Fix result of Farbar Recovery Scan Tool (x64) Version: 09-09-2020
Ran by Samsung (11-09-2020 13:02:41) Run:1
Running from D:\Downloads
Loaded Profiles: Samsung
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2789528202-2806050775-268277386-1000\...\MountPoints2: {1eb36e77-225d-11ea-af4d-8a38d1b65448} - F:\SDI_auto.bat
HKU\S-1-5-21-2789528202-2806050775-268277386-1000\...\MountPoints2: {3de9e819-7e3f-11ea-9de9-e811327012ce} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2789528202-2806050775-268277386-1000\...\MountPoints2: {4b22101b-61cb-11ea-86e8-e811327012ce} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2789528202-2806050775-268277386-1000\...\MountPoints2: {6023e2b0-2807-11ea-a8dc-e811327012ce} - F:\HiSuiteDownLoader.exe
CHR HKU\S-1-5-21-2789528202-2806050775-268277386-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ldgpjdiadomhinpimgchmeembbgojnjk]
2020-09-10 19:40 - 2020-09-11 09:54 - 011431936 _____ C:\ProgramData\temp5.exe
2020-09-10 13:59 - 2020-09-11 12:29 - 000000000 __SHD C:\ProgramData\Windows
2020-09-10 13:58 - 2020-09-11 12:29 - 000000000 ___HD C:\Program Files\RDP Wrapper
2020-09-10 13:58 - 2020-09-10 13:58 - 000210944 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2020-09-10 13:47 - 2020-09-11 09:54 - 000000000 __SHD C:\ProgramData\RunDLL
2020-09-10 13:47 - 2020-09-11 09:23 - 000000000 __SHD C:\ProgramData\WindowsTask
2020-09-10 13:47 - 2020-09-10 15:46 - 000000000 __SHD C:\ProgramData\Setup
2020-09-10 13:47 - 2020-09-10 13:59 - 000000000 __SHD C:\ProgramData\install
2020-09-10 13:47 - 2020-09-10 13:47 - 000000000 __SHD C:\ProgramData\Norton
2020-09-10 13:47 - 2020-09-10 13:47 - 000000000 __SHD C:\ProgramData\McAfee
2020-09-10 13:47 - 2020-09-10 13:47 - 000000000 __SHD C:\ProgramData\Kaspersky Lab Setup Files
2020-09-10 13:47 - 2020-09-10 13:47 - 000000000 __SHD C:\ProgramData\Kaspersky Lab
2020-09-10 13:47 - 2020-09-10 13:47 - 000000000 __SHD C:\ProgramData\grizzly
2020-09-10 13:47 - 2020-09-10 13:47 - 000000000 __SHD C:\ProgramData\ESET
2020-09-10 13:47 - 2020-09-10 13:47 - 000000000 __SHD C:\ProgramData\Doctor Web
2020-09-10 13:47 - 2020-09-10 13:47 - 000000000 __SHD C:\ProgramData\AVAST Software
2020-09-10 13:47 - 2020-09-10 13:47 - 000000000 __SHD C:\ProgramData\360safe
2020-09-10 13:47 - 2020-09-10 13:47 - 000000000 __SHD C:\Program Files\SpyHunter
2020-09-10 13:47 - 2020-09-10 13:47 - 000000000 __SHD C:\Program Files\Malwarebytes
2020-09-10 13:47 - 2020-09-10 13:47 - 000000000 __SHD C:\Program Files\Kaspersky Lab
2020-09-10 13:47 - 2020-09-10 13:47 - 000000000 __SHD C:\Program Files\ESET
2020-09-10 13:47 - 2020-09-10 13:47 - 000000000 __SHD C:\Program Files\Enigma Software Group
2020-09-10 13:47 - 2020-09-10 13:47 - 000000000 __SHD C:\Program Files\COMODO
2020-09-10 13:47 - 2020-09-10 13:47 - 000000000 __SHD C:\Program Files\Common Files\McAfee
2020-09-10 13:47 - 2020-09-10 13:47 - 000000000 __SHD C:\Program Files\Cezurity
2020-09-10 13:47 - 2020-09-10 13:47 - 000000000 __SHD C:\Program Files\ByteFence
2020-09-10 13:47 - 2020-09-10 13:47 - 000000000 __SHD C:\Program Files\AVG
2020-09-10 13:47 - 2020-09-10 13:47 - 000000000 __SHD C:\Program Files\AVAST Software
2020-09-10 13:47 - 2020-09-10 13:47 - 000000000 __SHD C:\Program Files (x86)\SpyHunter
2020-09-10 13:47 - 2020-09-10 13:47 - 000000000 __SHD C:\Program Files (x86)\Panda Security
2020-09-10 13:47 - 2020-09-10 13:47 - 000000000 __SHD C:\Program Files (x86)\Microsoft JDX
2020-09-10 13:47 - 2020-09-10 13:47 - 000000000 __SHD C:\Program Files (x86)\Kaspersky Lab
2020-09-10 13:47 - 2020-09-10 13:47 - 000000000 __SHD C:\Program Files (x86)\GRIZZLY Antivirus
2020-09-10 13:47 - 2020-09-10 13:47 - 000000000 __SHD C:\Program Files (x86)\Cezurity
2020-09-10 13:47 - 2020-09-10 13:47 - 000000000 __SHD C:\Program Files (x86)\AVG
2020-09-10 13:47 - 2020-09-10 13:47 - 000000000 __SHD C:\Program Files (x86)\AVAST Software
2020-09-10 13:47 - 2020-09-10 13:47 - 000000000 __SHD C:\Program Files (x86)\360
2020-09-10 13:47 - 2020-09-10 13:47 - 000000000 __SHD C:\KVRT_Data
2020-09-10 13:47 - 2020-09-10 13:47 - 000000000 __SHD C:\AdwCleaner
2020-09-10 13:47 - 2020-09-10 13:47 - 000000000 ____D C:\Windows\speechstracing
2020-09-10 13:47 - 2020-09-10 13:47 - 000000000 ____D C:\ProgramData\System32
2020-09-10 13:47 - 2020-09-10 13:47 - 000000000 ____D C:\ProgramData\MB3Install
2020-09-10 13:47 - 2020-09-10 13:47 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-09-10 13:47 - 2020-09-10 13:47 - 000000000 ____D C:\ProgramData\Indus
2020-09-10 13:47 - 2020-09-10 13:47 - 000000000 ____D C:\ProgramData\Avira
2020-08-18 09:24 - 2017-12-27 22:20 - 001460224 _____ (Stas'M Corp.) C:\ProgramData\RDPWinst.exe
FirewallRules: [{512D656D-7EC4-4095-8FAA-28F855634AE0}] => (Block) LPort=139
FirewallRules: [{4378EA10-4469-40EB-97B1-B8BE88E9C382}] => (Block) LPort=445
FirewallRules: [{A499BC8E-3EE0-42CC-BA7F-4CA51E1D95F6}] => (Block) LPort=445
FirewallRules: [{8C5F3729-0CC6-4D15-AF0B-5F7CB81E8148}] => (Block) LPort=139
FirewallRules: [{60EE6366-9558-4CFC-8FC3-93DD0727C2B3}] => (Allow) LPort=3389
FirewallRules: [{805B6AE7-2A18-4CB6-95AA-A59AC6CCF9F8}] => (Allow) C:\ProgramData\Windows\rutserv.exe => No File
CMD: net user john /delete
ExportKey: HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions
EmptyTemp:
Reboot:

*****************

Error: (0) Failed to create a restore point.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKU\S-1-5-21-2789528202-2806050775-268277386-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1eb36e77-225d-11ea-af4d-8a38d1b65448} => removed successfully
HKU\S-1-5-21-2789528202-2806050775-268277386-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3de9e819-7e3f-11ea-9de9-e811327012ce} => removed successfully
HKU\S-1-5-21-2789528202-2806050775-268277386-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4b22101b-61cb-11ea-86e8-e811327012ce} => removed successfully
HKU\S-1-5-21-2789528202-2806050775-268277386-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6023e2b0-2807-11ea-a8dc-e811327012ce} => removed successfully
HKU\S-1-5-21-2789528202-2806050775-268277386-1000\SOFTWARE\Google\Chrome\Extensions\ldgpjdiadomhinpimgchmeembbgojnjk => removed successfully
C:\ProgramData\temp5.exe => moved successfully
C:\ProgramData\Windows => moved successfully
C:\Program Files\RDP Wrapper => moved successfully
C:\Windows\system32\rdpclip.exe => moved successfully
C:\ProgramData\RunDLL => moved successfully
C:\ProgramData\WindowsTask => moved successfully
C:\ProgramData\Setup => moved successfully
C:\ProgramData\install => moved successfully
C:\ProgramData\Norton => moved successfully
C:\ProgramData\McAfee => moved successfully
C:\ProgramData\Kaspersky Lab Setup Files => moved successfully
C:\ProgramData\Kaspersky Lab => moved successfully
C:\ProgramData\grizzly => moved successfully
C:\ProgramData\ESET => moved successfully
C:\ProgramData\Doctor Web => moved successfully
C:\ProgramData\AVAST Software => moved successfully
C:\ProgramData\360safe => moved successfully
C:\Program Files\SpyHunter => moved successfully
C:\Program Files\Malwarebytes => moved successfully
C:\Program Files\Kaspersky Lab => moved successfully
C:\Program Files\ESET => moved successfully
C:\Program Files\Enigma Software Group => moved successfully
C:\Program Files\COMODO => moved successfully
C:\Program Files\Common Files\McAfee => moved successfully
C:\Program Files\Cezurity => moved successfully
C:\Program Files\ByteFence => moved successfully
C:\Program Files\AVG => moved successfully
C:\Program Files\AVAST Software => moved successfully
C:\Program Files (x86)\SpyHunter => moved successfully
C:\Program Files (x86)\Panda Security => moved successfully
C:\Program Files (x86)\Microsoft JDX => moved successfully
C:\Program Files (x86)\Kaspersky Lab => moved successfully
C:\Program Files (x86)\GRIZZLY Antivirus => moved successfully
C:\Program Files (x86)\Cezurity => moved successfully
C:\Program Files (x86)\AVG => moved successfully
C:\Program Files (x86)\AVAST Software => moved successfully
C:\Program Files (x86)\360 => moved successfully
C:\KVRT_Data => moved successfully
C:\AdwCleaner => moved successfully
C:\Windows\speechstracing => moved successfully
C:\ProgramData\System32 => moved successfully
C:\ProgramData\MB3Install => moved successfully
C:\ProgramData\Malwarebytes => moved successfully
C:\ProgramData\Indus => moved successfully
C:\ProgramData\Avira => moved successfully
C:\ProgramData\RDPWinst.exe => moved successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{512D656D-7EC4-4095-8FAA-28F855634AE0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4378EA10-4469-40EB-97B1-B8BE88E9C382}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A499BC8E-3EE0-42CC-BA7F-4CA51E1D95F6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8C5F3729-0CC6-4D15-AF0B-5F7CB81E8148}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{60EE6366-9558-4CFC-8FC3-93DD0727C2B3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{805B6AE7-2A18-4CB6-95AA-A59AC6CCF9F8}" => removed successfully

========= net user john /delete =========

The command completed successfully.


========= End of CMD: =========

================== ExportKey: ===================

[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Extensions]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Processes]

=== End of ExportKey ===

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 52494109 B
Java, Flash, Steam htmlcache => 57659715 B
Windows/system/drivers => 11823 B
Edge => 0 B
Chrome => 6628982660 B
Firefox => 43774 B
Opera => 5564061 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 66228 B
Public => 66228 B
ProgramData => 66228 B
systemprofile => 150385 B
systemprofile32 => 216613 B
LocalService => 348857 B
NetworkService => 22632004 B
Samsung => 85944754 B
вилена => 86746835 B
Гость => 86916283 B

RecycleBin => 208055824 B
EmptyTemp: => 6.7 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 13:03:20 ====