Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-11-2020
Ran by pepin (11-11-2020 17:38:09)
Running from C:\Users\pepin\Downloads
Windows 10 Pro Version 2009 19042.572 (X64) (2020-10-22 17:52:46)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-139061250-2846365895-4098680197-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-139061250-2846365895-4098680197-503 - Limited - Disabled)
Guest (S-1-5-21-139061250-2846365895-4098680197-501 - Limited - Disabled)
pepin (S-1-5-21-139061250-2846365895-4098680197-1002 - Administrator - Enabled) => C:\Users\pepin
WDAGUtilityAccount (S-1-5-21-139061250-2846365895-4098680197-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

"Gears of War" (HKLM-x32\...\{7E1AD7D5-AF24-46DF-A58E-C188AA968B7E}_is1) (Version: 1.0.3340.131 - )
«Silent Hill 3» (HKLM-x32\...\{1BB08BE8-6DCA-41DE-9FFD-1C5819B662DD}_is1) (Version:  - Konami Computer Entertainment Tokyo, Inc.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 20.013.20064 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.453 - Adobe)
Counter-Strike 1.6 (HKLM-x32\...\Counter-Strike 1.6) (Version:  - )
Counter-Strike Global Offensive WaRzOnE (HKU\S-1-5-21-139061250-2846365895-4098680197-1002\...\CSGO) (Version:  - CS WaRzOnE)
Crysis (HKLM-x32\...\Crysis) (Version:  - )
EAX Unified (HKLM-x32\...\EAX Unified) (Version:  - )
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
FastShare.cz verze 2.4.0 (HKLM-x32\...\FastShare.cz_is1) (Version: 2.4.0 - )
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 86.0.4240.193 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
Hellspy Upload Klient verze 1.0.1 (HKLM-x32\...\{51EB63D9-C679-44D3-8718-E2F083546FBD}_is1) (Version: 1.0.1 - Hellspy.cz)
Mafia (HKLM-x32\...\Mafia) (Version:  - )
Mafia 2 (HKLM-x32\...\Mafia 2_is1) (Version:  - )
Mafia Game (HKLM-x32\...\Mafia Game) (Version:  - )
Malwarebytes version 4.2.2.95 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.2.95 - Malwarebytes)
Manhunt 2 (HKLM-x32\...\Manhunt 2) (Version: 1.00.0000 - Rockstar Games)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 86.0.622.63 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.137.99 - )
Microsoft Games for Windows - LIVE  (HKLM-x32\...\{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}) (Version: 2.0.675.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{97238E8A-4919-4A1E-965A-C6C36938F4CE}) (Version: 2.68.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29112 (HKLM-x32\...\{0f770e99-3916-4b0c-8f9b-83822826bcbf}) (Version: 14.27.29112.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mp3 Editor for Free v5.2.7 Build 79 (HKLM-x32\...\Mp3 Editor for Free_is1) (Version: 5.2.7 Build 79 - Mp3EditorforFree Ltd.)
NVIDIA Ovladače grafiky 452.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 452.11 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
OpenOffice 4.1.5 (HKLM-x32\...\{2FEA9841-64DE-4FA5-A36F-1CD23E2790EB}) (Version: 4.15.9789 - Apache Software Foundation)
Opera GX Stable 71.0.3770.323 (HKU\S-1-5-21-139061250-2846365895-4098680197-1002\...\Opera GX 71.0.3770.323) (Version: 71.0.3770.323 - Opera Software)
Opera Stable 72.0.3815.320 (HKU\S-1-5-21-139061250-2846365895-4098680197-1002\...\Opera 72.0.3815.320) (Version: 72.0.3815.320 - Opera Software)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7548 - Realtek Semiconductor Corp.)
Skype verze 8.65 (HKLM-x32\...\Skype_is1) (Version: 8.65 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
Tony Hawk's Pro Skater HD (HKLM-x32\...\Tony Hawk's Pro Skater HD_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, markfiter)
uTorrent Web (HKU\S-1-5-21-139061250-2846365895-4098680197-1002\...\utweb) (Version: 1.1.1 - BitTorrent, Inc.)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-04-23] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-04-06] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-04-06] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-24] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.958.0_x64__56jybvy8sckqj [2020-10-23] (NVIDIA Corp.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-139061250-2846365895-4098680197-1002_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> C:\Users\pepin\AppData\Local\Microsoft\OneDrive\20.169.0823.0006\MicrosoftListSync.exe => No File
CustomCLSID: HKU\S-1-5-21-139061250-2846365895-4098680197-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-139061250-2846365895-4098680197-1002_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> C:\Users\pepin\AppData\Local\Microsoft\OneDrive\20.169.0823.0006\MicrosoftListSync.exe => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-22] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-22] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-22] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-09-11] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2-x32: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlex.dll [2014-09-06] (Alcohol Soft -> Alcohol Soft Development Team)
ContextMenuHandlers2: [AlcoholShellEx64] -> {AF67B665-D752-424E-9A03-C7C218F2844F} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlEx64.dll [2014-09-06] (Alcohol Soft -> Alcohol Soft Development Team)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-22] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-10-22] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-07-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvhdci.inf_amd64_b4ad56f74ce1544f\nvshext.dll [2020-10-31] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-09-11] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\WINDOWS\system32\frapsv64.dll [105984 2019-08-30] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2019-08-30] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2011-02-18] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2011-02-18] (Electronic Arts -> On2.com)

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2015-03-17 00:34 - 2015-03-17 00:34 - 000010240 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\cs_cz\AcroTray.cze
2020-09-11 17:31 - 2020-09-11 17:31 - 000021504 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\cs_cz\Acrobat Elements\ContextMenuShim64.cze
2020-04-12 11:25 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-139061250-2846365895-4098680197-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=BT171101&iDate=2020-10-12 12:08:41&bName=
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-139061250-2846365895-4098680197-1002\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2020-05-28 05:46 - 000000878 _____ C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0 serius.mwbsys.com
0.0.0.0 keystone.mwbsys.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-139061250-2846365895-4098680197-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\pepin\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\DSCN0297.JPG
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "VirtualCloneDrive"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-139061250-2846365895-4098680197-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-139061250-2846365895-4098680197-1002\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-139061250-2846365895-4098680197-1002\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-139061250-2846365895-4098680197-1002\...\StartupApproved\Run: => "AlcoholAutomount"
HKU\S-1-5-21-139061250-2846365895-4098680197-1002\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{4D0915B1-09B3-4E60-AF3E-250FCD054D04}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{614742DA-278D-435B-9EC9-39C719015DA3}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{3719A2E7-2EF4-404C-A15B-EE0096AAAAB2}C:\users\pepin\appdata\local\plarium\plariumplay\standaloneapps\raid\224\raid.exe] => (Allow) C:\users\pepin\appdata\local\plarium\plariumplay\standaloneapps\raid\224\raid.exe => No File
FirewallRules: [TCP Query User{A66F1E10-79A1-4794-9906-45829E418282}C:\users\pepin\appdata\local\plarium\plariumplay\standaloneapps\raid\224\raid.exe] => (Allow) C:\users\pepin\appdata\local\plarium\plariumplay\standaloneapps\raid\224\raid.exe => No File
FirewallRules: [{124E88C3-8785-4CA2-86B6-C2B2060A2535}] => (Allow) C:\Users\pepin\AppData\Roaming\uTorrent Web\utweb.exe (Jenkins Win Client Build CA -> BitTorrent Inc.) [File not signed]
FirewallRules: [{5DE85F20-EACF-4E1E-ACC6-6B86B289669B}] => (Allow) C:\Users\pepin\AppData\Roaming\uTorrent Web\utweb.exe (Jenkins Win Client Build CA -> BitTorrent Inc.) [File not signed]
FirewallRules: [UDP Query User{8A8E4B94-69E6-49E5-A16A-66ED3F21926D}C:\users\pepin\appdata\local\programs\opera\70.0.3728.178\opera.exe] => (Allow) C:\users\pepin\appdata\local\programs\opera\70.0.3728.178\opera.exe => No File
FirewallRules: [TCP Query User{2E3CB7E5-1E16-46CA-98F3-4078F4032B13}C:\users\pepin\appdata\local\programs\opera\70.0.3728.178\opera.exe] => (Allow) C:\users\pepin\appdata\local\programs\opera\70.0.3728.178\opera.exe => No File
FirewallRules: [UDP Query User{A2729722-2BCF-430C-8027-11B4BFA59E45}C:\users\pepin\appdata\local\programs\opera\68.0.3618.165\opera.exe] => (Block) C:\users\pepin\appdata\local\programs\opera\68.0.3618.165\opera.exe => No File
FirewallRules: [TCP Query User{9E5FAC43-8701-471D-9178-651BBBC76D11}C:\users\pepin\appdata\local\programs\opera\68.0.3618.165\opera.exe] => (Block) C:\users\pepin\appdata\local\programs\opera\68.0.3618.165\opera.exe => No File
FirewallRules: [UDP Query User{3E15A141-575D-4CBB-A869-2DDD795A26D3}C:\users\pepin\appdata\local\programs\opera\68.0.3618.125\opera.exe] => (Allow) C:\users\pepin\appdata\local\programs\opera\68.0.3618.125\opera.exe => No File
FirewallRules: [TCP Query User{C41211A9-81B4-47F6-BFBE-4A8E073200CC}C:\users\pepin\appdata\local\programs\opera\68.0.3618.125\opera.exe] => (Allow) C:\users\pepin\appdata\local\programs\opera\68.0.3618.125\opera.exe => No File
FirewallRules: [UDP Query User{92FEFC80-C835-43E6-BD0F-A767FA17971B}C:\users\pepin\appdata\local\programs\opera\68.0.3618.63\opera.exe] => (Block) C:\users\pepin\appdata\local\programs\opera\68.0.3618.63\opera.exe => No File
FirewallRules: [TCP Query User{FDE72AB2-6043-41CF-8FCD-13791B0ED3DA}C:\users\pepin\appdata\local\programs\opera\68.0.3618.63\opera.exe] => (Block) C:\users\pepin\appdata\local\programs\opera\68.0.3618.63\opera.exe => No File
FirewallRules: [TCP Query User{AA475711-C3DA-4FC0-964E-939B291394C1}C:\users\pepin\appdata\local\programs\opera\71.0.3770.284\opera.exe] => (Allow) C:\users\pepin\appdata\local\programs\opera\71.0.3770.284\opera.exe => No File
FirewallRules: [UDP Query User{40FFE1BF-342B-426C-8AC7-F67FE519CBD3}C:\users\pepin\appdata\local\programs\opera\71.0.3770.284\opera.exe] => (Allow) C:\users\pepin\appdata\local\programs\opera\71.0.3770.284\opera.exe => No File
FirewallRules: [{08CB627B-41BF-4F33-9C6D-F8D15E861E72}] => (Allow) C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe => No File
FirewallRules: [{0818D8BA-FE74-4894-9487-3645A8265C0A}] => (Allow) C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe => No File
FirewallRules: [{DF349A1B-0521-4758-BF55-43DC8FC8D867}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{31D621E9-B9B5-4266-A387-6C81B06BC8E9}] => (Allow) C:\Hry\The Sims 4\Game\Bin\TS4.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{9EC2FF97-A932-48AD-AF82-B0F620C12ECD}] => (Allow) C:\Hry\The Sims 4\Game\Bin\TS4.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{7E679176-BFE2-4EEA-8EFA-D264622A6455}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{951EA67A-C02C-4F72-ADF8-E6F8E9DBD1EF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{7EDBCACC-5155-49D0-90D8-635E73A7C567}] => (Allow) C:\Users\pepin\AppData\Local\Torch\Plugins\Hola\hola_plugin_x64.exe => No File
FirewallRules: [{1E3AD0DA-547D-40A3-A991-DA09C55B16C9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{6BB35EF4-FEDD-4B3A-8479-18E08280A16B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{F82433E9-3E65-4268-8A79-4D15614C18D0}C:\games\counter-strike global offensive\csgo.exe] => (Allow) C:\games\counter-strike global offensive\csgo.exe () [File not signed]
FirewallRules: [UDP Query User{1D23A463-471A-4FD9-9E16-8DA014CA00A8}C:\games\counter-strike global offensive\csgo.exe] => (Allow) C:\games\counter-strike global offensive\csgo.exe () [File not signed]
FirewallRules: [TCP Query User{CD86292D-7C81-4EFD-A9A3-7CD8E878FC34}C:\program files (x86)\counter-strike 1.6\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{5F5574FD-DE3D-420C-BE7F-3C95C99A859E}C:\program files (x86)\counter-strike 1.6\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6\hl.exe (Valve) [File not signed]
FirewallRules: [{47DF0615-5499-42C9-84F2-5681A3591016}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe (Valve -> )
FirewallRules: [{F7A968BF-55BE-4ACE-9829-DB8C45E07011}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe (Valve -> )
FirewallRules: [{1C6D650F-2B2C-4219-A885-DDFDB400B9F5}] => (Allow) C:\Games\Gears of War\Binaries\WarGame-G4WLive.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{D03980AF-466F-4D4D-8E01-4E0B6DB77EC0}] => (Allow) C:\Games\Gears of War\Binaries\WarGame-G4WLive.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{D2336DE4-8405-4FF6-8276-7C05F62E1BB9}C:\users\pepin\appdata\local\programs\opera\72.0.3815.186\opera.exe] => (Block) C:\users\pepin\appdata\local\programs\opera\72.0.3815.186\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{71EC2401-2158-4E50-A575-5EADC3E95D2C}C:\users\pepin\appdata\local\programs\opera\72.0.3815.186\opera.exe] => (Block) C:\users\pepin\appdata\local\programs\opera\72.0.3815.186\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{640E9C98-3673-4804-B266-94721CF8C1E6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.74.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3EA75B1E-C03F-4B4C-9CA2-3261DCC047FD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.74.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AD277FD6-7703-47D6-8520-076D143FF424}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.74.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D2152E2A-A69A-4E8B-A777-2A33C71D8487}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.74.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{B7115758-E5F7-4B5A-B1EF-0BBD0EC462E9}C:\program files (x86)\electronic arts\crytek\crysis\bin32\crysis.exe] => (Allow) C:\program files (x86)\electronic arts\crytek\crysis\bin32\crysis.exe (Crytek GmbH) [File not signed]
FirewallRules: [UDP Query User{D4A919AE-BF7E-42E3-B68B-024D308C4A53}C:\program files (x86)\electronic arts\crytek\crysis\bin32\crysis.exe] => (Allow) C:\program files (x86)\electronic arts\crytek\crysis\bin32\crysis.exe (Crytek GmbH) [File not signed]
FirewallRules: [{E7F1451B-BF12-4EDB-A255-EBBD827DCD77}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

05-11-2020 19:19:57 Naplánovaný kontrolní bod
08-11-2020 20:13:31 Removed Java 8 Update 271
11-11-2020 16:45:01 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============

Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Myš Microsoft PS/2
Description: Myš Microsoft PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: ========================

Application errors:
==================
Error: (11/10/2020 09:20:57 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Systém Windows nemůže získat přístup k souboru  z jednoho z těchto důvodů:
došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen, nebo
s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí.
Systém Windows kvůli této chybě ukončil program autorun.exe.

Program: autorun.exe
Soubor: 

Hodnota chyby je uvedena v části Další údaje.
Akce uživatele
1. Otevřete soubor znovu.
Může se jednat o dočasný problém, který se při novém spuštění programu nebude opakovat.
2.
Pokud k souboru stále nelze získat přístup a:
	- Nachází se v síti,
měl by správce sítě ověřit, zda nedošlo k problému se sítí a zda lze server kontaktovat.
	- Je na vyměnitelném disku (například disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen do počítače.
3. Zkontrolujte a opravte systém souborů pomocí nástroje CHKDSK. Ten lze spustit tak, že kliknete na tlačítko Start a příkaz Spustit, zadáte příkaz CMD a kliknete na tlačítko OK. Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte klávesu ENTER.
4. Pokud potíže potrvají, obnovte soubor ze záložní kopie.
5. Zjistěte, zda lze otevřít jiné soubory na stejném disku. Pokud ne, může být disk poškozen. Jedná-li se o pevný disk, obraťte se na správce nebo na dodavatele počítačového hardwaru
se žádostí o pomoc.

Další údaje
Hodnota chyby: C0000102
Typ disku: 0

Error: (11/10/2020 09:20:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: autorun.exe_unknown, verze: 0.0.0.0, časové razítko: 0x4d7e2400
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.546, časové razítko: 0xd49544eb
Kód výjimky: 0xc0000006
Posun chyby: 0x00068788
ID chybujícího procesu: 0xb60
Čas spuštění chybující aplikace: 0x01d6b79db635c426
Cesta k chybující aplikaci: G:\Autorun\autorun.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 92040c95-8dce-4f6d-b7d0-1f5780ab1947
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (11/10/2020 09:20:29 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
   Spouštění asynchronní operace

Kontext:
   Aktuální stav: DoSnapshotSet

Error: (11/08/2020 08:14:58 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (11/08/2020 08:14:58 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (11/08/2020 08:14:58 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (11/08/2020 08:14:58 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (11/08/2020 08:14:58 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.


System errors:
=============
Error: (11/11/2020 02:17:12 AM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.

Error: (11/10/2020 07:20:05 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.

Error: (11/10/2020 07:00:02 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-ETR2PAM)
Description: Server Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/10/2020 06:59:18 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_2841126 byla ukončena s následující chybou: 
Zařízení není připraveno.

Error: (11/09/2020 10:13:59 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-ETR2PAM)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/09/2020 02:17:12 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.

Error: (11/09/2020 10:57:47 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-ETR2PAM)
Description: Server Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/09/2020 10:57:17 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_e6862a byla ukončena s následující chybou: 
Zařízení není připraveno.


Windows Defender:
===================================
Date: 2020-11-11 17:37:42.5340000Z
Description: 
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/PiriformBundler&threatid=277517&enterprise=0
Název: PUA:Win32/PiriformBundler
ID: 277517
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: containerfile:_C:\Users\pepin\Downloads\spsetup132.exe; file:_C:\Users\pepin\Downloads\spsetup132.exe->(nsis-instdata)
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-ETR2PAM\pepin
Název procesu: C:\Users\pepin\Downloads\FRST64.exe
Verze bezpečnostních informací: AV: 1.327.741.0, AS: 1.327.741.0, NIS: 1.327.741.0
Verze modulu: AM: 1.1.17600.5, NIS: 1.1.17600.5

Date: 2020-11-11 06:09:35.3320000Z
Description: 
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {EAF23434-97AF-4374-8319-1B7C4C158D71}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-11-10 20:22:27.8210000Z
Description: 
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=VirTool:Win32/Obfuscator.XZ&threatid=2147625929&enterprise=0
Název: VirTool:Win32/Obfuscator.XZ
ID: 2147625929
Závažnost: Vážné
Kategorie: Nástroj
Cesta: file:_C:\Users\pepin\OneDrive\Plocha\Crysis 3.0\Bin32\CryEA.dll
Původ detekce: Místní počítač
Typ detekce: Heuristika
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-ETR2PAM\pepin
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.327.691.0, AS: 1.327.691.0, NIS: 1.327.691.0
Verze modulu: AM: 1.1.17600.5, NIS: 1.1.17600.5

Date: 2020-11-10 07:09:28.7700000Z
Description: 
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {AD58C380-B442-491A-82CD-9B7614BE86EB}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-11-09 21:36:05.1420000Z
Description: 
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/Presenoker&threatid=242420&enterprise=0
Název: PUA:Win32/Presenoker
ID: 242420
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\pepin\AppData\Local\Temp\nsm8AFE.tmp\mixer.exe; file:_C:\Users\pepin\AppData\Local\Temp\nsqCA3E.tmp\mixer.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-ETR2PAM\pepin
Název procesu: C:\Users\pepin\AppData\Local\Temp\RarSFX0\Crysis3.exe
Verze bezpečnostních informací: AV: 1.327.628.0, AS: 1.327.628.0, NIS: 1.327.628.0
Verze modulu: AM: 1.1.17600.5, NIS: 1.1.17600.5

Date: 2020-11-08 19:56:03.9700000Z
Description: 
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.  
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.

Date: 2020-11-08 15:55:27.9990000Z
Description: 
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.  
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.

Date: 2020-11-07 05:53:05.8710000Z
Description: 
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 
Předchozí verze bezpečnostních informací: 1.327.473.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání. 

==================== Memory info =========================== 

BIOS: Hewlett-Packard K01 v02.90 07/16/2013
Motherboard: Hewlett-Packard 3397
Processor: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz
Percentage of memory in use: 83%
Total physical RAM: 4040.48 MB
Available physical RAM: 686.17 MB
Total Virtual: 10184.48 MB
Available Virtual: 3126.63 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:464.77 GB) (Free:116.94 GB) NTFS
Drive e: (Nový svazek) (Fixed) (Total:465.76 GB) (Free:1.41 GB) NTFS
Drive g: (Crysis_Disk2) (CDROM) (Total:3.44 GB) (Free:0 GB) UDF

\\?\Volume{4592b0e6-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{4592b0e6-0000-0000-0000-605074000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 4592B0E6)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=464.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=516 MB) - (Type=27)

==========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 714C9453)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================