Občasný poplach Avast antiviru - hrozba zjištěna

[Hrabatko]

Dobrý den,
poslední dobou mě při otevírání různých webů varuje Avast - "Hrozba zjištěna" - Bezpečně jsme přerušili s spojení s webem thale-gds.com, kde jsme zjistili hrozbu URL: Scam. Logicky mám podezření na nějakou nákazu.
Poprosil bych proto o kontrolu logu a pomoc.
Děkuji.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-08-2023
Ran by Doma (administrator) on DESKTOP-ALHCOVU (Micro-Star International Co., Ltd. MS-7C80) (21-08-2023 21:38:41)
Running from C:\Users\Doma\Downloads\FRST64.exe
Loaded Profiles: Doma
Platform: Microsoft Windows 10 Home Version 22H2 19045.3324 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <5>
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\MSI Center\Engine\CC_Engine_x64.exe
(C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe
(C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe ->) (A225F3B5-240D-4EE9-BCF4-697A07F5E93E -> Micro-Star INT'L CO., LTD.) C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICenter_2.0.21.0_x64__kzh8wxbdkxb8p\DCv2\DCv2.exe
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files\LGHUB\lghub.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe
(C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudServices.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudCKKS.exe
(C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudServices.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Microsoft Corporation) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa\iCloud\WebView2\msedgewebview2.exe <7>
(C:\Users\Doma\AppData\Local\SynologyDrive\SynologyDrive.app\bin\cloud-drive-ui.exe ->) (Synology Inc. -> Synology Inc.) C:\Users\Doma\AppData\Local\SynologyDrive\SynologyDrive.app\bin\cloud-drive-connect.exe
(C:\Users\Doma\AppData\Local\SynologyDrive\SynologyDrive.app\bin\cloud-drive-ui.exe ->) (Synology Inc. -> Synology Inc.) C:\Users\Doma\AppData\Local\SynologyDrive\SynologyDrive.app\bin\cloud-drive-daemon.exe
(cmd.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudPasswordsExtensionHelper.exe
(Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Command\Creative.SBCommand.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <8>
(Elaborate Bytes AG -> Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(explorer.exe ->) () [File not signed] C:\Program Files\Keyboard Chatter Blocker\KeyboardChatterBlocker.exe
(explorer.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudDrive.exe
(explorer.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudServices.exe
(explorer.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(explorer.exe ->) (Figma, Inc. -> ) C:\Users\Doma\AppData\Local\FigmaAgent\figma_agent.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <16>
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <3>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_5b6e4554b945d508\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Samsung Electronics Co., Ltd. -> Clonix & CottonCandy) C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe
(services.exe ->) (Synology Inc. -> ) C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(services.exe ->) (Synology Inc. -> ) C:\Program Files (x86)\Synology\SynologyDrive\bin\vss-service-x64.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa\iCloud\APSDaemon.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple, Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa\iCloud\secd.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21538.0_x64__8wekyb3d8bbwe\HxAccounts.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21538.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21538.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3266_none_7e25389a7c7bcadb\TiWorker.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.TerminalServer.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Engine.exe
(svchost.exe ->) (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe <4>
(Synology Inc. -> Synology Inc.) C:\Users\Doma\AppData\Local\SynologyDrive\SynologyDrive.app\bin\cloud-drive-ui.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [256408 2023-08-07] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [Creative.SBCommand] => C:\Program Files (x86)\Creative\Sound Blaster Command\Creative.SBCommand.exe [196096 2021-01-19] (Creative Technology Ltd) [File not signed]
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [114273560 2020-10-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files\KeePass Password Safe 2\KeePass.exe [3137728 2021-01-09] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11327200 2023-08-09] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [105280 2020-02-23] (Elaborate Bytes AG -> Elaborate Bytes AG)
HKLM-x32\...\Run: [OnScreen Control] => C:\Program Files (x86)\LG Electronics\OnScreen Control\bin\OnScreenStartUpApp.exe [1820568 2020-10-19] (LG Electronics Inc. -> LG Electronics Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [739448 2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2060866435-3550678212-885603182-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [152025856 2023-07-27] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-2060866435-3550678212-885603182-1001\...\Run: [Figma Agent] => C:\Users\Doma\AppData\Local\FigmaAgent\figma_agent.exe [6722104 2023-06-19] (Figma, Inc. -> )
HKU\S-1-5-21-2060866435-3550678212-885603182-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Doma\AppData\Local\Microsoft\Teams\Update.exe [2508480 2022-05-16] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2060866435-3550678212-885603182-1001\...\Run: [MicrosoftEdgeAutoLaunch_294130C2C2FAFCF0D401F41550643655] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4088272 2023-08-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2060866435-3550678212-885603182-1001\...\MountPoints2: {383aecd3-7436-11eb-8fd4-2cf05d76e73b} - "G:\setup.exe"
HKU\S-1-5-21-2060866435-3550678212-885603182-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [153600 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\Bullzip PDF Print Monitor: C:\Program Files\Common Files\Bullzip\PDF Printer\Ports\BULLZIP\bzpdf.dll [221696 2021-03-13] (Bullzip) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\115.0.5790.173\Installer\chrmstp.exe [2023-08-20] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
Startup: C:\Users\Doma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DDM2.0.lnk [2023-04-29]
ShortcutTarget: DDM2.0.lnk -> C:\Program Files\Dell\Dell Display Manager 2\DDM.exe (Qisda Corporation -> Dell Inc.)
Startup: C:\Users\Doma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\KeyboardChatterBlocker.lnk [2023-03-28]
ShortcutTarget: KeyboardChatterBlocker.lnk -> C:\Program Files\Keyboard Chatter Blocker\KeyboardChatterBlocker.exe () [File not signed]
Startup: C:\Users\Doma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2022-05-01]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\Doma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Synology Drive Client.lnk [2023-08-21]
ShortcutTarget: Synology Drive Client.lnk -> C:\Program Files (x86)\Synology\SynologyDrive\bin\launcher.exe (Synology Inc. -> Synology Inc.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {7918458F-28C7-40D1-84FB-B18B2BB45584} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {3DA9AAF7-04C7-44E6-9BBC-860D0A4A1302} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4944792 2023-08-07] (Avast Software s.r.o. -> AVAST Software)
Task: {E1ED8B54-9E15-4641-8BC3-C1B03A5883F6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-08-03] (Avast Software s.r.o. -> Avast Software)
Task: {87506760-83DC-4C1E-AF3E-508C0649C661} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
Task: {6AEBF028-6454-46F9-8373-D509501815A4} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
Task: {BFA9EE3B-FBE5-4F72-9B0D-4474715AF4CD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-21] (Google LLC -> Google LLC)
Task: {28DB1470-B5B3-42F0-8123-096B1868280F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-21] (Google LLC -> Google LLC)
Task: {C8030817-6352-4F17-998B-226C343BDC9C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26656848 2023-08-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {602EC2F1-9534-445A-8CED-00FEBF819FD5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26656848 2023-08-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {C2FFC9B7-F997-41FA-BF7A-AD5DBC8A3BAC} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158872 2023-08-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {BA639C5F-6051-4E32-A2D0-5668EA4FA4A7} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158872 2023-08-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {635C16D2-FFB2-469F-A4FF-C15C1E9D97AA} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [167864 2023-08-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {03913462-1326-4F46-A075-CDDE78C48BE5} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4394688 2023-08-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {E838F2F4-CA5B-4080-8D1D-FCF6F4054CA0} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1193168 2023-08-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {2F329D95-40BE-4292-ADE7-68C86C1C188B} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(1): %windir%\system32\compattelrunner.exe -> -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc
Task: {2F329D95-40BE-4292-ADE7-68C86C1C188B} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(2): %windir%\system32\compattelrunner.exe -> -m:appraiser.dll -f:DoScheduledTelemetryRun
Task: {2F329D95-40BE-4292-ADE7-68C86C1C188B} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(3): %windir%\system32\compattelrunner.exe -> -m:aemarebackup.dll -f:BackupMareData
Task: {DD09F622-7086-4936-BDED-E5AF1DA37E6D} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2060866435-3550678212-885603182-1001 => C:\Users\Doma\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [4189064 2022-11-14] () [File not signed]
Task: {ECC33C06-B9EF-4A32-93E8-7AF8A5780280} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2060866435-3550678212-885603182-1001 => C:\Users\Doma\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [4189064 2022-11-14] () [File not signed]
Task: {E38D8757-7B89-4D4F-8F5C-D373478041FB} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2060866435-3550678212-885603182-500 => C:\Users\Doma\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [4189064 2022-11-14] () [File not signed]
Task: {C25D56CF-5306-4AB8-9C3F-6E5312C9EAC3} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [133905984 2023-03-10] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 192.168.0.150 hrabatko.synology.me #Můj NAS
Tcpip\Parameters: [DhcpNameServer] 192.168.88.1 8.8.8.8
Tcpip\..\Interfaces\{05386d9a-594c-454c-be26-552137519da8}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{05386d9a-594c-454c-be26-552137519da8}: [DhcpNameServer] 192.168.88.1 8.8.8.8
Tcpip\..\Interfaces\{ca768c9f-9468-42a7-9427-65819b1e8159}: [DhcpNameServer] 213.46.172.38 213.46.172.39

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Doma\AppData\Local\Microsoft\Edge\User Data\Default [2023-08-21]
Edge Extension: (Edge relevant text changes) - C:\Users\Doma\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-08-16]

FireFox:
========
FF DefaultProfile: eynv4166.default
FF ProfilePath: C:\Users\Doma\AppData\Roaming\Zotero\Zotero\Profiles\eynv4166.default [2023-05-15]
FF Extension: (Zotero Citation Counts Manager) - C:\Users\Doma\AppData\Roaming\Zotero\Zotero\Profiles\eynv4166.default\Extensions\schnetter@gmail.com.xpi [2023-05-15] [Legacy] [not signed]
FF Plugin: @java.com/DTPlugin,version=11.371.2 -> C:\Program Files\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.371.2 -> C:\Program Files\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-08-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-08-01] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-08-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-08-03] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\Doma\AppData\Local\Google\Chrome\User Data\Default [2023-08-21]
CHR Extension: (Blokátor reklam AdGuard) - C:\Users\Doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2023-07-20]
CHR Extension: (Just Read) - C:\Users\Doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgmanlpmmkibanfdgjocnabmcaclkmod [2023-08-12]
CHR Extension: (Zotero Connector) - C:\Users\Doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2023-07-12]
CHR Extension: (Záložky na iCloudu) - C:\Users\Doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2023-01-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-07-20]
CHR Extension: (Screenshot) - C:\Users\Doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafopchedjkbgkpbbnbgifaolempmdgh [2021-03-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-21]
CHR Extension: (Hesla na iCloudu) - C:\Users\Doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\pejdijmoenmkgeppbflobdenhhabjlaj [2023-07-14]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8901016 2023-08-07] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [586136 2023-08-07] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [587160 2023-08-07] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11878368 2023-08-14] (Microsoft Corporation -> Microsoft Corporation)
R2 CMigrationService; C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe [761408 2023-03-10] (Samsung Electronics Co., Ltd. -> Clonix & CottonCandy)
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [458240 2020-03-12] (Creative Technology Ltd) [File not signed]
R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [133080 2021-01-11] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [46824 2023-08-09] (Dropbox, Inc -> Dropbox, Inc.)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10677504 2023-07-27] (Logitech Inc -> Logitech, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9283096 2023-08-21] (Malwarebytes Inc. -> Malwarebytes)
R2 MSI_Case_Service; C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe [74336 2023-05-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_Center_Service; C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe [150176 2022-08-04] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_VoiceControl_Service; C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe [36880 2023-04-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
S3 OfficeSvcManagerAddons; C:\Windows\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [21312 2020-11-19] (Microsoft Windows -> Microsoft Corporation)
R2 SamsungMagicianSVC; C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe [381504 2023-03-10] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 Synology Drive VSS Service x64; C:\Program Files (x86)\Synology\SynologyDrive\bin\vss-service-x64.exe [360320 2022-12-16] (Synology Inc. -> )
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [254656 2022-04-11] (Synology Inc. -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_5b6e4554b945d508\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_5b6e4554b945d508\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [31416 2023-08-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [237984 2023-08-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [392880 2023-08-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [297880 2023-08-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [95960 2023-08-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [25576 2022-10-25] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [39600 2023-08-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [272568 2023-08-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [105240 2023-08-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [80416 2023-08-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [946048 2023-08-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [705376 2023-08-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [212632 2023-08-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [319512 2023-08-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 busenum; C:\Windows\System32\drivers\busenum.sys [57824 2012-08-03] (Synology Inc. -> Windows (R) Win 7 DDK provider)
R3 cthda; C:\Windows\system32\drivers\cthda.sys [1090416 2021-01-11] (Creative Technology Ltd -> Creative Technology Ltd)
R3 cthdb; C:\Windows\system32\DRIVERS\cthdb.sys [53616 2021-01-11] (Creative Technology Ltd -> Creative Technology Ltd)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [42616 2017-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2023-08-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 HWiNFO_160; C:\Windows\system32\drivers\HWiNFO64A_160.SYS [64536 2021-05-30] (Martin Malik - REALiX -> REALiX(tm))
R3 logi_joy_bus_enum; C:\Windows\system32\drivers\logi_joy_bus_enum.sys [44880 2022-09-26] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\Windows\system32\drivers\logi_joy_vir_hid.sys [32080 2022-09-26] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\Windows\system32\drivers\logi_joy_xlcore.sys [73040 2022-09-26] (Logitech Inc -> Logitech)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [222672 2023-08-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2023-08-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [199640 2023-08-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [77752 2023-08-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2023-08-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [181984 2023-08-21] (Malwarebytes Inc. -> Malwarebytes)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
S3 Netaapl; C:\Windows\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 NTIOLib_CC_Clock; C:\Program Files (x86)\MSI\MSI Center\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_COMM; C:\Program Files (x86)\MSI\MSI Center\Lib\SYS\NTIOLib_X64.sys [28480 2022-04-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 VClone; C:\Windows\System32\drivers\VClone.sys [44544 2020-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S1 EneTechIo; \??\C:\Windows\system32\drivers\ene.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-08-21 21:38 - 2023-08-21 21:39 - 000034499 _____ C:\Users\Doma\Downloads\FRST.txt
2023-08-21 21:37 - 2023-08-21 21:38 - 000000000 ____D C:\FRST
2023-08-21 21:37 - 2023-08-21 21:37 - 002385408 _____ (Farbar) C:\Users\Doma\Downloads\FRST64.exe
2023-08-21 21:30 - 2023-08-21 21:30 - 000181984 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2023-08-21 21:29 - 2023-08-21 21:30 - 000000000 ____D C:\Users\Doma\AppData\Local\Malwarebytes
2023-08-21 21:29 - 2023-08-21 21:29 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-08-21 21:29 - 2023-08-21 21:29 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-08-21 21:29 - 2023-08-21 21:29 - 000000000 ____D C:\Users\Doma\AppData\Local\mbam
2023-08-21 21:29 - 2023-08-21 21:29 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-08-21 21:29 - 2023-08-21 21:29 - 000000000 ____D C:\Program Files\Malwarebytes
2023-08-12 08:00 - 2023-08-12 08:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2023-08-11 20:18 - 2023-08-11 20:18 - 000000000 ___HD C:\$WinREAgent
2023-08-11 07:05 - 2023-08-11 07:16 - 000027830 _____ C:\Users\Doma\Desktop\Tanita.xlsx
2023-08-09 20:39 - 2023-08-09 20:39 - 000046824 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2023-08-07 21:02 - 2023-08-07 21:02 - 000313240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2023-07-27 12:45 - 2023-07-27 12:45 - 000000650 _____ C:\Users\Public\Desktop\Logitech G HUB.lnk
2023-07-27 12:45 - 2023-07-27 12:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2023-07-25 20:40 - 2023-07-25 20:40 - 001955712 _____ C:\Users\Doma\Desktop\Technicak-Forza.pdf
2023-07-23 21:25 - 2023-07-23 21:25 - 000065371 _____ C:\Users\Doma\Downloads\posudek_vedouci (6).pdf
2023-07-23 19:38 - 2023-07-23 19:38 - 000001668 _____ C:\Users\Doma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VtM Bloodlines Unofficial Patch.lnk
2023-07-23 19:38 - 2023-07-23 19:38 - 000001638 _____ C:\Users\Doma\Desktop\VtM Bloodlines Unofficial Patch.lnk
2023-07-23 19:35 - 2023-07-23 19:35 - 000001662 _____ C:\Users\Public\Desktop\Vampire - The Masquerade - Bloodlines.lnk
2023-07-23 19:35 - 2023-07-23 19:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vampire - The Masquerade - Bloodlines [GOG.com]

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-08-21 21:29 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2023-08-21 21:23 - 2021-12-18 23:07 - 000000000 ____D C:\Windows\SystemTemp
2023-08-21 21:23 - 2021-02-21 01:27 - 000000000 ____D C:\Program Files (x86)\Google
2023-08-21 21:23 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-08-21 20:44 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Registration
2023-08-21 20:42 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-08-21 20:42 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2023-08-21 20:41 - 2022-11-12 17:32 - 000000176 _____ C:\Users\Public\Documents\OSCFile.txt
2023-08-21 20:41 - 2021-10-14 21:39 - 000000000 ____D C:\Users\Doma\AppData\Roaming\Samsung Magician
2023-08-21 20:41 - 2021-08-13 07:59 - 000000000 ____D C:\Users\Doma\AppData\Local\SynologyDrive
2023-08-21 20:41 - 2021-02-21 17:45 - 000000000 ____D C:\Users\Doma\AppData\Roaming\Dropbox
2023-08-21 20:41 - 2021-02-21 17:44 - 000000000 ____D C:\Users\Doma\AppData\Local\Dropbox
2023-08-21 20:41 - 2021-02-21 17:37 - 000000000 ____D C:\Users\Doma\AppData\Roaming\LGHUB
2023-08-21 20:41 - 2021-02-21 17:37 - 000000000 ____D C:\Users\Doma\AppData\Local\LGHUB
2023-08-21 20:41 - 2021-02-21 17:01 - 000000000 ___RD C:\Users\Doma\iCloudDrive
2023-08-20 21:36 - 2022-06-19 12:23 - 000000000 ____D C:\ProgramData\NVIDIA
2023-08-20 21:36 - 2021-02-21 17:59 - 000000000 ____D C:\Users\Doma\AppData\Roaming\discord
2023-08-20 21:22 - 2021-02-21 17:59 - 000000000 ____D C:\Users\Doma\AppData\Local\Discord
2023-08-20 20:55 - 2020-11-19 00:29 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-08-20 20:46 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2023-08-20 20:30 - 2022-06-19 12:22 - 000000000 ____D C:\Users\Doma\AppData\Local\D3DSCache
2023-08-20 19:24 - 2021-02-21 01:27 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-08-20 19:24 - 2021-02-21 01:27 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-08-20 09:41 - 2021-02-21 17:59 - 000002222 _____ C:\Users\Doma\Desktop\Discord.lnk
2023-08-20 09:40 - 2021-02-21 01:05 - 001699640 _____ C:\Windows\system32\PerfStringBackup.INI
2023-08-20 09:40 - 2019-12-07 16:41 - 000719062 _____ C:\Windows\system32\perfh005.dat
2023-08-20 09:40 - 2019-12-07 16:41 - 000145762 _____ C:\Windows\system32\perfc005.dat
2023-08-20 09:40 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2023-08-20 09:35 - 2021-02-21 02:38 - 000000000 ____D C:\MSI
2023-08-20 09:34 - 2021-02-21 07:59 - 000008192 ___SH C:\DumpStack.log.tmp
2023-08-20 09:34 - 2020-11-19 01:30 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-08-20 09:34 - 2020-11-19 00:29 - 000540520 _____ C:\Windows\system32\FNTCACHE.DAT
2023-08-20 09:33 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2023-08-20 09:33 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2023-08-20 09:33 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2023-08-20 09:33 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup
2023-08-20 09:33 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\migwiz
2023-08-20 09:33 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\appraiser
2023-08-20 09:33 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2023-08-20 09:33 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\appcompat
2023-08-20 09:33 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2023-08-14 20:53 - 2021-02-21 02:25 - 000000000 ____D C:\Program Files\Microsoft Office
2023-08-12 17:55 - 2020-11-19 01:32 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-08-12 17:55 - 2020-11-19 01:32 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-08-12 10:49 - 2021-02-21 17:34 - 000000000 ____D C:\Program Files\JDownloader
2023-08-12 08:00 - 2021-02-21 17:44 - 000000000 ____D C:\Program Files (x86)\Dropbox
2023-08-11 20:21 - 2020-11-19 01:32 - 003015168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-08-11 07:17 - 2021-02-21 12:19 - 000000000 ____D C:\Users\Doma\AppData\Roaming\Microsoft\Excel
2023-08-11 06:39 - 2021-02-21 01:36 - 000000000 ____D C:\Windows\system32\MRT
2023-08-11 06:37 - 2021-02-21 01:36 - 175983240 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-08-11 06:36 - 2022-11-05 16:39 - 000000000 ____D C:\Program Files\dotnet
2023-08-11 06:36 - 2021-02-21 01:49 - 000000000 ____D C:\ProgramData\Package Cache
2023-08-10 21:30 - 2021-02-21 15:48 - 000000000 ____D C:\Users\Doma\AppData\Local\CrashDumps
2023-08-10 19:34 - 2022-10-25 20:16 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-08-10 19:34 - 2022-10-25 20:16 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-08-10 19:34 - 2021-02-21 01:42 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2023-08-07 21:02 - 2021-02-21 01:38 - 000946048 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2023-08-07 21:02 - 2021-02-21 01:38 - 000705376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2023-08-07 21:02 - 2021-02-21 01:38 - 000392880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2023-08-07 21:02 - 2021-02-21 01:38 - 000319512 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2023-08-07 21:02 - 2021-02-21 01:38 - 000297880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2023-08-07 21:02 - 2021-02-21 01:38 - 000272568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2023-08-07 21:02 - 2021-02-21 01:38 - 000237984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2023-08-07 21:02 - 2021-02-21 01:38 - 000105240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2023-08-07 21:02 - 2021-02-21 01:38 - 000095960 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2023-08-07 21:02 - 2021-02-21 01:38 - 000080416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2023-08-07 21:02 - 2021-02-21 01:38 - 000039600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2023-08-07 21:02 - 2021-02-21 01:38 - 000031416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2023-08-07 21:02 - 2021-02-21 01:38 - 000003990 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2023-08-03 21:31 - 2021-02-21 01:07 - 000000000 ____D C:\Users\Doma
2023-08-03 21:00 - 2021-02-21 01:27 - 000003768 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2023-08-03 21:00 - 2021-02-21 01:27 - 000003644 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2023-07-27 12:45 - 2022-10-25 23:49 - 000000000 ____D C:\Program Files\LGHUB
2023-07-25 20:06 - 2023-04-29 18:20 - 000000000 ____D C:\Users\Doma\dell display manager
2023-07-23 21:22 - 2021-03-23 19:45 - 000000000 ____D C:\Users\Doma\AppData\Local\Deployment
2023-07-23 19:31 - 2021-04-01 17:32 - 000000000 ____D C:\GOG Games
2023-07-23 19:24 - 2021-02-21 01:37 - 000000000 ____D C:\ProgramData\Avast Software

==================== Files in the root of some directories ========

2022-08-25 22:28 - 2023-04-13 20:00 - 000012288 _____ () C:\Users\Doma\AppData\Roaming\emp.bin
2023-02-13 22:58 - 2023-02-13 22:58 - 000000027 _____ () C:\Users\Doma\AppData\Local\.sdpl-system-config4
2021-12-11 09:57 - 2021-12-11 11:05 - 000000128 _____ () C:\Users\Doma\AppData\Local\PUTTY.RND
2023-02-13 22:24 - 2023-02-13 22:24 - 000000783 _____ () C:\Users\Doma\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-08-2023
Ran by Doma (21-08-2023 21:39:29)
Running from C:\Users\Doma\Downloads
Microsoft Windows 10 Home Version 22H2 19045.3324 (X64) (2021-02-21 06:00:30)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2060866435-3550678212-885603182-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2060866435-3550678212-885603182-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2060866435-3550678212-885603182-1000 - Limited - Disabled)
Doma (S-1-5-21-2060866435-3550678212-885603182-1001 - Administrator - Enabled) => C:\Users\Doma
Guest (S-1-5-21-2060866435-3550678212-885603182-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2060866435-3550678212-885603182-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
7-Zip 22.01 (x64 edition) (HKLM\...\{23170F69-40C1-2702-2201-000001000000}) (Version: 22.01.00.0 - Igor Pavlov)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 23.003.20269 - Adobe)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.11 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Angry IP Scanner (HKLM-x32\...\Angry IP Scanner) (Version: 3.9.1 - Angry IP Scanner)
AutoHotkey 1.0.48.05 (HKLM-x32\...\AutoHotkey) (Version: 1.0.48.05 - Chris Mallett)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 23.7.6074 - Avast Software)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1206.2 - AVAST Software) Hidden
Bullzip PDF Printer 12.2.0.2905 (HKLM\...\Bullzip PDF Printer_is1) (Version: 12.2.0.2905 - Bullzip)
calibre (HKLM-x32\...\{F5F5786F-7B03-43D9-9971-E7E267798F60}) (Version: 5.37.0 - Kovid Goyal)
Citace PRO (HKLM\...\{0B14E4DC-1899-48B7-9B86-EC896C677F2F}) (Version: 4.0.5 - Citace.com)
CPUID CPU-Z 1.95 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.95 - CPUID, Inc.)
CPUID HWMonitor 1.43 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.43 - CPUID, Inc.)
Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.45 - Creative Technology Limited)
Cyberpunk 2077 (HKLM-x32\...\1423049311_is1) (Version: Build_3235023Change_4177747 - GOG.com)
Dell Display Manager 2.1 (HKLM\...\Dell Display Manager 2) (Version: 2.1.1.17 - Dell Inc.)
Discord (HKU\S-1-5-21-2060866435-3550678212-885603182-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Dolby Digital Live Pack version 4.02.00 (HKLM-x32\...\DDLMaster_is1) (Version: 4.02.00 - Creative Technology Ltd.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 180.4.4912 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.761.1 - Dropbox, Inc.) Hidden
DTS Connect Pack version 2.02.00 (HKLM-x32\...\DTSMaster_is1) (Version: 2.02.00 - Creative Technology Ltd.)
Dying Light 2 (HKLM-x32\...\Dying Light 2_is1) (Version: - )
Dynamic Application Loader Host Interface Service (HKLM\...\{F2043484-B5E9-4B26-980D-DE1FF2C0ADB2}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Enterprise Architect (HKLM-x32\...\{A95E7B53-1E27-42B2-8634-4FC72FDAC627}) (Version: 15.2.1560.26 - Sparx Systems)
Figma (HKU\S-1-5-21-2060866435-3550678212-885603182-1001\...\Figma) (Version: 107.1.0 - Figma, Inc.)
Figma Agent (HKU\S-1-5-21-2060866435-3550678212-885603182-1001\...\FigmaAgent) (Version: 116.10.8 - Figma, Inc.)
FPS Monitor (HKLM-x32\...\FPS Monitor_is1) (Version: 1 - )
Fraps (HKLM-x32\...\Fraps) (Version: - )
FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 1.0.1 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 115.0.5790.173 - Google LLC)
Host OpenAL (HKLM-x32\...\Host OpenAL) (Version: 2.03 - Creative Technology Limited)
iCloud Outlook (HKLM\...\{BC06C9EA-78BE-4B52-BA89-E6FAAFBF3CB0}) (Version: 12.2.0.10 - Apple Inc.)
Inkscape (HKLM\...\{B57F4693-8866-4053-B706-901E03F3301B}) (Version: 1.2.2 - Inkscape)
Intel(R) Chipset Device Software (HKLM\...\{89D00C61-DC40-4846-B938-E2E6158EDAAA}) (Version: 10.1.18836.8283 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{9b79ab4c-1596-44ee-84e2-a2001f7af089}) (Version: 10.1.18836.8283 - Intel(R) Corporation)
Intel(R) Icls (HKLM\...\{0D02A7FB-EC9A-4D20-A726-035A0711F3FD}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) LMS (HKLM\...\{362F5255-4CDA-4CA3-9C18-0D368A3EDC63}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) LMS (HKLM\...\{74F339CC-3350-4BD0-A65E-CD38EA5656E6}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{0A30716C-97BB-474F-BDA7-53194D378F39}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2135.15.0.2431 - Intel Corporation)
Intel(R) Management Engine Driver (HKLM\...\{C9E6B0FE-E3E4-47FA-B4FA-7FFD7EF7498F}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Java 8 Update 371 (64-bit) (HKLM\...\{71124AE4-039E-4CA4-87B4-2F64180371F0}) (Version: 8.0.3710.11 - Oracle Corporation)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
KeePass Password Safe 2.47 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.47 - Dominik Reichl)
Keyboard Chatter Blocker (HKLM\...\{C8464FC9-FB29-4C22-8A0F-77AB56F30D59}) (Version: 1.0.6 - Alex "mcmonkey" Goodwin)
Kingdom Come: Deliverance – Band of Bastards (HKLM-x32\...\1957357825_is1) (Version: 1.9.6-404-504u - GOG.com)
Kingdom Come: Deliverance – From the Ashes (HKLM-x32\...\1201995925_is1) (Version: 1.9.6-404-504u - GOG.com)
Kingdom Come: Deliverance - HD Sound Pack (HKLM-x32\...\1929089326_is1) (Version: 1.9.6-404-504u - GOG.com)
Kingdom Come: Deliverance - HD Texture Pack (HKLM-x32\...\1597510471_is1) (Version: 1.9.6-404-504u - GOG.com)
Kingdom Come: Deliverance - HD Voice Pack - English (HKLM-x32\...\2020258726_is1) (Version: 1.9.6-404-504u - GOG.com)
Kingdom Come: Deliverance (HKLM-x32\...\1719198803_is1) (Version: 1.9.6-404-504u - GOG.com)
Kingdom Come: Deliverance Treasures of the Past DLC (HKLM-x32\...\1300320746_is1) (Version: 1.9.6-404-504u - GOG.com)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2023.6.430723 - Logitech)
Malwarebytes version 4.6.0.277 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.0.277 - Malwarebytes)
Microsoft .NET Framework 4.6.2 Developer Pack (HKLM-x32\...\{ed7373e5-d579-4663-83e1-28d41ada77fe}) (Version: 4.6.1590 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.2 SDK (HKLM-x32\...\{5F01B3C4-9BEC-465D-9C68-BB97D381FFAD}) (Version: 4.6.01590 - Microsoft Corporation)
Microsoft .NET Framework 4.6.2 Targeting Pack (ENU) (HKLM-x32\...\{C80951BD-6904-474F-BBC5-03A6C777F37C}) (Version: 4.6.01590 - Microsoft Corporation)
Microsoft .NET Framework 4.6.2 Targeting Pack (HKLM-x32\...\{A18D4C2A-07A8-40E4-9797-DD324E6EA4FC}) (Version: 4.6.01590 - Microsoft Corporation)
Microsoft .NET Host - 5.0.17 (x64) (HKLM\...\{E663ED1E-899C-40E8-91D0-8D37B95E3C69}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.21 (x64) (HKLM\...\{26FF35F7-ADBB-4C9F-97DA-79120DB80EC6}) (Version: 48.87.64667 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.17 (x64) (HKLM\...\{8BA25391-0BE6-443A-8EBF-86A29BAFC479}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.21 (x64) (HKLM\...\{D937EF87-F11D-4778-973C-B71E178F95D0}) (Version: 48.87.64667 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM\...\{5A66E598-37BD-4C8A-A7CB-A71C32ABCD78}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.21 (x64) (HKLM\...\{8D2EC92E-5903-4B25-9406-182B8EFA834F}) (Version: 48.87.64667 - Microsoft Corporation) Hidden
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.16626.20170 - Microsoft Corporation)
Microsoft Access database engine 2010 (English) (HKLM-x32\...\{90140000-00D1-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 115.0.1901.203 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 115.0.1901.203 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2060866435-3550678212-885603182-1001\...\OneDriveSetup.exe) (Version: 22.217.1016.0002 - Microsoft Corporation)
Microsoft Project - cs-cz (HKLM\...\ProjectPro2021Retail - cs-cz) (Version: 16.0.16626.20170 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2060866435-3550678212-885603182-1001\...\Teams) (Version: 1.5.00.11163 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.31.31103 (HKLM-x32\...\{2aaf1df0-eb13-4099-9992-962bb4e596d1}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.24.28127 (HKLM-x32\...\{EAC73207-74BD-4B13-AACF-8C0E751FA4E8}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.24.28127 (HKLM-x32\...\{2E72FA1F-BADB-4337-B8AE-F7C17EC57D1D}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.31.31103 (HKLM\...\{A977984B-9244-49E3-BD24-43F0A8009667}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.31.31103 (HKLM\...\{A181A302-3F6D-4BAD-97A8-A426A6499D78}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-2060866435-3550678212-885603182-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.62.3 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.17 (x64) (HKLM\...\{3C31CBA1-A0D9-4B95-A807-AD2313D12F47}) (Version: 40.68.31219 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.17 (x64) (HKLM-x32\...\{20d5df4e-006c-4d6d-a0dc-490d009b9786}) (Version: 5.0.17.31219 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.21 (x64) (HKLM\...\{AF6BF7DD-2B12-40C5-919C-2EC99054BBE1}) (Version: 48.87.64723 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.21 (x64) (HKLM-x32\...\{0f39db03-9030-48f3-82ef-5384bed81d85}) (Version: 6.0.21.32717 - Microsoft Corporation)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
MSI Center SDK (HKLM-x32\...\{15289038-41BE-48F8-B8B9-0B1021D3089E}}_is1) (Version: 3.2023.0619.01 - MSI)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.1.9.1 - Notepad++ Team)
NVIDIA Ovladače grafiky 536.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 536.40 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Observation (HKLM-x32\...\Observation_is1) (Version: - )
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16626.20170 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16626.20170 - Microsoft Corporation) Hidden
OnScreen Control (HKLM-x32\...\{E5C1B339-0E4E-49A5-859E-5E1DE1938706}) (Version: 7.58.0 - LG Electronics Inc)
Open Capture and Analytics Tool (OCAT) (HKLM-x32\...\{73e38705-fc2e-475a-bbfe-aabf714cb51d}) (Version: 1.6.2.54778 - Advanced Micro Devices, Inc.)
Open Capture and Analytics Tool (OCAT) 1.6.2.54778 (HKLM\...\{9B9DF89B-69CD-4779-BA9B-B646DE612B07}) (Version: 1.6.2.54778 - Advanced Micro Devices, Inc.) Hidden
Oxygen XML Editor 23.1 (64-bit) (HKLM\...\8531-1278-6363-8538) (Version: 23.1 - SyncRO Soft)
PDF ePub DRM Removal 4.20.1002.368 version 4.20.1002.368 (HKLM-x32\...\{B17EB9DB-FEFD-4943-94E5-5428B3A53467}_is1) (Version: 4.20.1002.368 - eBook Converter Team)
PDFsam Basic (HKLM\...\{8BD7882E-AF21-4327-9A48-333CAD22D3A1}) (Version: 4.3.0.0 - Sober Lemur S.a.s. di Vacondio Andrea)
PhpStorm 2021.2.3 (HKLM-x32\...\PhpStorm 2021.2.3) (Version: 212.5457.49 - JetBrains s.r.o.)
PSPad editor (HKLM\...\PSPad editor 64bit_is1) (Version: 5.0.6.589 - Jan Fiala)
psqlODBC_x64 (HKLM\...\{3E42F836-9204-4C42-B3C3-8680A0434875}) (Version: 09.01.0100 - PostgreSQL Global Development Group)
PuTTY release 0.76 (64-bit) (HKLM\...\{1E0D5689-40F1-4E46-ABBB-EAAC68B5CD89}) (Version: 0.76.0.0 - Simon Tatham)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 11.10.0720.2022 - Realtek)
RivaTuner Statistics Server 7.3.2 (HKLM-x32\...\RTSS) (Version: 7.3.2 - Unwinder)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 7.3.0.1100 - Samsung Electronics)
SAS 9.4 (HKLM-x32\...\{adfa23ed-d64f-40f3-bd52-8c4a9a1ff982}) (Version: 9.4 - SAS)
SAS Enterprise Guide 7.1 (64-bit) (HKLM\...\{11E08E92-2465-40E5-B248-2B20AD274CE4}) (Version: 7.100.1966 - SAS Institute Inc.) Hidden
Sejda PDF Desktop (HKLM\...\{E5014A92-5CB1-4C77-87FB-C7795FD45F96}) (Version: 7.5.4 - Sejda BV)
Sound Blaster Command version 3.4.98.00 (HKLM-x32\...\Sound Blaster Command_is1) (Version: 3.4.98.00 - Creative Technology Ltd.)
Sound Blaster ZxR Driver (HKLM-x32\...\SBZZxR_is1) (Version: 1.0.00.02 - Creative Technology Ltd.)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: 7.0.3-50049 - Synology)
Synology Drive Client (remove only) (HKLM\...\Synology Drive) (Version: 7.2.1.13271 - Synology, Inc.)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.28779 - Microsoft Corporation)
The Last of Us Part I (HKLM-x32\...\The Last of Us Part I_is1) (Version: - )
The Walking Dead The Telltale Definitive Series (HKLM-x32\...\The Walking Dead The Telltale Definitive Series_is1) (Version: - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 10.52 - Ghisler Software GmbH)
Tyranny - Bastard's Wound (HKLM-x32\...\1456329658_is1) (Version: 1.2.1.0160v2 - GOG.com)
Tyranny - Coat of Arms (HKLM-x32\...\1104171850_is1) (Version: 1.2.1.0160v2 - GOG.com)
Tyranny - Portrait Pack (HKLM-x32\...\1488990546_is1) (Version: 1.2.1.0160v2 - GOG.com)
Tyranny - Pre-Order (HKLM-x32\...\1128126797_is1) (Version: 1.2.1.0160v2 - GOG.com)
Tyranny - Tales from the Tiers (HKLM-x32\...\1651767755_is1) (Version: 1.2.1.0160v2 - GOG.com)
Tyranny (HKLM-x32\...\1266051739_is1) (Version: 1.2.1.0160v2 - GOG.com)
Tyranny (HKU\S-1-5-21-2060866435-3550678212-885603182-1001\...\Tyranny) (Version: - )
Vampire: The Masquerade - Bloodlines (HKLM-x32\...\1207659240_is1) (Version: 1.2 (UP 11.1/11.0/10.2) - GOG.com)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.2.0 - Elaborate Bytes)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Zotero (HKLM-x32\...\Zotero 5.0.96 (x86 en-US)) (Version: 5.0.96 - Corporation for Digital Scholarship)

Packages:
=========
@{AppleInc.iCloud_13.0.201.0_x86__nzyj5cx40ttqa?ms-resource://AppleInc.iCloud/resources/iCloudAppDisplayName} -> C:\Program Files\WindowsApps\AppleInc.iCloud_13.0.201.0_x86__nzyj5cx40ttqa [2022-05-21] ()
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2308.1005.0_x64__8wekyb3d8bbwe [2023-08-12] (Microsoft Corporation)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-08-29] (Microsoft Corporation)
iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa [2023-07-25] (Apple Inc.) [Startup Task]
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa [2023-06-15] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-02-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-02-22] (Microsoft Corporation) [MS Ad]
MSI Center -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICenter_2.0.21.0_x64__kzh8wxbdkxb8p [2023-07-08] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-07-08] (NVIDIA Corp.)
Photo Scan -> C:\Program Files\WindowsApps\5913DefineStudio.PhotoScan_4.0.5.0_x64__jj4r3mnwe2ey2 [2023-06-14] (Define Studio) [MS Ad]
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.17.8040.0_x64__8wekyb3d8bbwe [2023-08-11] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.218.999.0_x64__zpdnekdrzrea0 [2023-08-20] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2060866435-3550678212-885603182-1001_Classes\CLSID\{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}\localserver32 -> "C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileCoAuth.exe" => No File
CustomCLSID: HKU\S-1-5-21-2060866435-3550678212-885603182-1001_Classes\CLSID\{0827D883-485C-4D62-BA2C-A332DBF3D4B0}\localserver32 -> "C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileCoAuth.exe" => No File
CustomCLSID: HKU\S-1-5-21-2060866435-3550678212-885603182-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Doma\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.22062.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2060866435-3550678212-885603182-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2060866435-3550678212-885603182-1001_Classes\CLSID\{20894375-46AE-46E2-BAFD-CB38975CDCE6}\InprocServer32 -> C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2060866435-3550678212-885603182-1001_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\Doma\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\ContextMenu.dll (Synology Inc. -> )
CustomCLSID: HKU\S-1-5-21-2060866435-3550678212-885603182-1001_Classes\CLSID\{389510b7-9e58-40d7-98bf-60b911cb0ea9}\localserver32 -> "C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileCoAuth.exe" => No File
CustomCLSID: HKU\S-1-5-21-2060866435-3550678212-885603182-1001_Classes\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\InprocServer32 -> C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileCoAuthLib64.dll => No File
CustomCLSID: HKU\S-1-5-21-2060866435-3550678212-885603182-1001_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\Doma\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll (Synology Inc. -> TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2060866435-3550678212-885603182-1001_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> "C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\Microsoft.SharePoint.exe" => No File
CustomCLSID: HKU\S-1-5-21-2060866435-3550678212-885603182-1001_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\Doma\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll (Synology Inc. -> TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2060866435-3550678212-885603182-1001_Classes\CLSID\{490de27b-dd04-5ec7-d0dd-147e169f19d3}\localserver32 -> "C:\Program Files\Dell\Dell Display Manager 2.0\DDM.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2060866435-3550678212-885603182-1001_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2060866435-3550678212-885603182-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> "C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileCoAuth.exe" => No File
CustomCLSID: HKU\S-1-5-21-2060866435-3550678212-885603182-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2060866435-3550678212-885603182-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2060866435-3550678212-885603182-1001_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> "C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\Microsoft.SharePoint.exe" => No File
CustomCLSID: HKU\S-1-5-21-2060866435-3550678212-885603182-1001_Classes\CLSID\{94269C4E-071A-4116-90E6-52E557067E4E}\localserver32 -> "C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileCoAuth.exe" => No File
CustomCLSID: HKU\S-1-5-21-2060866435-3550678212-885603182-1001_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\localserver32 -> "C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileCoAuth.exe" => No File
CustomCLSID: HKU\S-1-5-21-2060866435-3550678212-885603182-1001_Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3}\InprocServer32 -> C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2060866435-3550678212-885603182-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2060866435-3550678212-885603182-1001_Classes\CLSID\{a18c2235-f97e-71dd-b398-1f96bc9af93c}\localserver32 -> C:\Program Files\Dell\Dell Display Manager 2\DDM.exe (Qisda Corporation -> Dell Inc.)
CustomCLSID: HKU\S-1-5-21-2060866435-3550678212-885603182-1001_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\Doma\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll (Synology Inc. -> TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2060866435-3550678212-885603182-1001_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2060866435-3550678212-885603182-1001_Classes\CLSID\{A926714B-7BFC-4D08-A035-80021395FFA8}\localserver32 -> "C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileCoAuth.exe" => No File
CustomCLSID: HKU\S-1-5-21-2060866435-3550678212-885603182-1001_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\Doma\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll (Synology Inc. -> TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2060866435-3550678212-885603182-1001_Classes\CLSID\{B10C1C18-E96B-4553-9F27-E8975A60105E} -> [iCloud Drive] => C:\Users\Doma\iCloudDrive [2021-02-21 17:01]
CustomCLSID: HKU\S-1-5-21-2060866435-3550678212-885603182-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2060866435-3550678212-885603182-1001_Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C}\InprocServer32 -> C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2060866435-3550678212-885603182-1001_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\Doma\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll (Synology Inc. -> TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2060866435-3550678212-885603182-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2060866435-3550678212-885603182-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Doma\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
CustomCLSID: HKU\S-1-5-21-2060866435-3550678212-885603182-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\Doma\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2060866435-3550678212-885603182-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => D:\Dropbox [2020-02-13 21:24]
CustomCLSID: HKU\S-1-5-21-2060866435-3550678212-885603182-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ 01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\Doma\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll [2023-01-21] (Synology Inc. -> TODO: <Company name>)
ShellIconOverlayIdentifiers: [ 02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\Doma\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll [2023-01-21] (Synology Inc. -> TODO: <Company name>)
ShellIconOverlayIdentifiers: [ 03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\Doma\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll [2023-01-21] (Synology Inc. -> TODO: <Company name>)
ShellIconOverlayIdentifiers: [ 04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\Doma\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll [2023-01-21] (Synology Inc. -> TODO: <Company name>)
ShellIconOverlayIdentifiers: [ 05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => C:\Users\Doma\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll [2023-01-21] (Synology Inc. -> TODO: <Company name>)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-08-07] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll -> No File
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-08-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2021-11-13] (Notepad++ -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-08-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2020-02-23] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2020-02-23] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-08-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-08-21] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_5b6e4554b945d508\nvshext.dll [2023-06-25] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-08-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-08-21] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers1_S-1-5-21-2060866435-3550678212-885603182-1001: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll -> No File
ContextMenuHandlers1_S-1-5-21-2060866435-3550678212-885603182-1001: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\Doma\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\ContextMenu.dll [2023-01-21] (Synology Inc. -> )
ContextMenuHandlers4_S-1-5-21-2060866435-3550678212-885603182-1001: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll -> No File
ContextMenuHandlers5_S-1-5-21-2060866435-3550678212-885603182-1001: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll -> No File
ContextMenuHandlers6_S-1-5-21-2060866435-3550678212-885603182-1001: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\Doma\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\ContextMenu.dll [2023-01-21] (Synology Inc. -> )

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2019-08-30] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2019-08-30] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2023-03-29 20:19 - 2023-03-10 16:18 - 002521600 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\ffmpeg.dll
2023-03-29 20:19 - 2023-03-10 16:18 - 000375808 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\libegl.dll
2023-03-29 20:19 - 2023-03-10 16:18 - 006533120 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\libglesv2.dll
2023-03-29 20:19 - 2023-03-10 16:17 - 000097280 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\resources\app\dist\magutils-napi.node
2023-03-29 20:19 - 2023-03-10 16:17 - 000087040 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\resources\app\dist\magvibrancy-napi.node
2023-03-29 20:19 - 2023-03-10 16:17 - 000589824 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\resources\app\dist\uimpewrapper-napi.node
2021-10-14 21:39 - 2023-03-10 16:18 - 004426752 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\vk_swiftshader.dll
2023-07-27 12:45 - 2023-07-27 12:44 - 000164864 _____ () [File not signed] C:\Program Files\LGHUB\resources\app.asar.unpacked\keytar.node
2022-05-01 14:26 - 2021-03-13 22:28 - 000221696 _____ (Bullzip) [File not signed] C:\Program Files\Common Files\Bullzip\PDF Printer\Ports\BULLZIP\bzpdf.dll
2021-02-21 02:19 - 2020-08-24 08:52 - 000158208 _____ (Creative Lab Pte Ltd.) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Command\Platform\ClplLEDController.dll
2021-02-21 02:19 - 2020-10-26 02:54 - 000565248 _____ (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Command\Platform\CTAudEp.dll
2021-02-21 02:19 - 2020-07-21 09:49 - 002087424 _____ (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Command\Platform\CTCDC.dll
2021-02-21 02:19 - 2020-08-24 08:52 - 001830912 _____ (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Command\Platform\CTDrvLedMgr.dll
2021-02-21 02:19 - 2020-12-23 03:18 - 000124416 _____ (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Command\Platform\CTHID.dll
2021-02-21 02:19 - 2020-12-23 03:18 - 000587776 _____ (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Command\Platform\CTHIDRpA.dll
2021-02-21 02:19 - 2018-10-23 02:25 - 000098304 _____ (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Command\Platform\CTIntrfu.dll
2021-02-21 02:19 - 2020-10-26 02:54 - 001878528 _____ (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Command\Platform\MalLgcy.dll
2021-02-21 02:19 - 2021-01-12 04:28 - 000141312 _____ (Creative Technology Ltd.) [File not signed] [File is in use] C:\Program Files (x86)\Creative\Sound Blaster Command\Platform\Creative.Platform.PropStore.dll
2022-07-15 20:00 - 2022-07-15 20:00 - 000094720 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2021-02-21 02:27 - 2021-02-21 02:27 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2021-02-21 02:27 - 2021-02-21 02:27 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Doma\Downloads\FRST64.exe:MBAM.Zone.Identifier [240]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2023-08-03] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre-1.8\bin\ssv.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-1.8\bin\jp2ssv.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-08-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-08-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-08-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-08-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-08-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-08-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-08-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-08-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-08-03] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2060866435-3550678212-885603182-1001\...\sharepoint.com -> hxxps://adastrabiz-files.sharepoint.com
IE trusted site: HKU\S-1-5-21-2060866435-3550678212-885603182-1001\...\synology.me -> hxxps://hrabatko.synology.me

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 11:14 - 2021-02-21 13:33 - 000000871 _____ C:\Windows\system32\drivers\etc\hosts
192.168.0.150 hrabatko.synology.me #Můj NAS

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\PuTTY\;C:\Program Files\SASHome\Secure\ccme4;C:\Program Files\SASHome\x86\Secure\ccme4;C:\Program Files (x86)\Calibre2\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\dotnet\
HKU\S-1-5-21-2060866435-3550678212-885603182-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "KeePass 2 PreLoad"
HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKU\S-1-5-21-2060866435-3550678212-885603182-1001\...\StartupApproved\StartupFolder: => "DDM2.0.lnk"
HKU\S-1-5-21-2060866435-3550678212-885603182-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F551AE4A-44AF-4093-930E-25902019C263}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5BCF832B-9974-4B6D-83DE-558AD57FB572}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{102A8148-2D0A-474B-81F1-FFEE6F4837DB}] => (Allow) LPort=32682
FirewallRules: [TCP Query User{9C960DF2-F50D-4E27-8418-F1FC09AFDAFB}C:\users\doma\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\doma\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{49465726-6CFF-45CA-90F9-29EB883DC611}C:\users\doma\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\doma\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{12FAAE03-B996-458D-9ACD-BEFE35AE6490}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{3ADA3931-26D8-4541-89AF-F1EE1A352E37}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{140D557E-7B39-445B-AE25-E8FB725A1FF2}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{6E2DEC3F-BB07-48B1-B162-FAD63BBFC1FC}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [TCP Query User{AECFAB82-2E23-4F13-B4A5-05218E2445BD}C:\program files\ibm\spss\statistics\subscription\stats.exe] => (Allow) C:\program files\ibm\spss\statistics\subscription\stats.exe => No File
FirewallRules: [UDP Query User{E779E8CF-CAFD-40E3-92DA-6A2D334DC5BB}C:\program files\ibm\spss\statistics\subscription\stats.exe] => (Allow) C:\program files\ibm\spss\statistics\subscription\stats.exe => No File
FirewallRules: [TCP Query User{A0486E0B-FE7F-497C-98AE-A6A312608326}C:\gog games\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) C:\gog games\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [UDP Query User{EEDCA784-9841-4C62-A5C7-C31239E4DA2B}C:\gog games\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) C:\gog games\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [{40E8EA62-AFAC-4FC9-BE15-FADF160E7F9C}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{A36DA616-2866-4103-ABED-5BF192550BC8}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{365B374C-A02C-4A30-9F1E-B7F031E6C0DD}C:\program files\windowsapps\appleinc.itunes_12122.2.54019.0_x64__nzyj5cx40ttqa\itunes.exe] => (Allow) C:\program files\windowsapps\appleinc.itunes_12122.2.54019.0_x64__nzyj5cx40ttqa\itunes.exe => No File
FirewallRules: [UDP Query User{7889948F-BAA9-4EE3-A607-65FFCC97276D}C:\program files\windowsapps\appleinc.itunes_12122.2.54019.0_x64__nzyj5cx40ttqa\itunes.exe] => (Allow) C:\program files\windowsapps\appleinc.itunes_12122.2.54019.0_x64__nzyj5cx40ttqa\itunes.exe => No File
FirewallRules: [TCP Query User{B1B6481E-3BD2-4B6E-BA97-2FE6FA72C4A4}C:\users\doma\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\doma\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{5000008C-4987-4907-B921-5A0D646D61C7}C:\users\doma\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\doma\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{12662EE9-D0E7-40B4-B6C5-727D69FC9C59}C:\program files\jetbrains\phpstorm 2021.2.3\bin\phpstorm64.exe] => (Block) C:\program files\jetbrains\phpstorm 2021.2.3\bin\phpstorm64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [UDP Query User{5CCA9E1C-5725-48EE-97DA-7581F0695922}C:\program files\jetbrains\phpstorm 2021.2.3\bin\phpstorm64.exe] => (Block) C:\program files\jetbrains\phpstorm 2021.2.3\bin\phpstorm64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [TCP Query User{1533946C-8C5F-4515-877E-95E8D5E25A14}C:\program files (x86)\need for speed - heat\needforspeedheat.exe] => (Block) C:\program files (x86)\need for speed - heat\needforspeedheat.exe => No File
FirewallRules: [UDP Query User{A3978203-9488-4FF0-8C3D-3565A832DFB0}C:\program files (x86)\need for speed - heat\needforspeedheat.exe] => (Block) C:\program files (x86)\need for speed - heat\needforspeedheat.exe => No File
FirewallRules: [TCP Query User{C796299D-F672-4DD1-9735-86A3902EE853}C:\program files (x86)\resident evil village\re8.exe] => (Block) C:\program files (x86)\resident evil village\re8.exe => No File
FirewallRules: [UDP Query User{3E7C2B5C-BEC0-4E91-95AF-21962B9025CA}C:\program files (x86)\resident evil village\re8.exe] => (Block) C:\program files (x86)\resident evil village\re8.exe => No File
FirewallRules: [TCP Query User{B885DBDE-D085-4256-937D-384A1E20F1A5}C:\gog games\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) C:\gog games\kingdom come deliverance\bin\win64\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [UDP Query User{22D2B368-2AD2-4646-85FA-B1E674E2309D}C:\gog games\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) C:\gog games\kingdom come deliverance\bin\win64\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [TCP Query User{17FA945C-D784-435E-B338-BCE7CF29821F}C:\program files (x86)\dying light 2\ph\work\bin\x64\dyinglightgame_x64_rwdi.exe] => (Block) C:\program files (x86)\dying light 2\ph\work\bin\x64\dyinglightgame_x64_rwdi.exe (Techland) [File not signed]
FirewallRules: [UDP Query User{99264A50-B2E2-4AB8-9D4F-0D2E37F82DCB}C:\program files (x86)\dying light 2\ph\work\bin\x64\dyinglightgame_x64_rwdi.exe] => (Block) C:\program files (x86)\dying light 2\ph\work\bin\x64\dyinglightgame_x64_rwdi.exe (Techland) [File not signed]
FirewallRules: [TCP Query User{1B5C4685-864F-4B25-A345-B8B7B1FEE9EA}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe (Synology Inc. -> )
FirewallRules: [UDP Query User{07333108-90A3-4E0E-97A2-E30B6E1A3356}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe (Synology Inc. -> )
FirewallRules: [TCP Query User{D4262D7A-DEAF-45C7-823F-E4E82A43621C}D:\winbox64.exe] => (Allow) D:\winbox64.exe (Mikrotikls SIA -> )
FirewallRules: [UDP Query User{D0505DF8-369A-42D9-872E-45F2A504EB42}D:\winbox64.exe] => (Allow) D:\winbox64.exe (Mikrotikls SIA -> )
FirewallRules: [TCP Query User{D4EFC188-9025-4CBB-A8F2-13E724FAF5F7}C:\users\doma\downloads\winbox.exe] => (Allow) C:\users\doma\downloads\winbox.exe (Mikrotikls SIA -> )
FirewallRules: [UDP Query User{DAC12DC6-89EC-4235-80BC-A091CBBC7CDE}C:\users\doma\downloads\winbox.exe] => (Allow) C:\users\doma\downloads\winbox.exe (Mikrotikls SIA -> )
FirewallRules: [{67987431-E8F4-438C-9F2B-771875F92AA8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7284E855-E786-46EB-8BD2-28E16676998D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9BD8C768-65BE-42F0-AA31-76442E06B857}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0F2F36B6-5382-4357-8AA5-BCA2E68F4318}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{BBF79FE3-07CB-46BD-A018-F517B4ADEE2A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{B5E231E4-9986-40C7-B9AF-32F140550EEF}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{B6922556-5C25-4A1A-A4AE-D9280EE293C0}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{76F1FAE4-81EC-4599-AE7B-05680E6AB93B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{8AF91BE3-1201-4EB7-98D9-C3C2AEC9CA8B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{A904C2E9-C560-4F99-AAB0-33957A6D9444}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{06658996-EAFF-4860-8F2C-8BB642D348AB}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{A5CF2ECA-0CAA-4656-A98D-332696318771}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{5FB97862-6A05-44DE-A030-F8B6022FE0E4}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{365D4B59-C729-48CD-A85E-1072E93145C3}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\115.0.1901.203\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4464279B-BCF4-4A62-9769-97881BF2CD51}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.101.3212.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F84F0E93-6EAF-4D36-B3BA-86B46EA8426A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.101.3212.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5957CFFB-2477-407B-80EF-3203CE9A2E9D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.101.3212.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{207A6597-51FF-401A-9A3D-46E7AA69F70B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.101.3212.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CC8F680E-37CF-4E0B-B536-D9591E978BC5}] => (Allow) LPort=32683
FirewallRules: [{070297FB-E5A1-4E17-86C7-04B625AAFC11}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{60EF3B0E-B09B-4D8F-A75C-6B9A8604E090}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.218.999.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{75817E37-20C8-4D9C-BE60-02D61114A7CA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.218.999.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{907EF94C-0494-41BA-9B39-1D1F87A2488D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.218.999.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{CD199E86-87F4-47B2-8BA0-6758209586A4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.218.999.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C7FAA9F1-B072-4A08-B567-E273C7D0F59F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.218.999.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B2DAFCB4-06D2-4C41-87B4-7307B983BB96}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.218.999.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EF096A8D-71F5-48CE-BC6A-933038245C8D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.218.999.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A14946C0-F2FC-499A-BF5C-29021BCB2671}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.218.999.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BD6D38D2-39D5-48BA-8E7F-FD3F66384E8A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.218.999.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F8FD0330-EACF-4930-88AD-06415318673F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.218.999.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{524FA07D-1FDC-4E65-8A5A-64CB8CBEFC36}] => (Allow) LPort=26822

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (08/21/2023 09:35:44 PM) (Source: SAS Disk Cleanup Handler) (EventID: 0) (User: )
Description: ERROR: Přístup k cestě C:\Windows\Temp byl odepřen.

Error: (08/21/2023 09:35:44 PM) (Source: SAS Disk Cleanup Handler) (EventID: 0) (User: )
Description: ERROR: Přístup k cestě C:\Windows\SysWOW64\Tasks byl odepřen.

Error: (08/21/2023 09:35:44 PM) (Source: SAS Disk Cleanup Handler) (EventID: 0) (User: )
Description: ERROR: Přístup k cestě C:\Windows\SysWOW64\sru byl odepřen.

Error: (08/21/2023 09:35:44 PM) (Source: SAS Disk Cleanup Handler) (EventID: 0) (User: )
Description: ERROR: Přístup k cestě C:\Windows\SysWOW64\networklist byl odepřen.

Error: (08/21/2023 09:35:44 PM) (Source: SAS Disk Cleanup Handler) (EventID: 0) (User: )
Description: ERROR: Přístup k cestě C:\Windows\SysWOW64\Msdtc byl odepřen.

Error: (08/21/2023 09:35:44 PM) (Source: SAS Disk Cleanup Handler) (EventID: 0) (User: )
Description: ERROR: Přístup k cestě C:\Windows\SysWOW64\Configuration byl odepřen.

Error: (08/21/2023 09:35:44 PM) (Source: SAS Disk Cleanup Handler) (EventID: 0) (User: )
Description: ERROR: Přístup k cestě C:\Windows\SysWOW64\config byl odepřen.

Error: (08/21/2023 09:35:44 PM) (Source: SAS Disk Cleanup Handler) (EventID: 0) (User: )
Description: ERROR: Přístup k cestě C:\Windows\SysWOW64\Com\dmp byl odepřen.


System errors:
=============
Error: (08/20/2023 09:36:35 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-ALHCOVU)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/20/2023 08:29:38 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9WZDNCRFHVQM-MICROSOFT.WINDOWSCOMMUNICATIONSAPPS.

Error: (08/20/2023 09:33:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba ClickToRunSvc neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (08/20/2023 09:33:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba LGHUBUpdaterService neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (08/20/2023 09:33:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba MSI_Case_Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (08/20/2023 09:33:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba MSI_VoiceControl_Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (08/20/2023 09:33:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba LMS neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (08/20/2023 09:33:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SamsungMagicianSVC neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.


Windows Defender:
================Event[0]:

Date: 2022-07-02 08:29:34
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.331.1467.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17800.5
Kód chyby: 0x80240017
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===============
Date: 2023-08-21 21:30:32
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 1.C0 06/11/2022
Motherboard: Micro-Star International Co., Ltd. MAG Z490 TOMAHAWK (MS-7C80)
Processor: Intel(R) Core(TM) i7-10700KF CPU @ 3.80GHz
Percentage of memory in use: 28%
Total physical RAM: 32704 MB
Available physical RAM: 23492.18 MB
Total Virtual: 37568 MB
Available Virtual: 26129.86 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.91 GB) (Free:458.75 GB) (Model: Samsung SSD 970 EVO Plus 1TB) NTFS
Drive d: () (Fixed) (Total:1863.01 GB) (Free:1600.22 GB) (Model: CT2000MX500SSD1) NTFS
Drive e: () (Fixed) (Total:465.76 GB) (Free:465.07 GB) (Model: Samsung SSD 850 EVO 500GB) NTFS
Drive f: () (Fixed) (Total:1862.89 GB) (Free:916 GB) (Model: ST2000DM001-1ER164) NTFS

\\?\Volume{c2620cec-040b-4273-9ff8-b22d183de2bc}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS
\\?\Volume{9d3d336d-dc5b-4e83-ac46-21a989b310bb}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 79597F65)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 7CC980F3)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 3 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

[JaRon]

ahoj,
vycisti PC s Adwcleanerom - log sem

[Hrabatko]

Ahoj, čištění jsem provedl již včera. Log přikládám (snad ten správný).
Děkuji.

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 8/21/23
Scan Time: 9:30 PM
Log File: 318226ce-4059-11ee-a1d7-2cf05d76e73b.json

-Software Information-
Version: 4.6.0.277
Components Version: 1.0.2114
Update Package Version: 1.0.74273
License: Trial

-System Information-
OS: Windows 10 (Build 19045.3324)
CPU: x64
File System: NTFS
User: DESKTOP-ALHCOVU\Doma

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 272948
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 1 min, 7 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

[JaRon]

citat:
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>

Kód: Vybrat vše

Start
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2060866435-3550678212-885603182-1001\...\MountPoints2: {383aecd3-7436-11eb-8fd4-2cf05d76e73b} - "G:\setup.exe" 
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
S1 EneTechIo; \??\C:\Windows\system32\drivers\ene.sys [X]
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll -> No File
AlternateDataStreams: C:\Users\Doma\Downloads\FRST64.exe:MBAM.Zone.Identifier [240]
FirewallRules: [TCP Query User{1533946C-8C5F-4515-877E-95E8D5E25A14}C:\program files (x86)\need for speed - heat\needforspeedheat.exe] => (Block) C:\program files (x86)\need for speed - heat\needforspeedheat.exe => No File
FirewallRules: [UDP Query User{A3978203-9488-4FF0-8C3D-3565A832DFB0}C:\program files (x86)\need for speed - heat\needforspeedheat.exe] => (Block) C:\program files (x86)\need for speed - heat\needforspeedheat.exe => No File
FirewallRules: [TCP Query User{C796299D-F672-4DD1-9735-86A3902EE853}C:\program files (x86)\resident evil village\re8.exe] => (Block) C:\program files (x86)\resident evil village\re8.exe => No File
FirewallRules: [UDP Query User{3E7C2B5C-BEC0-4E91-95AF-21962B9025CA}C:\program files (x86)\resident evil village\re8.exe] => (Block) C:\program files (x86)\resident evil village\re8.exe => No File



EmptyTemp:
Reboot:
End

•Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe
•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

[Hrabatko]

Fix result of Farbar Recovery Scan Tool (x64) Version: 23-08-2023
Ran by Doma (23-08-2023 20:46:41) Run:1
Running from C:\Users\Doma\Downloads
Loaded Profiles: Doma
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2060866435-3550678212-885603182-1001\...\MountPoints2: {383aecd3-7436-11eb-8fd4-2cf05d76e73b} - "G:\setup.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
S1 EneTechIo; \??\C:\Windows\system32\drivers\ene.sys [X]
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Users\Doma\AppData\Local\Microsoft\OneDrive\22.217.1016.0002\FileSyncShell64.dll -> No File
AlternateDataStreams: C:\Users\Doma\Downloads\FRST64.exe:MBAM.Zone.Identifier [240]
FirewallRules: [TCP Query User{1533946C-8C5F-4515-877E-95E8D5E25A14}C:\program files (x86)\need for speed - heat\needforspeedheat.exe] => (Block) C:\program files (x86)\need for speed - heat\needforspeedheat.exe => No File
FirewallRules: [UDP Query User{A3978203-9488-4FF0-8C3D-3565A832DFB0}C:\program files (x86)\need for speed - heat\needforspeedheat.exe] => (Block) C:\program files (x86)\need for speed - heat\needforspeedheat.exe => No File
FirewallRules: [TCP Query User{C796299D-F672-4DD1-9735-86A3902EE853}C:\program files (x86)\resident evil village\re8.exe] => (Block) C:\program files (x86)\resident evil village\re8.exe => No File
FirewallRules: [UDP Query User{3E7C2B5C-BEC0-4E91-95AF-21962B9025CA}C:\program files (x86)\resident evil village\re8.exe] => (Block) C:\program files (x86)\resident evil village\re8.exe => No File



EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKU\S-1-5-21-2060866435-3550678212-885603182-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{383aecd3-7436-11eb-8fd4-2cf05d76e73b} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\System\CurrentControlSet\Services\EneTechIo => removed successfully
EneTechIo => service removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
"C:\Users\Doma\Downloads\FRST64.exe" => ":MBAM.Zone.Identifier" ADS not found.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{1533946C-8C5F-4515-877E-95E8D5E25A14}C:\program files (x86)\need for speed - heat\needforspeedheat.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A3978203-9488-4FF0-8C3D-3565A832DFB0}C:\program files (x86)\need for speed - heat\needforspeedheat.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C796299D-F672-4DD1-9735-86A3902EE853}C:\program files (x86)\resident evil village\re8.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3E7C2B5C-BEC0-4E91-95AF-21962B9025CA}C:\program files (x86)\resident evil village\re8.exe" => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 2097152 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 149270153 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 394981548 B
Windows/system/drivers => 15570443 B
Edge => 0 B
Chrome => 408196732 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 22704338 B
LocalService => 23679822 B
NetworkService => 138435930 B
Doma => 2029743500 B

RecycleBin => 13925036 B
EmptyTemp: => 3 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:56:29 ====

[JaRon]

Vycistene

[Hrabatko]

Bohužel, kéž by. Problém bohužel přetrvává. Avast stále občas hlásí stejný problém

[JaRon]

mozes vycistit prehliadace podla navodu https://forum.viry.cz/viewtopic.php?p=1 ... k#p1551806
je vsak mozne, ze navstevovane stranky nie su uplne koser z hladiska bezpecnosti

[Hrabatko]

Prohlížeč se zdá být čistý, bude to návštěvou ne úplně košer stránek. Děkuji za pomoc, poslal jsem donate.

[JaRon]

rado sa stalo - dakujeme