Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24-10-2020
Ran by lvoch (25-10-2020 18:24:07)
Running from C:\Users\lvoch\Desktop
Microsoft Windows 10 Home Version 2009 19042.572 (X86) (2020-10-24 21:44:25)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4020057098-1270663766-1106944411-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4020057098-1270663766-1106944411-503 - Limited - Disabled)
Guest (S-1-5-21-4020057098-1270663766-1106944411-501 - Limited - Disabled)
lvoch (S-1-5-21-4020057098-1270663766-1106944411-1001 - Administrator - Enabled) => C:\Users\lvoch
WDAGUtilityAccount (S-1-5-21-4020057098-1270663766-1106944411-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.445 - Adobe)
AMD Catalyst Control Center (HKLM\...\WUCCCApp) (Version: 1.00.0000 - AMD)
DriverMax 12 (HKLM\...\DMX5_is1) (Version: 12.11.0.6 - Innovative Solutions)
IrfanView 4.56 (32-bit) (HKLM\...\IrfanView) (Version: 4.56 - Irfan Skiljan)
Microsoft Edge (HKLM\...\Microsoft Edge) (Version: 86.0.622.51 - Microsoft Corporation)
Microsoft Edge Update (HKLM\...\Microsoft Edge Update) (Version: 1.3.135.49 - )
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4020057098-1270663766-1106944411-1001\...\OneDriveSetup.exe) (Version: 20.169.0823.0006 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Mozilla Firefox 82.0 (x86 cs) (HKLM\...\Mozilla Firefox 82.0 (x86 cs)) (Version: 82.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 78.4.0 - Mozilla)
Mozilla Thunderbird 78.4.0 (x86 cs) (HKLM\...\Mozilla Thunderbird 78.4.0 (x86 cs)) (Version: 78.4.0 - Mozilla)
Zoom (HKU\S-1-5-21-4020057098-1270663766-1106944411-1001\...\ZoomUMX) (Version: 5.3.2 (53291.1011) - Zoom Video Communications, Inc.)

Packages:
=========
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_1.1911.21713.0_x86__8wekyb3d8bbwe [2019-12-07] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x86__8wekyb3d8bbwe [2019-12-07] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x86__8wekyb3d8bbwe [2019-12-07] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.25.20211.0_x86__8wekyb3d8bbwe [2019-12-07] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x86__8wekyb3d8bbwe [2019-12-07] (Microsoft Corporation) [MS Ad]
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x86__kzf8qxf38zg5c [2019-12-07] (Skype)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll [2015-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2015-08-21 21:08 - 2015-08-21 21:08 - 000114688 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-08-21 21:08 - 2015-08-21 21:08 - 000095744 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2020-10-25 07:51 - 2020-10-25 07:51 - 000095744 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.42_none_dc990e4797f81af1\ATL80.DLL

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-4020057098-1270663766-1106944411-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.cz/
SearchScopes: HKU\S-1-5-21-4020057098-1270663766-1106944411-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 07:12 - 2019-12-07 07:10 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4020057098-1270663766-1106944411-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\lvoch\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "GrooveMonitor"
HKU\S-1-5-21-4020057098-1270663766-1106944411-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{59F0ACC6-9A3C-49CF-AB82-8544156C84B6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{46052613-BA45-4D08-8AF8-EB3C0BE7385D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9C0F6AC0-AA4C-4534-92FC-F9FA0E9D72A9}] => (Allow) C:\Users\lvoch\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{D7E487A7-9761-4F01-B815-1D1277C32888}] => (Allow) C:\Users\lvoch\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{BA0D051B-46C7-40DA-B747-59D0F4C70AEC}] => (Allow) C:\Users\lvoch\AppData\Roaming\Zoom\bin\airhost.exe => No File

==================== Restore Points =========================

25-10-2020 12:17:34 DMX_DriverMax Driver Installation
25-10-2020 12:31:15 DMX_DriverMax Driver Installation

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (10/25/2020 12:31:32 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (10/25/2020 12:17:45 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (10/25/2020 12:17:33 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
   Shromažďování dat modulu pro zápis

Kontext:
   ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
   Název modulu pro zápis: System Writer
   ID instance modulu pro zápis: {dccb5149-7c2f-49f5-8e01-a2b4f3560637}

Error: (10/25/2020 07:55:04 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program WWAHost.exe verze 10.0.19041.488 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1aa8

Čas spuštění: 01d6aa9a22ea1590

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\System32\WWAHost.exe

ID hlášení: bf46ab0c-590f-486c-8c5b-c135a5bb4d7c

Úplný název balíčku s chybou: Microsoft.MicrosoftOfficeHub_18.1903.1152.0_x86__8wekyb3d8bbwe

ID aplikace relativní podle balíčku s chybou: Microsoft.MicrosoftOfficeHub

Typ zablokování: Quiesce

Error: (10/25/2020 07:49:21 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (10/24/2020 10:45:10 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0x800704CF
Argument příkazového řádku:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2b1f36bb-c1cd-4306-bf5c-a0367c2d97d8;NotificationInterval=1440;Trigger=TimerEvent

Error: (10/24/2020 10:11:30 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Služba Šifrování neinicializovala databázi katalogu. Chyba součásti ESENT: -1409.


System errors:
=============
Error: (10/25/2020 10:52:18 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-LPMG1SC)
Description: Server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/25/2020 08:22:24 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80240017): Aktualizace antimalwarové platformy programu Windows Defender Antivirus – KB4052623 (verze 4.18.2001.10).

Error: (10/24/2020 10:56:32 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-LPMG1SC)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/24/2020 10:56:31 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-LPMG1SC)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/24/2020 10:56:31 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-LPMG1SC)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/24/2020 10:56:31 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-LPMG1SC)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/24/2020 10:52:46 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x8024200b): Realtek Semiconduct Corp. driver update for Realtek PCIE CardReader.

Error: (10/24/2020 10:52:45 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: RtsPStor.sys


Windows Defender:
===================================
Date: 2020-10-25 18:15:48.5340000Z
Description: 
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuerboos.D!cl&threatid=2147723655&enterprise=0
Název: Trojan:Win32/Fuerboos.D!cl
ID: 2147723655
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\lvoch\Downloads\FRST.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-LPMG1SC\lvoch
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.325.1391.0, AS: 1.325.1391.0, NIS: 1.325.1391.0
Verze modulu: AM: 1.1.17600.5, NIS: 1.1.17600.5

Date: 2020-10-25 18:15:39.7010000Z
Description: 
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuerboos.D!cl&threatid=2147723655&enterprise=0
Název: Trojan:Win32/Fuerboos.D!cl
ID: 2147723655
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\lvoch\Downloads\FRST.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-LPMG1SC\lvoch
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.325.1391.0, AS: 1.325.1391.0, NIS: 1.325.1391.0
Verze modulu: AM: 1.1.17600.5, NIS: 1.1.17600.5

==================== Memory info =========================== 

BIOS: American Megatrends Inc. P11-A2L 09/14/2012
Motherboard: Acer Aspire Z1220
Processor: AMD E2-1800 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 81%
Total physical RAM: 2786.13 MB
Available physical RAM: 524.93 MB
Total Virtual: 4066.13 MB
Available Virtual: 1616.24 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.25 GB) (Free:81.03 GB) NTFS

\\?\Volume{00446f39-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{00446f39-0000-0000-0000-70d61b000000}\ () (Fixed) (Total:0.44 GB) (Free:0.11 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 00446F39)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=449 MB) - (Type=27)

==================== End of Addition.txt =======================