => (Allow) C:\Windows\rss\csrss.exe => No File
FirewallRules: [{3AFB193F-DE0D-4D98-BEDD-361ABE3C2361}] => (Allow) C:\Windows\rss\csrss.exe => No File
FirewallRules: [{AAE9F45D-4B21-4B6E-AED7-6F2D680C8994}] => (Allow) C:\Users\Dalin\AppData\Roaming\641ca7643cfa\641ca7643cfa\641ca7643cfa.exe => No File
FirewallRules: [{ECD811C4-0F7E-433E-97F1-BC0361083953}] => (Allow) C:\Windows\rss\csrss.exe => No File
FirewallRules: [{A47EEBF3-E1F2-451C-BF95-C758BA317EB6}] => (Allow) C:\Users\Dalin\AppData\Roaming\641ca7643cfa\641ca7643cfa\641ca7643cfa.exe => No File
FirewallRules: [{4DECE51C-6FB3-400F-A3F3-1759809F20A2}] => (Allow) C:\Windows\rss\csrss.exe => No File
FirewallRules: [{E5007A5A-CA6A-4511-A876-91260593A819}] => (Allow) C:\Users\Dalin\AppData\Roaming\641ca7643cfa\641ca7643cfa\641ca7643cfa.exe => No File

EmptyTemp:
End
*****************

Processes closed successfully.
"HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Srv" => removed successfully
"HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => removed successfully
HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0bbeb6cd-6a52-11e7-afad-806e6f6e6963} => removed successfully
HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7e4e2025-46ba-11e7-b721-bc77370d2fa4} => removed successfully
HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7e840e56-2e6e-11e2-94b0-bc77370d2fa4} => removed successfully
HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a5aebb30-e4b9-11e1-ba33-806e6f6e6963} => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\volaro => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\vonteera => removed successfully
C:\Users\Dalin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\taskhost.exe => moved successfully
C:\Users\Dalin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\uwjsiccc.lnk => moved successfully
ShortcutAndArgument: uwjsiccc.lnk -> C:\Windows\System32\cmd.exe => /c start "" "C:\Users\Dalin\AppData\Roaming\Microsoft\Windows\uwjsiccc\agbgbbsj.exe" => Error: No automatic fix found for this entry.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{05C1772D-7F20-41CA-A302-92D502928DE2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{05C1772D-7F20-41CA-A302-92D502928DE2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0C0F820A-DCB9-47D8-88FB-7F6E9BF635F7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C0F820A-DCB9-47D8-88FB-7F6E9BF635F7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{152EE6E2-89F8-4648-938D-3FEC2D04C3CF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{152EE6E2-89F8-4648-938D-3FEC2D04C3CF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeAAMUpdater-1.0-Dalin-Ntb-Dalin" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1F24E4A3-9637-46EA-8E5F-2D50D8FAA586}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F24E4A3-9637-46EA-8E5F-2D50D8FAA586}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DropboxUpdateTaskUserS-1-5-21-2595959808-3299349116-3294144044-1000Core1d2371b2bca5088" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2027495C-5F94-4D29-9A76-4237D820539A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2027495C-5F94-4D29-9A76-4237D820539A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{352F8712-E510-440D-86D0-1442F8C17FD2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{29C7B8F9-E5E0-4918-8C2E-D8A3BD6AF355}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{29C7B8F9-E5E0-4918-8C2E-D8A3BD6AF355}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA1d1e95890c83b3c" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{29D306C1-D54B-48CB-AE25-961ECD39F281}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{29D306C1-D54B-48CB-AE25-961ECD39F281}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{451BE33B-9BE7-4D55-9386-C04D225300A7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2A4B56E4-5606-4A4D-8779-ECD4E7E14F0C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2A4B56E4-5606-4A4D-8779-ECD4E7E14F0C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MicrosoftEdgeUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WindowsBackup\ConfigNotification" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{35891521-9EC8-4B89-8808-839D4DDC88F5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{35891521-9EC8-4B89-8808-839D4DDC88F5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleaner Update" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{46B23593-C74F-45E3-8A47-9EF2E3E4C57D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{46B23593-C74F-45E3-8A47-9EF2E3E4C57D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AvastUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{53C422FC-BFDC-4E9C-B57B-F93725C57D75}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{53C422FC-BFDC-4E9C-B57B-F93725C57D75}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DivXUpdate" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{588DACD0-2EC1-4EEB-AAFA-9EF0F9423F8D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{588DACD0-2EC1-4EEB-AAFA-9EF0F9423F8D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5F509C03-981C-447B-8FB6-FA248707E0DE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F509C03-981C-447B-8FB6-FA248707E0DE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\avastBCLRestartS-1-5-21-2595959808-3299349116-3294144044-1000" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6112626D-C51C-4FC9-8C0C-2CF43CB0FB9F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6112626D-C51C-4FC9-8C0C-2CF43CB0FB9F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1593514112" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6FE883BE-4446-4E2C-8D2B-116CBDB3257F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6FE883BE-4446-4E2C-8D2B-116CBDB3257F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MicrosoftEdgeUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7EB9848E-58EF-48B9-8831-07B57B371BFD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7EB9848E-58EF-48B9-8831-07B57B371BFD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8736F159-9E6D-4361-8129-9C14356AF470}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8736F159-9E6D-4361-8129-9C14356AF470}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\csrss" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{8F397401-0364-4AF1-BAA8-C5403106E15B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F397401-0364-4AF1-BAA8-C5403106E15B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast TUNEUP Update" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{985A0D63-F100-48C9-BC08-B2892ADB6309}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{985A0D63-F100-48C9-BC08-B2892ADB6309}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvNgxUpdateCheckDaily_{78821544-1544-1544-1544-788215441544}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{98A422C6-B2C4-4176-BA9D-9EA4E50885A8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{98A422C6-B2C4-4176-BA9D-9EA4E50885A8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\McAfee Remediation (Prepare)" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9B757B8A-87AF-483E-A128-92F929F3DEE7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9B757B8A-87AF-483E-A128-92F929F3DEE7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore1d1e9588fa317e2" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A2F6985B-356C-4F7B-9A5A-647BE28BBB50}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A2F6985B-356C-4F7B-9A5A-647BE28BBB50}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0D59C018-8C18-49B3-A780-1C628D1E0E12}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A8A4CD96-7C07-48E8-838C-A6E8AC6F6562}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A8A4CD96-7C07-48E8-838C-A6E8AC6F6562}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DropboxUpdateTaskUserS-1-5-21-2595959808-3299349116-3294144044-1000UA1d2371b2e7ad49d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AA1C7B07-2A33-4D78-98FD-DDB4534FA72F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AA1C7B07-2A33-4D78-98FD-DDB4534FA72F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AvastUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AC4E5ACF-89F7-4220-BA21-81EE183975E2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC4E5ACF-89F7-4220-BA21-81EE183975E2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\AitAgent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B6E77808-0536-427E-8081-C56B45A65A4A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B6E77808-0536-427E-8081-C56B45A65A4A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Secure Browser Heartbeat Task (Hourly)" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BB44684C-0430-46F8-83BC-B64724513A21}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB44684C-0430-46F8-83BC-B64724513A21}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 711520318" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C3391346-B5B4-4664-8F5D-8A9367CBA8B4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C3391346-B5B4-4664-8F5D-8A9367CBA8B4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Activation Technologies\ValidationTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CEE64558-E1A7-4D9D-80A7-2001912BE5B5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CEE64558-E1A7-4D9D-80A7-2001912BE5B5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MemoryDiagnostic\CorruptionDetector" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D1AFECBD-8D74-46D8-A8DC-A2FCA8F162AD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D1AFECBD-8D74-46D8-A8DC-A2FCA8F162AD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeGCInvoker-1.0" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D228A536-02BB-4476-80BC-F5489040E851}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D228A536-02BB-4476-80BC-F5489040E851}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Secure Browser Heartbeat Task (Logon)" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DF815079-3F4A-407E-B9FD-8D12C36B18EE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF815079-3F4A-407E-B9FD-8D12C36B18EE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{37484A6B-1E93-4B09-8824-B159975CD2F0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E6709CD2-03DF-4BE5-BBA1-0AE7FC22A5AC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E6709CD2-03DF-4BE5-BBA1-0AE7FC22A5AC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{85C2E0D6-54AE-49B6-B305-3B615328D359}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F49E4E71-8FCB-49E5-A112-55C83BEC38C2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F49E4E71-8FCB-49E5-A112-55C83BEC38C2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Red Giant Link" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F5F6BB10-42EF-4495-B5F8-2B9B6940726C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F5F6BB10-42EF-4495-B5F8-2B9B6940726C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FA2BC0A6-8D4B-458A-85C8-2B8C72487513}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FA2BC0A6-8D4B-458A-85C8-2B8C72487513}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector" => removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\Software\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\Software\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208} => removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => removed successfully
HKLM\Software\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3}" => removed successfully
HKLM\Software\Classes\CLSID\{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} => removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3}" => removed successfully
"HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3}" => removed successfully
"HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93}" => removed successfully
"Edge HomePage" => removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\MozillaPlugins\wacom.com/WacomTabletPlugin => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3 => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\wacom.com/WacomTabletPlugin => removed successfully
HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\Software\MozillaPlugins\wacom.com/WacomTabletPlugin => removed successfully
"C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll" => not found
"Chrome StartupUrls" => removed successfully
"Chrome DefaultSearchURL" => removed successfully
"{45487F67-EC9F-4449-A6F2-2D0970F9B80B}" => service could not be unlocked. <==== ATTENTION => Error: No automatic fix found for this entry.
HKLM\System\CurrentControlSet\Services\FlexGridService => removed successfully
FlexGridService => service removed successfully
HKLM\SYSTEM\ControlSet001\Services\{45487F67-EC9F-4449-A6F2-2D0970F9B80B} => C:\Windows\System32\drivers\Wdf16712.sys [6559120 2020-06-29] (Access Denied) [File not signed] <==== ATTENTION (Rootkit!/Locked Service) => Error: No automatic fix found for this entry.
HKLM\System\CurrentControlSet\Services\GPU-Z => removed successfully
GPU-Z => service removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs SearchIndexer could not remove.
C:\Windows\system32\HZhzW9iA8.exe => moved successfully
C:\Program Files\KD786ZTGN8 => moved successfully
C:\Program Files\38877I5M78 => moved successfully
C:\Users\Dalin\AppData\Local\5aec903c-eb4f-452b-a156-683306e332b1 => moved successfully
C:\Program Files (x86)\GUT3D9.tmp => moved successfully
C:\Program Files (x86)\GUM3D8.tmp => moved successfully
C:\Program Files (x86)\GUT708A.tmp => moved successfully
C:\Program Files (x86)\GUM7089.tmp => moved successfully
C:\Program Files (x86)\GUT15A9.tmp => moved successfully
C:\Program Files (x86)\GUM15A8.tmp => moved successfully
C:\Program Files (x86)\GUT5D7B.tmp => moved successfully
C:\Program Files (x86)\GUM5D5B.tmp => moved successfully
C:\Program Files (x86)\GUT615.tmp => moved successfully
C:\Program Files (x86)\GUM614.tmp => moved successfully
C:\Program Files (x86)\GUT266B.tmp => moved successfully
C:\Program Files (x86)\GUM266A.tmp => moved successfully
C:\Program Files (x86)\GUTC783.tmp => moved successfully
c:\Program Files (x86)\GUMC773.tmp => moved successfully
C:\Program Files (x86)\GUTC401.tmp => moved successfully
C:\Program Files (x86)\GUMC400.tmp => moved successfully
C:\Program Files (x86)\GUT2878.tmp => moved successfully
C:\Program Files (x86)\GUM2819.tmp => moved successfully
C:\Program Files (x86)\GUTEF96.tmp => moved successfully
C:\Program Files (x86)\GUMEF95.tmp => moved successfully
C:\Program Files (x86)\GUT2F10.tmp => moved successfully
C:\Program Files (x86)\GUM2F0F.tmp => moved successfully
C:\Program Files (x86)\GUM61AD.tmp => moved successfully
C:\Program Files (x86)\GUT61AE.tmp => moved successfully
C:\Program Files (x86)\GUT8C22.tmp => moved successfully
C:\Program Files (x86)\GUM8C21.tmp => moved successfully
C:\Program Files (x86)\GUT6377.tmp => moved successfully
C:\Program Files (x86)\GUM6376.tmp => moved successfully
C:\Program Files (x86)\GUTCCA.tmp => moved successfully
C:\Program Files (x86)\GUMCC9.tmp => moved successfully
C:\Program Files (x86)\GUTC1A2.tmp => moved successfully
C:\Program Files (x86)\GUMC191.tmp => moved successfully
C:\Program Files (x86)\GUT3B5D.tmp => moved successfully
C:\Program Files (x86)\GUM3B5C.tmp => moved successfully
C:\Program Files (x86)\GUTCCDD.tmp => moved successfully
C:\Program Files (x86)\GUMCCCC.tmp => moved successfully
C:\Program Files (x86)\GUT6C22.tmp => moved successfully
C:\Program Files (x86)\GUM6C21.tmp => moved successfully
"C:\Program Files (x86)\GUT15A9.tmp" => not found
"C:\Program Files (x86)\GUT266B.tmp" => not found
"C:\Program Files (x86)\GUT2878.tmp" => not found
"C:\Program Files (x86)\GUT2F10.tmp" => not found
"C:\Program Files (x86)\GUT3B5D.tmp" => not found
"C:\Program Files (x86)\GUT3D9.tmp" => not found
C:\Program Files (x86)\GUT5D1.tmp => moved successfully
"C:\Program Files (x86)\GUT5D7B.tmp" => not found
"C:\Program Files (x86)\GUT615.tmp" => not found
"C:\Program Files (x86)\GUT61AE.tmp" => not found
"C:\Program Files (x86)\GUT6377.tmp" => not found
"C:\Program Files (x86)\GUT6C22.tmp" => not found
"C:\Program Files (x86)\GUT708A.tmp" => not found
"C:\Program Files (x86)\GUT8C22.tmp" => not found
C:\Program Files (x86)\GUT9F8E.tmp => moved successfully
"C:\Program Files (x86)\GUTC1A2.tmp" => not found
"C:\Program Files (x86)\GUTC401.tmp" => not found
"C:\Program Files (x86)\GUTC783.tmp" => not found
"C:\Program Files (x86)\GUTCCA.tmp" => not found
"C:\Program Files (x86)\GUTCCDD.tmp" => not found
"C:\Program Files (x86)\GUTEF96.tmp" => not found
C:\Users\Dalin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => removed successfully
C:\Windows => ":nlsPreferences" ADS removed successfully
C:\ProgramData\Temp => ":5A775C3F" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{61727AC4-8C5A-42A1-BB29-F9EF3B12DAF7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A19E4996-2DD1-43E1-BE80-5853C17C0672}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{583710E9-0A26-4CFC-84F7-9C81B6329728}C:\program files (x86)\samsung\easy document creator\edc.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B750D9A8-A8A1-409A-8943-D744A7853A39}C:\program files (x86)\samsung\easy document creator\edc.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{53A8731A-4903-45E3-ADB7-26391FEC8399}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E300B854-B466-4F23-BB22-F64D22175388}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{610C6410-7D76-4C30-9FCF-50F851C26A0B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3AFB193F-DE0D-4D98-BEDD-361ABE3C2361}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AAE9F45D-4B21-4B6E-AED7-6F2D680C8994}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ECD811C4-0F7E-433E-97F1-BC0361083953}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A47EEBF3-E1F2-451C-BF95-C758BA317EB6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4DECE51C-6FB3-400F-A3F3-1759809F20A2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E5007A5A-CA6A-4511-A876-91260593A819}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 12582912 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9286593 B
Java, Flash, Steam htmlcache => 958988 B
Windows/system/drivers => 17115299 B
Edge => 0 B
Chrome => 3670576 B
Firefox => 618104039 B
Opera => 60339008 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 42351741 B
systemprofile32 => 46271426 B
LocalService => 46403670 B
NetworkService => 46475208 B
Dalin => 894214089 B
UpdatusUser => 894214089 B

RecycleBin => 2131 B
EmptyTemp: => 2.5 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:30:31 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: hrozně zpomalený NTB W10

#11 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

dulen.dulen
Návštěvník
Návštěvník
Příspěvky: 56
Registrován: 03 črc 2009 10:51

Re: hrozně zpomalený NTB W10

#12 Příspěvek od dulen.dulen »

Stroj se výrazne zrychlil, ale zničeho nic mně nefunguje volna diakritika ( třeba Ň/ň)

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: hrozně zpomalený NTB W10

#13 Příspěvek od Rudy »

To je divné, nic z systémových ovladačů jsem nemazal. Zkuste přes příkazový řádek příkazem:
sfc /scannow
spustit kontrolu a případnou opravu systémových souborů. PC byl poměrně hodně zaneřáděn, takže je možné, že byl poškozen systém.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

dulen.dulen
Návštěvník
Návštěvník
Příspěvky: 56
Registrován: 03 črc 2009 10:51

Re: hrozně zpomalený NTB W10

#14 Příspěvek od dulen.dulen »

tohle s toho vypadlo:
Přílohy
CBS_log.zip
(85.31 KiB) Staženo 65 x

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: hrozně zpomalený NTB W10

#15 Příspěvek od Rudy »

Nějaké chyby to našlo, důležité je , co bylo opraveno a zda to pomohlo.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno