Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-12-2021
Ran by Obchod (10-12-2021 15:04:50)
Running from C:\Users\Obchod\Desktop
Microsoft Windows 10 Home Version 20H2 19042.1348 (X64) (2021-04-02 01:44:36)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2166850603-1525175105-4254810413-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2166850603-1525175105-4254810413-503 - Limited - Disabled)
Guest (S-1-5-21-2166850603-1525175105-4254810413-501 - Limited - Disabled)
Obchod (S-1-5-21-2166850603-1525175105-4254810413-1001 - Administrator - Enabled) => C:\Users\Obchod
WDAGUtilityAccount (S-1-5-21-2166850603-1525175105-4254810413-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AV: McAfee VirusScan (Disabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2166850603-1525175105-4254810413-1001\...\uTorrent) (Version: 3.5.5.46096 - BitTorrent Inc.)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
aTube Catcher verze 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Automuter 2.2 (HKLM-x32\...\Automuter_is1) (Version: - automuter.com)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 21.10.2498 - Avast Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.87 - Piriform)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 12 - CyberLink Corp.)
Dell Customer Connect (HKLM-x32\...\{35BEC446-269E-42E4-8EED-191A38CCFF3D}) (Version: 1.4.10.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{4B38FF9D-7308-411D-93BF-CCF259B476ED}) (Version: 3.5.2013.0 - Dell Products, LP)
Dell SupportAssist (HKLM\...\{A3E44B1D-1AC1-414F-A7D4-0824E0A49F3A}) (Version: 3.9.1.245 - Dell Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.3.6855.72 - Dell)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{900D0BCD-0B86-4DAA-B639-89BE70449569}) (Version: 5.4.1.14954 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{ec40a028-983b-4213-af2c-77ed6f6fe1d5}) (Version: 5.4.1.14954 - Dell Inc.)
Dell Update (HKLM-x32\...\{5EBBC1DA-975F-44A0-B438-F325BCD45577}) (Version: 3.0.1 - Dell Inc.)
DisplayLink Graphics (HKLM\...\{4359E6CE-7162-4B47-BE64-A0B82D47AA07}) (Version: 10.1.2875.0 - DisplayLink Corp.)
Dropbox 20 GB (HKLM-x32\...\{84D8451D-2ED6-3A59-ABA5-2A447F7C6310}) (Version: 4.1.2.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.541.1 - Dropbox, Inc.) Hidden
DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 1.3.6855.72 - PC-Doctor, Inc.) Hidden
FlatOut Demo (HKLM-x32\...\{4B682CF4-9B41-4297-8B13-968B28B864C6}) (Version: 1.01.0000 - Empire Interactive)
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.97.416 - Digital Wave Ltd)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11000.2996 - Intel Corporation)
Intel(R) HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 1.1.0.317 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1025 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel® Software Guard Extensions Platform Software (HKLM\...\{06F94C28-DE1D-485F-AD91-333ACEB3F52D}) (Version: 1.6.100.32677 - Intel Corporation)
Java 8 Update 311 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180311F0}) (Version: 8.0.3110.11 - Oracle Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.9669.4 - Waves Audio Ltd.) Hidden
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0 R18 - McAfee, Inc.)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.14701.20226 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.43 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 96.0.1054.34 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2166850603-1525175105-4254810413-1001\...\OneDriveSetup.exe) (Version: 21.052.0314.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{650c9b4a-60ec-4e4e-8d8e-32d85ce3b7c5}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30040 (HKLM-x32\...\{5c6cccca-61ec-4667-a8d9-e133a59a5a73}) (Version: 14.29.30040.0 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 95.0 (x64 cs)) (Version: 95.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 74.0 - Mozilla)
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14701.20226 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14701.20210 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14701.20226 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
osrss (HKLM-x32\...\{1BA1133B-1C7A-41A0-8CBF-9B993E63D296}) (Version: 1.0.0 - Microsoft Corporation) Hidden
proDAD Adorage 3.0 (HKLM-x32\...\proDAD-Adorage-3.0) (Version: 3.0.114.1 - proDAD GmbH)
Python 3.9.2 (64-bit) (HKU\S-1-5-21-2166850603-1525175105-4254810413-1001\...\{3973ea30-aa45-4804-9840-93a305a0d632}) (Version: 3.9.2150.0 - Python Software Foundation)
Python 3.9.2 Core Interpreter (64-bit) (HKLM\...\{1F050E31-5E11-4184-B791-8FD5070C55AA}) (Version: 3.9.2150.0 - Python Software Foundation) Hidden
Python 3.9.2 Development Libraries (64-bit) (HKLM\...\{EA736F6F-172B-4D18-831E-B5DFB2EA5057}) (Version: 3.9.2150.0 - Python Software Foundation) Hidden
Python 3.9.2 Documentation (64-bit) (HKLM\...\{FDD5FBD7-2E89-496E-B0CE-19FA26F3C347}) (Version: 3.9.2150.0 - Python Software Foundation) Hidden
Python 3.9.2 Executables (64-bit) (HKLM\...\{701FA3EE-56EB-422A-A2D9-FFFE12E53A5E}) (Version: 3.9.2150.0 - Python Software Foundation) Hidden
Python 3.9.2 pip Bootstrap (64-bit) (HKLM\...\{ECCE5BC5-9400-4BB7-82F4-3699308CCC18}) (Version: 3.9.2150.0 - Python Software Foundation) Hidden
Python 3.9.2 Standard Library (64-bit) (HKLM\...\{D5638C16-6D72-4A80-B101-07B6B9C92273}) (Version: 3.9.2150.0 - Python Software Foundation) Hidden
Python 3.9.2 Tcl/Tk Support (64-bit) (HKLM\...\{0281F202-0833-49D8-8145-530021FF2CA2}) (Version: 3.9.2150.0 - Python Software Foundation) Hidden
Python 3.9.2 Test Suite (64-bit) (HKLM\...\{73AB4143-E6F9-4AFB-B0F5-B0AE869B37FB}) (Version: 3.9.2150.0 - Python Software Foundation) Hidden
Python 3.9.2 Utility Scripts (64-bit) (HKLM\...\{D345FB80-FF7C-4DF0-B60A-924B7F7D1974}) (Version: 3.9.2150.0 - Python Software Foundation) Hidden
Qualcomm WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm)
QuickSet64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.38 - Dell Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8622 - Realtek Semiconductor Corp.)
Registrace produktu (HKLM\...\{0CB75726-FC62-4609-B5DA-0031E64F771B}) (Version: 3.0.128.0 - Název společnosti:) Hidden
Registrace produktu Dell (HKLM-x32\...\InstallShield_{0CB75726-FC62-4609-B5DA-0031E64F771B}) (Version: 3.0.128.0 - Název společnosti:)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
Serviio (HKLM\...\Serviio) (Version: 2.1 - Six Lines Ltd)
SmartByte Drivers and Services (HKLM\...\{01F01829-4C5A-41B0-8198-0BDD02B34C47}) (Version: 2.0.643 - Název společnosti:)
SmartShare (HKLM-x32\...\{BAB337AE-DD9E-45C3-BED6-0EE4732AEC60}) (Version: 2.3.1712.1201 - LG Electronics Inc.)
Spyrix Free Keylogger verze 1.5 (HKLM-x32\...\Spyrix Free Keylogger_is1) (Version: 1.5 - )
ToggleVOLUME (Remove Only) (HKLM-x32\...\ToggleVOLUME) (Version: - )
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{344F3227-F502-4219-9DC4-1967E586FAFA}) (Version: 2.51.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F49D6A65-1AB6-4728-9FDA-DB5BAB631CF6}) (Version: 1.23.0.0 - Microsoft Corporation) Hidden
VALORANT (HKU\S-1-5-21-2166850603-1525175105-4254810413-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Web Companion (HKLM-x32\...\{43b93b9e-c8a2-489a-a6de-dce246573f68}) (Version: 7.0.2417.4248 - Lavasoft)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.656 - McAfee, LLC)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
WinRAR 6.02 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
Packages:
=========
Alienware Pointing Devices -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynDellWPF_19005.17013.0.0_x64__807d65c4rvak2 [2021-12-09] (Synaptics Incorporated)
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.10042.0_x64__0a9344xs7nr4m [2021-12-10] (Advanced Micro Devices Inc.) [Startup Task]
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2021-12-09] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.12.41.0_x86__kgqvnymyfvs32 [2021-12-09] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.207.400.0_x86__kgqvnymyfvs32 [2021-12-09] (king.com)
CyberLink Media Suite Essentials -> C:\Program Files\WindowsApps\DB6EA5DB.CyberLinkMediaSuiteEssentials_1.0.10.0_x86__mcezb6ze687jp [2021-12-09] (CYBERLINK CORPORATION.)
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.9.13.0_x64__htrsf667h5kn2 [2021-12-09] (Dell Inc)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-12-09] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-12-09] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-12-09] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.10270.0_x64__8wekyb3d8bbwe [2021-12-09] (Microsoft Studios) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2021-12-09] (Netflix, Inc.)
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_3.27.4.0_x64__nfy108tqq3p12 [2021-12-09] (Thumbmunkeys Ltd)
PlayTo TV -> C:\Program Files\WindowsApps\DayglowsInc.PlayToTV_3.0.4.0_x64__frmkx632fhvcr [2021-12-09] (Dayglows Inc)
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2021-12-09] (Plex)
RICOH Driver Utility -> C:\Program Files\WindowsApps\3EA2211E.RICOHDriverUtility_4.7.0.0_x86__fxme7667cy4q4 [2021-12-09] (Ricoh Company, Ltd.)
Waves MaxxAudio Pro for Dell -> C:\Program Files\WindowsApps\WavesAudio.WavesMaxxAudioProforDell_1.1.131.0_x64__fh4rh281wavaa [2021-12-09] (Waves Audio)
WinZip Universal -> C:\Program Files\WindowsApps\WinZipComputing.WinZipUniversal_1.5.13516.0_x64__3ykzqggjzj4z0 [2021-12-09] (WinZip Computing)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2166850603-1525175105-4254810413-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-10] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-10] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-10] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2016-04-28] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\program files\mcafee\msc\mcctxmenufrmwrk.dll [2019-02-15] (McAfee, Inc. -> McAfee, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2016-04-28] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-10] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2021-11-04] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d00b147fae66a3d0\igfxDTCM.dll [2020-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-10] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\program files\mcafee\msc\mcctxmenufrmwrk.dll [2019-02-15] (McAfee, Inc. -> McAfee, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.pDAD] => C:\Windows\SysWOW64\prodad-codec.dll [506392 2016-04-28] (proDAD GmbH -> proDAD GmbH)
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Obchod\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\vGet Cast (DLNA Controller).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ekdjofnchpbfmnfbedalmbdlhbabiapi
==================== Loaded Modules (Whitelisted) =============
2015-06-25 15:53 - 2015-06-25 15:53 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 15:51 - 2015-06-25 15:51 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2015-06-25 16:34 - 2015-06-25 16:34 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 16:37 - 2015-06-25 16:37 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 16:38 - 2015-06-25 16:38 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 16:35 - 2015-06-25 16:35 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-08-09 11:15 - 2016-08-09 11:15 - 000086016 _____ (Dell Inc.) [File not signed] C:\Program Files\Dell\QuickSet\dadkeyb.dll
2020-04-20 16:48 - 2020-04-20 16:48 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\AppVIsvSubsystems32.dll
2020-04-20 16:48 - 2020-04-20 16:48 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\c2r32.dll
2018-12-04 11:10 - 2018-12-04 11:10 - 000100864 _____ (Rivet Networks) [File not signed] C:\Program Files\Rivet Networks\SmartByte\KillerNetworkServicePS.dll
2015-06-25 16:20 - 2015-06-25 16:20 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2015-06-25 16:15 - 2015-06-25 16:15 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2015-06-25 16:20 - 2015-06-25 16:20 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2015-06-25 16:15 - 2015-06-25 16:15 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2015-06-25 16:20 - 2015-06-25 16:20 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2015-06-25 16:15 - 2015-06-25 16:15 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2015-06-25 16:20 - 2015-06-25 16:20 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2015-06-25 16:17 - 2015-06-25 16:17 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2015-06-25 16:20 - 2015-06-25 16:20 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2015-06-25 16:20 - 2015-06-25 16:20 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2015-06-25 16:20 - 2015-06-25 16:20 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2015-06-25 16:21 - 2015-06-25 16:21 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2015-06-25 16:14 - 2015-06-25 16:14 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2015-07-02 11:58 - 2015-07-02 11:58 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2015-06-25 16:03 - 2015-06-25 16:03 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2015-06-25 04:13 - 2015-06-25 04:13 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2015-06-25 16:00 - 2015-06-25 16:00 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2015-06-25 16:23 - 2015-06-25 16:23 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2015-06-25 16:28 - 2015-06-25 16:28 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2015-06-25 16:16 - 2015-06-25 16:16 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2015-06-25 16:08 - 2015-06-25 16:08 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2015-06-25 16:58 - 2015-06-25 16:58 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2015-06-25 15:59 - 2015-06-25 15:59 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:2F522D1F [116]
AlternateDataStreams: C:\ProgramData\Temp:8927A071 [464]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2166850603-1525175105-4254810413-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-2166850603-1525175105-4254810413-1001 -> DefaultScope {9A083D8F-57ED-40A5-8AEC-2D7A3E3D0C04} URL =
SearchScopes: HKU\S-1-5-21-2166850603-1525175105-4254810413-1001 -> {9A083D8F-57ED-40A5-8AEC-2D7A3E3D0C04} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2021-12-10] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\ssv.dll [2021-11-03] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2021-12-10] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\jp2ssv.dll [2021-11-03] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files\mcafee\msc\mcsniepl64.dll [2019-02-15] (McAfee, Inc. -> McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files (x86)\mcafee\msc\mcsniepl.dll [2019-02-15] (McAfee, Inc. -> McAfee, Inc.)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-2166850603-1525175105-4254810413-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2166850603-1525175105-4254810413-1001\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-03-18 22:03 - 2021-03-07 13:05 - 000001554 ____H C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1
www.amateri.com
127.0.0.1 amateri.com
127.0.0.1
http://amateri.com/cs
127.0.0.1
https://www.amateri.com
127.0.0.1 twitter.com
127.0.0.1 badoo.com
127.0.0.1
www.badoo.com
127.0.0.1
http://badoo.com
127.0.0.1
http://www.badoo.com
127.0.0.1
https://badoo.com
127.0.0.1
https://www.badoo.com
127.0.0.1 facebook.com
127.0.0.1
www.facebook.com
127.0.0.1
http://facebook.com
127.0.0.1
http://www.facebook.com
127.0.0.1
https://www.facebook.com
127.0.0.1
https://www.facebook.com/
127.0.0.1
https://facebook.com
127.0.0.1 messenger.com
127.0.0.1
www.messenger.com
127.0.0.1
http://messenger.com
127.0.0.1
http://www.messenger.com
127.0.0.1
https://messenger.com
127.0.0.1 htpps://
www.messenger.com
127.0.0.1 xvideos.com
127.0.0.1 pornhub.com
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2166850603-1525175105-4254810413-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Obchod\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\IMG_20210411_205301.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
HKU\S-1-5-21-2166850603-1525175105-4254810413-1001\...\StartupApproved\Run: => "vidnotifier.exe"
HKU\S-1-5-21-2166850603-1525175105-4254810413-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-2166850603-1525175105-4254810413-1001\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
HKU\S-1-5-21-2166850603-1525175105-4254810413-1001\...\StartupApproved\Run: => "Web Companion"
HKU\S-1-5-21-2166850603-1525175105-4254810413-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-2166850603-1525175105-4254810413-1001\...\StartupApproved\Run: => "ut"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{59868B0A-DE52-497C-AD39-86B59F895E75}] => (Allow) C:\Program Files (x86)\LG Software\LG Smart Share\DMR\SmartShareDMR.exe (LG Electronics Inc. -> )
FirewallRules: [{0867AEDC-795F-4956-855E-F0944208FD70}] => (Allow) C:\Program Files (x86)\LG Software\LG Smart Share\DMR\SmartShareDMR.exe (LG Electronics Inc. -> )
FirewallRules: [{58DD433F-D567-4277-9601-CAE20C48CE80}] => (Allow) C:\Program Files (x86)\LG Software\LG Smart Share\DMS\SmartShareDMS.exe (LG Electronics Inc. -> LG Electronics Inc.)
FirewallRules: [{89420073-DC9C-4CC5-B398-31584D335D33}] => (Allow) C:\Program Files (x86)\LG Software\LG Smart Share\DMS\SmartShareDMS.exe (LG Electronics Inc. -> LG Electronics Inc.)
FirewallRules: [{0E7C65D7-4245-42EB-B148-1C129ECA088E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{128CD2FD-F756-48CE-8121-4AB5BDC15310}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AACF42BA-8FB1-4F7F-95B9-CCF76A68866A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{09B0879C-9D59-423A-A222-E07E0DB7334E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BA0D0451-5A95-4C2C-90F1-5C818EF5B8AD}] => (Allow) C:\Program Files\Serviio\console\ServiioConsole.exe (Six Lines Ltd) [File not signed]
FirewallRules: [{A1A54025-008F-4BBD-A8D0-F94C46CE5889}] => (Allow) C:\Program Files\Serviio\bin\ServiioService.exe () [File not signed]
FirewallRules: [{306453EC-9988-4D11-8903-ADC514E05C7B}] => (Allow) C:\Program Files\Serviio\bin\ServiioService.exe () [File not signed]
FirewallRules: [UDP Query User{59F29604-38D3-4A4F-AA30-C5C1CB30BA43}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{B53F017B-10CD-424A-8AF2-3EF682003503}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7A1AD65D-D2B4-4E38-AA56-FCE9545066FE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FF9FC6E9-14AD-471D-A0CE-DFC1994C840A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{11775C10-8BC4-44BB-AA7E-84DD4595DD1C}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{74B35F4E-C957-4260-A97D-8400C06C43B7}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{7C3BAD0B-CB6A-4460-8765-C95413F3EFA1}] => (Allow) C:\Program Files (x86)\Apowersoft\Windows Shutdown Assistant\Windows Shutdown Assistant.exe
FirewallRules: [{512607F3-4F69-4036-AD59-609364CBE787}] => (Allow) C:\Program Files (x86)\Apowersoft\Windows Shutdown Assistant\Windows Shutdown Assistant.exe
FirewallRules: [{42C51F26-1DD0-4A50-891C-2F284F4F8800}] => (Allow) C:\Program Files (x86)\CyberLink\CyberLink Media Suite\PowerDVD14\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{82A74830-E1B4-4B45-93D3-A3E31D718A24}] => (Allow) C:\Program Files (x86)\CyberLink\CyberLink Media Suite\PowerDVD14\Movie\PowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{7DA00A23-AE83-4A33-BF38-76C9CDB3A6E4}] => (Allow) C:\Program Files (x86)\CyberLink\CyberLink Media Suite\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{1947D693-DE60-4568-B881-99153BD0B863}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [TCP Query User{425B7710-A1EE-4E89-86E2-3817D8B56335}C:\riot games\league of legends\game\league of legends.exe] => (Block) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{C176A036-F996-4495-9541-021E2B192037}C:\riot games\league of legends\game\league of legends.exe] => (Block) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{3504A77F-3D3B-464A-8284-234805E3034A}] => (Allow) C:\Users\Obchod\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{407D9EE5-CC18-4EF5-B2FE-E9B2B5DEA153}] => (Allow) C:\Users\Obchod\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{0F5A29BD-59DC-41C3-B3C3-0FE313286664}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{EC795C66-BAC6-4D8F-82AC-A540D8DD0642}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{96A9D568-338D-4821-9C87-3AFD07625FEF}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{6BA35978-EE75-4900-BB34-02EB1C084186}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{12323684-0AFD-4D53-AAE3-60A21036ADEF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3192152C-55E7-4066-9527-66C48193679D}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{1FCE332B-5164-47D1-8181-AEB4C71EF624}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{D1466F47-D270-4288-9D1F-32CDF222DBE0}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{32BA1096-7269-4A8F-A9F9-13BFA2D5208F}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\96.0.1054.34\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{078AC9CC-1EE3-4DE3-898A-EE5EC8864E80}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{075BE337-FCD1-4363-899D-70B5EE38C9D7}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{DC0CFCF8-7586-4EBC-866D-A7BEB327496B}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{8CFAD452-BC51-4E02-A4D3-AC1793976282}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
==================== Restore Points =========================
09-12-2021 20:19:38 Operace obnovení
10-12-2021 13:56:36 Removed DisplayLink Graphics
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (12/10/2021 03:59:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SynTPEnh.exe, verze: 19.5.17.18, časové razítko: 0x60c8d547
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000554a50
ID chybujícího procesu: 0x3858
Čas spuštění chybující aplikace: 0x01d7edd6951ae42a
Cesta k chybující aplikaci: C:\WINDOWS\System32\SynTPEnh.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 645e48ea-b2b2-4256-862c-f0adcb753767
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/10/2021 03:59:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SynTPEnh.exe, verze: 19.5.17.18, časové razítko: 0x60c8d547
Název chybujícího modulu: SynTPEnh.exe, verze: 19.5.17.18, časové razítko: 0x60c8d547
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000041362
ID chybujícího procesu: 0x3b30
Čas spuštění chybující aplikace: 0x01d7edd6921a5572
Cesta k chybující aplikaci: C:\WINDOWS\System32\SynTPEnh.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\SynTPEnh.exe
ID zprávy: 241ae0da-e0b7-4b8e-9586-8a6cdee5b4f5
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/10/2021 03:59:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SynTPEnh.exe, verze: 19.5.17.18, časové razítko: 0x60c8d547
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000001b18c0
ID chybujícího procesu: 0xf10
Čas spuštění chybující aplikace: 0x01d7edd68f1bf1bb
Cesta k chybující aplikaci: C:\WINDOWS\System32\SynTPEnh.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: f2dc8a95-cea9-4648-a0cd-d3a6cb773204
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/10/2021 03:59:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SynTPEnh.exe, verze: 19.5.17.18, časové razítko: 0x60c8d547
Název chybujícího modulu: SynTPEnh.exe, verze: 19.5.17.18, časové razítko: 0x60c8d547
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000041362
ID chybujícího procesu: 0x1554
Čas spuštění chybující aplikace: 0x01d7edd68c1e1cc2
Cesta k chybující aplikaci: C:\WINDOWS\System32\SynTPEnh.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\SynTPEnh.exe
ID zprávy: 8caa03c2-12fb-422e-8abb-ece204fd7122
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/10/2021 03:59:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SynTPEnh.exe, verze: 19.5.17.18, časové razítko: 0x60c8d547
Název chybujícího modulu: SynTPEnh.exe, verze: 19.5.17.18, časové razítko: 0x60c8d547
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000004136a
ID chybujícího procesu: 0x3e74
Čas spuštění chybující aplikace: 0x01d7edd6891e9cf7
Cesta k chybující aplikaci: C:\WINDOWS\System32\SynTPEnh.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\SynTPEnh.exe
ID zprávy: 256fd1f4-7aaa-4606-a56f-c8b054171061
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/10/2021 03:59:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SynTPEnh.exe, verze: 19.5.17.18, časové razítko: 0x60c8d547
Název chybujícího modulu: SynTPEnh.exe, verze: 19.5.17.18, časové razítko: 0x60c8d547
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000041362
ID chybujícího procesu: 0x4104
Čas spuštění chybující aplikace: 0x01d7edd6861c6233
Cesta k chybující aplikaci: C:\WINDOWS\System32\SynTPEnh.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\SynTPEnh.exe
ID zprávy: 2f708c24-923c-45dc-a857-2095bf56c6c5
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/10/2021 03:59:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SynTPEnh.exe, verze: 19.5.17.18, časové razítko: 0x60c8d547
Název chybujícího modulu: SynTPEnh.exe, verze: 19.5.17.18, časové razítko: 0x60c8d547
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000041362
ID chybujícího procesu: 0x1180
Čas spuštění chybující aplikace: 0x01d7edd6831a1565
Cesta k chybující aplikaci: C:\WINDOWS\System32\SynTPEnh.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\SynTPEnh.exe
ID zprávy: b912bb0c-3df8-4cab-adc6-d72e4f4734f7
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/10/2021 03:59:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SynTPEnh.exe, verze: 19.5.17.18, časové razítko: 0x60c8d547
Název chybujícího modulu: SynTPEnh.exe, verze: 19.5.17.18, časové razítko: 0x60c8d547
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000041362
ID chybujícího procesu: 0x3a88
Čas spuštění chybující aplikace: 0x01d7edd680168e58
Cesta k chybující aplikaci: C:\WINDOWS\System32\SynTPEnh.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\SynTPEnh.exe
ID zprávy: 8e2b556c-1054-4e34-be69-8556424c1579
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (12/10/2021 03:59:33 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Služba inteligentního přenosu na pozadí skončila s následující chybou specifickou pro službu:
%%2388525606
Error: (12/10/2021 03:59:33 PM) (Source: Microsoft-Windows-Bits-Client) (EventID: 16392) (User: NT AUTHORITY)
Description: Službu BITS se nezdařilo spustit. Chyba 2388525606.
Error: (12/10/2021 03:59:29 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-O0AU14G)
Description: Server {4991D34B-80A1-4291-83B6-3328366B9097} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/10/2021 03:57:33 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Služba inteligentního přenosu na pozadí skončila s následující chybou specifickou pro službu:
%%2388525606
Error: (12/10/2021 03:57:33 PM) (Source: Microsoft-Windows-Bits-Client) (EventID: 16392) (User: NT AUTHORITY)
Description: Službu BITS se nezdařilo spustit. Chyba 2388525606.
Error: (12/10/2021 03:57:28 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {4991D34B-80A1-4291-83B6-3328366B9097} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/10/2021 03:55:33 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Služba inteligentního přenosu na pozadí skončila s následující chybou specifickou pro službu:
%%2388525606
Error: (12/10/2021 03:55:33 PM) (Source: Microsoft-Windows-Bits-Client) (EventID: 16392) (User: NT AUTHORITY)
Description: Službu BITS se nezdařilo spustit. Chyba 2388525606.
Windows Defender:
================
Date: 2021-05-05 02:28:08
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {C49A175E-6114-43DE-954C-B2421A740F2B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:
Date: 2021-12-10 13:53:52
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.355.2.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18800.4
Kód chyby: 0x80240017
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Date: 2021-12-10 00:41:45
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.337.615.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18100.5
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.
Date: 2021-12-10 00:34:33
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.337.615.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18100.5
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.
Date: 2021-12-10 00:34:33
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.337.615.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18100.5
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.
Date: 2021-12-10 00:06:59
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.337.615.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18100.5
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.
CodeIntegrity:
===============
Date: 2021-12-10 13:53:52
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2021-12-10 13:53:52
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\MfeAV\AMSIExt.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. 2.9.0 01/17/2019
Motherboard: Dell Inc.
Processor: Intel(R) Core(TM) i3-6006U CPU @ 2.00GHz
Percentage of memory in use: 78%
Total physical RAM: 3962.03 MB
Available physical RAM: 867.25 MB
Total Virtual: 8570.03 MB
Available Virtual: 3878.13 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:916.55 GB) (Free:613.07 GB) NTFS
\\?\Volume{ed959be6-4a76-4e98-8c97-42342814bc2b}\ () (Fixed) (Total:0.79 GB) (Free:0.24 GB) NTFS
\\?\Volume{0872bf90-8913-4f0a-84d8-cca94e1ebf4c}\ (Image) (Fixed) (Total:12.39 GB) (Free:0.15 GB) NTFS
\\?\Volume{7494f910-2003-4499-b5fa-4c0bb5c98b21}\ (DELLSUPPORT) (Fixed) (Total:1.17 GB) (Free:0.53 GB) NTFS
\\?\Volume{ff707426-5713-492a-8cc2-4fc6f7b0d0f9}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.42 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: FFC59383)
Partition: GPT.
==================== End of Addition.txt =======================
po restartu na fixlog jsem zapl i prohlížeč a byl do 2 minut což bývalo i 10-15x tolik času než vůbec něco vyskočilo a já už měl domněnku že to bylo právě tím Synthenh.exe který jsem i otestoval na virustotal a v pořádku....tak myslím pokud je to vše tak budu ještě sledovat PC jestli se nic nepřihodi a snad nějakou dobu vydrží, tak kdyby jsme se už neviděli tak přeji hezké svátky a at fórum dál pokračuje a pomáhá 