Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-11-2020
Ran by pepin (08-11-2020 17:34:27)
Running from C:\Users\pepin\AppData\Local\Temp\scoped_dir8832_2073550795
Windows 10 Pro Version 2009 19042.572 (X64) (2020-10-22 17:52:46)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-139061250-2846365895-4098680197-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-139061250-2846365895-4098680197-503 - Limited - Disabled)
Guest (S-1-5-21-139061250-2846365895-4098680197-501 - Limited - Disabled)
pepin (S-1-5-21-139061250-2846365895-4098680197-1002 - Administrator - Enabled) => C:\Users\pepin
WDAGUtilityAccount (S-1-5-21-139061250-2846365895-4098680197-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

"Gears of War" (HKLM-x32\...\{7E1AD7D5-AF24-46DF-A58E-C188AA968B7E}_is1) (Version: 1.0.3340.131 - )
«Silent Hill 3» (HKLM-x32\...\{1BB08BE8-6DCA-41DE-9FFD-1C5819B662DD}_is1) (Version:  - Konami Computer Entertainment Tokyo, Inc.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 20.013.20064 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.445 - Adobe)
Counter-Strike 1.6 (HKLM-x32\...\Counter-Strike 1.6) (Version:  - )
Counter-Strike Global Offensive WaRzOnE (HKU\S-1-5-21-139061250-2846365895-4098680197-1002\...\CSGO) (Version:  - CS WaRzOnE)
EAX Unified (HKLM-x32\...\EAX Unified) (Version:  - )
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
FastShare.cz verze 2.4.0 (HKLM-x32\...\FastShare.cz_is1) (Version: 2.4.0 - )
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 86.0.4240.183 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
Hellspy Upload Klient verze 1.0.1 (HKLM-x32\...\{51EB63D9-C679-44D3-8718-E2F083546FBD}_is1) (Version: 1.0.1 - Hellspy.cz)
Java 8 Update 271 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180271F0}) (Version: 8.0.2710.9 - Oracle Corporation)
Mafia (HKLM-x32\...\Mafia) (Version:  - )
Mafia 2 (HKLM-x32\...\Mafia 2_is1) (Version:  - )
Mafia Game (HKLM-x32\...\Mafia Game) (Version:  - )
Malwarebytes version 4.2.2.95 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.2.95 - Malwarebytes)
Manhunt 2 (HKLM-x32\...\Manhunt 2) (Version: 1.00.0000 - Rockstar Games)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 86.0.622.63 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.137.99 - )
Microsoft Games for Windows - LIVE  (HKLM-x32\...\{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}) (Version: 2.0.675.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{97238E8A-4919-4A1E-965A-C6C36938F4CE}) (Version: 2.68.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29112 (HKLM-x32\...\{0f770e99-3916-4b0c-8f9b-83822826bcbf}) (Version: 14.27.29112.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mp3 Editor for Free v5.2.7 Build 79 (HKLM-x32\...\Mp3 Editor for Free_is1) (Version: 5.2.7 Build 79 - Mp3EditorforFree Ltd.)
NVIDIA Ovladače grafiky 452.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 452.11 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
OpenOffice 4.1.5 (HKLM-x32\...\{2FEA9841-64DE-4FA5-A36F-1CD23E2790EB}) (Version: 4.15.9789 - Apache Software Foundation)
Opera GX Stable 71.0.3770.310 (HKU\S-1-5-21-139061250-2846365895-4098680197-1002\...\Opera GX 71.0.3770.310) (Version: 71.0.3770.310 - Opera Software)
Opera Stable 72.0.3815.186 (HKU\S-1-5-21-139061250-2846365895-4098680197-1002\...\Opera 72.0.3815.186) (Version: 72.0.3815.186 - Opera Software)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7548 - Realtek Semiconductor Corp.)
Skype verze 8.65 (HKLM-x32\...\Skype_is1) (Version: 8.65 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
Tony Hawk's Pro Skater HD (HKLM-x32\...\Tony Hawk's Pro Skater HD_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, markfiter)
uTorrent Web (HKU\S-1-5-21-139061250-2846365895-4098680197-1002\...\utweb) (Version: 1.1.1 - BitTorrent, Inc.)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-04-23] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-04-06] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-04-06] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-24] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.958.0_x64__56jybvy8sckqj [2020-10-23] (NVIDIA Corp.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-139061250-2846365895-4098680197-1002_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> C:\Users\pepin\AppData\Local\Microsoft\OneDrive\20.169.0823.0006\MicrosoftListSync.exe => No File
CustomCLSID: HKU\S-1-5-21-139061250-2846365895-4098680197-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-139061250-2846365895-4098680197-1002_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> C:\Users\pepin\AppData\Local\Microsoft\OneDrive\20.169.0823.0006\MicrosoftListSync.exe => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-22] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-22] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-09-11] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2-x32: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlex.dll [2014-09-06] (Alcohol Soft -> Alcohol Soft Development Team)
ContextMenuHandlers2: [AlcoholShellEx64] -> {AF67B665-D752-424E-9A03-C7C218F2844F} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlEx64.dll [2014-09-06] (Alcohol Soft -> Alcohol Soft Development Team)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-22] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-22] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-07-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvhdci.inf_amd64_b4ad56f74ce1544f\nvshext.dll [2020-10-31] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-09-11] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\WINDOWS\system32\frapsv64.dll [105984 2019-08-30] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2019-08-30] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2011-02-18] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2011-02-18] (Electronic Arts -> On2.com)

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============


==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-139061250-2846365895-4098680197-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=BT171101&iDate=2020-10-12 12:08:41&bName=
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\ssv.dll [2020-11-06] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\jp2ssv.dll [2020-11-06] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-139061250-2846365895-4098680197-1002\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2020-05-28 05:46 - 000000878 _____ C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0 serius.mwbsys.com
0.0.0.0 keystone.mwbsys.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-139061250-2846365895-4098680197-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\pepin\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\DSCN0297.JPG
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "VirtualCloneDrive"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-139061250-2846365895-4098680197-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-139061250-2846365895-4098680197-1002\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-139061250-2846365895-4098680197-1002\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-139061250-2846365895-4098680197-1002\...\StartupApproved\Run: => "AlcoholAutomount"
HKU\S-1-5-21-139061250-2846365895-4098680197-1002\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{4D0915B1-09B3-4E60-AF3E-250FCD054D04}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{614742DA-278D-435B-9EC9-39C719015DA3}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{3719A2E7-2EF4-404C-A15B-EE0096AAAAB2}C:\users\pepin\appdata\local\plarium\plariumplay\standaloneapps\raid\224\raid.exe] => (Allow) C:\users\pepin\appdata\local\plarium\plariumplay\standaloneapps\raid\224\raid.exe => No File
FirewallRules: [TCP Query User{A66F1E10-79A1-4794-9906-45829E418282}C:\users\pepin\appdata\local\plarium\plariumplay\standaloneapps\raid\224\raid.exe] => (Allow) C:\users\pepin\appdata\local\plarium\plariumplay\standaloneapps\raid\224\raid.exe => No File
FirewallRules: [{68BA38B6-1E77-4DC4-9FA4-FBB85245C99F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FE4F012E-8C9D-4BE7-8CC6-1F8B42B97BCA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7F2AE004-9934-475A-A15C-064E03402BCA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E17F5196-0FD2-4F0B-A590-8850985E68E6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{124E88C3-8785-4CA2-86B6-C2B2060A2535}] => (Allow) C:\Users\pepin\AppData\Roaming\uTorrent Web\utweb.exe (Jenkins Win Client Build CA -> BitTorrent Inc.) [File not signed]
FirewallRules: [{5DE85F20-EACF-4E1E-ACC6-6B86B289669B}] => (Allow) C:\Users\pepin\AppData\Roaming\uTorrent Web\utweb.exe (Jenkins Win Client Build CA -> BitTorrent Inc.) [File not signed]
FirewallRules: [UDP Query User{8A8E4B94-69E6-49E5-A16A-66ED3F21926D}C:\users\pepin\appdata\local\programs\opera\70.0.3728.178\opera.exe] => (Allow) C:\users\pepin\appdata\local\programs\opera\70.0.3728.178\opera.exe => No File
FirewallRules: [TCP Query User{2E3CB7E5-1E16-46CA-98F3-4078F4032B13}C:\users\pepin\appdata\local\programs\opera\70.0.3728.178\opera.exe] => (Allow) C:\users\pepin\appdata\local\programs\opera\70.0.3728.178\opera.exe => No File
FirewallRules: [UDP Query User{A2729722-2BCF-430C-8027-11B4BFA59E45}C:\users\pepin\appdata\local\programs\opera\68.0.3618.165\opera.exe] => (Block) C:\users\pepin\appdata\local\programs\opera\68.0.3618.165\opera.exe => No File
FirewallRules: [TCP Query User{9E5FAC43-8701-471D-9178-651BBBC76D11}C:\users\pepin\appdata\local\programs\opera\68.0.3618.165\opera.exe] => (Block) C:\users\pepin\appdata\local\programs\opera\68.0.3618.165\opera.exe => No File
FirewallRules: [UDP Query User{3E15A141-575D-4CBB-A869-2DDD795A26D3}C:\users\pepin\appdata\local\programs\opera\68.0.3618.125\opera.exe] => (Allow) C:\users\pepin\appdata\local\programs\opera\68.0.3618.125\opera.exe => No File
FirewallRules: [TCP Query User{C41211A9-81B4-47F6-BFBE-4A8E073200CC}C:\users\pepin\appdata\local\programs\opera\68.0.3618.125\opera.exe] => (Allow) C:\users\pepin\appdata\local\programs\opera\68.0.3618.125\opera.exe => No File
FirewallRules: [UDP Query User{92FEFC80-C835-43E6-BD0F-A767FA17971B}C:\users\pepin\appdata\local\programs\opera\68.0.3618.63\opera.exe] => (Block) C:\users\pepin\appdata\local\programs\opera\68.0.3618.63\opera.exe => No File
FirewallRules: [TCP Query User{FDE72AB2-6043-41CF-8FCD-13791B0ED3DA}C:\users\pepin\appdata\local\programs\opera\68.0.3618.63\opera.exe] => (Block) C:\users\pepin\appdata\local\programs\opera\68.0.3618.63\opera.exe => No File
FirewallRules: [TCP Query User{AA475711-C3DA-4FC0-964E-939B291394C1}C:\users\pepin\appdata\local\programs\opera\71.0.3770.284\opera.exe] => (Allow) C:\users\pepin\appdata\local\programs\opera\71.0.3770.284\opera.exe => No File
FirewallRules: [UDP Query User{40FFE1BF-342B-426C-8AC7-F67FE519CBD3}C:\users\pepin\appdata\local\programs\opera\71.0.3770.284\opera.exe] => (Allow) C:\users\pepin\appdata\local\programs\opera\71.0.3770.284\opera.exe => No File
FirewallRules: [{08CB627B-41BF-4F33-9C6D-F8D15E861E72}] => (Allow) C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe => No File
FirewallRules: [{0818D8BA-FE74-4894-9487-3645A8265C0A}] => (Allow) C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe => No File
FirewallRules: [{DF349A1B-0521-4758-BF55-43DC8FC8D867}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{31D621E9-B9B5-4266-A387-6C81B06BC8E9}] => (Allow) C:\Hry\The Sims 4\Game\Bin\TS4.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{9EC2FF97-A932-48AD-AF82-B0F620C12ECD}] => (Allow) C:\Hry\The Sims 4\Game\Bin\TS4.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{7E679176-BFE2-4EEA-8EFA-D264622A6455}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{951EA67A-C02C-4F72-ADF8-E6F8E9DBD1EF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{7EDBCACC-5155-49D0-90D8-635E73A7C567}] => (Allow) C:\Users\pepin\AppData\Local\Torch\Plugins\Hola\hola_plugin_x64.exe => No File
FirewallRules: [{1E3AD0DA-547D-40A3-A991-DA09C55B16C9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{6BB35EF4-FEDD-4B3A-8479-18E08280A16B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{064880EC-4887-4F50-AB54-7DC9C29C1DC8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{F82433E9-3E65-4268-8A79-4D15614C18D0}C:\games\counter-strike global offensive\csgo.exe] => (Allow) C:\games\counter-strike global offensive\csgo.exe () [File not signed]
FirewallRules: [UDP Query User{1D23A463-471A-4FD9-9E16-8DA014CA00A8}C:\games\counter-strike global offensive\csgo.exe] => (Allow) C:\games\counter-strike global offensive\csgo.exe () [File not signed]
FirewallRules: [TCP Query User{CD86292D-7C81-4EFD-A9A3-7CD8E878FC34}C:\program files (x86)\counter-strike 1.6\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{5F5574FD-DE3D-420C-BE7F-3C95C99A859E}C:\program files (x86)\counter-strike 1.6\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6\hl.exe (Valve) [File not signed]
FirewallRules: [{47DF0615-5499-42C9-84F2-5681A3591016}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe (Valve -> )
FirewallRules: [{F7A968BF-55BE-4ACE-9829-DB8C45E07011}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe (Valve -> )
FirewallRules: [{1C6D650F-2B2C-4219-A885-DDFDB400B9F5}] => (Allow) C:\Games\Gears of War\Binaries\WarGame-G4WLive.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{D03980AF-466F-4D4D-8E01-4E0B6DB77EC0}] => (Allow) C:\Games\Gears of War\Binaries\WarGame-G4WLive.exe (Epic Games Inc. -> Epic Games, Inc.)

==================== Restore Points =========================

05-11-2020 19:19:57 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Myš Microsoft PS/2
Description: Myš Microsoft PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: ========================

Application errors:
==================
Error: (11/08/2020 04:03:31 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: )
Description: Služba Šifrování neinicializovala záložní objekt System Writer systému VSS.

Details:
Could not query the status of the EventSystem service.

System Error:
Probíhá vypnutí systému.
.

Error: (11/08/2020 03:26:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Startup.exe, verze: 1.18.0.0, časové razítko: 0x47320000
Název chybujícího modulu: Startup.exe, verze: 1.18.0.0, časové razítko: 0x47320000
Kód výjimky: 0xc0000005
Posun chyby: 0x00017ea1
ID chybujícího procesu: 0x1ed0
Čas spuštění chybující aplikace: 0x01d6b5db07a8885a
Cesta k chybující aplikaci: C:\Games\Gears of War\Binaries\Startup.exe
Cesta k chybujícímu modulu: C:\Games\Gears of War\Binaries\Startup.exe
ID zprávy: dcc11a1b-af2d-43e5-b469-add014e596de
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (11/07/2020 01:53:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Startup.exe, verze: 1.18.0.0, časové razítko: 0x47320000
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000
ID chybujícího procesu: 0x3ca4
Čas spuštění chybující aplikace: 0x01d6b504f2ce9780
Cesta k chybující aplikaci: C:\Users\pepin\OneDrive\Plocha\Geras of wars crack\2 Crack 1.1\Startup.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 073b6a89-39ec-4bcd-b8d8-0a34c953fcd2
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (11/07/2020 01:48:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Startup.exe, verze: 1.19.0.0, časové razítko: 0x562b029a
Název chybujícího modulu: Startup.exe, verze: 1.19.0.0, časové razítko: 0x562b029a
Kód výjimky: 0xc0000005
Posun chyby: 0x00017ec1
ID chybujícího procesu: 0x268
Čas spuštění chybující aplikace: 0x01d6b5045120309f
Cesta k chybující aplikaci: C:\Games\Gears of War\Binaries\Startup.exe
Cesta k chybujícímu modulu: C:\Games\Gears of War\Binaries\Startup.exe
ID zprávy: 687c2a93-21a0-4b33-be0c-28aee5f42683
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (11/07/2020 01:45:41 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
   Spouštění asynchronní operace

Kontext:
   Aktuální stav: DoSnapshotSet

Error: (11/07/2020 01:43:34 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
   Spouštění asynchronní operace

Kontext:
   Aktuální stav: DoSnapshotSet

Error: (11/07/2020 06:01:16 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (11/07/2020 05:32:54 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Nový svazek (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)


System errors:
=============
Error: (11/08/2020 05:03:28 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-ETR2PAM)
Description: Server Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/08/2020 05:02:38 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_6375e byla ukončena s následující chybou: 
Zařízení není připraveno.

Error: (11/08/2020 04:15:26 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\pepin\AppData\Local\Temp\ehdrv.sys

Error: (11/08/2020 04:15:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby: 
Načtení tohoto ovladače je blokováno.

Error: (11/08/2020 04:15:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby: 
Načtení tohoto ovladače je blokováno.

Error: (11/08/2020 04:15:25 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\pepin\AppData\Local\Temp\ehdrv.sys

Error: (11/08/2020 04:15:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby: 
Načtení tohoto ovladače je blokováno.

Error: (11/08/2020 04:15:25 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\pepin\AppData\Local\Temp\ehdrv.sys


Windows Defender:
===================================
Date: 2020-11-08 16:18:24.9420000Z
Description: 
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Sulunch!rfn&threatid=2147746690&enterprise=0
Název: Trojan:Win32/Sulunch!rfn
ID: 2147746690
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Program Files (x86)\Konami\Silent Hill 3\sh3w1.exe; file:_C:\Program Files (x86)\Konami\Silent Hill 3\sh3w2.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-ETR2PAM\pepin
Název procesu: C:\Users\pepin\AppData\Local\Temp\scoped_dir7664_1191569755\esetonlinescanner.exe
Verze bezpečnostních informací: AV: 1.327.527.0, AS: 1.327.527.0, NIS: 1.327.527.0
Verze modulu: AM: 1.1.17600.5, NIS: 1.1.17600.5

Date: 2020-11-08 16:18:24.8760000Z
Description: 
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Sulunch!rfn&threatid=2147746690&enterprise=0
Název: Trojan:Win32/Sulunch!rfn
ID: 2147746690
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Program Files (x86)\Konami\Silent Hill 3\sh3w1.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-ETR2PAM\pepin
Název procesu: C:\Users\pepin\AppData\Local\Temp\scoped_dir7664_1191569755\esetonlinescanner.exe
Verze bezpečnostních informací: AV: 1.327.527.0, AS: 1.327.527.0, NIS: 1.327.527.0
Verze modulu: AM: 1.1.17600.5, NIS: 1.1.17600.5

Date: 2020-11-08 07:32:50.8240000Z
Description: 
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {A169F855-6783-474B-9694-F822C42B579C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-11-07 07:32:50.2390000Z
Description: 
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {FFF7D240-88B5-48A4-9917-3E8C236C9056}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-11-06 16:23:02.5110000Z
Description: 
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/CryptInject!ml&threatid=2147760506&enterprise=0
Název: Trojan:Win32/CryptInject!ml
ID: 2147760506
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\pepin\AppData\Local\Temp\Rar$DIa16644.37654\Hack.rar
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-ETR2PAM\pepin
Název procesu: C:\Program Files\WinRAR\WinRAR.exe
Verze bezpečnostních informací: AV: 1.327.417.0, AS: 1.327.417.0, NIS: 1.327.417.0
Verze modulu: AM: 1.1.17600.5, NIS: 1.1.17600.5

Date: 2020-11-08 15:55:27.9990000Z
Description: 
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.  
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.

Date: 2020-11-07 05:53:05.8710000Z
Description: 
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 
Předchozí verze bezpečnostních informací: 1.327.473.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání. 

==================== Memory info =========================== 

BIOS: Hewlett-Packard K01 v02.90 07/16/2013
Motherboard: Hewlett-Packard 3397
Processor: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz
Percentage of memory in use: 83%
Total physical RAM: 4040.48 MB
Available physical RAM: 676.54 MB
Total Virtual: 10184.48 MB
Available Virtual: 5106.14 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:464.77 GB) (Free:159.69 GB) NTFS
Drive e: (Nový svazek) (Fixed) (Total:465.76 GB) (Free:1.41 GB) NTFS

\\?\Volume{4592b0e6-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{4592b0e6-0000-0000-0000-605074000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 4592B0E6)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=464.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=516 MB) - (Type=27)

==========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 714C9453)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================