VIRY.CZ

Dobrý den , zobrazuje se mi stránka policie , mohli by jste mi prosím pomoc se toho zbavit . Předem všem děkuji.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02.01.2018
Ran by adelka (administrator) on ADELKA-HP (08-01-2018 21:16:08)
Running from C:\Users\adelka\Desktop
Loaded Profiles: adelka & DefaultAppPool (Available Profiles: adelka & DefaultAppPool)
Platform: Windows 10 Home Version 1703 15063.786 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(forum.viry.cz) C:\Users\adelka\Desktop\FRSTLauncher (1).exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6602856 2011-01-11] (Realtek Semiconductor)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-03-01] (Atheros Commnucations)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-10-16] (AVAST Software)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954352 2016-04-27] (Synaptics Incorporated)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [586296 2010-11-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [656920 2011-02-01] (PDF Complete Inc)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [318520 2010-12-13] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-08-30] (SEIKO EPSON CORPORATION)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517120 2017-03-18] (Microsoft Corporation)
Startup: C:\Users\adelka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2016-09-06]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2b9cee19-c9ae-4611-8e59-83938948b87e}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5b16f1b1-4681-486a-bafd-ed6b5b3c1dac}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{5e755abf-e124-413d-b1bc-16c758ac2d1c}: [NameServer] 77.234.40.79

Internet Explorer:
==================
HKU\S-1-5-21-197431413-3001887032-2349371197-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://seznam.cz/
HKU\S-1-5-21-197431413-3001887032-2349371197-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDF
SearchScopes: HKLM -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKLM -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-197431413-3001887032-2349371197-1000 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-197431413-3001887032-2349371197-1000 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-11-16] (Sun Microsystems, Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-06-18] (Sun Microsystems, Inc.)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-01] (Atheros Commnucations)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-06-18] (Sun Microsystems, Inc.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKU\S-1-5-21-197431413-3001887032-2349371197-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2011-01-03] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\adelka\AppData\Roaming\Mozilla\Firefox\Profiles\tlvwxxcd.default [2018-01-08]
FF Homepage: Mozilla\Firefox\Profiles\tlvwxxcd.default -> hxxp://seznam.cz/
FF NetworkProxy: Mozilla\Firefox\Profiles\tlvwxxcd.default -> type", 0
FF Extension: (Avast SafePrice) - C:\Users\adelka\AppData\Roaming\Mozilla\Firefox\Profiles\tlvwxxcd.default\Extensions\sp@avast.com.xpi [2017-12-06]
FF Extension: (Avast Online Security) - C:\Users\adelka\AppData\Roaming\Mozilla\Firefox\Profiles\tlvwxxcd.default\Extensions\wrc@avast.com.xpi [2017-10-30]
FF Extension: (Disable Crash Auto Submit) - C:\Users\adelka\AppData\Roaming\Mozilla\Firefox\Profiles\tlvwxxcd.default\features\{5ea8f850-c860-41ba-9158-57428a8d0d55}\disable-crash-autosubmit@mozilla.org.xpi [2017-12-29] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_126.dll [2017-12-29] ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-11-16] (Sun Microsystems, Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_126.dll [2017-12-29] ()
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_33 -> C:\Windows\SysWOW64\npdeployJava1.dll [2012-06-18] (Sun Microsystems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll [2012-06-18] (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-21] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-21] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2010-12-08] ()

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Profile: C:\Users\adelka\AppData\Local\Google\Chrome\User Data\Default [2018-01-08]
CHR Extension: (Avast SafePrice) - C:\Users\adelka\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-01-08]
CHR Extension: (AdBlock) - C:\Users\adelka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-01-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\adelka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-13]
CHR Extension: (Chrome Media Router) - C:\Users\adelka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-01-08]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7446024 2017-10-16] (AVAST Software s.r.o.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-03-01] (Atheros) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-10-16] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [330832 2017-10-16] (AVAST Software)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-26] (Hewlett-Packard Company)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1817088 2010-12-28] (Realsil Microelectronics Inc.) [File not signed]
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [253960 2016-04-27] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-11] (Microsoft Corporation)
S2 XobniService; C:\Program Files (x86)\Xobni\XobniService.exe [62184 2011-02-25] (Xobni Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [185096 2018-01-08] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [321512 2018-01-08] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [199448 2018-01-08] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343768 2018-01-08] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57696 2018-01-08] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46976 2018-01-08] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [41832 2017-09-10] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [146664 2018-01-08] (AVAST Software)
S3 aswNetNd6; C:\WINDOWS\system32\DRIVERS\aswNetNd6.sys [28312 2016-05-06] (AVAST Software)
R1 aswNetSec; C:\WINDOWS\System32\drivers\aswNetSec.sys [580480 2018-01-08] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110336 2018-01-08] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84384 2018-01-08] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1025176 2018-01-08] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [457400 2018-01-08] (AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [204456 2018-01-08] (AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [44640 2014-12-20] (The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [358672 2018-01-08] (AVAST Software)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [52904 2016-04-27] (Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-08 21:16 - 2018-01-08 21:17 - 000018735 _____ C:\Users\adelka\Desktop\FRST.txt
2018-01-08 21:15 - 2018-01-08 21:16 - 000000000 ____D C:\FRST
2018-01-08 21:13 - 2018-01-08 21:13 - 000112640 _____ (forum.viry.cz) C:\Users\adelka\Desktop\FRSTLauncher (1).exe
2018-01-08 21:12 - 2018-01-08 21:12 - 000112640 _____ (forum.viry.cz) C:\Users\adelka\Downloads\Nepotvrzeno 842639.crdownload
2018-01-08 21:07 - 2018-01-08 21:07 - 002393088 _____ (Farbar) C:\Users\adelka\Desktop\FRST64.exe
2018-01-08 21:00 - 2018-01-08 20:59 - 000185096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-01-08 20:59 - 2018-01-08 20:59 - 000365680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-01-08 20:47 - 2018-01-08 20:48 - 000191918 _____ C:\WINDOWS\ntbtlog.txt
2018-01-08 20:47 - 2018-01-08 20:47 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-12-16 10:19 - 2017-11-30 04:00 - 002166808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-12-16 10:19 - 2017-11-30 03:58 - 006763128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-12-16 10:19 - 2017-11-30 03:58 - 000702032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-12-16 10:19 - 2017-11-30 03:57 - 001123968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-12-16 10:19 - 2017-11-30 03:43 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-12-16 10:19 - 2017-11-30 03:40 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2017-12-16 10:19 - 2017-11-30 03:38 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-12-16 10:19 - 2017-11-30 03:38 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-12-16 10:19 - 2017-11-30 03:38 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-12-16 10:19 - 2017-11-30 03:37 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-12-16 10:19 - 2017-11-30 03:36 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-12-16 10:19 - 2017-11-30 03:35 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-12-16 10:19 - 2017-11-30 03:34 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-12-16 10:18 - 2017-11-30 04:33 - 001144728 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-12-16 10:18 - 2017-11-30 04:33 - 001015704 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-12-16 10:18 - 2017-11-30 04:33 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\OOBEUpdater.exe
2017-12-16 10:18 - 2017-11-30 04:29 - 008319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-12-16 10:18 - 2017-11-30 04:26 - 002647216 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-12-16 10:18 - 2017-11-30 04:24 - 000870896 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-12-16 10:18 - 2017-11-30 04:23 - 007910960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-12-16 10:18 - 2017-11-30 04:23 - 001194248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-12-16 10:18 - 2017-11-30 03:59 - 023678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-12-16 10:18 - 2017-11-30 03:45 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-12-16 10:18 - 2017-11-30 03:45 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-12-16 10:18 - 2017-11-30 03:44 - 023679488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-12-16 10:18 - 2017-11-30 03:44 - 019334144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-12-16 10:18 - 2017-11-30 03:44 - 000171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2017-12-16 10:18 - 2017-11-30 03:44 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-12-16 10:18 - 2017-11-30 03:44 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2017-12-16 10:18 - 2017-11-30 03:43 - 020511232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-12-16 10:18 - 2017-11-30 03:43 - 000164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscript.exe
2017-12-16 10:18 - 2017-11-30 03:43 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-12-16 10:18 - 2017-11-30 03:42 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-12-16 10:18 - 2017-11-30 03:42 - 000560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2017-12-16 10:18 - 2017-11-30 03:42 - 000304640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2017-12-16 10:18 - 2017-11-30 03:42 - 000164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2017-12-16 10:18 - 2017-11-30 03:42 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2017-12-16 10:18 - 2017-11-30 03:42 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscript.ocx
2017-12-16 10:18 - 2017-11-30 03:42 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-12-16 10:18 - 2017-11-30 03:41 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-12-16 10:18 - 2017-11-30 03:41 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2017-12-16 10:18 - 2017-11-30 03:41 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-12-16 10:18 - 2017-11-30 03:41 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2017-12-16 10:18 - 2017-11-30 03:41 - 000146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscript.exe
2017-12-16 10:18 - 2017-11-30 03:40 - 012803072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-12-16 10:18 - 2017-11-30 03:40 - 000585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-12-16 10:18 - 2017-11-30 03:40 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2017-12-16 10:18 - 2017-11-30 03:40 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2017-12-16 10:18 - 2017-11-30 03:39 - 011888640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-12-16 10:18 - 2017-11-30 03:39 - 003206656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-12-16 10:18 - 2017-11-30 03:39 - 002809344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-12-16 10:18 - 2017-11-30 03:39 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-12-16 10:18 - 2017-11-30 03:38 - 008195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-12-16 10:18 - 2017-11-30 03:38 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-12-16 10:18 - 2017-11-30 03:37 - 006252544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-12-16 10:18 - 2017-11-30 03:37 - 003306496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-12-16 10:18 - 2017-11-30 03:37 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-12-16 10:18 - 2017-11-30 03:36 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-12-16 10:18 - 2017-11-30 03:36 - 004726784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-12-16 10:18 - 2017-11-30 03:36 - 003652096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-12-16 10:18 - 2017-11-30 03:36 - 001802240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-12-16 10:18 - 2017-11-30 03:36 - 001398784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-12-16 10:18 - 2017-11-30 03:36 - 000755200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-12-16 10:18 - 2017-11-30 03:36 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-08 21:03 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-01-08 21:01 - 2017-09-11 09:04 - 000004268 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-01-08 20:59 - 2014-05-24 15:25 - 000204456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-01-08 20:59 - 2014-05-24 15:25 - 000046976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-01-08 20:59 - 2013-06-18 14:27 - 000358672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-01-08 20:59 - 2013-06-18 14:27 - 000084384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-01-08 20:59 - 2012-06-18 13:31 - 000457400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-01-08 20:59 - 2012-06-18 13:31 - 000146664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-01-08 20:59 - 2012-06-18 13:31 - 000110336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-01-08 20:58 - 2017-02-09 17:22 - 000343768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-01-08 20:58 - 2017-02-09 17:22 - 000321512 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-01-08 20:58 - 2017-02-09 17:22 - 000199448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-01-08 20:58 - 2017-02-09 17:22 - 000057696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-01-08 20:58 - 2016-02-16 15:14 - 000580480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetSec.sys
2018-01-08 20:58 - 2012-06-18 13:31 - 001025176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-01-08 20:57 - 2017-09-11 08:41 - 002287256 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-01-08 20:57 - 2017-03-20 05:43 - 000970252 _____ C:\WINDOWS\system32\perfh005.dat
2018-01-08 20:57 - 2017-03-20 05:43 - 000230278 _____ C:\WINDOWS\system32\perfc005.dat
2018-01-08 20:51 - 2011-11-16 12:08 - 000000000 ____D C:\ProgramData\PDFC
2018-01-08 20:50 - 2017-09-11 09:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-01-08 20:50 - 2017-03-18 12:40 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2018-01-08 20:42 - 2017-09-11 08:42 - 000000000 ____D C:\Users\adelka
2018-01-08 20:36 - 2016-11-19 10:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-01-08 20:36 - 2012-06-18 13:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-01-08 20:34 - 2017-09-11 08:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-01-05 11:07 - 2017-03-18 12:40 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-01-05 09:38 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\Registration
2018-01-05 09:36 - 2017-09-30 15:58 - 000000000 ___HD C:\$WINDOWS.~BT
2018-01-05 09:35 - 2017-09-11 09:11 - 000013338 _____ C:\WINDOWS\diagwrn.xml
2018-01-05 09:35 - 2017-09-11 09:11 - 000013338 _____ C:\WINDOWS\diagerr.xml
2018-01-05 09:01 - 2016-11-19 11:00 - 000000000 ____D C:\Users\adelka\AppData\LocalLow\Mozilla
2018-01-05 08:55 - 2012-06-18 13:44 - 000001142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2018-01-05 08:52 - 2012-12-29 18:49 - 000002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-01-05 08:52 - 2012-12-29 18:49 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-01-05 08:20 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps
2018-01-03 09:42 - 2017-08-30 05:54 - 000000000 ___DC C:\WINDOWS\Panther
2017-12-29 13:17 - 2012-05-13 09:35 - 000092344 _____ C:\Users\adelka\AppData\Local\GDIPFONTCACHEV1.DAT
2017-12-29 11:26 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-12-29 11:26 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-12-18 08:53 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\rescache
2017-12-16 11:12 - 2017-07-17 23:04 - 000000000 ___SD C:\WINDOWS\UpdateAssistantV2
2017-12-16 11:11 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-12-16 11:11 - 2017-03-18 22:01 - 000000000 ____D C:\WINDOWS\INF
2017-12-16 10:42 - 2016-06-16 02:22 - 000000000 ____D C:\Users\adelka\AppData\Local\Packages
2017-12-16 10:36 - 2017-03-18 21:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-12-16 10:28 - 2016-06-21 20:12 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-12-16 10:23 - 2017-10-23 08:42 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-12-16 10:23 - 2016-06-21 20:12 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories =======

2013-01-01 20:58 - 2013-01-01 20:58 - 000003584 _____ () C:\Users\adelka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Disabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\adelka\Desktop" je 43 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]


==================== End Of Log ==============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02.01.2018
Ran by adelka (08-01-2018 21:18:08)
Running from C:\Users\adelka\Desktop
Windows 10 Home Version 1703 15063.786 (X64) (2017-09-11 08:15:31)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

adelka (S-1-5-21-197431413-3001887032-2349371197-1000 - Administrator - Enabled) => C:\Users\adelka
Administrator (S-1-5-21-197431413-3001887032-2349371197-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-197431413-3001887032-2349371197-503 - Limited - Disabled)
Guest (S-1-5-21-197431413-3001887032-2349371197-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-197431413-3001887032-2349371197-1230 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Disabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ABBYY FineReader 9.0 Sprint (HKLM-x32\...\{F9000000-0018-0000-0000-074957833700}) (Version: 9.01.513.58212 - ABBYY) Hidden
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ActiveCheck component for HP Active Support Library (HKLM-x32\...\{254C37AA-6B72-4300-84F6-98A82419187E}) (Version: 3.0.0.3 - Hewlett-Packard) Hidden
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated)
Agatha Christie - Peril at End House (HKLM-x32\...\WT089362) (Version: 2.2.0.95 - WildTangent) Hidden
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
Avast Internet Security (HKLM-x32\...\Avast Antivirus) (Version: 17.9.2322 - AVAST Software)
Bejeweled 2 Deluxe (HKLM-x32\...\WT089453) (Version: 2.2.0.95 - WildTangent) Hidden
Bejeweled 3 (HKLM-x32\...\WT089498) (Version: 2.2.0.95 - WildTangent) Hidden
Blackhawk Striker 2 (HKLM-x32\...\WT087328) (Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (HKLM-x32\...\WT089308) (Version: 2.2.0.95 - WildTangent) Hidden
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.60 - Atheros Communications)
Bounce Symphony (HKLM-x32\...\WT087330) (Version: 2.2.0.95 - WildTangent) Hidden
Build-a-lot 2 (HKLM-x32\...\WT087335) (Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (HKLM-x32\...\WT089359) (Version: 2.2.0.95 - WildTangent) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.2.1.3726 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (HKLM-x32\...\WT087536) (Version: 2.2.0.95 - WildTangent) Hidden
Dora's World Adventure (HKLM-x32\...\WT087343) (Version: 2.2.0.95 - WildTangent) Hidden
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
Epson Easy Photo Print 2 (HKLM-x32\...\{A02D7029-C4EF-44C1-9FD4-C0D3CA518113}) (Version: 2.2.4.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{8A17C27D-0325-400C-8AA9-DAA6B16CBD74}) (Version: 2.40.0009 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON SX130 Series Printer Uninstall (HKLM\...\EPSON SX130 Series) (Version: - SEIKO EPSON Corporation)
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E96CAA2A-0244-4A2A-8403-0C3C9534778B}) (Version: 2.1.1 - Hewlett-Packard)
Evernote v. 4.2.2 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.2.3979 - Evernote Corp.)
Farm Frenzy (HKLM-x32\...\WT089328) (Version: 2.2.0.95 - WildTangent) Hidden
FATE - The Traitor Soul (HKLM-x32\...\WT089470) (Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Nitro (HKLM-x32\...\WT089504) (Version: 2.2.0.95 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HP Documentation (HKLM-x32\...\{2BF8B295-A214-42AC-B4EC-2AE15E08B0E7}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.4 - WildTangent)
HP On Screen Display (HKLM-x32\...\{124DB96E-CBF5-44FB-AB59-7D2444DEC777}) (Version: 1.0.7 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{E44578C7-4667-4124-8BC2-1161BCA54978}) (Version: 1.4.4 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{EB58480C-0721-483C-B354-9D35A147999F}) (Version: 2.3.6 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{03046EBB-CB7C-4B98-BEFB-690EB955DA22}) (Version: 8.5.4526.3645 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{A312ABBC-E4A0-4595-BB69-95AFF48A9838}) (Version: 4.0.108.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{9FEFA8C2-80EB-4B7A-BDE0-E077D94C36C4}) (Version: 5.1.11.1 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{E1BB50BA-7CCB-47CD-9FE3-03AAE6EEF862}) (Version: 12.0.30.81 - Hewlett-Packard Company)
HP Wireless Assistant (HKLM\...\{B962DFD6-45C1-49D8-AEBA-197BF6576D29}) (Version: 4.0.10.0 - Hewlett-Packard)
HPAsset component for HP Active Support Library (HKLM-x32\...\{669D4A35-146B-4314-89F1-1AC3D7B88367}) (Version: 3.0.0.3 - Hewlett-Packard) Hidden
Chuzzle Deluxe (HKLM-x32\...\WT089454) (Version: 2.2.0.95 - WildTangent) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2266 - Intel Corporation)
Java(TM) 6 Update 22 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416022FF}) (Version: 6.0.220 - Oracle)
Java(TM) 6 Update 33 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216033FF}) (Version: 6.0.330 - Oracle)
K-Lite Mega Codec Pack 8.6.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 8.6.0 - )
Mah Jong Medley (HKLM-x32\...\WT087393) (Version: 2.2.0.95 - WildTangent) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-197431413-3001887032-2349371197-1000\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft_VC90_CRT_x86 (HKLM-x32\...\{DF2035BE-5820-4965-BD97-7FAF8D4A7879}) (Version: 1.0.0 - Microsoft Corporation)
Mozilla Firefox 57.0.4 (x64 cs) (HKLM\...\Mozilla Firefox 57.0.4 (x64 cs)) (Version: 57.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 57.0.4.6577 - Mozilla)
Mystery P.I. - Stolen in San Francisco (HKLM-x32\...\WT089496) (Version: 2.2.0.95 - WildTangent) Hidden
Namco All-Stars PAC-MAN (HKLM-x32\...\WT089484) (Version: 2.2.0.95 - WildTangent) Hidden
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.34 - PDF Complete, Inc)
Penguins! (HKLM-x32\...\WT087394) (Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WT089458) (Version: 2.2.0.95 - WildTangent) Hidden
Poker Superstars III (HKLM-x32\...\WT087395) (Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (HKLM-x32\...\WT087396) (Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (HKLM-x32\...\WT087397) (Version: 2.2.0.95 - WildTangent) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.42.304.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6287 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.77 - Realtek Semiconductor Corp.)
Recovery Manager (HKLM-x32\...\{C7231F7C-6530-4E65-ADA6-5B392CF5BEB1}) (Version: 1.0.22 - Hewlett-Packard) Hidden
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Skype™ 5.1 (HKLM-x32\...\{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}) (Version: 5.1.104 - Skype Technologies S.A.)
Slingo Supreme (HKLM-x32\...\WT089457) (Version: 2.2.0.95 - WildTangent) Hidden
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.98 - Synaptics Incorporated)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
Uživatelská příručka EPSON SX130 Series (HKLM-x32\...\EPSON SX130 Series Useg) (Version: - )
Virtual Villagers 4 - The Tree of Life (HKLM-x32\...\WT089307) (Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App (HP Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.5.2 - WildTangent) Hidden
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
WinZip 14.5 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}) (Version: 14.5.9095 - WinZip Computing, S.L. )
Xobni (HKLM-x32\...\XobniMain) (Version: 1.9.5.13209 - Xobni Corp.)
Xobni Core (HKLM-x32\...\{8DC069E7-893C-41E1-9442-DE89FEC33371}) (Version: 1.0.0 - Xobni, Inc.) Hidden
Zuma Deluxe (HKLM-x32\...\WT089455) (Version: 2.2.0.95 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-16] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-16] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-16] (AVAST Software)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\wzshls64.dll [2010-04-05] (WinZip Computing, S.L.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-16] (AVAST Software)
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\wzshls64.dll [2010-04-05] (WinZip Computing, S.L.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-16] (AVAST Software)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\wzshls64.dll [2010-04-05] (WinZip Computing, S.L.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {028E3649-5B8E-4EE6-9787-315D393F8AA9} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {03AB977E-35D1-43E0-AB4B-2AB87E76B30C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {045163A5-B832-4B2C-B85A-FB48E237B25B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {1388DA34-E30A-4E65-82E4-1A79CA6FC9A2} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {18C544B5-FED2-49CD-B538-20C5A8BD0F8D} - System32\Tasks\SafeZone scheduled Autoupdate 1450460843 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {1B74E8D5-E343-45B3-B549-7BAE7B9282E5} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {2195C212-9429-4D50-8379-DA865A5285D9} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {2DDADCA2-B9B5-4F67-8924-F204639AF944} - System32\Tasks\{0E824671-4ADE-4FE2-83D4-0DEA67A74C03} => C:\Windows\system32\pcalua.exe -a C:\Users\adelka\Downloads\sp53960.exe -d C:\Users\adelka\Downloads
Task: {2ED7E48A-8B96-43B2-BC5C-3D1DBC80D708} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {344F1898-571A-4886-8089-F8F10E748159} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {377D1C6C-3E09-481B-9026-C5541C19D0D4} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {394553BE-AB5F-4903-8600-5EFDDE813FBA} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {3B331A04-932D-4CAC-AC55-5550D0AAE352} - System32\Tasks\Microsoft\Windows\Setup\UpgradeTriggers\UpgradeNowTask => C:\WINDOWS\System32\GWX\GWXUXWorker.exe
Task: {3EA5B89F-1EF3-477E-BB49-490E76D4C138} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {4E260A26-9D4D-490E-B1A7-57146FE9DCCE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-29] (Adobe Systems Incorporated)
Task: {4E71D5FC-EBC2-44DE-9288-DA2417206A96} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [2017-12-06] (AVAST Software)
Task: {4F7DC4DE-C23F-4E91-85C8-833E178C7521} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {57734168-D4CB-45B9-8759-9A23C77AABF0} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5CD44416-F74C-4E18-939A-ADAAD9C1AE5A} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {62C8231B-EE62-4DFC-BD2E-88707E12C9D0} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {66EC7F80-A4F2-4A6E-BD98-0B6ADB76B92D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {6B91D1A7-651C-4B27-ADC5-CB72C8749498} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6C8EA285-479E-41CE-997A-083E2D91DC8C} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6DC99627-5D54-45F7-8F52-16A7A1602214} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {75A23E3F-C2EA-4374-9192-DE546FC27327} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7F889669-8397-45A7-87E5-D0312F86C8B6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2010-12-01] (Hewlett-Packard Company)
Task: {84FB2A38-8AF5-46C8-9CEE-CE81B6689758} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {86D759BB-39F5-4FCF-8ED3-E338545DA8D9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {8B6613E5-27F6-4FD7-AD43-C1D3DC3CCF63} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {8DC914B6-85EE-450F-89A5-67067AD97D74} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {8E431413-7253-47F4-AC00-9566F07E3B06} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {92B2895C-3EF2-49CD-80FF-2C0D4FFFEC2B} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-01-08] (AVAST Software)
Task: {97D63A56-CA25-4D6F-B85F-18324C5931CD} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2011-01-25] ()
Task: {9AAB259D-744A-4470-B4C1-534335D374A9} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A39D18AD-65E3-4CDC-A3C8-6187F2CF3612} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-02-09] (CyberLink)
Task: {A6B576C0-6955-4E92-B71F-7983F59B958A} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {A74E92F4-7329-4443-B345-AA2B70454D8E} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B4728936-C861-4BD1-8BD3-699ACBB4B8F6} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B4A5BD0D-B765-4DEF-ADAC-339590FD098A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {C69DD33F-0B9A-4FCD-8358-906720966012} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {CC5E3E46-AB1D-4ECF-B3FC-89790EAEE315} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {CD336504-3F28-4B6D-A70C-CFA3FB36D3B4} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {D3590817-EAEF-423F-9A31-5704A86D7338} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DB9B8D15-D91F-4220-9C82-4F3096E4DCCF} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {DC363285-45B3-4D66-AD25-EC7072D815B3} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E3644DDB-5B06-41C5-AC9D-B33F8FC2C794} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {E3FAB0C5-8948-4177-8BC0-54AA400C107F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {E9EFDA7D-EB47-4090-AFF1-0982B348D831} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2010-12-01] (Hewlett-Packard Company)
Task: {EDB681C6-9390-4840-A294-B242CE44CED9} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F22D7B4B-576D-45B0-96C2-7D3A1E616F84} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F8002129-7033-4E1A-A686-CD8BEAC50DE7} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {FD9245A4-7652-42F5-82A4-14706A77F01A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-06-24] (Hewlett-Packard)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-03-18 21:58 - 2017-03-18 21:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 21:59 - 2017-03-20 05:45 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 000112264 _____ () C:\Windows\System32\IccLibDll_x64.dll
2017-10-16 07:42 - 2017-10-16 07:42 - 000067408 _____ () C:\Program Files\AVAST Software\Avast\x64\module_lifetime.dll
2018-01-05 08:51 - 2018-01-03 10:20 - 004063064 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\libglesv2.dll
2018-01-05 08:51 - 2018-01-03 10:20 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\libegl.dll
2018-01-08 21:06 - 2017-12-01 11:13 - 031239168 _____ () C:\Users\adelka\AppData\Local\Google\Chrome\User Data\PepperFlash\28.0.0.126\pepflashplayer.dll
2017-10-16 07:42 - 2017-10-16 07:42 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-10-16 07:42 - 2017-10-16 07:42 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2017-07-17 11:34 - 2017-07-17 11:34 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-10-16 07:42 - 2017-10-16 07:42 - 000217088 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-10-16 07:42 - 2017-10-16 07:42 - 000244584 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-10-16 07:41 - 2017-10-16 07:41 - 000234280 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-10-30 08:20 - 2017-10-30 08:19 - 000703336 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-12-07 23:00 - 2017-12-07 23:00 - 000102088 _____ () C:\Users\adelka\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\UpdateRingSettings.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-197431413-3001887032-2349371197-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner 7.0.6.0 - Logfile created on Mon Jan 08 21:05:03 2018
# Updated on 2017/21/12 by Malwarebytes
# Database: 01-05-2018.1
# Running on Windows 10 Home (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************

C:/AdwCleaner/AdwCleaner[C1].txt - [1425 B] - [2015/10/26 18:22:1]
C:/AdwCleaner/AdwCleaner[S1].txt - [1321 B] - [2015/10/26 18:20:43]


########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt ##########

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-197431413-3001887032-2349371197-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDF
SearchScopes: HKLM -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKLM -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-197431413-3001887032-2349371197-1000 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-197431413-3001887032-2349371197-1000 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKU\S-1-5-21-197431413-3001887032-2349371197-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
U3 idsvc; no ImagePath
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
Task: {03AB977E-35D1-43E0-AB4B-2AB87E76B30C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {045163A5-B832-4B2C-B85A-FB48E237B25B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {2195C212-9429-4D50-8379-DA865A5285D9} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {2DDADCA2-B9B5-4F67-8924-F204639AF944} - System32\Tasks\{0E824671-4ADE-4FE2-83D4-0DEA67A74C03} => C:\Windows\system32\pcalua.exe -a C:\Users\adelka\Downloads\sp53960.exe -d C:\Users\adelka\Downloads
Task: {344F1898-571A-4886-8089-F8F10E748159} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {377D1C6C-3E09-481B-9026-C5541C19D0D4} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {394553BE-AB5F-4903-8600-5EFDDE813FBA} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {3EA5B89F-1EF3-477E-BB49-490E76D4C138} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {4F7DC4DE-C23F-4E91-85C8-833E178C7521} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {66EC7F80-A4F2-4A6E-BD98-0B6ADB76B92D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {84FB2A38-8AF5-46C8-9CEE-CE81B6689758} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {86D759BB-39F5-4FCF-8ED3-E338545DA8D9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {8B6613E5-27F6-4FD7-AD43-C1D3DC3CCF63} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {8DC914B6-85EE-450F-89A5-67067AD97D74} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {B4A5BD0D-B765-4DEF-ADAC-339590FD098A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {CC5E3E46-AB1D-4ECF-B3FC-89790EAEE315} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {E3644DDB-5B06-41C5-AC9D-B33F8FC2C794} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {E3FAB0C5-8948-4177-8BC0-54AA400C107F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 02.01.2018
Ran by adelka (08-01-2018 22:22:28) Run:1
Running from C:\Users\adelka\Desktop
Loaded Profiles: adelka (Available Profiles: adelka & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-197431413-3001887032-2349371197-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDF
SearchScopes: HKLM -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKLM -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-197431413-3001887032-2349371197-1000 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-197431413-3001887032-2349371197-1000 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKU\S-1-5-21-197431413-3001887032-2349371197-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
U3 idsvc; no ImagePath
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
Task: {03AB977E-35D1-43E0-AB4B-2AB87E76B30C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {045163A5-B832-4B2C-B85A-FB48E237B25B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {2195C212-9429-4D50-8379-DA865A5285D9} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {2DDADCA2-B9B5-4F67-8924-F204639AF944} - System32\Tasks\{0E824671-4ADE-4FE2-83D4-0DEA67A74C03} => C:\Windows\system32\pcalua.exe -a C:\Users\adelka\Downloads\sp53960.exe -d C:\Users\adelka\Downloads
Task: {344F1898-571A-4886-8089-F8F10E748159} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {377D1C6C-3E09-481B-9026-C5541C19D0D4} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {394553BE-AB5F-4903-8600-5EFDDE813FBA} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {3EA5B89F-1EF3-477E-BB49-490E76D4C138} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {4F7DC4DE-C23F-4E91-85C8-833E178C7521} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {66EC7F80-A4F2-4A6E-BD98-0B6ADB76B92D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {84FB2A38-8AF5-46C8-9CEE-CE81B6689758} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {86D759BB-39F5-4FCF-8ED3-E338545DA8D9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {8B6613E5-27F6-4FD7-AD43-C1D3DC3CCF63} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {8DC914B6-85EE-450F-89A5-67067AD97D74} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {B4A5BD0D-B765-4DEF-ADAC-339590FD098A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {CC5E3E46-AB1D-4ECF-B3FC-89790EAEE315} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {E3644DDB-5B06-41C5-AC9D-B33F8FC2C794} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {E3FAB0C5-8948-4177-8BC0-54AA400C107F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION

EmptyTemp:
End
*****************

"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
HKU\S-1-5-21-197431413-3001887032-2349371197-1000\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}" => removed successfully
HKLM\Software\Classes\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827} => key not found
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}" => removed successfully
HKLM\Software\Classes\CLSID\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43} => key not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43} => key not found
"HKU\S-1-5-21-197431413-3001887032-2349371197-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-21-197431413-3001887032-2349371197-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}" => removed successfully
HKLM\Software\Classes\CLSID\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43} => key not found
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => removed successfully
"HKLM\Software\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => removed successfully
"HKU\S-1-5-21-197431413-3001887032-2349371197-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => removed successfully
HKLM\Software\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => key not found
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki" => removed successfully
"HKLM\System\CurrentControlSet\Services\idsvc" => removed successfully
idsvc => service removed successfully
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets" => removed successfully
HKLM\Software\Classes\CLSID\{6B9228DA-9C15-419e-856C-19E768A13BDC} => key not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{03AB977E-35D1-43E0-AB4B-2AB87E76B30C} => could not remove key. ErrorCode1: 0x00000002
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{03AB977E-35D1-43E0-AB4B-2AB87E76B30C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{045163A5-B832-4B2C-B85A-FB48E237B25B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{045163A5-B832-4B2C-B85A-FB48E237B25B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2195C212-9429-4D50-8379-DA865A5285D9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2195C212-9429-4D50-8379-DA865A5285D9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-Weekend" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2DDADCA2-B9B5-4F67-8924-F204639AF944}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2DDADCA2-B9B5-4F67-8924-F204639AF944}" => removed successfully
C:\WINDOWS\System32\Tasks\{0E824671-4ADE-4FE2-83D4-0DEA67A74C03} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0E824671-4ADE-4FE2-83D4-0DEA67A74C03}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{344F1898-571A-4886-8089-F8F10E748159}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{344F1898-571A-4886-8089-F8F10E748159}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{377D1C6C-3E09-481B-9026-C5541C19D0D4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{377D1C6C-3E09-481B-9026-C5541C19D0D4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{394553BE-AB5F-4903-8600-5EFDDE813FBA}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{394553BE-AB5F-4903-8600-5EFDDE813FBA}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3EA5B89F-1EF3-477E-BB49-490E76D4C138}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3EA5B89F-1EF3-477E-BB49-490E76D4C138}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4F7DC4DE-C23F-4E91-85C8-833E178C7521}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F7DC4DE-C23F-4E91-85C8-833E178C7521}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{66EC7F80-A4F2-4A6E-BD98-0B6ADB76B92D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{66EC7F80-A4F2-4A6E-BD98-0B6ADB76B92D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{84FB2A38-8AF5-46C8-9CEE-CE81B6689758}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{84FB2A38-8AF5-46C8-9CEE-CE81B6689758}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{86D759BB-39F5-4FCF-8ED3-E338545DA8D9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{86D759BB-39F5-4FCF-8ED3-E338545DA8D9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8B6613E5-27F6-4FD7-AD43-C1D3DC3CCF63}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B6613E5-27F6-4FD7-AD43-C1D3DC3CCF63}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8DC914B6-85EE-450F-89A5-67067AD97D74}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8DC914B6-85EE-450F-89A5-67067AD97D74}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B4A5BD0D-B765-4DEF-ADAC-339590FD098A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B4A5BD0D-B765-4DEF-ADAC-339590FD098A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CC5E3E46-AB1D-4ECF-B3FC-89790EAEE315}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC5E3E46-AB1D-4ECF-B3FC-89790EAEE315}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E3644DDB-5B06-41C5-AC9D-B33F8FC2C794}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3644DDB-5B06-41C5-AC9D-B33F8FC2C794}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E3FAB0C5-8948-4177-8BC0-54AA400C107F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3FAB0C5-8948-4177-8BC0-54AA400C107F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8151040 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 434833440 B
Java, Flash, Steam htmlcache => 26 B
Windows/system/drivers => 43459917 B
Edge => 960312 B
Chrome => 292402292 B
Firefox => 301655413 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 15064 B
NetworkService => 12772 B
adelka => 216114321 B
DefaultAppPool => 0 B

RecycleBin => 9016372744 B
EmptyTemp: => 9.6 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 22:25:00 ====

Smazáno, log je již OK. Už se nezobrazuje?

Už je vše v pořádku , velmi moc děkuju za pomoc.

Tak to jsem rád. Nemáte zač!