VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

hrozně zpomalený NTB W10

https://forum.viry.cz:443/viewtopic.php?t=157251

Stránka 1 z 2

hrozně zpomalený NTB W10

Napsal: 01 črc 2020 07:04
od dulen.dulen
Dobrý den,
během zřejmě neodborného uklidu prostřednictvím CCleaneru hrozně mrzne a 35 minnajiždí NTB, nejedou ani videa (NETFLIX...)
Prosím o kontrolu, díky.Data v příloze.

Re: hrozně zpomalený NTB W10

Napsal: 01 črc 2020 09:08
od Rudy
Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: hrozně zpomalený NTB W10

Napsal: 01 črc 2020 10:01
od dulen.dulen
# -------------------------------
# Malwarebytes AdwCleaner 8.0.5.0
# -------------------------------
# Build: 05-25-2020
# Database: 2020-06-15.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-01-2020
# Duration: 00:01:21
# OS: Windows 7 Home Premium
# Cleaned: 86
# Failed: 4


***** [ Services ] *****

Deleted WCAssistantService

***** [ Folders ] *****

Deleted C:\Program Files (x86)\DiskFixer
Deleted C:\Program Files (x86)\MachinerData
Deleted C:\Program Files (x86)\Seed Trade
Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion
Deleted C:\ProgramData\CloudPrinter
Deleted C:\ProgramData\Garbage Cleaner
Deleted C:\ProgramData\Lavasoft\Web Companion
Deleted C:\ProgramData\Logic Cramble
Deleted C:\ProgramData\Mbappert
Deleted C:\ProgramData\Mbapperts
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Deleted C:\Users\Dalin\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG
Deleted C:\Users\Dalin\AppData\Roaming\Lavasoft\Web Companion
Deleted C:\Users\Dalin\AppData\Roaming\RHEng
Deleted C:\Windows\rss
Deleted C:\extensions
Not Deleted C:\Program Files (x86)\Lavasoft\Web Companion
Not Deleted C:\ProgramData\6E94CB68

***** [ Files ] *****

Deleted C:\Users\Dalin\AppData\Local\Main.dat
Deleted C:\Users\Dalin\AppData\Local\Temp\WebCompanion.zip
Deleted C:\Users\Dalin\Desktop\DiskFixer.lnk
Deleted C:\Users\Dalin\Desktop\Garbage Cleaner.lnk
Deleted C:\Users\Dalin\appdata\local\installationconfiguration.xml
Deleted C:\Windows\SysWOW64\findit.xml
Deleted C:\Windows\System32\drivers\Winmon.sys
Deleted C:\Windows\System32\drivers\WinmonFS.sys
Deleted C:\Windows\System32\drivers\WinmonProcessMonitor.sys

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
Deleted C:\Users\Dalin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Deleted C:\Users\Dalin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Deleted C:\Users\Dalin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
Deleted C:\Users\Dalin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Deleted C:\Users\Public\Desktop\Google Chrome.lnk

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Environment|SNF
Deleted HKCU\Environment|SNP
Deleted HKCU\SOFTWARE\1863170D0E397B7F15B3
Deleted HKCU\Software\DreamTrips
Deleted HKCU\Software\GCleaner
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Etsy
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes|DefaultScope
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com
Deleted HKCU\Software\Seznam.cz
Deleted HKCU\Software\mtMbappert
Deleted HKLM\SOFTWARE\MICROSOFT\Speedycar
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{36940B6B-22EB-417A-A5D1-3593FFA0E1D6}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1C882E1E-4DAC-47B5-B03C-79CC4C0FA262}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{36940B6B-22EB-417A-A5D1-3593FFA0E1D6}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ScheduledUpdate
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Time Trigger Task
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs - "C:\ProgramData\Mbappert\Silverstock.dll"
Deleted HKLM\Software\MICROSOFT\TechnologyDesktopnew
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\FreeFallProtection
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{332f74c4-c7d0-4516-973b-24e81e9a9ac4}|DisplayIcon
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{332f74c4-c7d0-4516-973b-24e81e9a9ac4}|DisplayName
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{332f74c4-c7d0-4516-973b-24e81e9a9ac4}|UninstallString
Deleted HKLM\Software\Wow6432Node\Proxy
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes\ielnksrch
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes|DefaultScope
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs - "C:\ProgramData\Mbappert\Tintowarm.dll"
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\DiskFixer_is1
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{13E374E4-E610-4F9E-ACC4-E461DA17D869}_is1
Deleted HKLM\Software\Wow6432Node\mtMbappert
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\Application Hosting
Deleted HKU\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\Web Assistant
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com

***** [ Chromium (and derivatives) ] *****

Deleted Bazz Search SafeFinder - inafjghmmkmiobijhbgkfekenbfbklhb

***** [ Chromium URLs ] *****

Deleted WebSearch

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.DellQuickset Folder C:\Program Files\DELL\QUICKSET
Deleted Preinstalled.DellQuickset Folder C:\ProgramData\DELL\QUICKSET
Deleted Preinstalled.DellSupportCenter File C:\Users\Public\Desktop\Dell Support Center.lnk
Deleted Preinstalled.DellSupportCenter Folder C:\Program Files (x86)\DELL SUPPORT CENTER
Deleted Preinstalled.DellSupportCenter Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELL SUPPORT CENTER
Deleted Preinstalled.DellUpdateforWindows10 Folder C:\Program Files (x86)\DELL\UPDATE
Deleted Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\DELL\UPDATE
Deleted Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELL\UPDATE
Deleted Preinstalled.DellUpdateforWindows10 Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{5EBBC1DA-975F-44A0-B438-F325BCD45577}
Deleted Preinstalled.SamsungEasyDocumentCreator Folder C:\Program Files (x86)\SAMSUNG\EASY DOCUMENT CREATOR
Deleted Preinstalled.SamsungEasyDocumentCreator Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Samsung Easy Document Creator
Deleted Preinstalled.SamsungEasyDocumentCreator Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}
Not Deleted Preinstalled.DellUpdateforWindows10 Folder C:\Program Files (x86)\DELL\UPDATESERVICE
Not Deleted Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\DELL\UPDATESERVICE


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [9830 octets] - [01/07/2020 10:31:29]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Re: hrozně zpomalený NTB W10

Napsal: 01 črc 2020 13:49
od Rudy
OK. Dejte nové logy FRST+Addition.

Re: hrozně zpomalený NTB W10

Napsal: 01 črc 2020 14:42
od dulen.dulen
# -------------------------------
# Malwarebytes AdwCleaner 8.0.5.0
# -------------------------------
# Build: 05-25-2020
# Database: 2020-06-15.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-01-2020
# Duration: 00:00:02
# OS: Windows 7 Home Premium
# Cleaned: 8
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Lavasoft\Web Companion
Deleted C:\ProgramData\6E94CB68

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
Deleted C:\Users\Dalin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Deleted C:\Users\Dalin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Deleted C:\Users\Dalin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
Deleted C:\Users\Dalin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Deleted C:\Users\Public\Desktop\Google Chrome.lnk

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [9830 octets] - [01/07/2020 10:31:29]
AdwCleaner[C00].txt - [8818 octets] - [01/07/2020 10:42:23]
AdwCleaner[S01].txt - [2466 octets] - [01/07/2020 15:27:35]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########


=============== P . S .========================
nevím je li to možné, ale nějak přestl fungovat háček (diakritika) ze samostatné klávesy, = nejde napsat třeba ď/Ď.... :)

Re: hrozně zpomalený NTB W10

Napsal: 01 črc 2020 14:45
od dulen.dulen
# -------------------------------
# Malwarebytes AdwCleaner 8.0.5.0
# -------------------------------
# Build: 05-25-2020
# Database: 2020-06-15.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 07-01-2020
# Duration: 00:01:46
# OS: Windows 7 Home Premium
# Scanned: 31836
# Detected: 10


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Adware.Heuristic C:\ProgramData\6E94CB68
PUP.Optional.WebCompanion C:\Program Files (x86)\Lavasoft\Web Companion

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

PUP.Optional.SafeFinder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
PUP.Optional.SafeFinder C:\Users\Dalin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
PUP.Optional.SafeFinder C:\Users\Dalin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
PUP.Optional.SafeFinder C:\Users\Dalin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
PUP.Optional.SafeFinder C:\Users\Dalin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
PUP.Optional.SafeFinder C:\Users\Public\Desktop\Google Chrome.lnk

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.DellUpdateforWindows10 Folder C:\Program Files (x86)\DELL\UPDATESERVICE
Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\DELL\UPDATESERVICE


AdwCleaner[S00].txt - [9830 octets] - [01/07/2020 10:31:29]
AdwCleaner[C00].txt - [8818 octets] - [01/07/2020 10:42:23]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

Re: hrozně zpomalený NTB W10

Napsal: 01 črc 2020 14:56
od Rudy
Rudy píše: 01 črc 2020 13:49 OK. Dejte nové logy FRST+Addition.
Toto jsou logy z ADW.

Re: hrozně zpomalený NTB W10

Napsal: 01 črc 2020 15:15
od dulen.dulen
Omlouvám se :o
logs 01.zip
(44.14 KiB) Staženo 92 x

Re: hrozně zpomalený NTB W10

Napsal: 01 črc 2020 16:18
od Rudy
OK. Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\...\Run: [Srv] => C:\Users\Dalin\AppData\Roaming\taskhost.exe [47104 2018-03-24] (Microsoft Corporation) [File not signed] <==== ATTENTION
HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\...\Policies\Explorer: []
HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\...\MountPoints2: {0bbeb6cd-6a52-11e7-afad-806e6f6e6963} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\...\MountPoints2: {7e4e2025-46ba-11e7-b721-bc77370d2fa4} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\...\MountPoints2: {7e840e56-2e6e-11e2-94b0-bc77370d2fa4} - F:\CrossLink.exe
HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\...\MountPoints2: {a5aebb30-e4b9-11e1-ba33-806e6f6e6963} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL D:\start.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
Startup: C:\Users\Dalin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\taskhost.exe [2018-03-24] (Microsoft Corporation) [File not signed] <==== ATTENTION
Startup: C:\Users\Dalin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\uwjsiccc.lnk [2020-07-01]
ShortcutAndArgument: uwjsiccc.lnk -> C:\Windows\System32\cmd.exe => /c start "" "C:\Users\Dalin\AppData\Roaming\Microsoft\Windows\uwjsiccc\agbgbbsj.exe"
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
CHR HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {05C1772D-7F20-41CA-A302-92D502928DE2} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {0C0F820A-DCB9-47D8-88FB-7F6E9BF635F7} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {152EE6E2-89F8-4648-938D-3FEC2D04C3CF} - \AdobeAAMUpdater-1.0-Dalin-Ntb-Dalin -> No File <==== ATTENTION
Task: {1F24E4A3-9637-46EA-8E5F-2D50D8FAA586} - \DropboxUpdateTaskUserS-1-5-21-2595959808-3299349116-3294144044-1000Core1d2371b2bca5088 -> No File <==== ATTENTION
Task: {2027495C-5F94-4D29-9A76-4237D820539A} - \{352F8712-E510-440D-86D0-1442F8C17FD2} -> No File <==== ATTENTION
Task: {29C7B8F9-E5E0-4918-8C2E-D8A3BD6AF355} - \GoogleUpdateTaskMachineUA1d1e95890c83b3c -> No File <==== ATTENTION
Task: {29D306C1-D54B-48CB-AE25-961ECD39F281} - \{451BE33B-9BE7-4D55-9386-C04D225300A7} -> No File <==== ATTENTION
Task: {2A4B56E4-5606-4A4D-8779-ECD4E7E14F0C} - \MicrosoftEdgeUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {35891521-9EC8-4B89-8808-839D4DDC88F5} - \CCleaner Update -> No File <==== ATTENTION
Task: {46B23593-C74F-45E3-8A47-9EF2E3E4C57D} - \AvastUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {53C422FC-BFDC-4E9C-B57B-F93725C57D75} - \DivXUpdate -> No File <==== ATTENTION
Task: {588DACD0-2EC1-4EEB-AAFA-9EF0F9423F8D} - \Adobe Acrobat Update Task -> No File <==== ATTENTION
Task: {5F509C03-981C-447B-8FB6-FA248707E0DE} - \avastBCLRestartS-1-5-21-2595959808-3299349116-3294144044-1000 -> No File <==== ATTENTION
Task: {6112626D-C51C-4FC9-8C0C-2CF43CB0FB9F} - \Opera scheduled Autoupdate 1593514112 -> No File <==== ATTENTION
Task: {6FE883BE-4446-4E2C-8D2B-116CBDB3257F} - \MicrosoftEdgeUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {7EB9848E-58EF-48B9-8831-07B57B371BFD} - \GoogleUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {8736F159-9E6D-4361-8129-9C14356AF470} - \csrss -> No File <==== ATTENTION
Task: {8F397401-0364-4AF1-BAA8-C5403106E15B} - \Avast TUNEUP Update -> No File <==== ATTENTION
Task: {985A0D63-F100-48C9-BC08-B2892ADB6309} - \NvNgxUpdateCheckDaily_{78821544-1544-1544-1544-788215441544} -> No File <==== ATTENTION
Task: {98A422C6-B2C4-4176-BA9D-9EA4E50885A8} - \McAfee Remediation (Prepare) -> No File <==== ATTENTION
Task: {9B757B8A-87AF-483E-A128-92F929F3DEE7} - \GoogleUpdateTaskMachineCore1d1e9588fa317e2 -> No File <==== ATTENTION
Task: {A2F6985B-356C-4F7B-9A5A-647BE28BBB50} - \{0D59C018-8C18-49B3-A780-1C628D1E0E12} -> No File <==== ATTENTION
Task: {A8A4CD96-7C07-48E8-838C-A6E8AC6F6562} - \DropboxUpdateTaskUserS-1-5-21-2595959808-3299349116-3294144044-1000UA1d2371b2e7ad49d -> No File <==== ATTENTION
Task: {AA1C7B07-2A33-4D78-98FD-DDB4534FA72F} - \AvastUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {B6E77808-0536-427E-8081-C56B45A65A4A} - \Avast Secure Browser Heartbeat Task (Hourly) -> No File <==== ATTENTION
Task: {BB44684C-0430-46F8-83BC-B64724513A21} - \Opera scheduled Autoupdate 711520318 -> No File <==== ATTENTION
Task: {C3391346-B5B4-4664-8F5D-8A9367CBA8B4} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
Task: {D1AFECBD-8D74-46D8-A8DC-A2FCA8F162AD} - \AdobeGCInvoker-1.0 -> No File <==== ATTENTION
Task: {D228A536-02BB-4476-80BC-F5489040E851} - \Avast Secure Browser Heartbeat Task (Logon) -> No File <==== ATTENTION
Task: {DF815079-3F4A-407E-B9FD-8D12C36B18EE} - \{37484A6B-1E93-4B09-8824-B159975CD2F0} -> No File <==== ATTENTION
Task: {E6709CD2-03DF-4BE5-BBA1-0AE7FC22A5AC} - \{85C2E0D6-54AE-49B6-B305-3B615328D359} -> No File <==== ATTENTION
Task: {F49E4E71-8FCB-49E5-A112-55C83BEC38C2} - \Red Giant Link -> No File <==== ATTENTION
Task: {F5F6BB10-42EF-4495-B5F8-2B9B6940726C} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBHN-2kkRkOz2F0hKTkxJLwEPLm2WYUvsJ7WzFpFSkqcHm4Oj6U5AZZMJ3FvOzZUcnOP1xvJy527Uhr3_WOuWTWpWSGEXJGAAP58X-3cenceWGtBIVbRhcHVj1UNldotJb62g0L_yw9trJJ64ftGovlmZtyL24omEeOErNrGdBefIXfF5T-B9x_Pg,,&q={searchTerms}
HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBHN-2kkRkOz2F0hKTkxJLwEPLm2WYUvsJ7WzFpFSkqcHm4Oj6U5AZZMJ3FvOzZUcnOP1xvJy527Uhr3_WOuWTWpWSGEXJKoZcIHK9EjzTSBz1Gh0S-Mspp4bD8e4n7wHl9I0LbTsTImMdDpCpGOz59zB_deVOUOdSEtoBjLhn3Y74TcNq0-69iOQ,,
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: No Name -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll [2010-04-13] (TechSmith Corporation -> TechSmith Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - No Name - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - No File
Toolbar: HKU\S-1-5-21-2595959808-3299349116-3294144044-1000 -> No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
Toolbar: HKU\S-1-5-21-2595959808-3299349116-3294144044-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Edge HomePage: Default -> hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBHN-2kkRkOz2F0hKTkxJLwEPLm2WYUvsJ7WzFpFSkqcHm4Oj6U5AZZMJ3FvOzZUcnOP1xvJy527Uhr3_WOuWTWpWSGEXJKoZcIHK9EjzTSBz1Gh0S-Mspp4bD8e4n7wHl9I0LbTsTImMdDpCpGOz59zB_deVOUOdSEtoBjLhn3Y74TcNq0-69iOQ,,
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin HKU\S-1-5-21-2595959808-3299349116-3294144044-1000: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
CHR StartupUrls: Default -> "hxxps://www.google.com/?trackid=sp-006"
CHR DefaultSearchURL: Default -> hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBHN-2kkRkOz2F0hKTkxJLwEPLm2WYUvsJ7WzFpFSkqcHm4Oj6U5AZZMJ3FvOzZUcnOP1xvJy527Uhr3_WOuWTWpWSGEXJGF7O4k6UyCrH9pFBRcYfSlpk-dnFVLKM5AXRS8XjeWEA6ALp1nvTRDr60-FFXkhQphOx3JBWjWBqdloCXatqrH9FKtg,,&q={searchTerms}
"{45487F67-EC9F-4449-A6F2-2D0970F9B80B}" => service could not be unlocked. <==== ATTENTION
R2 FlexGridService; C:\ProgramData\FlexGridService\FlexGridService.exe [1306112 2020-06-29] (Freemake) [File not signed] <==== ATTENTION
HKLM\SYSTEM\ControlSet001\Services\{45487F67-EC9F-4449-A6F2-2D0970F9B80B} => C:\Windows\System32\drivers\Wdf16712.sys [6559120 2020-06-29] (Access Denied) [File not signed] <==== ATTENTION (Rootkit!/Locked Service)
S3 GPU-Z; \??\C:\Users\Dalin\AppData\Local\Temp\GPU-Z.sys [X] <==== ATTENTION
NETSVC: SearchIndexer -> no filepath.
C:\Windows\system32\HZhzW9iA8.exe
C:\Program Files\KD786ZTGN8
C:\Program Files\38877I5M78
C:\Users\Dalin\AppData\Local\5aec903c-eb4f-452b-a156-683306e332b1
C:\Program Files (x86)\GUT3D9.tmp
C:\Program Files (x86)\GUM3D8.tmp
C:\Program Files (x86)\GUT708A.tmp
C:\Program Files (x86)\GUM7089.tmp
C:\Program Files (x86)\GUT15A9.tmp
C:\Program Files (x86)\GUM15A8.tmp
C:\Program Files (x86)\GUT5D7B.tmp
C:\Program Files (x86)\GUM5D5B.tmp
C:\Program Files (x86)\GUT615.tmp
C:\Program Files (x86)\GUM614.tmp
C:\Program Files (x86)\GUT266B.tmp
C:\Program Files (x86)\GUM266A.tmp
C:\Program Files (x86)\GUTC783.tmp
c:\Program Files (x86)\GUMC773.tmp
C:\Program Files (x86)\GUTC401.tmp
C:\Program Files (x86)\GUMC400.tmp
C:\Program Files (x86)\GUT2878.tmp
C:\Program Files (x86)\GUM2819.tmp
C:\Program Files (x86)\GUTEF96.tmp
C:\Program Files (x86)\GUMEF95.tmp
C:\Program Files (x86)\GUT2F10.tmp
C:\Program Files (x86)\GUM2F0F.tmp
C:\Program Files (x86)\GUM61AD.tmp
C:\Program Files (x86)\GUT61AE.tmp
C:\Program Files (x86)\GUT8C22.tmp
C:\Program Files (x86)\GUM8C21.tmp
C:\Program Files (x86)\GUT6377.tmp
C:\Program Files (x86)\GUM6376.tmp
C:\Program Files (x86)\GUTCCA.tmp
C:\Program Files (x86)\GUMCC9.tmp
C:\Program Files (x86)\GUTC1A2.tmp
C:\Program Files (x86)\GUMC191.tmp
C:\Program Files (x86)\GUT3B5D.tmp
C:\Program Files (x86)\GUM3B5C.tmp
C:\Program Files (x86)\GUTCCDD.tmp
C:\Program Files (x86)\GUMCCCC.tmp
C:\Program Files (x86)\GUT6C22.tmp
C:\Program Files (x86)\GUM6C21.tmp
C:\Program Files (x86)\GUT15A9.tmp
C:\Program Files (x86)\GUT266B.tmp
C:\Program Files (x86)\GUT2878.tmp
C:\Program Files (x86)\GUT2F10.tmp
C:\Program Files (x86)\GUT3B5D.tmp
C:\Program Files (x86)\GUT3D9.tmp
C:\Program Files (x86)\GUT5D1.tmp
C:\Program Files (x86)\GUT5D7B.tmp
C:\Program Files (x86)\GUT615.tmp
C:\Program Files (x86)\GUT61AE.tmp
C:\Program Files (x86)\GUT6377.tmp
C:\Program Files (x86)\GUT6C22.tmp
C:\Program Files (x86)\GUT708A.tmp
C:\Program Files (x86)\GUT8C22.tmp
C:\Program Files (x86)\GUT9F8E.tmp
C:\Program Files (x86)\GUTC1A2.tmp
C:\Program Files (x86)\GUTC401.tmp
C:\Program Files (x86)\GUTC783.tmp
C:\Program Files (x86)\GUTCCA.tmp
C:\Program Files (x86)\GUTCCDD.tmp
C:\Program Files (x86)\GUTEF96.tmp
C:\Users\Dalin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
AlternateDataStreams: C:\Windows:nlsPreferences [0]
AlternateDataStreams: C:\ProgramData\Temp:5A775C3F [372]
FirewallRules: [{61727AC4-8C5A-42A1-BB29-F9EF3B12DAF7}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe => No File
FirewallRules: [{A19E4996-2DD1-43E1-BE80-5853C17C0672}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe => No File
FirewallRules: [TCP Query User{583710E9-0A26-4CFC-84F7-9C81B6329728}C:\program files (x86)\samsung\easy document creator\edc.exe] => (Allow) C:\program files (x86)\samsung\easy document creator\edc.exe => No File
FirewallRules: [UDP Query User{B750D9A8-A8A1-409A-8943-D744A7853A39}C:\program files (x86)\samsung\easy document creator\edc.exe] => (Allow) C:\program files (x86)\samsung\easy document creator\edc.exe => No File
FirewallRules: [{53A8731A-4903-45E3-ADB7-26391FEC8399}] => (Allow) C:\Windows\rss\csrss.exe => No File
FirewallRules: [{E300B854-B466-4F23-BB22-F64D22175388}] => (Allow) C:\Windows\rss\csrss.exe => No File
FirewallRules: [{610C6410-7D76-4C30-9FCF-50F851C26A0B}] => (Allow) C:\Windows\rss\csrss.exe => No File
FirewallRules: [{3AFB193F-DE0D-4D98-BEDD-361ABE3C2361}] => (Allow) C:\Windows\rss\csrss.exe => No File
FirewallRules: [{AAE9F45D-4B21-4B6E-AED7-6F2D680C8994}] => (Allow) C:\Users\Dalin\AppData\Roaming\641ca7643cfa\641ca7643cfa\641ca7643cfa.exe => No File
FirewallRules: [{ECD811C4-0F7E-433E-97F1-BC0361083953}] => (Allow) C:\Windows\rss\csrss.exe => No File
FirewallRules: [{A47EEBF3-E1F2-451C-BF95-C758BA317EB6}] => (Allow) C:\Users\Dalin\AppData\Roaming\641ca7643cfa\641ca7643cfa\641ca7643cfa.exe => No File
FirewallRules: [{4DECE51C-6FB3-400F-A3F3-1759809F20A2}] => (Allow) C:\Windows\rss\csrss.exe => No File
FirewallRules: [{E5007A5A-CA6A-4511-A876-91260593A819}] => (Allow) C:\Users\Dalin\AppData\Roaming\641ca7643cfa\641ca7643cfa\641ca7643cfa.exe => No File

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: hrozně zpomalený NTB W10

Napsal: 01 črc 2020 18:51
od dulen.dulen
Fix result of Farbar Recovery Scan Tool (x64) Version: 30-06-2020
Ran by Dalin (01-07-2020 19:29:41) Run:1
Running from C:\Users\Dalin\Desktop
Loaded Profiles: Dalin
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\...\Run: [Srv] => C:\Users\Dalin\AppData\Roaming\taskhost.exe [47104 2018-03-24] (Microsoft Corporation) [File not signed] <==== ATTENTION
HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\...\Policies\Explorer: []
HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\...\MountPoints2: {0bbeb6cd-6a52-11e7-afad-806e6f6e6963} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\...\MountPoints2: {7e4e2025-46ba-11e7-b721-bc77370d2fa4} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\...\MountPoints2: {7e840e56-2e6e-11e2-94b0-bc77370d2fa4} - F:\CrossLink.exe
HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\...\MountPoints2: {a5aebb30-e4b9-11e1-ba33-806e6f6e6963} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL D:\start.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
Startup: C:\Users\Dalin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\taskhost.exe [2018-03-24] (Microsoft Corporation) [File not signed] <==== ATTENTION
Startup: C:\Users\Dalin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\uwjsiccc.lnk [2020-07-01]
ShortcutAndArgument: uwjsiccc.lnk -> C:\Windows\System32\cmd.exe => /c start "" "C:\Users\Dalin\AppData\Roaming\Microsoft\Windows\uwjsiccc\agbgbbsj.exe"
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
CHR HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {05C1772D-7F20-41CA-A302-92D502928DE2} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {0C0F820A-DCB9-47D8-88FB-7F6E9BF635F7} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {152EE6E2-89F8-4648-938D-3FEC2D04C3CF} - \AdobeAAMUpdater-1.0-Dalin-Ntb-Dalin -> No File <==== ATTENTION
Task: {1F24E4A3-9637-46EA-8E5F-2D50D8FAA586} - \DropboxUpdateTaskUserS-1-5-21-2595959808-3299349116-3294144044-1000Core1d2371b2bca5088 -> No File <==== ATTENTION
Task: {2027495C-5F94-4D29-9A76-4237D820539A} - \{352F8712-E510-440D-86D0-1442F8C17FD2} -> No File <==== ATTENTION
Task: {29C7B8F9-E5E0-4918-8C2E-D8A3BD6AF355} - \GoogleUpdateTaskMachineUA1d1e95890c83b3c -> No File <==== ATTENTION
Task: {29D306C1-D54B-48CB-AE25-961ECD39F281} - \{451BE33B-9BE7-4D55-9386-C04D225300A7} -> No File <==== ATTENTION
Task: {2A4B56E4-5606-4A4D-8779-ECD4E7E14F0C} - \MicrosoftEdgeUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {35891521-9EC8-4B89-8808-839D4DDC88F5} - \CCleaner Update -> No File <==== ATTENTION
Task: {46B23593-C74F-45E3-8A47-9EF2E3E4C57D} - \AvastUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {53C422FC-BFDC-4E9C-B57B-F93725C57D75} - \DivXUpdate -> No File <==== ATTENTION
Task: {588DACD0-2EC1-4EEB-AAFA-9EF0F9423F8D} - \Adobe Acrobat Update Task -> No File <==== ATTENTION
Task: {5F509C03-981C-447B-8FB6-FA248707E0DE} - \avastBCLRestartS-1-5-21-2595959808-3299349116-3294144044-1000 -> No File <==== ATTENTION
Task: {6112626D-C51C-4FC9-8C0C-2CF43CB0FB9F} - \Opera scheduled Autoupdate 1593514112 -> No File <==== ATTENTION
Task: {6FE883BE-4446-4E2C-8D2B-116CBDB3257F} - \MicrosoftEdgeUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {7EB9848E-58EF-48B9-8831-07B57B371BFD} - \GoogleUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {8736F159-9E6D-4361-8129-9C14356AF470} - \csrss -> No File <==== ATTENTION
Task: {8F397401-0364-4AF1-BAA8-C5403106E15B} - \Avast TUNEUP Update -> No File <==== ATTENTION
Task: {985A0D63-F100-48C9-BC08-B2892ADB6309} - \NvNgxUpdateCheckDaily_{78821544-1544-1544-1544-788215441544} -> No File <==== ATTENTION
Task: {98A422C6-B2C4-4176-BA9D-9EA4E50885A8} - \McAfee Remediation (Prepare) -> No File <==== ATTENTION
Task: {9B757B8A-87AF-483E-A128-92F929F3DEE7} - \GoogleUpdateTaskMachineCore1d1e9588fa317e2 -> No File <==== ATTENTION
Task: {A2F6985B-356C-4F7B-9A5A-647BE28BBB50} - \{0D59C018-8C18-49B3-A780-1C628D1E0E12} -> No File <==== ATTENTION
Task: {A8A4CD96-7C07-48E8-838C-A6E8AC6F6562} - \DropboxUpdateTaskUserS-1-5-21-2595959808-3299349116-3294144044-1000UA1d2371b2e7ad49d -> No File <==== ATTENTION
Task: {AA1C7B07-2A33-4D78-98FD-DDB4534FA72F} - \AvastUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {B6E77808-0536-427E-8081-C56B45A65A4A} - \Avast Secure Browser Heartbeat Task (Hourly) -> No File <==== ATTENTION
Task: {BB44684C-0430-46F8-83BC-B64724513A21} - \Opera scheduled Autoupdate 711520318 -> No File <==== ATTENTION
Task: {C3391346-B5B4-4664-8F5D-8A9367CBA8B4} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
Task: {D1AFECBD-8D74-46D8-A8DC-A2FCA8F162AD} - \AdobeGCInvoker-1.0 -> No File <==== ATTENTION
Task: {D228A536-02BB-4476-80BC-F5489040E851} - \Avast Secure Browser Heartbeat Task (Logon) -> No File <==== ATTENTION
Task: {DF815079-3F4A-407E-B9FD-8D12C36B18EE} - \{37484A6B-1E93-4B09-8824-B159975CD2F0} -> No File <==== ATTENTION
Task: {E6709CD2-03DF-4BE5-BBA1-0AE7FC22A5AC} - \{85C2E0D6-54AE-49B6-B305-3B615328D359} -> No File <==== ATTENTION
Task: {F49E4E71-8FCB-49E5-A112-55C83BEC38C2} - \Red Giant Link -> No File <==== ATTENTION
Task: {F5F6BB10-42EF-4495-B5F8-2B9B6940726C} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBHN-2kkRkOz2F0hKTkxJLwEPLm2WYUvsJ7WzFpFSkqcHm4Oj6U5AZZMJ3FvOzZUcnOP1xvJy527Uhr3_WOuWTWpWSGEXJGAAP58X-3cenceWGtBIVbRhcHVj1UNldotJb62g0L_yw9trJJ64ftGovlmZtyL24omEeOErNrGdBefIXfF5T-B9x_Pg,,&q={searchTerms}
HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBHN-2kkRkOz2F0hKTkxJLwEPLm2WYUvsJ7WzFpFSkqcHm4Oj6U5AZZMJ3FvOzZUcnOP1xvJy527Uhr3_WOuWTWpWSGEXJKoZcIHK9EjzTSBz1Gh0S-Mspp4bD8e4n7wHl9I0LbTsTImMdDpCpGOz59zB_deVOUOdSEtoBjLhn3Y74TcNq0-69iOQ,,
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: No Name -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll [2010-04-13] (TechSmith Corporation -> TechSmith Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - No Name - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - No File
Toolbar: HKU\S-1-5-21-2595959808-3299349116-3294144044-1000 -> No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
Toolbar: HKU\S-1-5-21-2595959808-3299349116-3294144044-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Edge HomePage: Default -> hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBHN-2kkRkOz2F0hKTkxJLwEPLm2WYUvsJ7WzFpFSkqcHm4Oj6U5AZZMJ3FvOzZUcnOP1xvJy527Uhr3_WOuWTWpWSGEXJKoZcIHK9EjzTSBz1Gh0S-Mspp4bD8e4n7wHl9I0LbTsTImMdDpCpGOz59zB_deVOUOdSEtoBjLhn3Y74TcNq0-69iOQ,,
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin HKU\S-1-5-21-2595959808-3299349116-3294144044-1000: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
CHR StartupUrls: Default -> "hxxps://www.google.com/?trackid=sp-006"
CHR DefaultSearchURL: Default -> hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBHN-2kkRkOz2F0hKTkxJLwEPLm2WYUvsJ7WzFpFSkqcHm4Oj6U5AZZMJ3FvOzZUcnOP1xvJy527Uhr3_WOuWTWpWSGEXJGF7O4k6UyCrH9pFBRcYfSlpk-dnFVLKM5AXRS8XjeWEA6ALp1nvTRDr60-FFXkhQphOx3JBWjWBqdloCXatqrH9FKtg,,&q={searchTerms}
"{45487F67-EC9F-4449-A6F2-2D0970F9B80B}" => service could not be unlocked. <==== ATTENTION
R2 FlexGridService; C:\ProgramData\FlexGridService\FlexGridService.exe [1306112 2020-06-29] (Freemake) [File not signed] <==== ATTENTION
HKLM\SYSTEM\ControlSet001\Services\{45487F67-EC9F-4449-A6F2-2D0970F9B80B} => C:\Windows\System32\drivers\Wdf16712.sys [6559120 2020-06-29] (Access Denied) [File not signed] <==== ATTENTION (Rootkit!/Locked Service)
S3 GPU-Z; \??\C:\Users\Dalin\AppData\Local\Temp\GPU-Z.sys [X] <==== ATTENTION
NETSVC: SearchIndexer -> no filepath.
C:\Windows\system32\HZhzW9iA8.exe
C:\Program Files\KD786ZTGN8
C:\Program Files\38877I5M78
C:\Users\Dalin\AppData\Local\5aec903c-eb4f-452b-a156-683306e332b1
C:\Program Files (x86)\GUT3D9.tmp
C:\Program Files (x86)\GUM3D8.tmp
C:\Program Files (x86)\GUT708A.tmp
C:\Program Files (x86)\GUM7089.tmp
C:\Program Files (x86)\GUT15A9.tmp
C:\Program Files (x86)\GUM15A8.tmp
C:\Program Files (x86)\GUT5D7B.tmp
C:\Program Files (x86)\GUM5D5B.tmp
C:\Program Files (x86)\GUT615.tmp
C:\Program Files (x86)\GUM614.tmp
C:\Program Files (x86)\GUT266B.tmp
C:\Program Files (x86)\GUM266A.tmp
C:\Program Files (x86)\GUTC783.tmp
c:\Program Files (x86)\GUMC773.tmp
C:\Program Files (x86)\GUTC401.tmp
C:\Program Files (x86)\GUMC400.tmp
C:\Program Files (x86)\GUT2878.tmp
C:\Program Files (x86)\GUM2819.tmp
C:\Program Files (x86)\GUTEF96.tmp
C:\Program Files (x86)\GUMEF95.tmp
C:\Program Files (x86)\GUT2F10.tmp
C:\Program Files (x86)\GUM2F0F.tmp
C:\Program Files (x86)\GUM61AD.tmp
C:\Program Files (x86)\GUT61AE.tmp
C:\Program Files (x86)\GUT8C22.tmp
C:\Program Files (x86)\GUM8C21.tmp
C:\Program Files (x86)\GUT6377.tmp
C:\Program Files (x86)\GUM6376.tmp
C:\Program Files (x86)\GUTCCA.tmp
C:\Program Files (x86)\GUMCC9.tmp
C:\Program Files (x86)\GUTC1A2.tmp
C:\Program Files (x86)\GUMC191.tmp
C:\Program Files (x86)\GUT3B5D.tmp
C:\Program Files (x86)\GUM3B5C.tmp
C:\Program Files (x86)\GUTCCDD.tmp
C:\Program Files (x86)\GUMCCCC.tmp
C:\Program Files (x86)\GUT6C22.tmp
C:\Program Files (x86)\GUM6C21.tmp
C:\Program Files (x86)\GUT15A9.tmp
C:\Program Files (x86)\GUT266B.tmp
C:\Program Files (x86)\GUT2878.tmp
C:\Program Files (x86)\GUT2F10.tmp
C:\Program Files (x86)\GUT3B5D.tmp
C:\Program Files (x86)\GUT3D9.tmp
C:\Program Files (x86)\GUT5D1.tmp
C:\Program Files (x86)\GUT5D7B.tmp
C:\Program Files (x86)\GUT615.tmp
C:\Program Files (x86)\GUT61AE.tmp
C:\Program Files (x86)\GUT6377.tmp
C:\Program Files (x86)\GUT6C22.tmp
C:\Program Files (x86)\GUT708A.tmp
C:\Program Files (x86)\GUT8C22.tmp
C:\Program Files (x86)\GUT9F8E.tmp
C:\Program Files (x86)\GUTC1A2.tmp
C:\Program Files (x86)\GUTC401.tmp
C:\Program Files (x86)\GUTC783.tmp
C:\Program Files (x86)\GUTCCA.tmp
C:\Program Files (x86)\GUTCCDD.tmp
C:\Program Files (x86)\GUTEF96.tmp
C:\Users\Dalin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
AlternateDataStreams: C:\Windows:nlsPreferences [0]
AlternateDataStreams: C:\ProgramData\Temp:5A775C3F [372]
FirewallRules: [{61727AC4-8C5A-42A1-BB29-F9EF3B12DAF7}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe => No File
FirewallRules: [{A19E4996-2DD1-43E1-BE80-5853C17C0672}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe => No File
FirewallRules: [TCP Query User{583710E9-0A26-4CFC-84F7-9C81B6329728}C:\program files (x86)\samsung\easy document creator\edc.exe] => (Allow) C:\program files (x86)\samsung\easy document creator\edc.exe => No File
FirewallRules: [UDP Query User{B750D9A8-A8A1-409A-8943-D744A7853A39}C:\program files (x86)\samsung\easy document creator\edc.exe] => (Allow) C:\program files (x86)\samsung\easy document creator\edc.exe => No File
FirewallRules: [{53A8731A-4903-45E3-ADB7-26391FEC8399}] => (Allow) C:\Windows\rss\csrss.exe => No File
FirewallRules: [{E300B854-B466-4F23-BB22-F64D22175388}] => (Allow) C:\Windows\rss\csrss.exe => No File
FirewallRules: [{610C6410-7D76-4C30-9FCF-50F851C26A0B}] => (Allow) C:\Windows\rss\csrss.exe => No File
FirewallRules: [{3AFB193F-DE0D-4D98-BEDD-361ABE3C2361}] => (Allow) C:\Windows\rss\csrss.exe => No File
FirewallRules: [{AAE9F45D-4B21-4B6E-AED7-6F2D680C8994}] => (Allow) C:\Users\Dalin\AppData\Roaming\641ca7643cfa\641ca7643cfa\641ca7643cfa.exe => No File
FirewallRules: [{ECD811C4-0F7E-433E-97F1-BC0361083953}] => (Allow) C:\Windows\rss\csrss.exe => No File
FirewallRules: [{A47EEBF3-E1F2-451C-BF95-C758BA317EB6}] => (Allow) C:\Users\Dalin\AppData\Roaming\641ca7643cfa\641ca7643cfa\641ca7643cfa.exe => No File
FirewallRules: [{4DECE51C-6FB3-400F-A3F3-1759809F20A2}] => (Allow) C:\Windows\rss\csrss.exe => No File
FirewallRules: [{E5007A5A-CA6A-4511-A876-91260593A819}] => (Allow) C:\Users\Dalin\AppData\Roaming\641ca7643cfa\641ca7643cfa\641ca7643cfa.exe => No File

EmptyTemp:
End
*****************

Processes closed successfully.
"HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Srv" => removed successfully
"HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => removed successfully
HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0bbeb6cd-6a52-11e7-afad-806e6f6e6963} => removed successfully
HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7e4e2025-46ba-11e7-b721-bc77370d2fa4} => removed successfully
HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7e840e56-2e6e-11e2-94b0-bc77370d2fa4} => removed successfully
HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a5aebb30-e4b9-11e1-ba33-806e6f6e6963} => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\volaro => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\vonteera => removed successfully
C:\Users\Dalin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\taskhost.exe => moved successfully
C:\Users\Dalin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\uwjsiccc.lnk => moved successfully
ShortcutAndArgument: uwjsiccc.lnk -> C:\Windows\System32\cmd.exe => /c start "" "C:\Users\Dalin\AppData\Roaming\Microsoft\Windows\uwjsiccc\agbgbbsj.exe" => Error: No automatic fix found for this entry.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{05C1772D-7F20-41CA-A302-92D502928DE2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{05C1772D-7F20-41CA-A302-92D502928DE2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0C0F820A-DCB9-47D8-88FB-7F6E9BF635F7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C0F820A-DCB9-47D8-88FB-7F6E9BF635F7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{152EE6E2-89F8-4648-938D-3FEC2D04C3CF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{152EE6E2-89F8-4648-938D-3FEC2D04C3CF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeAAMUpdater-1.0-Dalin-Ntb-Dalin" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1F24E4A3-9637-46EA-8E5F-2D50D8FAA586}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F24E4A3-9637-46EA-8E5F-2D50D8FAA586}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DropboxUpdateTaskUserS-1-5-21-2595959808-3299349116-3294144044-1000Core1d2371b2bca5088" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2027495C-5F94-4D29-9A76-4237D820539A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2027495C-5F94-4D29-9A76-4237D820539A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{352F8712-E510-440D-86D0-1442F8C17FD2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{29C7B8F9-E5E0-4918-8C2E-D8A3BD6AF355}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{29C7B8F9-E5E0-4918-8C2E-D8A3BD6AF355}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA1d1e95890c83b3c" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{29D306C1-D54B-48CB-AE25-961ECD39F281}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{29D306C1-D54B-48CB-AE25-961ECD39F281}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{451BE33B-9BE7-4D55-9386-C04D225300A7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2A4B56E4-5606-4A4D-8779-ECD4E7E14F0C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2A4B56E4-5606-4A4D-8779-ECD4E7E14F0C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MicrosoftEdgeUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WindowsBackup\ConfigNotification" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{35891521-9EC8-4B89-8808-839D4DDC88F5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{35891521-9EC8-4B89-8808-839D4DDC88F5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleaner Update" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{46B23593-C74F-45E3-8A47-9EF2E3E4C57D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{46B23593-C74F-45E3-8A47-9EF2E3E4C57D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AvastUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{53C422FC-BFDC-4E9C-B57B-F93725C57D75}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{53C422FC-BFDC-4E9C-B57B-F93725C57D75}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DivXUpdate" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{588DACD0-2EC1-4EEB-AAFA-9EF0F9423F8D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{588DACD0-2EC1-4EEB-AAFA-9EF0F9423F8D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5F509C03-981C-447B-8FB6-FA248707E0DE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F509C03-981C-447B-8FB6-FA248707E0DE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\avastBCLRestartS-1-5-21-2595959808-3299349116-3294144044-1000" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6112626D-C51C-4FC9-8C0C-2CF43CB0FB9F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6112626D-C51C-4FC9-8C0C-2CF43CB0FB9F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1593514112" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6FE883BE-4446-4E2C-8D2B-116CBDB3257F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6FE883BE-4446-4E2C-8D2B-116CBDB3257F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MicrosoftEdgeUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7EB9848E-58EF-48B9-8831-07B57B371BFD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7EB9848E-58EF-48B9-8831-07B57B371BFD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8736F159-9E6D-4361-8129-9C14356AF470}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8736F159-9E6D-4361-8129-9C14356AF470}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\csrss" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{8F397401-0364-4AF1-BAA8-C5403106E15B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F397401-0364-4AF1-BAA8-C5403106E15B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast TUNEUP Update" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{985A0D63-F100-48C9-BC08-B2892ADB6309}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{985A0D63-F100-48C9-BC08-B2892ADB6309}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvNgxUpdateCheckDaily_{78821544-1544-1544-1544-788215441544}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{98A422C6-B2C4-4176-BA9D-9EA4E50885A8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{98A422C6-B2C4-4176-BA9D-9EA4E50885A8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\McAfee Remediation (Prepare)" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9B757B8A-87AF-483E-A128-92F929F3DEE7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9B757B8A-87AF-483E-A128-92F929F3DEE7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore1d1e9588fa317e2" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A2F6985B-356C-4F7B-9A5A-647BE28BBB50}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A2F6985B-356C-4F7B-9A5A-647BE28BBB50}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0D59C018-8C18-49B3-A780-1C628D1E0E12}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A8A4CD96-7C07-48E8-838C-A6E8AC6F6562}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A8A4CD96-7C07-48E8-838C-A6E8AC6F6562}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DropboxUpdateTaskUserS-1-5-21-2595959808-3299349116-3294144044-1000UA1d2371b2e7ad49d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AA1C7B07-2A33-4D78-98FD-DDB4534FA72F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AA1C7B07-2A33-4D78-98FD-DDB4534FA72F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AvastUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AC4E5ACF-89F7-4220-BA21-81EE183975E2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC4E5ACF-89F7-4220-BA21-81EE183975E2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\AitAgent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B6E77808-0536-427E-8081-C56B45A65A4A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B6E77808-0536-427E-8081-C56B45A65A4A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Secure Browser Heartbeat Task (Hourly)" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BB44684C-0430-46F8-83BC-B64724513A21}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB44684C-0430-46F8-83BC-B64724513A21}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 711520318" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C3391346-B5B4-4664-8F5D-8A9367CBA8B4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C3391346-B5B4-4664-8F5D-8A9367CBA8B4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Activation Technologies\ValidationTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CEE64558-E1A7-4D9D-80A7-2001912BE5B5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CEE64558-E1A7-4D9D-80A7-2001912BE5B5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MemoryDiagnostic\CorruptionDetector" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D1AFECBD-8D74-46D8-A8DC-A2FCA8F162AD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D1AFECBD-8D74-46D8-A8DC-A2FCA8F162AD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeGCInvoker-1.0" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D228A536-02BB-4476-80BC-F5489040E851}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D228A536-02BB-4476-80BC-F5489040E851}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Secure Browser Heartbeat Task (Logon)" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DF815079-3F4A-407E-B9FD-8D12C36B18EE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF815079-3F4A-407E-B9FD-8D12C36B18EE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{37484A6B-1E93-4B09-8824-B159975CD2F0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E6709CD2-03DF-4BE5-BBA1-0AE7FC22A5AC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E6709CD2-03DF-4BE5-BBA1-0AE7FC22A5AC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{85C2E0D6-54AE-49B6-B305-3B615328D359}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F49E4E71-8FCB-49E5-A112-55C83BEC38C2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F49E4E71-8FCB-49E5-A112-55C83BEC38C2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Red Giant Link" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F5F6BB10-42EF-4495-B5F8-2B9B6940726C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F5F6BB10-42EF-4495-B5F8-2B9B6940726C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FA2BC0A6-8D4B-458A-85C8-2B8C72487513}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FA2BC0A6-8D4B-458A-85C8-2B8C72487513}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector" => removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\Software\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\Software\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208} => removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => removed successfully
HKLM\Software\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3}" => removed successfully
HKLM\Software\Classes\CLSID\{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} => removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3}" => removed successfully
"HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3}" => removed successfully
"HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93}" => removed successfully
"Edge HomePage" => removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\MozillaPlugins\wacom.com/WacomTabletPlugin => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3 => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\wacom.com/WacomTabletPlugin => removed successfully
HKU\S-1-5-21-2595959808-3299349116-3294144044-1000\Software\MozillaPlugins\wacom.com/WacomTabletPlugin => removed successfully
"C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll" => not found
"Chrome StartupUrls" => removed successfully
"Chrome DefaultSearchURL" => removed successfully
"{45487F67-EC9F-4449-A6F2-2D0970F9B80B}" => service could not be unlocked. <==== ATTENTION => Error: No automatic fix found for this entry.
HKLM\System\CurrentControlSet\Services\FlexGridService => removed successfully
FlexGridService => service removed successfully
HKLM\SYSTEM\ControlSet001\Services\{45487F67-EC9F-4449-A6F2-2D0970F9B80B} => C:\Windows\System32\drivers\Wdf16712.sys [6559120 2020-06-29] (Access Denied) [File not signed] <==== ATTENTION (Rootkit!/Locked Service) => Error: No automatic fix found for this entry.
HKLM\System\CurrentControlSet\Services\GPU-Z => removed successfully
GPU-Z => service removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs SearchIndexer could not remove.
C:\Windows\system32\HZhzW9iA8.exe => moved successfully
C:\Program Files\KD786ZTGN8 => moved successfully
C:\Program Files\38877I5M78 => moved successfully
C:\Users\Dalin\AppData\Local\5aec903c-eb4f-452b-a156-683306e332b1 => moved successfully
C:\Program Files (x86)\GUT3D9.tmp => moved successfully
C:\Program Files (x86)\GUM3D8.tmp => moved successfully
C:\Program Files (x86)\GUT708A.tmp => moved successfully
C:\Program Files (x86)\GUM7089.tmp => moved successfully
C:\Program Files (x86)\GUT15A9.tmp => moved successfully
C:\Program Files (x86)\GUM15A8.tmp => moved successfully
C:\Program Files (x86)\GUT5D7B.tmp => moved successfully
C:\Program Files (x86)\GUM5D5B.tmp => moved successfully
C:\Program Files (x86)\GUT615.tmp => moved successfully
C:\Program Files (x86)\GUM614.tmp => moved successfully
C:\Program Files (x86)\GUT266B.tmp => moved successfully
C:\Program Files (x86)\GUM266A.tmp => moved successfully
C:\Program Files (x86)\GUTC783.tmp => moved successfully
c:\Program Files (x86)\GUMC773.tmp => moved successfully
C:\Program Files (x86)\GUTC401.tmp => moved successfully
C:\Program Files (x86)\GUMC400.tmp => moved successfully
C:\Program Files (x86)\GUT2878.tmp => moved successfully
C:\Program Files (x86)\GUM2819.tmp => moved successfully
C:\Program Files (x86)\GUTEF96.tmp => moved successfully
C:\Program Files (x86)\GUMEF95.tmp => moved successfully
C:\Program Files (x86)\GUT2F10.tmp => moved successfully
C:\Program Files (x86)\GUM2F0F.tmp => moved successfully
C:\Program Files (x86)\GUM61AD.tmp => moved successfully
C:\Program Files (x86)\GUT61AE.tmp => moved successfully
C:\Program Files (x86)\GUT8C22.tmp => moved successfully
C:\Program Files (x86)\GUM8C21.tmp => moved successfully
C:\Program Files (x86)\GUT6377.tmp => moved successfully
C:\Program Files (x86)\GUM6376.tmp => moved successfully
C:\Program Files (x86)\GUTCCA.tmp => moved successfully
C:\Program Files (x86)\GUMCC9.tmp => moved successfully
C:\Program Files (x86)\GUTC1A2.tmp => moved successfully
C:\Program Files (x86)\GUMC191.tmp => moved successfully
C:\Program Files (x86)\GUT3B5D.tmp => moved successfully
C:\Program Files (x86)\GUM3B5C.tmp => moved successfully
C:\Program Files (x86)\GUTCCDD.tmp => moved successfully
C:\Program Files (x86)\GUMCCCC.tmp => moved successfully
C:\Program Files (x86)\GUT6C22.tmp => moved successfully
C:\Program Files (x86)\GUM6C21.tmp => moved successfully
"C:\Program Files (x86)\GUT15A9.tmp" => not found
"C:\Program Files (x86)\GUT266B.tmp" => not found
"C:\Program Files (x86)\GUT2878.tmp" => not found
"C:\Program Files (x86)\GUT2F10.tmp" => not found
"C:\Program Files (x86)\GUT3B5D.tmp" => not found
"C:\Program Files (x86)\GUT3D9.tmp" => not found
C:\Program Files (x86)\GUT5D1.tmp => moved successfully
"C:\Program Files (x86)\GUT5D7B.tmp" => not found
"C:\Program Files (x86)\GUT615.tmp" => not found
"C:\Program Files (x86)\GUT61AE.tmp" => not found
"C:\Program Files (x86)\GUT6377.tmp" => not found
"C:\Program Files (x86)\GUT6C22.tmp" => not found
"C:\Program Files (x86)\GUT708A.tmp" => not found
"C:\Program Files (x86)\GUT8C22.tmp" => not found
C:\Program Files (x86)\GUT9F8E.tmp => moved successfully
"C:\Program Files (x86)\GUTC1A2.tmp" => not found
"C:\Program Files (x86)\GUTC401.tmp" => not found
"C:\Program Files (x86)\GUTC783.tmp" => not found
"C:\Program Files (x86)\GUTCCA.tmp" => not found
"C:\Program Files (x86)\GUTCCDD.tmp" => not found
"C:\Program Files (x86)\GUTEF96.tmp" => not found
C:\Users\Dalin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => removed successfully
C:\Windows => ":nlsPreferences" ADS removed successfully
C:\ProgramData\Temp => ":5A775C3F" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{61727AC4-8C5A-42A1-BB29-F9EF3B12DAF7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A19E4996-2DD1-43E1-BE80-5853C17C0672}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{583710E9-0A26-4CFC-84F7-9C81B6329728}C:\program files (x86)\samsung\easy document creator\edc.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B750D9A8-A8A1-409A-8943-D744A7853A39}C:\program files (x86)\samsung\easy document creator\edc.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{53A8731A-4903-45E3-ADB7-26391FEC8399}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E300B854-B466-4F23-BB22-F64D22175388}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{610C6410-7D76-4C30-9FCF-50F851C26A0B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3AFB193F-DE0D-4D98-BEDD-361ABE3C2361}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AAE9F45D-4B21-4B6E-AED7-6F2D680C8994}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ECD811C4-0F7E-433E-97F1-BC0361083953}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A47EEBF3-E1F2-451C-BF95-C758BA317EB6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4DECE51C-6FB3-400F-A3F3-1759809F20A2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E5007A5A-CA6A-4511-A876-91260593A819}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 12582912 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9286593 B
Java, Flash, Steam htmlcache => 958988 B
Windows/system/drivers => 17115299 B
Edge => 0 B
Chrome => 3670576 B
Firefox => 618104039 B
Opera => 60339008 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 42351741 B
systemprofile32 => 46271426 B
LocalService => 46403670 B
NetworkService => 46475208 B
Dalin => 894214089 B
UpdatusUser => 894214089 B

RecycleBin => 2131 B
EmptyTemp: => 2.5 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:30:31 ====

Re: hrozně zpomalený NTB W10

Napsal: 01 črc 2020 19:54
od Rudy
Smazáno. Nastala nějaká změna?

Re: hrozně zpomalený NTB W10

Napsal: 02 črc 2020 00:56
od dulen.dulen
Stroj se výrazne zrychlil, ale zničeho nic mně nefunguje volna diakritika ( třeba Ň/ň)

Re: hrozně zpomalený NTB W10

Napsal: 02 črc 2020 09:31
od Rudy
To je divné, nic z systémových ovladačů jsem nemazal. Zkuste přes příkazový řádek příkazem:
sfc /scannow
spustit kontrolu a případnou opravu systémových souborů. PC byl poměrně hodně zaneřáděn, takže je možné, že byl poškozen systém.

Re: hrozně zpomalený NTB W10

Napsal: 02 črc 2020 13:51
od dulen.dulen
tohle s toho vypadlo:

Re: hrozně zpomalený NTB W10

Napsal: 02 črc 2020 13:54
od Rudy
Nějaké chyby to našlo, důležité je , co bylo opraveno a zda to pomohlo.
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz