VIRY.CZ

Prosím o kontrolu - svchost zatěžuje CPU 100%

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-03-2017
Ran by Pavel (administrator) on PAVEL-PC (01-03-2017 16:20:20)
Running from C:\Users\Pavel\Desktop
Loaded Profiles: Pavel (Available Profiles: Pavel)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashUtil10c.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Pavel\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
() C:\Users\Pavel\AppData\Local\MSGBOX.EXE

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM\...\Run: [hpqSRMon] => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM\...\Run: [MobileBroadband] => C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe [69632 2012-03-20] (Vodafone)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6108752 2016-01-05] (AVAST Software)
HKU\S-1-5-21-390029833-3256150690-2021033676-1001\...\Run: [BackgroundContainerV3] => "C:\Windows\system32\Rundll32.exe" "C:\Users\Pavel\AppData\Local\Cctbplt\BackgroundContainer\BackgroundContainer.dll",DllRun
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-07-27] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2012-03-18]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{7096B482-7DE7-4D97-AA21-D5E4E790AAF5}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{89C30454-F1C6-46C9-A760-B2DA414C3551}: [DhcpNameServer] 213.46.172.36 213.46.172.37

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-390029833-3256150690-2021033676-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-390029833-3256150690-2021033676-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-390029833-3256150690-2021033676-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006
URLSearchHook: HKLM - (No Name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No File
SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKLM -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1750559
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-390029833-3256150690-2021033676-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-390029833-3256150690-2021033676-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=G3A0B1 ... earchTerms}
SearchScopes: HKU\S-1-5-21-390029833-3256150690-2021033676-1001 -> {5549F1BE-1CC0-4E67-843D-89D71D093C78} URL = hxxp://www.search.ask.com/web?tpid=ORJ&o=10000 ... psv=&pt=tb
SearchScopes: HKU\S-1-5-21-390029833-3256150690-2021033676-1001 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1750559
SearchScopes: HKU\S-1-5-21-390029833-3256150690-2021033676-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2012-08-16] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-27] (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-08-16] (Oracle Corporation)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_06-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_06-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_06-windows-i586.cab

FireFox:
========
FF ProfilePath: C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\z4qsz8b0.default [2017-03-01]
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\z4qsz8b0.default -> Google
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\z4qsz8b0.default -> Google
FF Homepage: Mozilla\Firefox\Profiles\z4qsz8b0.default -> hxxps://www.google.com/?bcutc=sp-006
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\z4qsz8b0.default -> Google
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\z4qsz8b0.default -> hxxps://www.google.com/search?bcutc=sp-006
FF Keyword.URL: Mozilla\Firefox\Profiles\z4qsz8b0.default -> hxxps://www.google.com/search?bcutc=sp-006
FF NewTab: Mozilla\Firefox\Profiles\z4qsz8b0.default -> about:newtab
FF SearchPlugin: C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\z4qsz8b0.default\searchplugins\askcom.xml [2013-01-28]
FF SearchPlugin: C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\z4qsz8b0.default\searchplugins\google-avast.xml [2017-02-28]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-03-18] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-07-27] [not signed]
FF HKU\S-1-5-21-390029833-3256150690-2021033676-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [2012-03-18] ()
FF Plugin: @java.com/DTPlugin,version=10.6.2 -> C:\Windows\system32\npDeployJava1.dll [2012-08-16] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2012-08-16] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.6.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2012-08-16] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-29] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-29] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-09-04] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default [2017-03-01]
CHR Extension: (Prezentace Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-05]
CHR Extension: (Dokumenty Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-05]
CHR Extension: (Disk Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-05]
CHR Extension: (YouTube) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-05]
CHR Extension: (Vyhledávání Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-24]
CHR Extension: (Tabulky Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-01]
CHR Extension: (Avast Online Security) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-10-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-01]
CHR Extension: (Gmail) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-24]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-27]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-27] (AVAST Software)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [694784 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
S2 VmbService; C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [8704 2012-03-20] (Vodafone) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ALCXWDM; C:\Windows\System32\drivers\RTKVAC.SYS [4172832 2009-06-18] (Realtek Semiconductor Corp.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-07-27] (AVAST Software)
R1 aswKbd; C:\Windows\system32\Drivers\aswKbd.sys [20624 2012-10-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [76000 2015-07-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-07-27] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-07-27] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [794952 2016-01-05] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [435464 2016-01-05] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [113592 2015-07-27] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208664 2015-07-27] (AVAST Software)
S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [89856 2012-03-16] (Huawei Technologies Co., Ltd.)
S3 hwusbfake; C:\Windows\System32\DRIVERS\ewusbfake.sys [100736 2009-07-23] (Huawei Technologies Co., Ltd.)
R3 NETw2v32; C:\Windows\System32\DRIVERS\NETw2v32.sys [2595840 2007-03-07] (Intel® Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Pavel\AppData\Local\Temp\catchme.sys [X] <==== ATTENTION
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-01 16:20 - 2017-03-01 16:24 - 00015526 _____ C:\Users\Pavel\Desktop\FRST.txt
2017-03-01 16:19 - 2017-03-01 16:20 - 00000000 ____D C:\FRST
2017-03-01 16:19 - 2017-03-01 16:19 - 00015327 _____ C:\Users\Pavel\Desktop\LM.bat
2017-03-01 16:17 - 2017-03-01 16:17 - 00112640 _____ (forum.viry.cz) C:\Users\Pavel\Desktop\FRSTLauncher.exe
2017-03-01 16:09 - 2017-03-01 16:10 - 01765888 _____ (Farbar) C:\Users\Pavel\Desktop\FRST.exe
2017-03-01 15:53 - 2017-03-01 15:59 - 00000000 ___SD C:\ComboFix
2017-03-01 15:19 - 2017-03-01 15:47 - 00201284 _____ C:\Windows\ntbtlog.txt
2017-02-28 15:53 - 2017-03-01 15:56 - 00000000 ____D C:\Qoobox
2017-02-28 15:53 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2017-02-28 15:53 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2017-02-28 15:53 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2017-02-28 15:53 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2017-02-28 15:53 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2017-02-28 15:53 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2017-02-28 15:53 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2017-02-28 15:53 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2017-02-28 15:10 - 2017-03-01 15:32 - 00000000 ____D C:\Windows\erdnt
2017-02-28 15:06 - 2017-02-28 15:05 - 05660168 ____R (Swearware) C:\Users\Pavel\Desktop\ComboFix.exe
2017-02-28 14:35 - 2017-02-28 14:35 - 00000925 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-02-28 14:35 - 2017-02-28 14:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-02-28 14:35 - 2017-02-28 14:35 - 00000000 ____D C:\Program Files\CCleaner
2017-02-28 14:15 - 2017-02-28 14:15 - 00000000 ____D C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CleanUp!
2017-02-28 14:15 - 2017-02-28 14:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CleanUp!
2017-02-28 14:15 - 2017-02-28 14:15 - 00000000 ____D C:\Program Files\CleanUp!
2017-02-28 14:06 - 2017-02-28 13:34 - 00339257 _____ C:\Users\Pavel\Desktop\CleanUp452.exe
2017-02-28 13:47 - 2017-02-28 13:47 - 00007605 _____ C:\Users\Pavel\AppData\Local\Resmon.ResmonCfg

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-01 16:24 - 2012-03-18 18:41 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2017-03-01 16:24 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-01 16:23 - 2009-07-14 05:53 - 00032580 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-03-01 16:08 - 2009-07-14 05:34 - 00028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-01 16:08 - 2009-07-14 05:34 - 00028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-01 15:43 - 2009-07-14 03:04 - 00000215 _____ C:\Windows\system.ini
2017-03-01 14:55 - 2012-03-18 18:41 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2017-02-28 15:57 - 2011-04-12 02:37 - 00668890 _____ C:\Windows\system32\perfh005.dat
2017-02-28 15:57 - 2011-04-12 02:37 - 00141518 _____ C:\Windows\system32\perfc005.dat
2017-02-28 15:57 - 2010-11-20 22:01 - 01583642 _____ C:\Windows\system32\PerfStringBackup.INI
2017-02-28 15:57 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2017-02-28 14:46 - 2013-03-14 20:25 - 00000000 ____D C:\Windows\Minidump
2017-02-28 14:46 - 2012-03-18 18:06 - 00000000 ____D C:\Windows\Panther
2017-02-28 14:46 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\ModemLogs
2017-02-28 13:37 - 2012-03-18 18:47 - 00001076 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

==================== Files in the root of some directories =======

2014-11-22 18:59 - 2014-11-22 18:59 - 6000640 _____ () C:\Program Files\GUT9FCC.tmp
2015-09-17 15:19 - 2015-09-17 15:19 - 6420480 _____ () C:\Program Files\GUTC7D3.tmp
2016-10-05 15:20 - 2016-10-05 15:20 - 7065600 _____ () C:\Program Files\GUTCF3C.tmp
2012-08-19 17:15 - 2012-08-19 17:15 - 0004096 ____H () C:\Users\Pavel\AppData\Local\keyfile3.drm
2017-02-28 13:47 - 2017-02-28 13:47 - 0007605 _____ () C:\Users\Pavel\AppData\Local\Resmon.ResmonCfg
2012-03-16 13:55 - 2012-03-16 13:55 - 0286678 ____R () C:\ProgramData\DeviceManager.xml.rc4
2012-03-18 19:36 - 2012-03-20 10:06 - 0001295 _____ () C:\ProgramData\hpzinstall.log

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-01-04 21:35

==================== End of FRST.txt ============================

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner v6.044 - Log vytvořen 01/03/2017 v 20:05:01
# Aktualizováno dne 28/02/2017 z Malwarebytes
# Databáze : 2017-02-28.2 [Server]
# Operační systém : Windows 7 Home Premium Service Pack 1 (X86)
# Uživatelské jméno : Pavel - PAVEL-PC
# Spuštěno z : C:\Users\Pavel\Desktop\adwcleaner_6.044.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support

***** [ Služby ] *****

***** [ Složky ] *****

[-] Složka smazána: C:\Users\Pavel\AppData\Local\Conduit
[-] Složka smazána: C:\Users\Pavel\AppData\Local\Cctbplt
[-] Složka smazána: C:\Users\Pavel\AppData\LocalLow\BS_Player
[-] Složka smazána: C:\Users\Pavel\AppData\LocalLow\Conduit
[-] Složka smazána: C:\Users\Pavel\AppData\LocalLow\HPAppData
[-] Složka smazána: C:\ProgramData\apn
[-] Složka smazána: C:\ProgramData\Ask
[#] Složka smazána po restartu: C:\ProgramData\Application Data\apn
[#] Složka smazána po restartu: C:\ProgramData\Application Data\Ask
[-] Složka smazána: C:\Program Files\Conduit

***** [ Soubory ] *****

[-] Soubor smazán: C:\Users\Pavel\AppData\LocalLow\Microsoft\Internet Explorer\Services\Search_ask.com.xml

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Zástupci ] *****

***** [ Naplánované úlohy ] *****

***** [ Registry ] *****

[-] Klíč smazán: HKLM\SOFTWARE\Classes\Toolbar.CT1750559
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Conduit.Engine
[-] Klíč smazán: HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
[-] Klíč smazán: HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
[-] Klíč smazán: HKCU\Software\Classes\CLSID\{66E8DCC7-97D2-4A89-8E08-D0610FF0878C}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
[-] Hodnota smazána: HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
[-] Klíč smazán: HKU\.DEFAULT\Software\AskPartnerNetwork
[-] Klíč smazán: HKU\S-1-5-21-390029833-3256150690-2021033676-1001\Software\BackgroundContainer
[-] Klíč smazán: HKU\S-1-5-21-390029833-3256150690-2021033676-1001\Software\Conduit
[-] Klíč smazán: HKU\S-1-5-21-390029833-3256150690-2021033676-1001\Software\Tbccint_HKLM
[-] Klíč smazán: HKU\S-1-5-21-390029833-3256150690-2021033676-1001\Software\AppDataLow\Toolbar
[-] Klíč smazán: HKU\S-1-5-21-390029833-3256150690-2021033676-1001\Software\AppDataLow\Software\Conduit
[#] Klíč smazán po restartu: HKU\S-1-5-18\Software\AskPartnerNetwork
[#] Klíč smazán po restartu: HKCU\Software\BackgroundContainer
[#] Klíč smazán po restartu: HKCU\Software\Conduit
[#] Klíč smazán po restartu: HKCU\Software\Tbccint_HKLM
[#] Klíč smazán po restartu: HKCU\Software\AppDataLow\Toolbar
[#] Klíč smazán po restartu: HKCU\Software\AppDataLow\Software\Conduit
[-] Klíč smazán: HKLM\SOFTWARE\Conduit
[-] Klíč smazán: HKU\S-1-5-21-390029833-3256150690-2021033676-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Klíč smazán: HKU\S-1-5-21-390029833-3256150690-2021033676-1001\Software\Microsoft\Internet Explorer\SearchScopes\{5549F1BE-1CC0-4E67-843D-89D71D093C78}
[-] Klíč smazán: HKU\S-1-5-21-390029833-3256150690-2021033676-1001\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{5549F1BE-1CC0-4E67-843D-89D71D093C78}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
[-] Hodnota smazána: HKU\S-1-5-21-390029833-3256150690-2021033676-1001\Software\Microsoft\Windows\CurrentVersion\Run [BackgroundContainerV3]
[#] Hodnota smazána po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Run [BackgroundContainerV3]
[-] Klíč smazán: HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL

***** [ Prohlížeče ] *****

*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [4813 Bajty] - [01/03/2017 20:05:01]
C:\AdwCleaner\AdwCleaner[S0].txt - [4908 Bajty] - [01/03/2017 19:54:43]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [4959 Bajty] ##########

Dejte nový log FRST.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-03-2017
Ran by Pavel (administrator) on PAVEL-PC (01-03-2017 21:41:04)
Running from C:\Users\Pavel\Desktop
Loaded Profiles: Pavel (Available Profiles: Pavel)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashUtil10c.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Pavel\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM\...\Run: [hpqSRMon] => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6108752 2016-01-05] (AVAST Software)
HKLM\...\Run: [ITSecMng] => C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [80840 2011-04-01] (TOSHIBA CORPORATION)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-07-27] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2012-03-18]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 217.195.165.131 192.168.21.3
Tcpip\..\Interfaces\{7096B482-7DE7-4D97-AA21-D5E4E790AAF5}: [DhcpNameServer] 217.195.165.131 192.168.21.3
Tcpip\..\Interfaces\{89C30454-F1C6-46C9-A760-B2DA414C3551}: [DhcpNameServer] 213.46.172.36 213.46.172.37

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-390029833-3256150690-2021033676-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-390029833-3256150690-2021033676-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-390029833-3256150690-2021033676-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006
SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-390029833-3256150690-2021033676-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-390029833-3256150690-2021033676-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2012-08-16] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-27] (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-08-16] (Oracle Corporation)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_06-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_06-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_06-windows-i586.cab

FireFox:
========
FF ProfilePath: C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\z4qsz8b0.default [2017-03-01]
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\z4qsz8b0.default -> Google
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\z4qsz8b0.default -> Google
FF Homepage: Mozilla\Firefox\Profiles\z4qsz8b0.default -> hxxps://www.google.com/?bcutc=sp-006
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\z4qsz8b0.default -> Google
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\z4qsz8b0.default -> hxxps://www.google.com/search?bcutc=sp-006
FF Keyword.URL: Mozilla\Firefox\Profiles\z4qsz8b0.default -> hxxps://www.google.com/search?bcutc=sp-006
FF NewTab: Mozilla\Firefox\Profiles\z4qsz8b0.default -> about:newtab
FF SearchPlugin: C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\z4qsz8b0.default\searchplugins\askcom.xml [2013-01-28]
FF SearchPlugin: C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\z4qsz8b0.default\searchplugins\google-avast.xml [2017-02-28]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-03-18] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-07-27] [not signed]
FF HKU\S-1-5-21-390029833-3256150690-2021033676-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [2012-03-18] ()
FF Plugin: @java.com/DTPlugin,version=10.6.2 -> C:\Windows\system32\npDeployJava1.dll [2012-08-16] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2012-08-16] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.6.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2012-08-16] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-29] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-29] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-09-04] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default [2017-03-01]
CHR Extension: (Prezentace Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-05]
CHR Extension: (Dokumenty Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-05]
CHR Extension: (Disk Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-05]
CHR Extension: (YouTube) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-05]
CHR Extension: (Vyhledávání Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-24]
CHR Extension: (Tabulky Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-01]
CHR Extension: (Avast Online Security) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-10-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-01]
CHR Extension: (Gmail) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-24]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-27]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-27] (AVAST Software)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [694784 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ALCXWDM; C:\Windows\System32\drivers\RTKVAC.SYS [4172832 2009-06-18] (Realtek Semiconductor Corp.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-07-27] (AVAST Software)
R1 aswKbd; C:\Windows\system32\Drivers\aswKbd.sys [20624 2012-10-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [76000 2015-07-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-07-27] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-07-27] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [794952 2016-01-05] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [435464 2016-01-05] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [113592 2015-07-27] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208664 2015-07-27] (AVAST Software)
S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [89856 2012-03-16] (Huawei Technologies Co., Ltd.)
S3 hwusbfake; C:\Windows\System32\DRIVERS\ewusbfake.sys [100736 2009-07-23] (Huawei Technologies Co., Ltd.)
R3 NETw2v32; C:\Windows\System32\DRIVERS\NETw2v32.sys [2595840 2007-03-07] (Intel® Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Pavel\AppData\Local\Temp\catchme.sys [X] <==== ATTENTION
S3 Tosrfcom; no ImagePath
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-01 21:41 - 2017-03-01 21:51 - 00014272 _____ C:\Users\Pavel\Desktop\FRST.txt
2017-03-01 21:40 - 2017-03-01 21:40 - 00112640 _____ (forum.viry.cz) C:\Users\Pavel\Desktop\FRSTLauncher.exe
2017-03-01 21:40 - 2017-03-01 21:40 - 00015327 _____ C:\Users\Pavel\Desktop\LM.bat
2017-03-01 21:24 - 2017-03-01 21:24 - 00000000 ____D C:\Windows\system32\MRT
2017-03-01 21:22 - 2017-03-01 21:22 - 144254680 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-03-01 19:25 - 2017-03-01 20:05 - 00000000 ____D C:\AdwCleaner
2017-03-01 19:23 - 2017-03-01 19:25 - 04031440 _____ C:\Users\Pavel\Desktop\adwcleaner_6.044.exe
2017-03-01 18:01 - 2017-03-01 18:01 - 00000000 ____D C:\Program Files\ATI Technologies
2017-03-01 18:01 - 2017-03-01 18:01 - 00000000 ____D C:\Program Files\ATI
2017-03-01 17:55 - 2017-03-01 17:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
2017-03-01 17:54 - 2006-11-26 03:09 - 00035968 _____ C:\Windows\system32\Drivers\ativvpxx.vp
2017-03-01 17:54 - 2006-11-26 02:46 - 02085888 _____ (ATI Technologies Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2017-03-01 17:54 - 2006-11-26 02:37 - 00237568 _____ (ATI Technologies, Inc.) C:\Windows\system32\atipdlxx.dll
2017-03-01 17:54 - 2006-11-26 02:37 - 00229376 _____ (ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.dll
2017-03-01 17:54 - 2006-11-26 02:37 - 00221184 _____ (ATI Technologies, Inc.) C:\Windows\system32\Oemdspif.dll
2017-03-01 17:54 - 2006-11-26 02:37 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll
2017-03-01 17:54 - 2006-11-26 02:37 - 00042496 _____ (ATI Technologies, Inc.) C:\Windows\system32\ati2edxx.dll
2017-03-01 17:54 - 2006-11-26 02:36 - 00557056 _____ (ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
2017-03-01 17:54 - 2006-11-26 02:34 - 02494464 _____ (ATI Technologies Inc. ) C:\Windows\system32\atiumdag.dll
2017-03-01 17:54 - 2006-11-26 02:24 - 03107788 _____ C:\Windows\system32\atiumdva.dat
2017-03-01 17:54 - 2006-11-26 02:24 - 00659968 _____ (ATI Technologies Inc. ) C:\Windows\system32\atiumdva.dll
2017-03-01 17:54 - 2006-11-26 02:09 - 00049152 _____ (ATI Technologies Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2017-03-01 17:54 - 2006-10-20 15:16 - 00138101 _____ C:\Windows\system32\atiicdxx.dat
2017-03-01 17:54 - 2006-08-24 22:26 - 00328162 _____ C:\Windows\system32\Drivers\ativcaxx.cpa
2017-03-01 17:54 - 2006-08-24 22:26 - 00002096 _____ C:\Windows\system32\Drivers\ativpkxx.vp
2017-03-01 17:54 - 2006-08-24 22:26 - 00002096 _____ C:\Windows\system32\Drivers\ativokxx.vp
2017-03-01 17:54 - 2006-08-24 22:26 - 00002096 _____ C:\Windows\system32\Drivers\ativdkxx.vp
2017-03-01 17:54 - 2006-08-24 22:26 - 00000929 _____ C:\Windows\system32\Drivers\ativcaxx.vp
2017-03-01 17:53 - 2017-03-01 18:57 - 00000000 ____D C:\ATI-Display-Driver
2017-03-01 17:53 - 2017-03-01 17:53 - 00000000 ____D C:\Program Files\Toshiba
2017-03-01 17:34 - 2017-03-01 17:34 - 00000000 ____D C:\Program Files\Intel
2017-03-01 17:34 - 2013-08-21 15:16 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\system32\CSVer.dll
2017-03-01 17:32 - 2017-03-01 17:32 - 00000000 ____D C:\Intel
2017-03-01 17:07 - 2017-03-01 17:10 - 00000000 ____D C:\Install
2017-03-01 16:32 - 2017-03-01 16:32 - 00008960 _____ C:\Users\Pavel\Desktop\Addition.rar
2017-03-01 16:19 - 2017-03-01 21:41 - 00000000 ____D C:\FRST
2017-03-01 16:09 - 2017-03-01 16:10 - 01765888 _____ (Farbar) C:\Users\Pavel\Desktop\FRST.exe
2017-03-01 15:53 - 2017-03-01 15:59 - 00000000 ___SD C:\ComboFix
2017-03-01 15:19 - 2017-03-01 20:47 - 00396886 _____ C:\Windows\ntbtlog.txt
2017-02-28 15:53 - 2017-03-01 15:56 - 00000000 ____D C:\Qoobox
2017-02-28 15:53 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2017-02-28 15:53 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2017-02-28 15:53 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2017-02-28 15:53 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2017-02-28 15:53 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2017-02-28 15:53 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2017-02-28 15:53 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2017-02-28 15:53 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2017-02-28 15:10 - 2017-03-01 15:32 - 00000000 ____D C:\Windows\erdnt
2017-02-28 15:06 - 2017-02-28 15:05 - 05660168 ____R (Swearware) C:\Users\Pavel\Desktop\ComboFix.exe
2017-02-28 14:35 - 2017-02-28 14:35 - 00000925 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-02-28 14:35 - 2017-02-28 14:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-02-28 14:35 - 2017-02-28 14:35 - 00000000 ____D C:\Program Files\CCleaner
2017-02-28 14:15 - 2017-02-28 14:15 - 00000000 ____D C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CleanUp!
2017-02-28 14:15 - 2017-02-28 14:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CleanUp!
2017-02-28 14:15 - 2017-02-28 14:15 - 00000000 ____D C:\Program Files\CleanUp!
2017-02-28 14:06 - 2017-02-28 13:34 - 00339257 _____ C:\Users\Pavel\Desktop\CleanUp452.exe
2017-02-28 13:47 - 2017-02-28 13:47 - 00007605 _____ C:\Users\Pavel\AppData\Local\Resmon.ResmonCfg

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-01 21:39 - 2009-07-14 05:34 - 00028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-01 21:39 - 2009-07-14 05:34 - 00028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-01 21:29 - 2012-03-18 18:41 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2017-03-01 21:28 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-01 21:07 - 2009-07-14 05:53 - 00032580 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-03-01 21:01 - 2012-03-18 21:42 - 00088240 _____ C:\Users\Pavel\AppData\Local\GDIPFONTCACHEV1.DAT
2017-03-01 20:46 - 2009-07-14 05:33 - 00357888 _____ C:\Windows\system32\FNTCACHE.DAT
2017-03-01 20:42 - 2013-03-15 16:02 - 00000000 ____D C:\ProgramData\Vodafone
2017-03-01 20:26 - 2012-03-18 18:41 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2017-03-01 19:26 - 2014-09-29 12:11 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-03-01 19:08 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2017-03-01 15:43 - 2009-07-14 03:04 - 00000215 _____ C:\Windows\system.ini
2017-02-28 15:57 - 2011-04-12 02:37 - 00668890 _____ C:\Windows\system32\perfh005.dat
2017-02-28 15:57 - 2011-04-12 02:37 - 00141518 _____ C:\Windows\system32\perfc005.dat
2017-02-28 15:57 - 2010-11-20 22:01 - 01583642 _____ C:\Windows\system32\PerfStringBackup.INI
2017-02-28 14:46 - 2013-03-14 20:25 - 00000000 ____D C:\Windows\Minidump
2017-02-28 14:46 - 2012-03-18 18:06 - 00000000 ____D C:\Windows\Panther
2017-02-28 14:46 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\ModemLogs

==================== Files in the root of some directories =======

2014-11-22 18:59 - 2014-11-22 18:59 - 6000640 _____ () C:\Program Files\GUT9FCC.tmp
2015-09-17 15:19 - 2015-09-17 15:19 - 6420480 _____ () C:\Program Files\GUTC7D3.tmp
2016-10-05 15:20 - 2016-10-05 15:20 - 7065600 _____ () C:\Program Files\GUTCF3C.tmp
2012-08-19 17:15 - 2012-08-19 17:15 - 0004096 ____H () C:\Users\Pavel\AppData\Local\keyfile3.drm
2017-02-28 13:47 - 2017-02-28 13:47 - 0007605 _____ () C:\Users\Pavel\AppData\Local\Resmon.ResmonCfg
2012-03-18 19:36 - 2012-03-20 10:06 - 0001295 _____ () C:\ProgramData\hpzinstall.log

Some files in TEMP:
====================
2017-03-01 19:16 - 2017-03-01 19:16 - 0236352 _____ (Client Connect LTD) C:\Users\Pavel\AppData\Local\Temp\Runner.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-01-04 21:35

==================== End of FRST.txt ============================

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-390029833-3256150690-2021033676-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006
HKU\S-1-5-21-390029833-3256150690-2021033676-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006
SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-390029833-3256150690-2021033676-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-390029833-3256150690-2021033676-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
FF Homepage: Mozilla\Firefox\Profiles\z4qsz8b0.default -> hxxps://www.google.com/?bcutc=sp-006
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\z4qsz8b0.default -> hxxps://www.google.com/search?bcutc=sp-006
FF Keyword.URL: Mozilla\Firefox\Profiles\z4qsz8b0.default -> hxxps://www.google.com/search?bcutc=sp-006
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
S3 Tosrfcom; no ImagePath
C:\Program Files\GUT9FCC.tmp
C:\Program Files\GUTC7D3.tmp
C:\Program Files\GUTCF3C.tmp
C:\Users\Pavel\AppData\Local\Temp
Task: {1309B145-90A2-4CAF-98AA-68427653E7A6} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {1CF532DA-DFF9-4C2F-81BB-440F3534C53D} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-12-08] (Microsoft Corporation) <==== ATTENTION
Task: {200F26BB-7CF0-4F19-A482-86D7AF9BA149} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {227EBFE4-B623-4F0E-B980-E6B7F0F7D572} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {2375F586-1009-41FB-B54E-30D8AF2B781D} - System32\Tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary => C:\Program Files\Windows Media Player\wmpnscfg.exe [2009-07-14] (Microsoft Corporation) <==== ATTENTION
Task: {294BF420-821F-4F91-83D9-C41CA85C96D2} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {2C59ECAF-3A27-4640-9F4B-519B05BDD70F} - System32\Tasks\Microsoft\Windows\MUI\LPRemove => C:\Windows\system32\lpremove.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {2D1E0627-0AE3-4BCA-83F2-1450DFCF0F39} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {33796188-0CF4-4166-B5FC-E31D736CDBBA} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-12-08] (Microsoft Corporation) <==== ATTENTION
Task: {365EA543-5918-4045-9043-853D05AFFC65} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-12-08] (Microsoft Corporation) <==== ATTENTION
Task: {46A3F740-0AAB-4E06-A501-7F0AEBBE5235} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe [2016-01-16] (Microsoft Corporation) <==== ATTENTION
Task: {4FB6F95C-B734-4480-A4F4-BC4A5F21114C} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-02-28] (AVAST Software) <==== ATTENTION
Task: {4FDC4149-2179-46BD-BE68-CEFCC187DEB3} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation) <==== ATTENTION
Task: {51E5A6D4-B24B-4353-8C0A-D38CB0578730} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline => C:\Windows\system32\schtasks.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {55E0B0D8-0BA9-4D8E-9D23-6B647755B1E7} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {57A8A6A9-6A82-49FD-9E49-7EE4F9B9293B} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation) <==== ATTENTION
Task: {5B184694-64C3-4633-94C5-945B3FA561D6} - System32\Tasks\Microsoft\Windows\WindowsBackup\ConfigNotification => C:\Windows\System32\sdclt.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {5BEDD449-4A4C-4879-94C3-2962B03129E1} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {60158C7A-6808-42CD-95EE-AFD9A57925DB} - System32\Tasks\Microsoft\Windows\AppID\PolicyConverter => C:\Windows\system32\appidpolicyconverter.exe [2015-10-01] (Microsoft Corporation) <==== ATTENTION
Task: {62454AA3-7A8C-49E5-9453-7DC619771355} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-12-08] (Microsoft Corporation) <==== ATTENTION
Task: {6AEF0C98-2CB4-4B67-8C70-4C977C7355CC} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => sc.exe start sppsvc <==== ATTENTION
Task: {6B7AC694-8D6D-481B-9DD8-2A3A741ADA6D} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem => C:\Windows\System32\powercfg.exe [2009-07-14] (Microsoft Corporation) <==== ATTENTION
Task: {72756296-968E-4AD3-81BD-440E3E5779F9} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {731E9C62-95B5-4C8C-AB64-4CC591C9FF5B} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [2009-07-14] (Microsoft Corporation) <==== ATTENTION
Task: {75FA689B-EC5A-4DA7-BD94-46DC33F94FC3} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {7778FF2B-386B-4A7B-9CC1-C55CC105238F} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {7D3C7871-A917-4EF0-82E8-5F0A96423051} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\Windows\system32\BthUdTask.exe [2009-07-14] (Microsoft Corporation) <==== ATTENTION
Task: {7EA30C17-670C-4765-903C-44F4E7DC35A6} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {8A0C4166-E5FB-48EE-B0A5-3153A556FC23} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {96E568AB-3107-40CA-90F6-F6C45B4BEFDA} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {9936023B-0782-483E-960E-C4651EF7C4A5} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {A231CD7C-102A-4326-B214-39E65A258B5C} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {A6394592-54CE-4E93-8D64-1A068F462632} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator => C:\Windows\System32\wsqmcons.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {A794982F-25AC-4B1C-90FC-138581CEE389} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation) <==== ATTENTION
Task: {ACCFF412-436A-4FE7-AD4C-5F40821B6A67} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-17] (Google Inc.) <==== ATTENTION
Task: {B9BEE219-C29E-4310-819C-147A5A0E045E} - System32\Tasks\Microsoft\Windows\Defrag\ScheduledDefrag => C:\Windows\system32\defrag.exe [2009-07-14] (Microsoft Corp.) <==== ATTENTION
Task: {BAF4C3FC-12F3-46AF-8EED-F13A68491492} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-27] (AVAST Software) <==== ATTENTION
Task: {BD8BC38F-E93B-45FF-9ED3-42DE8BF305E2} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {BE70EE8B-7D9C-472C-AD7B-74162857EF30} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {C90440A0-6D8F-423F-8F42-83EEF05CE708} - System32\Tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck => C:\Windows\system32\appidcertstorecheck.exe [2015-10-01] (Microsoft Corporation) <==== ATTENTION
Task: {D05318FF-6B66-4052-A0A1-064EF40E3AC6} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver => C:\Windows\system32\DFDWiz.exe [2009-07-14] (Microsoft Corporation) <==== ATTENTION
Task: {D21F6024-191F-4454-BBBC-09A650DA2549} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => C:\Windows\system32\aitagent.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {D622195C-D680-4FEA-9C56-59660C7C9E94} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => sc.exe config upnphost start= auto <==== ATTENTION
Task: {D99F9A2B-5C2B-4837-8EA5-1EEC16EC5483} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation) <==== ATTENTION
Task: {DC904171-8994-455B-BBD3-57153F448DC2} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {DE8699D2-8A05-42F7-8A85-5162AF47D26A} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting => C:\Windows\system32\wermgr.exe [2009-07-14] (Microsoft Corporation) <==== ATTENTION
Task: {E15E9CD9-7919-47C5-B344-DF85035D7937} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {E5DBF0C8-C782-49C8-8E31-D3F7BFCD2DAE} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {E8164C0D-216C-4B6B-9EB8-31BF958B8014} - System32\Tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo => C:\Windows\system32\gatherNetworkInfo.vbs [2009-06-10] () <==== ATTENTION
Task: {E90BCC48-A275-420D-BE4C-4B3E73FC0DC1} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-11-16] (Microsoft Corporation) <==== ATTENTION
Task: {EACD959B-A6B5-4A61-A5CF-B64FAE09BF41} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {EE61842F-26CB-4C22-8E5F-460489EFBF23} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2012-03-20] (Microsoft Corporation) <==== ATTENTION
Task: {EF0E7803-F074-46C1-A1EA-5BFE35D6B994} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-10] (Piriform Ltd) <==== ATTENTION
Task: {F30BA130-D959-4E20-93B4-8453110ECA5B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-17] (Google Inc.) <==== ATTENTION
Task: {F6E7C36E-B622-45C0-AE08-4D4F759BC170} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-12-08] (Microsoft Corporation) <==== ATTENTION
Task: {F93C7104-998A-4A38-B935-775A3138B3C3} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotifications.exe [2009-07-14] (Microsoft Corporation) <==== ATTENTION
Task: {FB257308-FC5E-4229-83C3-1173F91D2FFE} - System32\Tasks\{A6808060-47A1-4D76-9DB8-CB36CD3EFC73} => pcalua.exe -a C:\Install\Toshiba\samsung_q1f000_vga_vista\Setup.exe -d C:\Install\Toshiba\samsung_q1f000_vga_vista <==== ATTENTION
Task: {FCD14976-D0FA-4918-8B98-11B6A945CF59} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x86) Version: 01-03-2017 01
Ran by Pavel (03-03-2017 12:09:44) Run:1
Running from C:\Users\Pavel\Desktop
Loaded Profiles: Pavel (Available Profiles: Pavel)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-390029833-3256150690-2021033676-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006
HKU\S-1-5-21-390029833-3256150690-2021033676-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006
SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-390029833-3256150690-2021033676-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-390029833-3256150690-2021033676-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
FF Homepage: Mozilla\Firefox\Profiles\z4qsz8b0.default -> hxxps://www.google.com/?bcutc=sp-006
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\z4qsz8b0.default -> hxxps://www.google.com/search?bcutc=sp-006
FF Keyword.URL: Mozilla\Firefox\Profiles\z4qsz8b0.default -> hxxps://www.google.com/search?bcutc=sp-006
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
S3 Tosrfcom; no ImagePath
C:\Program Files\GUT9FCC.tmp
C:\Program Files\GUTC7D3.tmp
C:\Program Files\GUTCF3C.tmp
C:\Users\Pavel\AppData\Local\Temp
Task: {1309B145-90A2-4CAF-98AA-68427653E7A6} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {1CF532DA-DFF9-4C2F-81BB-440F3534C53D} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-12-08] (Microsoft Corporation) <==== ATTENTION
Task: {200F26BB-7CF0-4F19-A482-86D7AF9BA149} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {227EBFE4-B623-4F0E-B980-E6B7F0F7D572} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {2375F586-1009-41FB-B54E-30D8AF2B781D} - System32\Tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary => C:\Program Files\Windows Media Player\wmpnscfg.exe [2009-07-14] (Microsoft Corporation) <==== ATTENTION
Task: {294BF420-821F-4F91-83D9-C41CA85C96D2} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {2C59ECAF-3A27-4640-9F4B-519B05BDD70F} - System32\Tasks\Microsoft\Windows\MUI\LPRemove => C:\Windows\system32\lpremove.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {2D1E0627-0AE3-4BCA-83F2-1450DFCF0F39} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {33796188-0CF4-4166-B5FC-E31D736CDBBA} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-12-08] (Microsoft Corporation) <==== ATTENTION
Task: {365EA543-5918-4045-9043-853D05AFFC65} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-12-08] (Microsoft Corporation) <==== ATTENTION
Task: {46A3F740-0AAB-4E06-A501-7F0AEBBE5235} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe [2016-01-16] (Microsoft Corporation) <==== ATTENTION
Task: {4FB6F95C-B734-4480-A4F4-BC4A5F21114C} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-02-28] (AVAST Software) <==== ATTENTION
Task: {4FDC4149-2179-46BD-BE68-CEFCC187DEB3} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation) <==== ATTENTION
Task: {51E5A6D4-B24B-4353-8C0A-D38CB0578730} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline => C:\Windows\system32\schtasks.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {55E0B0D8-0BA9-4D8E-9D23-6B647755B1E7} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {57A8A6A9-6A82-49FD-9E49-7EE4F9B9293B} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation) <==== ATTENTION
Task: {5B184694-64C3-4633-94C5-945B3FA561D6} - System32\Tasks\Microsoft\Windows\WindowsBackup\ConfigNotification => C:\Windows\System32\sdclt.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {5BEDD449-4A4C-4879-94C3-2962B03129E1} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {60158C7A-6808-42CD-95EE-AFD9A57925DB} - System32\Tasks\Microsoft\Windows\AppID\PolicyConverter => C:\Windows\system32\appidpolicyconverter.exe [2015-10-01] (Microsoft Corporation) <==== ATTENTION
Task: {62454AA3-7A8C-49E5-9453-7DC619771355} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-12-08] (Microsoft Corporation) <==== ATTENTION
Task: {6AEF0C98-2CB4-4B67-8C70-4C977C7355CC} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => sc.exe start sppsvc <==== ATTENTION
Task: {6B7AC694-8D6D-481B-9DD8-2A3A741ADA6D} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem => C:\Windows\System32\powercfg.exe [2009-07-14] (Microsoft Corporation) <==== ATTENTION
Task: {72756296-968E-4AD3-81BD-440E3E5779F9} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {731E9C62-95B5-4C8C-AB64-4CC591C9FF5B} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [2009-07-14] (Microsoft Corporation) <==== ATTENTION
Task: {75FA689B-EC5A-4DA7-BD94-46DC33F94FC3} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {7778FF2B-386B-4A7B-9CC1-C55CC105238F} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {7D3C7871-A917-4EF0-82E8-5F0A96423051} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\Windows\system32\BthUdTask.exe [2009-07-14] (Microsoft Corporation) <==== ATTENTION
Task: {7EA30C17-670C-4765-903C-44F4E7DC35A6} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {8A0C4166-E5FB-48EE-B0A5-3153A556FC23} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {96E568AB-3107-40CA-90F6-F6C45B4BEFDA} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {9936023B-0782-483E-960E-C4651EF7C4A5} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {A231CD7C-102A-4326-B214-39E65A258B5C} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {A6394592-54CE-4E93-8D64-1A068F462632} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator => C:\Windows\System32\wsqmcons.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {A794982F-25AC-4B1C-90FC-138581CEE389} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation) <==== ATTENTION
Task: {ACCFF412-436A-4FE7-AD4C-5F40821B6A67} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-17] (Google Inc.) <==== ATTENTION
Task: {B9BEE219-C29E-4310-819C-147A5A0E045E} - System32\Tasks\Microsoft\Windows\Defrag\ScheduledDefrag => C:\Windows\system32\defrag.exe [2009-07-14] (Microsoft Corp.) <==== ATTENTION
Task: {BAF4C3FC-12F3-46AF-8EED-F13A68491492} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-27] (AVAST Software) <==== ATTENTION
Task: {BD8BC38F-E93B-45FF-9ED3-42DE8BF305E2} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {BE70EE8B-7D9C-472C-AD7B-74162857EF30} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {C90440A0-6D8F-423F-8F42-83EEF05CE708} - System32\Tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck => C:\Windows\system32\appidcertstorecheck.exe [2015-10-01] (Microsoft Corporation) <==== ATTENTION
Task: {D05318FF-6B66-4052-A0A1-064EF40E3AC6} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver => C:\Windows\system32\DFDWiz.exe [2009-07-14] (Microsoft Corporation) <==== ATTENTION
Task: {D21F6024-191F-4454-BBBC-09A650DA2549} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => C:\Windows\system32\aitagent.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {D622195C-D680-4FEA-9C56-59660C7C9E94} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => sc.exe config upnphost start= auto <==== ATTENTION
Task: {D99F9A2B-5C2B-4837-8EA5-1EEC16EC5483} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation) <==== ATTENTION
Task: {DC904171-8994-455B-BBD3-57153F448DC2} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {DE8699D2-8A05-42F7-8A85-5162AF47D26A} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting => C:\Windows\system32\wermgr.exe [2009-07-14] (Microsoft Corporation) <==== ATTENTION
Task: {E15E9CD9-7919-47C5-B344-DF85035D7937} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {E5DBF0C8-C782-49C8-8E31-D3F7BFCD2DAE} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {E8164C0D-216C-4B6B-9EB8-31BF958B8014} - System32\Tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo => C:\Windows\system32\gatherNetworkInfo.vbs [2009-06-10] () <==== ATTENTION
Task: {E90BCC48-A275-420D-BE4C-4B3E73FC0DC1} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-11-16] (Microsoft Corporation) <==== ATTENTION
Task: {EACD959B-A6B5-4A61-A5CF-B64FAE09BF41} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {EE61842F-26CB-4C22-8E5F-460489EFBF23} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2012-03-20] (Microsoft Corporation) <==== ATTENTION
Task: {EF0E7803-F074-46C1-A1EA-5BFE35D6B994} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-10] (Piriform Ltd) <==== ATTENTION
Task: {F30BA130-D959-4E20-93B4-8453110ECA5B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-17] (Google Inc.) <==== ATTENTION
Task: {F6E7C36E-B622-45C0-AE08-4D4F759BC170} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-12-08] (Microsoft Corporation) <==== ATTENTION
Task: {F93C7104-998A-4A38-B935-775A3138B3C3} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotifications.exe [2009-07-14] (Microsoft Corporation) <==== ATTENTION
Task: {FB257308-FC5E-4229-83C3-1173F91D2FFE} - System32\Tasks\{A6808060-47A1-4D76-9DB8-CB36CD3EFC73} => pcalua.exe -a C:\Install\Toshiba\samsung_q1f000_vga_vista\Setup.exe -d C:\Install\Toshiba\samsung_q1f000_vga_vista <==== ATTENTION
Task: {FCD14976-D0FA-4918-8B98-11B6A945CF59} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

EmptyTemp:
End
*****************

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully.
HKU\S-1-5-21-390029833-3256150690-2021033676-1001\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-390029833-3256150690-2021033676-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key removed successfully.
HKCR\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key not found.
HKU\S-1-5-21-390029833-3256150690-2021033676-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKU\S-1-5-21-390029833-3256150690-2021033676-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key removed successfully.
HKCR\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key not found.
Firefox "homepage" removed successfully.
Firefox DefaultSearchUrl removed successfully.
Firefox "Keyword.URL" removed successfully.
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully.
HKLM\System\CurrentControlSet\Services\Tosrfcom => key removed successfully.
Tosrfcom => service removed successfully.
"C:\Program Files\GUT9FCC.tmp" => not found.
"C:\Program Files\GUTC7D3.tmp" => not found.
"C:\Program Files\GUTCF3C.tmp" => not found.

"C:\Users\Pavel\AppData\Local\Temp" folder move:

Could not move "C:\Users\Pavel\AppData\Local\Temp" => Scheduled to move on reboot.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1309B145-90A2-4CAF-98AA-68427653E7A6} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1309B145-90A2-4CAF-98AA-68427653E7A6} => key removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ActivateWindowsSearch => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1CF532DA-DFF9-4C2F-81BB-440F3534C53D} => key not found.
C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{200F26BB-7CF0-4F19-A482-86D7AF9BA149} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{200F26BB-7CF0-4F19-A482-86D7AF9BA149} => key removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW1 => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{227EBFE4-B623-4F0E-B980-E6B7F0F7D572} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{227EBFE4-B623-4F0E-B980-E6B7F0F7D572} => key removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrScheduleTask => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2375F586-1009-41FB-B54E-30D8AF2B781D} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2375F586-1009-41FB-B54E-30D8AF2B781D} => key removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Media Sharing\UpdateLibrary => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{294BF420-821F-4F91-83D9-C41CA85C96D2} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{294BF420-821F-4F91-83D9-C41CA85C96D2} => key removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\DispatchRecoveryTasks => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{2C59ECAF-3A27-4640-9F4B-519B05BDD70F} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C59ECAF-3A27-4640-9F4B-519B05BDD70F} => key removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\MUI\LPRemove => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MUI\LPRemove => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2D1E0627-0AE3-4BCA-83F2-1450DFCF0F39} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2D1E0627-0AE3-4BCA-83F2-1450DFCF0F39} => key removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURActivate => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{33796188-0CF4-4166-B5FC-E31D736CDBBA} => key not found.
C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{365EA543-5918-4045-9043-853D05AFFC65} => key not found.
C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{46A3F740-0AAB-4E06-A501-7F0AEBBE5235} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{46A3F740-0AAB-4E06-A501-7F0AEBBE5235} => key removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\ProgramDataUpdater => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{4FB6F95C-B734-4480-A4F4-BC4A5F21114C} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4FB6F95C-B734-4480-A4F4-BC4A5F21114C} => key removed successfully.
C:\Windows\System32\Tasks\AVAST Software\Avast settings backup => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Avast settings backup => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4FDC4149-2179-46BD-BE68-CEFCC187DEB3} => key not found.
C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{51E5A6D4-B24B-4353-8C0A-D38CB0578730} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{51E5A6D4-B24B-4353-8C0A-D38CB0578730} => key removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{55E0B0D8-0BA9-4D8E-9D23-6B647755B1E7} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{55E0B0D8-0BA9-4D8E-9D23-6B647755B1E7} => key removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\UpdateRecordPath => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{57A8A6A9-6A82-49FD-9E49-7EE4F9B9293B} => key not found.
C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5B184694-64C3-4633-94C5-945B3FA561D6} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B184694-64C3-4633-94C5-945B3FA561D6} => key removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\WindowsBackup\ConfigNotification => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WindowsBackup\ConfigNotification => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5BEDD449-4A4C-4879-94C3-2962B03129E1} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5BEDD449-4A4C-4879-94C3-2962B03129E1} => key removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW2 => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{60158C7A-6808-42CD-95EE-AFD9A57925DB} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{60158C7A-6808-42CD-95EE-AFD9A57925DB} => key removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\AppID\PolicyConverter => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\AppID\PolicyConverter => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{62454AA3-7A8C-49E5-9453-7DC619771355} => key not found.
C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6AEF0C98-2CB4-4B67-8C70-4C977C7355CC} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6AEF0C98-2CB4-4B67-8C70-4C977C7355CC} => key removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6B7AC694-8D6D-481B-9DD8-2A3A741ADA6D} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B7AC694-8D6D-481B-9DD8-2A3A741ADA6D} => key removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{72756296-968E-4AD3-81BD-440E3E5779F9} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{72756296-968E-4AD3-81BD-440E3E5779F9} => key removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\StartRecording => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\StartRecording => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{731E9C62-95B5-4C8C-AB64-4CC591C9FF5B} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{731E9C62-95B5-4C8C-AB64-4CC591C9FF5B} => key removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{75FA689B-EC5A-4DA7-BD94-46DC33F94FC3} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75FA689B-EC5A-4DA7-BD94-46DC33F94FC3} => key removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7778FF2B-386B-4A7B-9CC1-C55CC105238F} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7778FF2B-386B-4A7B-9CC1-C55CC105238F} => key removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ReindexSearchRoot => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7D3C7871-A917-4EF0-82E8-5F0A96423051} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7D3C7871-A917-4EF0-82E8-5F0A96423051} => key removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Bluetooth\UninstallDeviceTask => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7EA30C17-670C-4765-903C-44F4E7DC35A6} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7EA30C17-670C-4765-903C-44F4E7DC35A6} => key removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PeriodicScanRetry => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8A0C4166-E5FB-48EE-B0A5-3153A556FC23} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A0C4166-E5FB-48EE-B0A5-3153A556FC23} => key removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{96E568AB-3107-40CA-90F6-F6C45B4BEFDA} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{96E568AB-3107-40CA-90F6-F6C45B4BEFDA} => key removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RecordingRestart => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9936023B-0782-483E-960E-C4651EF7C4A5} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9936023B-0782-483E-960E-C4651EF7C4A5} => key removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\InstallPlayReady => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A231CD7C-102A-4326-B214-39E65A258B5C} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A231CD7C-102A-4326-B214-39E65A258B5C} => key removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrRecoveryTask => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A6394592-54CE-4E93-8D64-1A068F462632} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A6394592-54CE-4E93-8D64-1A068F462632} => key removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Customer Experience Improvement Program\Consolidator => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A794982F-25AC-4B1C-90FC-138581CEE389} => key not found.
C:\Windows\System32\Tasks\Microsoft\Windows Defender\MpIdleTask => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows Defender\MpIdleTask => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ACCFF412-436A-4FE7-AD4C-5F40821B6A67} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ACCFF412-436A-4FE7-AD4C-5F40821B6A67} => key removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B9BEE219-C29E-4310-819C-147A5A0E045E} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B9BEE219-C29E-4310-819C-147A5A0E045E} => key removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Defrag\ScheduledDefrag => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Defrag\ScheduledDefrag => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BAF4C3FC-12F3-46AF-8EED-F13A68491492} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BAF4C3FC-12F3-46AF-8EED-F13A68491492} => key removed successfully.
C:\Windows\System32\Tasks\avast! Emergency Update => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\avast! Emergency Update => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BD8BC38F-E93B-45FF-9ED3-42DE8BF305E2} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BD8BC38F-E93B-45FF-9ED3-42DE8BF305E2} => key removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BE70EE8B-7D9C-472C-AD7B-74162857EF30} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BE70EE8B-7D9C-472C-AD7B-74162857EF30} => key removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscovery => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{C90440A0-6D8F-423F-8F42-83EEF05CE708} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C90440A0-6D8F-423F-8F42-83EEF05CE708} => key removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D05318FF-6B66-4052-A0A1-064EF40E3AC6} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D05318FF-6B66-4052-A0A1-064EF40E3AC6} => key removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D21F6024-191F-4454-BBBC-09A650DA2549} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D21F6024-191F-4454-BBBC-09A650DA2549} => key removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\AitAgent => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D622195C-D680-4FEA-9C56-59660C7C9E94} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D622195C-D680-4FEA-9C56-59660C7C9E94} => key removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UPnP\UPnPHostConfig => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D99F9A2B-5C2B-4837-8EA5-1EEC16EC5483} => key not found.
C:\Windows\System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows Defender\MP Scheduled Scan => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DC904171-8994-455B-BBD3-57153F448DC2} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC904171-8994-455B-BBD3-57153F448DC2} => key removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURDiscovery => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DE8699D2-8A05-42F7-8A85-5162AF47D26A} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DE8699D2-8A05-42F7-8A85-5162AF47D26A} => key removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Error Reporting\QueueReporting => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E15E9CD9-7919-47C5-B344-DF85035D7937} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E15E9CD9-7919-47C5-B344-DF85035D7937} => key removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\mcupdate => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\mcupdate => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E5DBF0C8-C782-49C8-8E31-D3F7BFCD2DAE} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E5DBF0C8-C782-49C8-8E31-D3F7BFCD2DAE} => key removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ehDRMInit => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E8164C0D-216C-4B6B-9EB8-31BF958B8014} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E8164C0D-216C-4B6B-9EB8-31BF958B8014} => key removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\NetTrace\GatherNetworkInfo => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E90BCC48-A275-420D-BE4C-4B3E73FC0DC1} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E90BCC48-A275-420D-BE4C-4B3E73FC0DC1} => key removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EACD959B-A6B5-4A61-A5CF-B64FAE09BF41} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EACD959B-A6B5-4A61-A5CF-B64FAE09BF41} => key removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RegisterSearch => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EE61842F-26CB-4C22-8E5F-460489EFBF23} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EE61842F-26CB-4C22-8E5F-460489EFBF23} => key removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Activation Technologies\ValidationTask => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EF0E7803-F074-46C1-A1EA-5BFE35D6B994} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EF0E7803-F074-46C1-A1EA-5BFE35D6B994} => key removed successfully.
C:\Windows\System32\Tasks\CCleanerSkipUAC => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F30BA130-D959-4E20-93B4-8453110ECA5B} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F30BA130-D959-4E20-93B4-8453110ECA5B} => key removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F6E7C36E-B622-45C0-AE08-4D4F759BC170} => key not found.
C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F93C7104-998A-4A38-B935-775A3138B3C3} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F93C7104-998A-4A38-B935-775A3138B3C3} => key removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Location\Notifications => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Location\Notifications => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FB257308-FC5E-4229-83C3-1173F91D2FFE} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FB257308-FC5E-4229-83C3-1173F91D2FFE} => key removed successfully.
C:\Windows\System32\Tasks\{A6808060-47A1-4D76-9DB8-CB36CD3EFC73} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A6808060-47A1-4D76-9DB8-CB36CD3EFC73} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FCD14976-D0FA-4918-8B98-11B6A945CF59} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FCD14976-D0FA-4918-8B98-11B6A945CF59} => key removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ConfigureInternetTimeService => key removed successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => not found.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 4455298 B
Java, Flash, Steam htmlcache => 470 B
Windows/system/drivers => 21681118 B
Edge => 0 B
Chrome => 8316356 B
Firefox => 81619086 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 23714299 B
LocalService => 66228 B
NetworkService => 67116 B
Pavel => 18715681 B

RecycleBin => 0 B
EmptyTemp: => 159.3 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 03-03-2017 12:14:04)

C:\Users\Pavel\AppData\Local\Temp => moved successfully

==== End of Fixlog 12:14:08 ====

Smazáno. Nastala nějaká změna?

Změna nastala, stroj je znovu použitelný.
Děkuji za pomoc.

Rádo se stalo!

VIRY.CZ

Zpomalený počítač

Zpomalený počítač

Re: Zpomalený počítač

Re: Zpomalený počítač

Re: Zpomalený počítač

Re: Zpomalený počítač

Re: Zpomalený počítač

Re: Zpomalený počítač

Re: Zpomalený počítač

Re: Zpomalený počítač

Re: Zpomalený počítač