VIRY.CZ

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.09.2018 03
Ran by martas (administrator) on POCITAC (07-09-2018 16:53:53)
Running from C:\Users\martas\Desktop
Loaded Profiles: martas (Available Profiles: martas)
Platform: Windows 8.1 Pro (X64) Language: Angličtina (Spojené státy)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Digital Care Solutions (ParetoLogic)) C:\Program Files\BDServices\BitDefenderCOM.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8029576 2016-11-03] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-04-28] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-08-29] (AVAST Software)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1187864 2018-03-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKU\S-1-5-21-410913589-2423398816-1494011779-1001\...\Run: [AdobeBridge] => [X]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\updateSteam.bat [2018-02-04] ()
Startup: C:\Users\martas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2017-04-27]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{483C3A77-A667-4CBC-8E89-A5CC4B3B4AE0}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-410913589-2423398816-1494011779-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-12-29] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-05-29] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-05-29] (Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-12-29] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-12-29] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-12-29] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-12-29] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-12-29] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-12-29] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-12-29] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-12-29] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-12-29] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-05-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-05-29] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-12-29] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)
FF Plugin HKU\S-1-5-21-410913589-2423398816-1494011779-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\martas\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.google.com","hxxps://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\martas\AppData\Local\Google\Chrome\User Data\Default [2018-09-07]
CHR Extension: (Adblock Plus) - C:\Users\martas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-08-30]
CHR Extension: (Adobe Acrobat) - C:\Users\martas\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-05-24]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\martas\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-08-22]
CHR Extension: (Avast Online Security) - C:\Users\martas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-04-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\martas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Chrome Media Router) - C:\Users\martas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-07-26]
CHR Profile: C:\Users\martas\AppData\Local\Google\Chrome\User Data\System Profile [2017-12-29]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
OPR Extension: (Translator) - C:\Users\martas\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnbpedcoekjafichoehopgaaldogogch [2018-08-25]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7994520 2018-08-29] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-08-29] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software)
R2 BitDefenderCOM; C:\Program Files\BDServices\BitDefenderCom.exe [1039352 2018-02-26] (Digital Care Solutions (ParetoLogic))
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7780528 2018-01-15] (Microsoft Corporation)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [136512 2018-09-07] (SurfRight B.V.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
S3 scan; C:\Program Files\BDServices\scan.dll [652568 2018-02-23] (Bitdefender)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [199712 2018-08-29] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [229384 2018-08-29] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201320 2018-08-29] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346664 2018-08-29] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59568 2018-08-29] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [249016 2018-08-29] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46968 2018-08-29] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [163272 2018-08-29] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111864 2018-08-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87904 2018-08-29] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1027720 2018-08-29] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [467320 2018-09-04] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [215728 2018-09-05] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381560 2018-08-29] (AVAST Software)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [118848 2016-08-09] (Advanced Micro Devices)
R3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [55232 2018-09-07] ()
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [259360 2018-09-07] (Malwarebytes)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [442848 2018-02-23] (BitDefender S.R.L.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-07 16:53 - 2018-09-07 16:55 - 000015440 _____ C:\Users\martas\Desktop\FRST.txt
2018-09-07 16:53 - 2018-09-07 16:53 - 000000000 ____D C:\FRST
2018-09-07 16:52 - 2018-09-07 16:52 - 002413056 _____ (Farbar) C:\Users\martas\Desktop\FRST64.exe
2018-09-07 16:38 - 2018-09-07 16:38 - 011576808 _____ (SurfRight B.V.) C:\Users\martas\Downloads\hitmanpro_x64 (1).exe
2018-09-07 16:24 - 2018-09-07 16:38 - 000001916 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2018-09-07 16:24 - 2018-09-07 16:24 - 000055232 _____ C:\Windows\system32\Drivers\hitmanpro37.sys
2018-09-07 16:24 - 2018-09-07 16:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2018-09-07 16:24 - 2018-09-07 16:24 - 000000000 ____D C:\Program Files\HitmanPro
2018-09-07 16:23 - 2018-09-07 16:24 - 000000000 ____D C:\ProgramData\HitmanPro
2018-09-07 15:58 - 2018-09-07 15:58 - 011576808 _____ (SurfRight B.V.) C:\Users\martas\Downloads\hitmanpro_x64.exe
2018-09-07 12:29 - 2018-09-07 12:29 - 000001124 _____ C:\Users\martas\Desktop\ParetoLogic PC Health Advisor.lnk
2018-09-07 12:29 - 2018-09-07 12:29 - 000000448 _____ C:\Windows\Tasks\PC Health Advisor Update.job
2018-09-07 12:29 - 2018-09-07 12:29 - 000000418 _____ C:\Windows\Tasks\PC Health Advisor Defrag.job
2018-09-07 12:29 - 2018-09-07 12:29 - 000000400 _____ C:\Windows\Tasks\PC Health Advisor.job
2018-09-07 12:29 - 2018-09-07 12:29 - 000000000 ____D C:\Users\martas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic
2018-09-07 12:28 - 2018-09-07 16:00 - 000000000 ____D C:\Program Files\BDServices
2018-09-07 12:28 - 2018-09-07 12:29 - 000000000 ____D C:\ProgramData\ParetoLogic
2018-09-07 12:28 - 2018-09-07 12:28 - 000000000 ____D C:\Program Files (x86)\ParetoLogic
2018-09-07 12:27 - 2018-09-07 12:27 - 014409936 _____ (ParetoLogic, Inc.) C:\Users\martas\Downloads\ParetoLogic PC Health Advisor.exe
2018-09-07 12:22 - 2018-09-07 12:23 - 005930728 _____ (EnigmaSoft Limited) C:\Users\martas\Downloads\SpyHunter-Installer.exe
2018-09-07 12:06 - 2018-09-07 12:06 - 000000000 ____D C:\Users\martas\AppData\Local\mbam
2018-09-03 18:01 - 2018-09-07 16:10 - 000259360 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-09-03 15:18 - 2018-09-03 15:18 - 005538887 _____ C:\Users\martas\Downloads\pracovni-listy-09.pdf
2018-09-01 19:48 - 2018-09-01 20:27 - 733745682 _____ C:\Users\martas\Downloads\Chceš mě, chci tě (2009 CZdab)..avi
2018-09-01 18:19 - 2018-09-01 19:01 - 778352640 _____ C:\Users\martas\Downloads\POD-JEDNOU-STRECHOU---CZ-dvdrip.avi
2018-09-01 13:10 - 2018-09-01 15:34 - 2659449451 _____ C:\Users\martas\Downloads\PŘÍŠERKY SRO 2001 CZ DUBBING.mkv
2018-09-01 12:27 - 2018-09-01 12:27 - 000027826 _____ C:\Users\martas\Downloads\kostky---pravidla.pdf
2018-08-29 17:54 - 2018-08-29 20:42 - 3077603328 _____ C:\Users\martas\Downloads\Bolt.Pes.Pro.Kazdy.Pripad_CZ_dabing_Top_kvalita_KIM.CZ.avi.crdownload
2018-08-29 10:27 - 2018-08-29 10:27 - 000379608 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-08-14 15:56 - 2018-08-14 15:56 - 000129716 _____ C:\Users\martas\Downloads\hausaufgaben_modul_3_cz.pdf
2018-08-13 23:59 - 2018-08-28 22:41 - 000000000 ____D C:\Users\martas\AppData\Local\CrashDumps

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-07 16:09 - 2016-11-05 16:14 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2018-09-07 16:09 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-09-07 12:27 - 2016-11-11 16:54 - 000000000 ____D C:\Users\martas\AppData\Local\Adobe
2018-09-06 19:49 - 2016-11-05 20:23 - 000000000 ____D C:\Users\martas\AppData\Roaming\vlc
2018-09-06 18:12 - 2016-11-06 10:45 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2018-09-05 21:41 - 2017-12-22 04:07 - 000000000 ____D C:\Users\martas\AppData\Roaming\XnView
2018-09-05 21:23 - 2016-11-05 14:47 - 000000000 ____D C:\Users\martas
2018-09-05 18:30 - 2016-11-06 10:45 - 000215728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-09-04 18:20 - 2016-11-06 10:45 - 000467320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-09-03 20:13 - 2016-05-15 09:55 - 000000000 ____D C:\Users\martas\Desktop\Montessori
2018-09-03 18:00 - 2017-04-29 15:54 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-09-02 20:36 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2018-09-01 16:00 - 2018-03-14 17:46 - 000000000 ____D C:\Users\martas\Desktop\terapie
2018-08-31 15:03 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2018-08-29 18:59 - 2015-03-03 00:32 - 000000000 ____D C:\Pohádky
2018-08-29 15:09 - 2016-11-05 16:31 - 000000000 ____D C:\Program Files (x86)\Opera
2018-08-29 10:29 - 2016-11-06 10:45 - 000087904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-08-29 10:27 - 2017-11-20 17:10 - 000199712 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-08-29 10:27 - 2016-11-06 10:45 - 000381560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-08-29 10:27 - 2016-11-06 10:45 - 000163272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-08-29 10:27 - 2016-11-06 10:45 - 000111864 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-08-29 10:27 - 2016-11-06 10:45 - 000046968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-08-29 10:26 - 2016-11-06 10:45 - 001027720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-08-29 10:25 - 2017-12-28 02:22 - 000249016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-08-29 10:25 - 2017-03-17 20:50 - 000346664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-08-29 10:25 - 2017-03-17 20:50 - 000229384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-08-29 10:25 - 2017-03-17 20:50 - 000201320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-08-29 10:25 - 2017-03-17 20:50 - 000059568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-08-26 11:48 - 2017-03-04 06:11 - 000002374 _____ C:\Users\martas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive pro firmy.lnk
2018-08-23 01:59 - 2016-11-05 16:25 - 000704248 _____ C:\Windows\system32\perfh005.dat
2018-08-23 01:59 - 2016-11-05 16:25 - 000143628 _____ C:\Windows\system32\perfc005.dat
2018-08-23 01:59 - 2016-11-05 14:44 - 001658450 _____ C:\Windows\system32\PerfStringBackup.INI
2018-08-22 16:17 - 2018-04-05 14:36 - 000002452 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-08-22 16:17 - 2018-04-05 14:36 - 000002417 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2018-08-18 14:12 - 2017-05-24 10:55 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-08-10 15:44 - 2017-05-04 23:05 - 000002255 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-08-10 15:44 - 2017-05-04 23:05 - 000002214 _____ C:\Users\Public\Desktop\Google Chrome.lnk

==================== Files in the root of some directories =======

2017-01-23 13:01 - 2017-01-23 13:02 - 000000132 _____ () C:\Users\martas\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2017-12-19 03:12 - 2017-12-19 03:12 - 000001480 _____ () C:\Users\martas\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2017-04-30 14:07 - 2017-04-30 14:07 - 000000017 _____ () C:\Users\martas\AppData\Local\resmon.resmoncfg

Some files in TEMP:
====================
2016-11-18 13:56 - 2015-03-05 09:54 - 002212008 _____ (Adobe Systems Incorporated) C:\Users\martas\AppData\Local\Temp\AdobeApplicationManager.exe
2017-04-29 15:47 - 2017-04-29 15:47 - 000739904 _____ (Oracle Corporation) C:\Users\martas\AppData\Local\Temp\jre-8u131-windows-au.exe
2017-03-02 21:52 - 2015-07-31 16:06 - 000242864 ____R (Microsoft Corporation) C:\Users\martas\AppData\Local\Temp\ose00000.exe
2017-03-02 22:08 - 2015-07-31 16:06 - 000242864 ____R (Microsoft Corporation) C:\Users\martas\AppData\Local\Temp\ose00001.exe
2017-03-22 00:04 - 2017-03-22 00:04 - 000040448 ____N () C:\Users\martas\AppData\Local\Temp\proxy_vole1662434896599758537.dll
2017-03-22 00:08 - 2017-03-22 00:08 - 000040448 ____N () C:\Users\martas\AppData\Local\Temp\proxy_vole3189023915511549807.dll
2017-03-22 00:11 - 2017-03-22 00:11 - 000040448 ____N () C:\Users\martas\AppData\Local\Temp\proxy_vole8214625168139902872.dll
2018-03-02 01:46 - 2018-03-02 01:46 - 000280328 _____ (ParetoLogic, Inc.) C:\Users\martas\AppData\Local\Temp\uninstall.exe
2017-07-01 18:20 - 2017-07-01 18:20 - 014456872 _____ (Microsoft Corporation) C:\Users\martas\AppData\Local\Temp\vc_redist.x86.exe
2017-11-21 01:51 - 2017-11-21 01:51 - 030950664 _____ () C:\Users\martas\AppData\Local\Temp\vlc-2.2.6-win32.exe
2018-06-12 01:11 - 2018-06-12 01:11 - 040184976 _____ () C:\Users\martas\AppData\Local\Temp\vlc-3.0.3-win32.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-07-17 09:35

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.09.2018 03
Ran by martas (07-09-2018 16:55:54)
Running from C:\Users\martas\Desktop
Windows 8.1 Pro (X64) (2016-11-05 12:46:26)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-410913589-2423398816-1494011779-500 - Administrator - Disabled)
Guest (S-1-5-21-410913589-2423398816-1494011779-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-410913589-2423398816-1494011779-1004 - Limited - Enabled)
martas (S-1-5-21-410913589-2423398816-1494011779-1001 - Administrator - Enabled) => C:\Users\martas

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20058 - Adobe Systems Incorporated)
Adobe Audition CC 2015 (HKLM-x32\...\{839A3566-AED6-4787-A849-5CBE2B1DC6AE}) (Version: 8.1.0 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.6.2349 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 68.0.746.59 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.136.333 - AVAST Software) Hidden
Avidemux 2.7 - 64 bits (HKLM-x32\...\Avidemux 2.7 - 64 bits (64-bit)) (Version: 2.7.1.180604 - )
bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden
Car Mechanic Simulator 2015 - Gold Edition verze 1.1.1.2 (HKLM-x32\...\{14D14FD2-E222-46B5-A50C-2298A21AA478}_is1) (Version: 1.1.1.2 - )
Catalyst Control Center Next Localization BR (HKLM\...\{2AB47508-ECB0-7FBC-7F09-BC1626A1D3FA}) (Version: 2016.1103.2042.35450 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{9D1FBEAC-6117-12A5-0020-3B3D9B57FDD4}) (Version: 2016.1103.2042.35450 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{F18DB3F5-5361-5782-09D6-091762ED843C}) (Version: 2016.1103.2042.35450 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{1F118A14-4F17-F034-171C-27A2CCBDF70A}) (Version: 2016.1103.2042.35450 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{536917C6-AD83-D101-443A-E3B601900E76}) (Version: 2016.1103.2042.35450 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{5A00C8BC-1956-CC87-4023-8C109A2EDDD1}) (Version: 2016.1103.2042.35450 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{9EB36E47-9AEA-0541-307A-D691285962B0}) (Version: 2016.1103.2042.35450 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{5D13B926-2DDF-9242-DC42-A774304B34A4}) (Version: 2016.1103.2042.35450 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{5FD9A988-224B-FB7B-3353-5D808B772129}) (Version: 2016.1103.2042.35450 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{A8CDABF8-A7F7-CEDC-F27E-6DFFE7285B1A}) (Version: 2016.1103.2042.35450 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{4B67BFDE-D387-2DFB-DBAE-1CCD3F27EB57}) (Version: 2016.1103.2042.35450 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{023C8BBF-D5F2-CE55-DAB0-F80EEC7CF657}) (Version: 2016.1103.2042.35450 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{A245B10D-29BD-340C-1364-377C50F600EF}) (Version: 2016.1103.2042.35450 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{95E8790D-22DF-260E-49AD-479FD11AF3E2}) (Version: 2016.1103.2042.35450 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{581B2525-F22E-BFA1-ED2E-D77A59B696F3}) (Version: 2016.1103.2042.35450 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{B0109FEC-A33A-CE1C-7340-7446AD1ACAFB}) (Version: 2016.1103.2042.35450 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{1A9E93BF-239D-1056-46C7-F0D9868EEE1D}) (Version: 2016.1103.2042.35450 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{A89A4C78-6345-AADC-40B5-2570B65EA1B9}) (Version: 2016.1103.2042.35450 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{3FB41E67-D150-C331-E71D-5B576E870C30}) (Version: 2016.1103.2042.35450 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{9A145D9E-AF0F-9D4B-6C46-D34A88AAD094}) (Version: 2016.1103.2042.35450 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{8501CFFA-B130-1219-7B4E-E6C9DD807518}) (Version: 2016.1103.2042.35450 - Advanced Micro Devices, Inc.) Hidden
CPUID CPU-Z 1.79 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
HappyFoto-Designer 5.4 (HKLM-x32\...\HappyFoto-Designer_is1) (Version: - )
HitmanPro 3.8 (HKLM\...\HitmanPro38) (Version: 3.8.0.295 - SurfRight B.V.)
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
LibreOffice 5.1.6.2 (HKLM\...\{549C3097-A17C-4163-9B03-D52865B2BBEE}) (Version: 5.1.6.2 - The Document Foundation)
Malwarebytes verze 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft Camera Codec Pack (HKLM\...\{D1A33D00-5C0F-45EA-90D9-3606B645E467}) (Version: 16.3.1483.0410 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.8827.2148 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-410913589-2423398816-1494011779-1001\...\OneDriveSetup.exe) (Version: 18.162.0812.0001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.8827.2148 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.8827.2148 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.8827.2148 - Microsoft Corporation) Hidden
Opera Stable 55.0.2994.44 (HKLM-x32\...\Opera 55.0.2994.44) (Version: 55.0.2994.44 - Opera Software)
ParetoLogic PC Health Advisor (HKLM-x32\...\{3CBF3EBB-235D-4c29-A68B-2BB1F428586E}) (Version: 3.3.39.1 - ParetoLogic)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Revo Uninstaller Pro 3.2.0 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.2.0 - VS Revo Group, Ltd.)
SeaTools for Windows 1.4.0.4 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.4 - Seagate Technology)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Unity Web Player (HKU\S-1-5-21-410913589-2423398816-1494011779-1001\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Warcraft III - The Frozen Throne v1.26 (HKLM-x32\...\Warcraft III - The Frozen Throne v1.26 1.26) (Version: 1.26 - Blizzard)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinDirStat 1.1.2 (HKU\S-1-5-21-410913589-2423398816-1494011779-1001\...\WinDirStat) (Version: - )
XnView 2.43 (HKLM-x32\...\XnView_is1) (Version: 2.43 - Gougelet Pierre-e)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-410913589-2423398816-1494011779-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\martas\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileCoAuthLib64.dll => No File
CustomCLSID: HKU\S-1-5-21-410913589-2423398816-1494011779-1001_Classes\CLSID\{23066764-9BDD-4FBD-8B1F-F4547CF2684F}\InprocServer32 -> C:\Users\martas\AppData\Local\Microsoft\OneDrive\18.070.0405.0002\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-29] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-29] (AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-29] (AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-29] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2016-11-03] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-29] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2016-12-15] (VS Revo Group)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {30893F2A-422C-4CF4-8ACE-72D9D51F1A0C} - System32\Tasks\AdobeAAMUpdater-1.0-pocitac-martas => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-04-28] (Adobe Systems Incorporated)
Task: {3FF8EF43-5697-47F0-9C78-2EF96D9D7E44} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe
Task: {45E77F89-7DE2-458A-A343-35435236868B} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-01-15] (Microsoft Corporation)
Task: {6B8DE0E8-CACC-4565-A192-50524357C2AE} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-08-29] (AVAST Software)
Task: {7490746E-28E1-4394-BC8C-D0BE33EFF7E7} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-11-03] (Advanced Micro Devices, Inc.)
Task: {8E7611DC-F344-4EE0-8D3D-E35761820A77} - System32\Tasks\Opera scheduled Autoupdate 1478356316 => C:\Program Files (x86)\Opera\launcher.exe [2018-08-23] (Opera Software)
Task: {97BEA888-894E-4A70-B094-8D6E7C60F3FF} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {98062E78-7E71-470E-911C-03086C71CF8F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe
Task: {B2ED6F6A-279A-46B8-94E4-78BEDCF88612} - System32\Tasks\SafeZone scheduled Autoupdate 1478421981 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {D565FF2F-AD2B-4A40-BF42-965FA3B7D85A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-01-15] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\PC Health Advisor Defrag.job => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe <==== ATTENTION
Task: C:\Windows\Tasks\PC Health Advisor Update.job => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe <==== ATTENTION
Task: C:\Windows\Tasks\PC Health Advisor.job => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe <==== ATTENTION

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\martas\Desktop\IS AMČR.lnk -> C:\ProgramData\Oracle\Java\javapath\javaws.exe (Oracle Corporation) -> -localfile -J-Djnlp.application.href=hxxp://stahnout.archeologickamapa.cz/launch.jnlp "C:\Users\martas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\9c22370-4f8bc761"
ShortcutWithArgument: C:\Users\martas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IS AMČR\IS AMČR.lnk -> C:\ProgramData\Oracle\Java\javapath\javaws.exe (Oracle Corporation) -> -localfile -J-Djnlp.application.href=hxxp://stahnout.archeologickamapa.cz/launch.jnlp "C:\Users\martas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\9c22370-4f8bc761"

==================== Loaded Modules (Whitelisted) ==============

2018-06-06 16:01 - 2018-09-03 18:00 - 002681424 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2016-09-14 03:23 - 2016-09-14 03:23 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 03:23 - 2016-09-14 03:23 - 000739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 03:23 - 2016-09-14 03:23 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-14 03:23 - 2016-09-14 03:23 - 000071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 03:23 - 2016-09-14 03:23 - 000011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 03:23 - 2016-09-14 03:23 - 002013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2018-08-10 15:43 - 2018-08-08 02:41 - 004855640 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libglesv2.dll
2018-08-10 15:42 - 2018-08-08 02:41 - 000115544 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libegl.dll
2018-03-13 19:24 - 2018-03-13 19:24 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-08-29 10:26 - 2018-08-29 10:26 - 000575704 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-410913589-2423398816-1494011779-1001\Control Panel\Desktop\\Wallpaper -> C:\Fotky\hs-2011-11-a-1920x1200_wallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F863534E-910C-4997-92F3-8102B685EB63}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{DC080F79-B308-4B92-981B-EDBF26657EF7}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{16588568-68EC-4A27-91DC-8B670FDA3FC6}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{9608A5D6-B31B-4B9F-8FE7-323A804E3287}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{43DA92CC-4C55-41DC-8234-6BF7EA04E00B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{6983CD84-C770-435A-A011-5A70003C03A8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{EB9820E1-1D07-47F5-843D-1C1C6C302212}] => (Allow) C:\Users\martas\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [TCP Query User{30E03375-41ED-4EF4-88FB-3A39349829D4}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{E5C6D8FE-1C33-4A08-9238-6FC43EF439A3}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{D527AD23-2FDF-4448-B320-6D44AB1D5D5B}] => (Allow) C:\Program Files (x86)\Opera\54.0.2952.71\opera.exe
FirewallRules: [{1C2D9997-7E4A-4C28-B7E3-C28DDB6EB700}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D464B28B-B6FF-44BA-949A-0888F5EF31EE}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
FirewallRules: [{6F144145-A464-43B9-AA8B-5D673F279D4F}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{F2E5491B-C8C1-4816-A6F6-43BD4A4A87CA}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{0638D227-DF18-4470-83AB-0E3221ACCE94}] => (Allow) C:\Program Files (x86)\Opera\55.0.2994.44\opera.exe

==================== Restore Points =========================

01-07-2018 19:47:38 Scheduled Checkpoint
09-07-2018 18:08:59 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/07/2018 04:53:08 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Služba Windows Search byla zastavena, protože došlo k problému s indexovacím modulem Recovery phase failed.

Context: Windows Application, SystemIndex Catalog

Details:
The gatherer is shutting down. (HRESULT : 0x80040d23) (0x80040d23)

Error: (09/07/2018 04:53:08 PM) (Source: Windows Search Service) (EventID: 3602) (User: )
Description: Ve fázi obnovování služby Windows Search došlo k chybě s ID 1邐10. Restartujte službu. Pokud tato chyba potrvá, vytvořte index znovu.

Context: Windows Application, SystemIndex Catalog

Details:
The gatherer is shutting down. (HRESULT : 0x80040d23) (0x80040d23)

Error: (09/07/2018 04:53:05 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: Službě Windows Search se nepodařilo vytvořit nový vyhledávací index. Došlo k vnitřní chybě <10, 0x80071a91, Failed to save Crawl Scope Manager changes: >.

Error: (09/07/2018 04:53:05 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <20, 0x80071a91, >.

Error: (09/07/2018 04:52:50 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest.

Error: (09/07/2018 04:43:59 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest.

Error: (09/07/2018 04:43:59 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest.

Error: (09/07/2018 04:41:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program hitmanpro_x64 (1).exe verze 3.8.0.295 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: fe8

Čas spuštění: 01d446b87a340f72

Čas ukončení: 0

Cesta k aplikaci: C:\Users\martas\Downloads\hitmanpro_x64 (1).exe

ID hlášení: 196015f4-b2ac-11e8-862d-08606e86bfa0

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (09/07/2018 04:53:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Windows Search byla neočekávaně ukončena. Tento stav nastal již 6krát.

Error: (09/07/2018 04:53:17 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Windows Search byla ukončena s následující chybou:
Podpora transakcí v rámci zadaného správce prostředků nebyla spuštěna nebo byla vypnuta z důvodu chyby.

Error: (09/07/2018 04:39:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Windows Search byla neočekávaně ukončena. Tento stav nastal již 5krát.

Error: (09/07/2018 04:39:50 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Windows Search byla ukončena s následující chybou:
Podpora transakcí v rámci zadaného správce prostředků nebyla spuštěna nebo byla vypnuta z důvodu chyby.

Error: (09/07/2018 04:18:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Windows Search byla neočekávaně ukončena. Tento stav nastal již 4krát.

Error: (09/07/2018 04:18:08 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Windows Search byla ukončena s následující chybou:
Podpora transakcí v rámci zadaného správce prostředků nebyla spuštěna nebo byla vypnuta z důvodu chyby.

Error: (09/07/2018 04:14:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Windows Search byla neočekávaně ukončena. Tento stav nastal již 3krát.

Error: (09/07/2018 04:14:22 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Windows Search byla ukončena s následující chybou:
Podpora transakcí v rámci zadaného správce prostředků nebyla spuštěna nebo byla vypnuta z důvodu chyby.


CodeIntegrity:
===================================

Date: 2018-03-13 18:24:47.294
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-03-13 18:24:47.105
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-03-13 18:22:56.444
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-03-13 18:22:51.343
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-03-13 18:22:51.166
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-03-13 14:20:50.489
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-03-13 14:20:50.474
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-03-12 19:37:59.647
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-2100 CPU @ 3.10GHz
Percentage of memory in use: 27%
Total physical RAM: 8143.65 MB
Available physical RAM: 5924.36 MB
Total Virtual: 9423.65 MB
Available Virtual: 7263.9 MB

==================== Drives ================================

Drive c: (Nový svazek) (Fixed) (Total:931.51 GB) (Free:102.95 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive f: (Nový svazek) (Fixed) (Total:931.51 GB) (Free:536.52 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 8A55DA83)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 379EE3BB)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

-------------------------------
# Malwarebytes AdwCleaner 7.2.3.1
# -------------------------------
# Build: 09-03-2018
# Database: 2018-09-06.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-07-2018
# Duration: 00:00:19
# OS: Windows 8.1 Pro
# Cleaned: 29
# Failed: 0


***** [ Services ] *****

Deleted scan

***** [ Folders ] *****

Deleted C:\ProgramData\PARETOLOGIC
Deleted C:\Program Files (x86)\PARETOLOGIC
Deleted C:\Program Files (x86)\Common Files\PARETOLOGIC
Deleted C:\Users\martas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PARETOLOGIC

***** [ Files ] *****

Deleted C:\Users\martas\Desktop\ParetoLogic PC Health Advisor.lnk
Deleted C:\Users\martas\Downloads\SpyHunter-Installer.exe

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\Tasks\PC Health Advisor Defrag.job
Deleted C:\Windows\Tasks\PC Health Advisor.job

***** [ Registry ] *****

Deleted HKCU\Software\ParetoLogic
Deleted HKLM\Software\Wow6432Node\ParetoLogic
Deleted HKLM\Software\Classes\CLSID\{94915A56-4D71-4F85-B59C-CC040F5AC6F0}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{4ABDD67C-44E3-42E0-816D-D7F0E54761DF}
Deleted HKLM\Software\Classes\Interface\{4ABDD67C-44E3-42E0-816D-D7F0E54761DF}
Deleted HKLM\Software\Classes\CLSID\{4ABDD67C-44E3-42E0-816D-D7F0E54761DF}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{39A37965-0A96-43A3-870E-821FE5C84B0B}
Deleted HKLM\Software\Classes\TypeLib\{39A37965-0A96-43A3-870E-821FE5C84B0B}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{34F4FEAF-4921-4B5D-8BE5-CA384BFFC2CE}
Deleted HKLM\Software\Classes\TypeLib\{34F4FEAF-4921-4B5D-8BE5-CA384BFFC2CE}
Deleted HKLM\Software\Classes\CLSID\{E5AFF088-92F8-41a9-8CAB-E9CDCCE967AC}
Deleted HKLM\Software\Classes\CLSID\{6DFC0DC7-FDC5-44C2-8B80-5977BA8F8ACC}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{65416821-217D-44BD-9C61-F53398FB1B46}
Deleted HKLM\Software\Classes\Interface\{65416821-217D-44BD-9C61-F53398FB1B46}
Deleted HKLM\Software\Classes\CLSID\{65416821-217D-44BD-9C61-F53398FB1B46}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3CBF3EBB-235D-4c29-A68B-2BB1F428586E}
Deleted HKLM\SOFTWARE\Classes\Unknown\shell\openas\command|PC Health Advisor.old
Deleted HKLM\Software\Wow6432Node\BDSERVICES\APPS\{3CBF3EBB-235D-4c29-A68B-2BB1F428586E}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted Skiareál Telnice
Deleted Softonic EN

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3710 octets] - [07/09/2018 17:31:04]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Dejte nový log FRST.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.09.2018 03
Ran by martas (administrator) on POCITAC (07-09-2018 18:58:43)
Running from C:\Users\martas\Desktop
Loaded Profiles: martas (Available Profiles: martas)
Platform: Windows 8.1 Pro (X64) Language: Angličtina (Spojené státy)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Digital Care Solutions (ParetoLogic)) C:\Program Files\BDServices\BitDefenderCOM.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\HitmanPro.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8029576 2016-11-03] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-04-28] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-08-29] (AVAST Software)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1187864 2018-03-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKU\S-1-5-21-410913589-2423398816-1494011779-1001\...\Run: [AdobeBridge] => [X]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\updateSteam.bat [2018-02-04] ()
Startup: C:\Users\martas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2017-04-27]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{483C3A77-A667-4CBC-8E89-A5CC4B3B4AE0}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-410913589-2423398816-1494011779-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-12-29] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-05-29] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-05-29] (Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-12-29] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-12-29] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-12-29] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-12-29] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-12-29] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-12-29] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-12-29] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-12-29] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-12-29] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-05-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-05-29] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-12-29] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)
FF Plugin HKU\S-1-5-21-410913589-2423398816-1494011779-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\martas\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.google.com","hxxps://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\martas\AppData\Local\Google\Chrome\User Data\Default [2018-09-07]
CHR Extension: (Adblock Plus) - C:\Users\martas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-08-30]
CHR Extension: (Adobe Acrobat) - C:\Users\martas\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-05-24]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\martas\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-08-22]
CHR Extension: (Avast Online Security) - C:\Users\martas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-04-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\martas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Chrome Media Router) - C:\Users\martas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-07-26]
CHR Profile: C:\Users\martas\AppData\Local\Google\Chrome\User Data\System Profile [2017-12-29]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
OPR Extension: (Translator) - C:\Users\martas\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnbpedcoekjafichoehopgaaldogogch [2018-08-25]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7994520 2018-08-29] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-08-29] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software)
R2 BitDefenderCOM; C:\Program Files\BDServices\BitDefenderCom.exe [1039352 2018-02-26] (Digital Care Solutions (ParetoLogic))
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7780528 2018-01-15] (Microsoft Corporation)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [136512 2018-09-07] (SurfRight B.V.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [199712 2018-08-29] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [229384 2018-08-29] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201320 2018-08-29] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346664 2018-08-29] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59568 2018-08-29] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [249016 2018-08-29] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46968 2018-08-29] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [163272 2018-08-29] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111864 2018-08-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87904 2018-08-29] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1027720 2018-08-29] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [467320 2018-09-04] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [215728 2018-09-05] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381560 2018-08-29] (AVAST Software)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [118848 2016-08-09] (Advanced Micro Devices)
R3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [55232 2018-09-07] ()
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [259360 2018-09-07] (Malwarebytes)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [442848 2018-02-23] (BitDefender S.R.L.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-07 18:58 - 2018-09-07 18:58 - 000014693 _____ C:\Users\martas\Desktop\FRST.txt
2018-09-07 17:28 - 2018-09-07 17:31 - 000000000 ____D C:\AdwCleaner
2018-09-07 17:28 - 2018-09-07 17:28 - 007571152 _____ (Malwarebytes) C:\Users\martas\Downloads\adwcleaner_7.2.3.1.exe
2018-09-07 16:53 - 2018-09-07 18:56 - 000000000 ____D C:\FRST
2018-09-07 16:52 - 2018-09-07 16:52 - 002413056 _____ (Farbar) C:\Users\martas\Desktop\FRST64.exe
2018-09-07 16:24 - 2018-09-07 17:33 - 000055232 _____ C:\Windows\system32\Drivers\hitmanpro37.sys
2018-09-07 16:24 - 2018-09-07 16:38 - 000001916 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2018-09-07 16:24 - 2018-09-07 16:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2018-09-07 16:24 - 2018-09-07 16:24 - 000000000 ____D C:\Program Files\HitmanPro
2018-09-07 16:23 - 2018-09-07 16:24 - 000000000 ____D C:\ProgramData\HitmanPro
2018-09-07 12:29 - 2018-09-07 12:29 - 000000448 _____ C:\Windows\Tasks\PC Health Advisor Update.job
2018-09-07 12:28 - 2018-09-07 16:00 - 000000000 ____D C:\Program Files\BDServices
2018-09-07 12:06 - 2018-09-07 12:06 - 000000000 ____D C:\Users\martas\AppData\Local\mbam
2018-09-03 18:01 - 2018-09-07 17:32 - 000259360 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-09-03 15:18 - 2018-09-03 15:18 - 005538887 _____ C:\Users\martas\Downloads\pracovni-listy-09.pdf
2018-09-01 19:48 - 2018-09-01 20:27 - 733745682 _____ C:\Users\martas\Downloads\Chceš mě, chci tě (2009 CZdab)..avi
2018-09-01 18:19 - 2018-09-01 19:01 - 778352640 _____ C:\Users\martas\Downloads\POD-JEDNOU-STRECHOU---CZ-dvdrip.avi
2018-09-01 13:10 - 2018-09-01 15:34 - 2659449451 _____ C:\Users\martas\Downloads\PŘÍŠERKY SRO 2001 CZ DUBBING.mkv
2018-09-01 12:27 - 2018-09-01 12:27 - 000027826 _____ C:\Users\martas\Downloads\kostky---pravidla.pdf
2018-08-29 17:54 - 2018-08-29 20:42 - 3077603328 _____ C:\Users\martas\Downloads\Bolt.Pes.Pro.Kazdy.Pripad_CZ_dabing_Top_kvalita_KIM.CZ.avi.crdownload
2018-08-29 10:27 - 2018-08-29 10:27 - 000379608 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-08-14 15:56 - 2018-08-14 15:56 - 000129716 _____ C:\Users\martas\Downloads\hausaufgaben_modul_3_cz.pdf
2018-08-13 23:59 - 2018-08-28 22:41 - 000000000 ____D C:\Users\martas\AppData\Local\CrashDumps

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-07 17:47 - 2016-11-11 16:54 - 000000000 ____D C:\Users\martas\AppData\Local\Adobe
2018-09-07 17:41 - 2016-11-05 16:31 - 000000000 ____D C:\Program Files (x86)\Opera
2018-09-07 17:32 - 2016-11-05 16:14 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2018-09-07 17:32 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-09-06 19:49 - 2016-11-05 20:23 - 000000000 ____D C:\Users\martas\AppData\Roaming\vlc
2018-09-06 18:12 - 2016-11-06 10:45 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2018-09-05 21:41 - 2017-12-22 04:07 - 000000000 ____D C:\Users\martas\AppData\Roaming\XnView
2018-09-05 21:23 - 2016-11-05 14:47 - 000000000 ____D C:\Users\martas
2018-09-05 18:30 - 2016-11-06 10:45 - 000215728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-09-04 18:20 - 2016-11-06 10:45 - 000467320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-09-03 20:13 - 2016-05-15 09:55 - 000000000 ____D C:\Users\martas\Desktop\Montessori
2018-09-03 18:00 - 2017-04-29 15:54 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-09-02 20:36 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2018-09-01 16:00 - 2018-03-14 17:46 - 000000000 ____D C:\Users\martas\Desktop\terapie
2018-08-31 15:03 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2018-08-29 18:59 - 2015-03-03 00:32 - 000000000 ____D C:\Pohádky
2018-08-29 10:29 - 2016-11-06 10:45 - 000087904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-08-29 10:27 - 2017-11-20 17:10 - 000199712 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-08-29 10:27 - 2016-11-06 10:45 - 000381560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-08-29 10:27 - 2016-11-06 10:45 - 000163272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-08-29 10:27 - 2016-11-06 10:45 - 000111864 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-08-29 10:27 - 2016-11-06 10:45 - 000046968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-08-29 10:26 - 2016-11-06 10:45 - 001027720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-08-29 10:25 - 2017-12-28 02:22 - 000249016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-08-29 10:25 - 2017-03-17 20:50 - 000346664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-08-29 10:25 - 2017-03-17 20:50 - 000229384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-08-29 10:25 - 2017-03-17 20:50 - 000201320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-08-29 10:25 - 2017-03-17 20:50 - 000059568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-08-26 11:48 - 2017-03-04 06:11 - 000002374 _____ C:\Users\martas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive pro firmy.lnk
2018-08-23 01:59 - 2016-11-05 16:25 - 000704248 _____ C:\Windows\system32\perfh005.dat
2018-08-23 01:59 - 2016-11-05 16:25 - 000143628 _____ C:\Windows\system32\perfc005.dat
2018-08-23 01:59 - 2016-11-05 14:44 - 001658450 _____ C:\Windows\system32\PerfStringBackup.INI
2018-08-22 16:17 - 2018-04-05 14:36 - 000002452 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-08-22 16:17 - 2018-04-05 14:36 - 000002417 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2018-08-18 14:12 - 2017-05-24 10:55 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-08-10 15:44 - 2017-05-04 23:05 - 000002255 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-08-10 15:44 - 2017-05-04 23:05 - 000002214 _____ C:\Users\Public\Desktop\Google Chrome.lnk

==================== Files in the root of some directories =======

2017-01-23 13:01 - 2017-01-23 13:02 - 000000132 _____ () C:\Users\martas\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2017-12-19 03:12 - 2017-12-19 03:12 - 000001480 _____ () C:\Users\martas\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2017-04-30 14:07 - 2017-04-30 14:07 - 000000017 _____ () C:\Users\martas\AppData\Local\resmon.resmoncfg

Some files in TEMP:
====================
2016-11-18 13:56 - 2015-03-05 09:54 - 002212008 _____ (Adobe Systems Incorporated) C:\Users\martas\AppData\Local\Temp\AdobeApplicationManager.exe
2017-04-29 15:47 - 2017-04-29 15:47 - 000739904 _____ (Oracle Corporation) C:\Users\martas\AppData\Local\Temp\jre-8u131-windows-au.exe
2017-03-02 21:52 - 2015-07-31 16:06 - 000242864 ____R (Microsoft Corporation) C:\Users\martas\AppData\Local\Temp\ose00000.exe
2017-03-02 22:08 - 2015-07-31 16:06 - 000242864 ____R (Microsoft Corporation) C:\Users\martas\AppData\Local\Temp\ose00001.exe
2017-03-22 00:04 - 2017-03-22 00:04 - 000040448 ____N () C:\Users\martas\AppData\Local\Temp\proxy_vole1662434896599758537.dll
2017-03-22 00:08 - 2017-03-22 00:08 - 000040448 ____N () C:\Users\martas\AppData\Local\Temp\proxy_vole3189023915511549807.dll
2017-03-22 00:11 - 2017-03-22 00:11 - 000040448 ____N () C:\Users\martas\AppData\Local\Temp\proxy_vole8214625168139902872.dll
2018-03-02 01:46 - 2018-03-02 01:46 - 000280328 _____ (ParetoLogic, Inc.) C:\Users\martas\AppData\Local\Temp\uninstall.exe
2017-07-01 18:20 - 2017-07-01 18:20 - 014456872 _____ (Microsoft Corporation) C:\Users\martas\AppData\Local\Temp\vc_redist.x86.exe
2017-11-21 01:51 - 2017-11-21 01:51 - 030950664 _____ () C:\Users\martas\AppData\Local\Temp\vlc-2.2.6-win32.exe
2018-06-12 01:11 - 2018-06-12 01:11 - 040184976 _____ () C:\Users\martas\AppData\Local\Temp\vlc-3.0.3-win32.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-07-17 09:35

==================== End of FRST.txt ============================

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKU\S-1-5-21-410913589-2423398816-1494011779-1001\...\Run: [AdobeBridge] => [X]
C:\Users\martas\AppData\Local\Temp

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Omlouvám se. Možná jsem udělal chybu, připadalo mě, že se to seklo, tak jsem ten program zastavil a pustil znovu od začátku, to ale vypadalo, že to jen dokončil restartem a výpisem. Nicméně se sám spustil chrome po restartu a vyskočilo okno clearload.bit kvůli kterému jsem tady.

Fix result of Farbar Recovery Scan Tool (x64) Version: 01.09.2018 03
Ran by martas (07-09-2018 20:36:07) Run:2
Running from C:\Users\martas\Desktop
Loaded Profiles: martas (Available Profiles: martas)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKU\S-1-5-21-410913589-2423398816-1494011779-1001\...\Run: [AdobeBridge] => [X]
C:\Users\martas\AppData\Local\Temp

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => not found
"HKU\S-1-5-21-410913589-2423398816-1494011779-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge" => not found

"C:\Users\martas\AppData\Local\Temp" folder move:

Could not move "C:\Users\martas\AppData\Local\Temp" => Scheduled to move on reboot.


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 2103976 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => -704 B
Edge => 0 B
Chrome => 8461322 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 781 B
NetworkService => 0 B
martas => 10003 B

RecycleBin => 26156157 B
EmptyTemp: => 43 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 07-09-2018 20:51:22)

C:\Users\martas\AppData\Local\Temp => Could not move

==== End of Fixlog 20:51:24 ====

OK. Nastala nějaká změna?

No právěže se zase sám od sebe spustil chrome, což by neměl a naskočily stránky clearload.bit což je nějaký bordel.

Zkusíme vyčistit prohlížeče. Spusťte postupně tyto utility:

1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: https://www.bleepingcomputer.com/downlo ... oval-tool/
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by martas on p  07. 09. 2018 at 22:05:38,22.
Microsoft Windows 8.1 Pro 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\martas\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

7. 9. 2018 22:12:07 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\Program Files\Common Files\AV deleted successfully
C:\Users\martas\AppData\Roaming\.minecraft deleted successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\found.000 deleted
C:\found.001 deleted
C:\found.002 deleted
C:\found.003 deleted
C:\found.004 deleted
C:\found.005 deleted
C:\found.006 deleted
C:\found.007 deleted
C:\found.008 deleted
C:\found.009 deleted
C:\found.010 deleted
C:\found.011 deleted
C:\found.013 deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\martas\AppData\Local\Unity deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\martas\AppData\LocalLow\Unity deleted
C:\Windows\tasks\PC Health Advisor Update.job deleted
"C:\Users\martas\AppData\Local\AVAST Software\APM\martas\kv_pam.db" not deleted
"C:\found.012" deleted
"C:\Users\martas\AppData\Local\AVAST Software" not deleted
"C:\Users\martas\AppData\Local\AVAST Software\APM" not deleted
"C:\Users\martas\AppData\Local\AVAST Software\APM\martas" not deleted

==== Firefox XPI-files found: ======================

- Undetermined - C:\Program Files\Adobe\Adobe Audition CC 2015\MXFHandler.xpi
- Undetermined - C:\Program Files\Adobe\Adobe Audition CC 2015\REDHandler.xpi
- Undetermined - C:\Program Files\Adobe\Adobe Audition CC 2015\Plug-Ins\XMPFiles\MXFHandler.xpi
- Undetermined - C:\Program Files\Adobe\Adobe Audition CC 2015\Plug-Ins\XMPFiles\REDHandler.xpi
- __MSG_avastAppName__ - C:\Program Files\AVAST Software\Avast\SafePrice\FF\sp@avast.com.xpi
- Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF\wrc@avast.com.xpi

==== Chromium Look ======================

Google Chrome Version: 68.0.3440.106
Opera Browser Version: 54.0.2952.71
Opera Browser Version: 55.0.2994.44

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - No path found[]
eofcbnmajmjmplflapaojjnihcjkigck - No path found[]
gomekmidlodglbbmalcneegieacbdmki - No path found[]

Avast Online Security - martas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Chrome Media Router - martas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
Translator - martas\Appdata\Roaming\Opera Software\Opera Stable\Extensions\cnbpedcoekjafichoehopgaaldogogch

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IESR02

==== Reset Google Chrome ======================

C:\Users\martas\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\martas\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\martas\AppData\Local\Google\Chrome\User Data\System Profile\Preferences was reset successfully
C:\Users\martas\AppData\Local\Google\Chrome\User Data\System Profile\Secure Preferences was reset successfully
C:\Users\martas\Appdata\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\martas\Appdata\Roaming\Opera Software\Opera Stable\Preferences.backup was reset successfully
C:\Users\martas\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\martas\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\martas\AppData\Local\Google\Chrome\User Data\System Profile\Web Data was reset successfully
C:\Users\martas\AppData\Local\Google\Chrome\User Data\System Profile\Web Data-journal was reset successfully
C:\Users\martas\Appdata\Roaming\Opera Software\Opera Stable\Web Data was reset successfully
C:\Users\martas\Appdata\Roaming\Opera Software\Opera Stable\Web Data-journal was reset successfully

==== Deleting Registry Keys ======================

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\martas\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\martas\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\martas\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\martas\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1485 folders=612 3193400448 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\martas\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\martas\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\martas\AppData\Local\AVAST Software\APM\martas\kv_pam.db" not found
"C:\Users\martas\AppData\Local\AVAST Software" not found

==== EOF on p  07. 09. 2018 at 22:58:53,20 ======================

Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 8.1 Pro x64
Ran by martas (Administrator) on p  07. 09. 2018 at 23:14:52,15
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0




Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p  07. 09. 2018 at 23:20:49,93
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Tak ráno jsem to zapnul a pořád stejná písnička. Nezmizelo to.

Zkusíme ještě Chrome přeinstalovat. Chrome zazálohujte pomocí ChromeBackup: http://www.stahuj.cz/internet_a_site/pr ... me-backup/ . Pak chrome lompletně odinstalujte vč. jeho profilu (podadresáře Chrome v c:\users\martas\appdata\local, c:\users\martas\appdata\roaming, c:\users\martas\data aplikací, c:\users\martas\local settings a v c:\program data musí být smazány). Potom znova Chrome nainstalujte a zpět ze zálohy nakopírujte pouze záložky a hesla.