Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-02-2021
Ran by Pavel-BLACK PC (06-02-2021 08:18:11)
Running from C:\Users\Pavel-BLACK PC\Downloads
Windows 10 Pro Version 20H2 19042.631 (X64) (2021-02-06 03:12:38)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3026336146-1677301123-4024542510-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3026336146-1677301123-4024542510-503 - Limited - Disabled)
Guest (S-1-5-21-3026336146-1677301123-4024542510-501 - Limited - Disabled)
Pavel-BLACK PC (S-1-5-21-3026336146-1677301123-4024542510-1001 - Administrator - Enabled) => C:\Users\Pavel-BLACK PC
WDAGUtilityAccount (S-1-5-21-3026336146-1677301123-4024542510-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Dr.Web Security Space (Enabled - Up to date) {0A56AC17-36B3-8320-3A3C-9B74469F0756}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Dr.Web Firewall (Enabled) {326D2D32-7CDC-8278-1163-3241B84C402D}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Dr.Web Security Space (HKLM\...\{5352DB49-883D-4b64-8443-DA7B80C33ED5}) (Version: 12.0 - Doctor Web, Ltd.)
FreeFixer (HKLM-x32\...\FreeFixer1.19) (Version: 1.19 - Kephyr)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.150 - Google LLC)
HWiNFO64 Version 6.40 (HKLM\...\HWiNFO64_is1) (Version: 6.40 - Martin Malik - REALiX)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 84.0.522.52 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.133.5 - )
Microsoft OneDrive (HKU\S-1-5-21-3026336146-1677301123-4024542510-1001\...\OneDriveSetup.exe) (Version: 19.043.0304.0013 - Microsoft Corporation)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.9.2 - Notepad++ Team)
NVIDIA Ovladače grafiky 432.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 432.00 - NVIDIA Corporation)
Process Hacker 2.39 (r124) (HKLM\...\Process_Hacker2_is1) (Version: 2.39.0.124 - wj32)

Packages:
=========
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_1.1911.21713.0_x64__8wekyb3d8bbwe [2019-12-07] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2019-12-07] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2019-12-07] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.25.20211.0_x64__8wekyb3d8bbwe [2019-12-07] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-02-06] (NVIDIA Corp.)
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2019-12-07] (Microsoft Corporation) [MS Ad]
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c [2019-12-07] (Skype)
Váš telefon -> C:\Program Files\WindowsApps\Microsoft.YourPhone_0.19051.7.0_x64__8wekyb3d8bbwe [2019-12-07] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2020-12-31] (Notepad++ -> )
ContextMenuHandlers1-x32: [DrwMenuHandlers] -> {E7593602-124B-47C9-9F73-A69308EDC973} => C:\Program Files\DrWeb\drwsxtn.dll [2021-02-06] (Doctor Web Ltd. -> Doctor Web, Ltd.)
ContextMenuHandlers1: [DrwMenuHandlers64] -> {035B18F9-A217-44d5-91C9-B682C33C1078} => C:\Program Files\DrWeb\drwsxtn64.dll [2021-02-06] (Doctor Web Ltd. -> Doctor Web, Ltd.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_90685a092bcf58c7\nvshext.dll [2019-10-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6-x32: [DrwMenuHandlers] -> {E7593602-124B-47C9-9F73-A69308EDC973} => C:\Program Files\DrWeb\drwsxtn.dll [2021-02-06] (Doctor Web Ltd. -> Doctor Web, Ltd.)
ContextMenuHandlers6: [DrwMenuHandlers64] -> {035B18F9-A217-44d5-91C9-B682C33C1078} => C:\Program Files\DrWeb\drwsxtn64.dll [2021-02-06] (Doctor Web Ltd. -> Doctor Web, Ltd.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DrWebEngine => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DrWebEngine => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3026336146-1677301123-4024542510-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 212.111.1.10
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{020D1F90-EF99-4800-9BE4-EF8EBD6920AA}] => (Allow) C:\Program Files\DrWeb\dwservice.exe (Doctor Web Ltd. -> Doctor Web, Ltd.)
FirewallRules: [{AED54770-A29A-4E41-B5F3-256EF4F725D1}] => (Allow) C:\Program Files\DrWeb\spideragent.exe (Doctor Web Ltd. -> Doctor Web, Ltd.)
FirewallRules: [{2CAC0EE8-092C-4052-BF83-DE1716BC72AE}] => (Allow) C:\Program Files\DrWeb\dwnetfilter.exe (Doctor Web Ltd. -> Doctor Web, Ltd.)
FirewallRules: [{D734B240-3C5B-4F9C-ADC2-26C1EF9A9955}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:111.19 GB) (Free:58.11 GB) (52%)

==================== Faulty Device Manager Devices ============

Name: Řadič sběrnice SM 
Description: Řadič sběrnice SM 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (02/06/2021 07:39:20 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0x800704CF
Argument příkazového řádku:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (02/06/2021 06:36:58 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0x800704CF
Argument příkazového řádku:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (02/06/2021 05:22:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: gmer.exe, verze: 2.2.19882.0, časové razítko: 0x56e2cdca
Název chybujícího modulu: gmer.exe, verze: 2.2.19882.0, časové razítko: 0x56e2cdca
Kód výjimky: 0xc0000005
Posun chyby: 0x0008dbb4
ID chybujícího procesu: 0xb5c
Čas spuštění chybující aplikace: 0x01d6fc3f86103322
Cesta k chybující aplikaci: C:\Users\Pavel-BLACK PC\Desktop\gmer.exe
Cesta k chybujícímu modulu: C:\Users\Pavel-BLACK PC\Desktop\gmer.exe
ID zprávy: 8e11e940-d9f5-466f-b382-4a38d7a8cdba
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (02/06/2021 04:55:59 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0x800704CF
Argument příkazového řádku:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (02/06/2021 04:17:11 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0x800704CF
Argument příkazového řádku:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=UserLogon;SessionId=2

Error: (02/06/2021 04:15:35 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0x800704CF
Argument příkazového řádku:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=TimerEvent

Error: (02/06/2021 04:12:27 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Služba Šifrování neinicializovala databázi katalogu. Chyba součásti ESENT: -1409.


System errors:
=============
Error: (02/06/2021 06:36:31 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: Počítač byl restartován z procesu kontroly chyb. Kontrola chyb: 0x000000ef (0xffff9404e143d040, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000). Výpis byl uložen do: C:\Windows\MEMORY.DMP. ID hlášení: 35929552-e133-431a-b4bf-92d12ea62968

Error: (02/06/2021 06:36:31 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (6:00:59, ‎06.‎02.‎2021) bylo neočekávané.

Error: (02/06/2021 06:34:46 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-QPUH97D)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru: 
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (02/06/2021 06:34:36 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-QPUH97D)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby WSearch s argumenty Není k dispozici za účelem spuštění serveru: 
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (02/06/2021 06:34:34 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-QPUH97D)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru: 
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (02/06/2021 06:34:24 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-QPUH97D)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby WSearch s argumenty Není k dispozici za účelem spuštění serveru: 
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (02/06/2021 06:34:22 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-QPUH97D)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru: 
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (02/06/2021 06:34:13 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-QPUH97D)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru: 
{DD522ACC-F821-461A-A407-50B198B896DC}


CodeIntegrity:
===================================

Date: 2021-02-06 07:40:06.4280000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\DrWeb\drwamsi64.dll that did not meet the Windows signing level requirements.

Date: 2021-02-06 07:40:06.4230000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\DrWeb\drwamsi64.dll that did not meet the Windows signing level requirements.

Date: 2021-02-06 07:40:06.4140000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\DrWeb\drwamsi64.dll that did not meet the Windows signing level requirements.

Date: 2021-02-06 06:40:32.9250000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\DrWeb\drwamsi64.dll that did not meet the Windows signing level requirements.

Date: 2021-02-06 06:40:32.9200000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\DrWeb\drwamsi64.dll that did not meet the Windows signing level requirements.

Date: 2021-02-06 06:40:32.8250000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\DrWeb\drwamsi64.dll that did not meet the Windows signing level requirements.

Date: 2021-02-06 06:39:34.4850000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\DrWeb\drwamsi64.dll that did not meet the Microsoft signing level requirements.

Date: 2021-02-06 06:39:34.4770000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\DrWeb\drwamsi64.dll that did not meet the Microsoft signing level requirements.

==================== Memory info =========================== 

BIOS: American Megatrends Inc. 2907 03/11/2016
Motherboard: ASUSTeK COMPUTER INC. Z97-P
Processor: Intel(R) Core(TM) i5-4690K CPU @ 3.50GHz
Percentage of memory in use: 20%
Total physical RAM: 24513.75 MB
Available physical RAM: 19439.23 MB
Total Virtual: 28481.75 MB
Available Virtual: 22747.1 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.19 GB) (Free:58.11 GB) NTFS
Drive d: (ESD-USB) (Removable) (Total:29.28 GB) (Free:6.81 GB) FAT32

\\?\Volume{a97c72ee-4879-42dd-b476-fdfc7934bd05}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS
\\?\Volume{8108e1fc-5a3a-4431-817c-97f33541e58e}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 29.3 GB) (Disk ID: 636B180A)
Partition 1: (Active) - (Size=29.3 GB) - (Type=0C)

==================== End of Addition.txt =======================