Prosím o kontrolu PC

[pasik68]

Dobrý den,
prosím o kontrolu. Včera , po zapnutí Firefoxu detekoval a odstranil Windows Defender trojan (wallet transaction script). Dnes se stáhla divný soubor (onlyfans script ...), nešel odstranit, po restartu zmizel.
Přikládám logy.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-01-2026
Ran by RSlos (administrator) on PC (ASUS System Product Name) (29-01-2026 18:23:33)
Running from D:\Downloads\FRST64.exe
Loaded Profiles: RSlos
Platform: Microsoft Windows 11 Home Version 25H2 26200.7623 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <7>
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe
(C:\Program Files (x86)\LightingService\LightingService.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\AacAmbientHal\AacAmbientLighting.exe
(C:\Program Files\ASUS\Armoury Crate Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\Armoury Crate Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\Mozilla Firefox\firefox.exe ->) (Mozilla Corporation -> Mozilla Foundation) C:\Program Files\Mozilla Firefox\crashhelper.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Copilot_1.25121.81.0_x64__8wekyb3d8bbwe\Copilot.exe
(Gen Digital Inc. -> Gen Digital Inc.) D:\Programs\CCleaner\CCleaner64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Miroslav Topolar -> Mister Group) D:\Programs\System Explorer\SystemExplorer.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <12>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUS Inc.) C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.) C:\Program Files (x86)\ASUS\AsusCertService\1.2.36\AsusCertService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.43\AsusFanControlService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.03.21\atkexComSvc.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\Armoury Crate Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe
(services.exe ->) (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\NisSrv.exe
(services.exe ->) (Miroslav Topolar -> Mister Group) D:\Programs\System Explorer\service\SystemExplorerService64.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmd.inf_amd64_aa54f7a758543a0a\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) D:\Programs\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) D:\Programs\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(svchost.exe ->) (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ) C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_6.3.9.0_x64__qmba6cd70vzyy\ArmouryCrate.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x64.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Compputer Inc.) C:\Program Files\ASUS\AacMB\Aac3572MbHal_x86.exe <2>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\AacExtCard\extensionCardHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS_Aac_DRAM\Aac3572DramHal_x86.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.218.0.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [PDFPrint] => D:\Programs\PDF24\pdf24.exe [220704 2015-09-14] (Geek Software GmbH -> Geek Software GmbH)
HKLM-x32\...\Run: [SystemExplorerAutoStart] => "D:\Programs\System Explorer\SystemExplorer.exe" /TRAY (No File)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (Canon Inc. -> CANON INC.)
HKU\S-1-5-21-1965252194-2230838174-2805914660-1001\...\Run: [CCleaner Smart Cleaning] => D:\Programs\CCleaner\CCleaner64.exe [45741280 2025-07-18] (Gen Digital Inc. -> Gen Digital Inc.)
HKU\S-1-5-21-1965252194-2230838174-2805914660-1001\...\Run: [MicrosoftEdgeAutoLaunch_C543EDFAD1B810FB9BE29157554F9BEC] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4314152 2026-01-23] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1965252194-2230838174-2805914660-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [41675224 2026-01-20] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1965252194-2230838174-2805914660-1001\...\Run: [Zoner Photo Studio Autoupdate] => D:\Programs\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [833240 2014-12-23] (ZONER software, a.s. -> ZONER software)
HKLM\...\Windows x64\Print Processors\Canon MG3200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDB8.DLL [30208 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3200 series: C:\Windows\system32\CNMLMB8.DLL [389120 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [359936 2012-03-28] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\PDF-XChange Lite Port Monitor: C:\Windows\system32\pxcpmL.dll [2376960 2018-02-27] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{49210152-871f-4ffa-961d-a172abcbc09d}] -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe [2025-11-06] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\144.0.7559.96\Installer\chrmstp.exe [2026-01-22] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {C670D910-5E42-4655-8169-29AD6CEAD247} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1581568 2025-08-24] (Adobe Inc. -> Adobe Inc.)
Task: {AAA9EE30-77AC-472E-BDA9-251290FA16CB} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [398688 2025-05-27] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {82333BC8-8D56-4EF6-B73A-525A63D6F5D0} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\TaskSchedulerTool_ArmourySocketServer.exe [120672 2025-05-27] (ASUSTeK COMPUTER INC. -> TODO: <公司名稱>)
Task: {21A65C2B-654D-41A9-BADC-39A64CEFD0FB} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1db7c9a11e0d41 => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [249192 2025-02-11] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {44CD6B0A-9337-40DC-B02B-1CA43259A3AC} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [249192 2025-02-11] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {4D9587C7-82CD-4183-A95E-EAA53177FBA5} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\TaskSchedulerTool_asus_framework.exe [120664 2025-06-27] (ASUSTeK COMPUTER INC. -> TODO: <公司名稱>)
Task: {FD1A7FDD-20EB-4CE6-8EF8-8E4D672CDE3A} - System32\Tasks\ASUS\NoiseCancelingEngine => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe [1261928 2024-04-09] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {7D62F6A6-C5CB-40D7-A854-E518A2F99465} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (No File)
Task: {D6D96883-88B8-4ABD-B22A-E9448A956CE5} - System32\Tasks\CCleaner Update => D:\Programs\CCleaner\CCUpdate.exe [3480504 2025-07-18] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {BE40ED2A-DDD1-4CBC-9A5D-208DD8754CA7} - System32\Tasks\CCleanerCrashReporting => D:\Programs\CCleaner\CCleanerBugReport.exe [6140640 2025-07-18] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "D:\Programs\CCleaner\LOG" --programpath "D:\Programs\CCleaner" --guid "麠꧹Ȧ" --version "6.38.0.11537" --silent
Task: {3334486B-80AD-4875-BD8C-22F77C3293F6} - System32\Tasks\CCleanerSkipUAC - RSlos => D:\Programs\CCleaner\CCleaner.exe [39575776 2025-07-18] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {63A221C4-AB8E-49A7-8D68-93FFA2E09981} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem145.0.7569.0{5A0D38F1-4F7C-4551-A2AF-759D8576037A} => C:\Program Files (x86)\Google\GoogleUpdater\145.0.7569.0\updater.exe [7201944 2025-12-08] (Google LLC -> Google LLC)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {ADC46D81-834A-4E28-8450-A834593BBAE8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\MpCmdRun.exe [1803016 2025-12-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {18E34FC6-4116-4B4D-A724-DD03A8541938} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\MpCmdRun.exe [1803016 2025-12-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {784F8B14-0977-4789-9E6B-29A55EF6779C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\MpCmdRun.exe [1803016 2025-12-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {53822D60-E903-4B22-B536-D9C97BD71AA7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\MpCmdRun.exe [1803016 2025-12-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8F63DF16-BE9B-4A46-B8B3-6313D0E17E98} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34944 2025-12-24] (Mozilla Corporation -> Mozilla Foundation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CCleanerCrashReporting.job => D:\Programs\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1deed107-c13e-4c47-804f-49b082f7bac9}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF DefaultProfile: huh23oum.default
FF ProfilePath: C:\Users\RSlos\AppData\Roaming\Mozilla\Firefox\Profiles\huh23oum.default [2025-02-11]
FF ProfilePath: C:\Users\RSlos\AppData\Roaming\Mozilla\Firefox\Profiles\2jvd560n.default-release [2026-01-29]
FF DownloadDir: D:\Downloads
FF Homepage: Mozilla\Firefox\Profiles\2jvd560n.default-release -> www.seznam.cz
FF Extension: (Google Translator for Firefox) - C:\Users\RSlos\AppData\Roaming\Mozilla\Firefox\Profiles\2jvd560n.default-release\Extensions\translator@zoli.bod.xpi [2025-02-12]
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> D:\Programs\PDF- XChange Editor\npPDFXEditPlugin.x64.dll [2018-02-27] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2026-01-20] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.) [File not signed]
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> D:\Programs\PDF- XChange Editor\npPDFXEditPlugin.x86.dll [2018-02-27] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\RSlos\AppData\Local\Microsoft\Edge\User Data\Default [2026-01-28]
Edge DownloadDir: D:\Downloads
Edge HomePage: Default -> hxxp://www.seznam.cz/
Edge StartupUrls: Default -> "hxxp://www.seznam.cz/"
Edge Extension: (Dokumenty Google offline) - C:\Users\RSlos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-12-24]
Edge Extension: (Edge relevant text changes) - C:\Users\RSlos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2025-02-11]
Edge DownloadDir: Default -> D:\Downloads

Chrome:
=======
CHR Profile: C:\Users\RSlos\AppData\Local\Google\Chrome\User Data\Default [2026-01-28]
CHR HomePage: Default -> hxxp://google/
CHR Extension: (Dokumenty Google offline) - C:\Users\RSlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-01-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\RSlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2025-03-10]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174584 2025-08-24] (Adobe Inc. -> Adobe Inc.)
R2 ArmouryCrateService; C:\Program Files\ASUS\Armoury Crate Service\ArmouryCrate.Service.exe [431144 2025-07-02] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.03.21\atkexComSvc.exe [939880 2024-10-22] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [249192 2025-02-11] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\1.2.36\AsusCertService.exe [485720 2025-04-17] (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.43\AsusFanControlService.exe [1854312 2025-02-18] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [249192 2025-02-11] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 AsusUpdateCheck; C:\Windows\System32\AsusUpdateCheck.exe [840144 2026-01-29] (ASUSTeK COMPUTER INC. -> )
S3 CCleanerPerformanceOptimizerService; D:\Programs\CCleaner\CCleanerPerformanceOptimizerService.exe [1080544 2025-07-18] (Gen Digital Inc. -> Gen Digital Inc.)
R2 GameSDK Service; C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe [397544 2022-05-31] (ASUSTeK COMPUTER INC. -> ASUS Inc.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] (Canon Inc. -> )
S2 Intel(R) Platform License Manager Service; C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_fc84dfa25a6a7727\lib\PlatformLicenseManagerService.exe [741488 2023-12-14] (Intel Corporation -> Intel(R) Corporation)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [5094240 2025-05-26] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\MpDefenderCoreService.exe [2063376 2025-12-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvmd.inf_amd64_aa54f7a758543a0a\Display.NvContainer\NVDisplay.Container.exe [1275024 2024-11-19] (NVIDIA Corporation -> NVIDIA Corporation)
R2 ROG Live Service; C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe [2533992 2025-10-09] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R2 ss_conn_service; D:\Programs\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2024-10-18] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; D:\Programs\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [933432 2024-10-18] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R3 SystemExplorerHelpService; D:\Programs\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Miroslav Topolar -> Mister Group)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\NisSrv.exe [4426832 2025-12-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\MsMpEng.exe [290704 2025-12-18] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 Asusgio3; C:\Windows\system32\drivers\AsIO3.sys [59936 2025-04-16] (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [573440 2024-10-05] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [200704 2024-10-05] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [110592 2025-02-11] (Microsoft Corporation) [File not signed]
R3 cpuz158; C:\Windows\temp\cpuz158\cpuz158_x64.sys [44592 2026-01-29] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
R1 CTIAIO; C:\Windows\system32\drivers\CtiAIo64.sys [34920 2025-02-18] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [175824 2024-10-18] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 HoYoProtect; C:\Windows\system32\HoYoKProtect.sys [3921048 2025-10-18] (Microsoft Windows Hardware Compatibility Publisher -> miHoYo)
R4 IOMap; C:\Windows\system32\drivers\IOMap64.sys [55416 2025-02-14] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R3 KslD; C:\Windows\System32\drivers\wd\KslD.sys [333192 2025-11-18] (Microsoft Windows -> Microsoft Corporation)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [19672 2023-12-10] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 rt25cx21; C:\Windows\System32\DriverStore\FileRepository\rt25cx21x64.inf_amd64_8e61b4ea25373168\rt25cx21x64.sys [887776 2024-10-21] (Realtek Semiconductor Corp. -> Realtek)
S3 rtcx21; C:\Windows\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_feec7a9662e785f0\rtcx21x64.sys [539648 2024-03-28] (Microsoft Windows -> Realtek)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174264 2024-10-18] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [50896 2024-10-18] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
U5 UnlockerDriver5; D:\Programs\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] (Empty Loop -> )
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [21928 2025-12-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [635272 2025-12-18] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [102792 2025-12-18] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz159; \??\C:\Windows\temp\cpuz159\cpuz159_x64.sys [X] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2026-01-29 18:23 - 2026-01-29 18:23 - 000000000 ____D C:\FRST
2026-01-25 16:03 - 2026-01-25 16:03 - 004461194 _____ C:\Users\RSlos\Downloads\Video bez názvu_ Vytvořeno pomocí aplikace Clipchamp.m4a
2026-01-25 13:00 - 2026-01-25 20:22 - 000000000 ____D C:\Users\RSlos\AppData\Roaming\Paper Lily
2026-01-25 12:41 - 2026-01-25 12:41 - 000000223 _____ C:\Users\RSlos\Desktop\Project Kat - Paper Lily Prologue.url
2026-01-25 12:33 - 2026-01-25 12:33 - 000000223 _____ C:\Users\RSlos\Desktop\DUET.url
2026-01-25 12:31 - 2026-01-25 12:31 - 000000223 _____ C:\Users\RSlos\Desktop\A Date with Death.url
2026-01-25 12:29 - 2026-01-25 12:29 - 000000222 _____ C:\Users\RSlos\Desktop\Narcissu 1st & 2nd.url
2026-01-24 08:39 - 2026-01-29 16:59 - 000000000 ____D C:\Windows\CbsTemp
2026-01-04 14:07 - 2026-01-06 19:06 - 000000000 ____D C:\Users\RSlos\Documents\The Witcher 3
2026-01-04 14:00 - 2026-01-04 14:00 - 000000222 _____ C:\Users\RSlos\Desktop\Zaklínač 3 Divoký hon.url
2026-01-01 11:13 - 2026-01-01 11:13 - 000711764 _____ C:\Windows\system32\perfh005.dat
2026-01-01 11:13 - 2026-01-01 11:13 - 000152978 _____ C:\Windows\system32\perfc005.dat
2026-01-01 11:13 - 2026-01-01 11:13 - 000000000 ____D C:\Windows\SysWOW64\XPSViewer
2026-01-01 11:13 - 2026-01-01 11:13 - 000000000 ____D C:\Program Files\Reference Assemblies
2026-01-01 11:13 - 2026-01-01 11:13 - 000000000 ____D C:\Program Files\MSBuild
2026-01-01 11:13 - 2026-01-01 11:13 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2026-01-01 11:13 - 2026-01-01 11:13 - 000000000 ____D C:\Program Files (x86)\MSBuild

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2026-01-29 18:23 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2026-01-29 18:20 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SystemTemp
2026-01-29 18:16 - 2025-02-11 18:19 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2026-01-29 18:15 - 2025-02-11 23:37 - 000022630 _____ C:\Windows\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2026-01-29 18:15 - 2025-02-11 23:36 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2026-01-29 18:15 - 2025-02-11 23:30 - 000891752 _____ () C:\Windows\system32\wpbbin.exe
2026-01-29 18:15 - 2025-02-11 23:30 - 000840144 _____ C:\Windows\system32\AsusUpdateCheck.exe
2026-01-29 18:15 - 2025-02-11 23:30 - 000012288 ___SH C:\DumpStack.log.tmp
2026-01-29 18:15 - 2025-02-11 17:18 - 000003290 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2026-01-29 18:15 - 2025-02-11 17:18 - 000000574 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2026-01-29 18:15 - 2025-02-11 16:49 - 000000000 ____D C:\ProgramData\NVIDIA
2026-01-29 18:15 - 2025-02-11 16:47 - 000000000 ____D C:\Users\RSlos\AppData\Roaming\asus_framework
2026-01-29 18:15 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\AppReadiness
2026-01-29 18:13 - 2024-04-01 08:21 - 000524288 _____ C:\Windows\system32\config\BBI
2026-01-29 14:59 - 2024-04-01 08:26 - 000000000 ___HD C:\Program Files\WindowsApps
2026-01-28 20:09 - 2025-12-16 14:58 - 000000000 ____D C:\Users\RSlos\AppData\Local\CrashDumps
2026-01-28 20:09 - 2025-02-13 16:48 - 000000000 ____D C:\Program Files (x86)\Steam
2026-01-28 20:09 - 2025-02-11 18:42 - 000000000 ____D C:\Users\RSlos\AppData\Roaming\MPC-HC
2026-01-28 16:16 - 2025-02-28 16:33 - 000000000 ____D C:\Users\RSlos\AppData\Roaming\Mp3tag
2026-01-27 16:31 - 2025-02-11 16:29 - 000003576 _____ C:\Windows\system32\Tasks\OneDrive Startup Task-S-1-5-21-1965252194-2230838174-2805914660-1001
2026-01-27 16:31 - 2025-02-11 16:28 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1965252194-2230838174-2805914660-1001
2026-01-27 16:31 - 2025-02-11 16:28 - 000003354 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1965252194-2230838174-2805914660-1001
2026-01-27 16:31 - 2025-02-11 16:28 - 000002389 _____ C:\Users\RSlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2026-01-26 18:09 - 2025-02-11 17:45 - 000000000 ____D C:\Users\RSlos\AppData\Roaming\Microsoft\Šablony
2026-01-26 15:19 - 2025-02-11 16:27 - 000000000 ____D C:\Users\RSlos\AppData\Local\D3DSCache
2026-01-25 18:21 - 2025-02-11 17:17 - 000000000 ____D C:\Users\RSlos\AppData\Roaming\audacity
2026-01-25 12:41 - 2025-07-20 12:28 - 000000000 ____D C:\Users\RSlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2026-01-25 12:17 - 2025-02-13 16:49 - 000000000 ____D C:\Users\RSlos\AppData\Local\Steam
2026-01-25 08:20 - 2025-02-11 23:37 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2026-01-25 08:18 - 2025-02-11 23:37 - 000003714 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{47C805A1-A661-4E3D-8991-DB2D94A9806B}
2026-01-25 08:18 - 2025-02-11 23:37 - 000003588 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{B1DB4F68-5C90-4CF9-9BFE-4C0F717B7723}
2026-01-23 15:18 - 2025-02-12 16:30 - 000002039 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2026-01-22 15:40 - 2025-03-10 19:26 - 000002213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2026-01-21 16:59 - 2025-02-11 17:45 - 000000000 ____D C:\Users\RSlos\AppData\Roaming\Microsoft\Word
2026-01-18 11:44 - 2025-02-11 17:18 - 000004200 _____ C:\Windows\system32\Tasks\CCleaner Update
2026-01-17 08:21 - 2025-02-11 16:27 - 000000000 ____D C:\Users\RSlos\AppData\Local\Packages
2026-01-14 19:08 - 2024-04-01 08:24 - 000000000 ____D C:\Windows\INF
2026-01-14 19:07 - 2025-02-11 23:30 - 000419288 _____ C:\Windows\system32\FNTCACHE.DAT
2026-01-14 19:06 - 2025-02-11 23:38 - 000001623 _____ C:\Windows\system32\config\VSMIDK
2026-01-14 19:06 - 2024-04-01 17:30 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2026-01-14 19:06 - 2024-04-01 08:26 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2026-01-14 19:06 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2026-01-14 19:06 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\setup
2026-01-14 19:06 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\Dism
2026-01-14 19:06 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SystemResources
2026-01-14 19:06 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\WinMetadata
2026-01-14 19:06 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\setup
2026-01-14 19:06 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2026-01-14 19:06 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\bcastdvr
2026-01-14 18:34 - 2024-10-05 01:08 - 001175072 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2026-01-14 18:34 - 2024-10-05 01:08 - 000780720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2026-01-14 17:27 - 2025-02-11 17:44 - 000000000 ____D C:\Users\RSlos\AppData\Roaming\Microsoft\Excel
2026-01-14 16:43 - 2025-02-11 16:19 - 003276800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2026-01-03 08:53 - 2025-03-05 16:33 - 000000000 ____D C:\ProgramData\CanonIJPLM
2026-01-01 11:13 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\MUI
2026-01-01 11:13 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\MUI
2025-12-30 17:37 - 2025-02-13 16:31 - 000000000 ____D C:\Users\RSlos\AppData\Roaming\MyPhoneExplorer
2025-12-30 17:08 - 2025-02-11 18:50 - 000000000 ___HD C:\Users\Public\Documents\NativeFus_Log
2025-12-30 12:08 - 2025-02-12 16:21 - 000000000 ____D C:\Users\RSlos\AppData\Roaming\Microsoft\UProof
2025-12-30 11:01 - 2025-10-17 16:27 - 000000000 ____D C:\ProgramData\Whesvc

==================== Files in the root of some directories ========

2025-02-12 16:56 - 2025-05-19 15:06 - 000001014 _____ () C:\Users\RSlos\AppData\Roaming\PC.MTBF.txt
2025-02-12 17:44 - 2025-02-12 17:44 - 000003584 _____ () C:\Users\RSlos\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-01-2026
Ran by RSlos (29-01-2026 18:24:31)
Running from D:\Downloads
Microsoft Windows 11 Home Version 25H2 26200.7623 (X64) (2025-02-11 15:18:35)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1965252194-2230838174-2805914660-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1965252194-2230838174-2805914660-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-1965252194-2230838174-2805914660-1000 - Limited - Disabled)
Guest (S-1-5-21-1965252194-2230838174-2805914660-501 - Limited - Disabled)
RSlos (S-1-5-21-1965252194-2230838174-2805914660-1001 - Administrator - Enabled) => C:\Users\RSlos
WDAGUtilityAccount (S-1-5-21-1965252194-2230838174-2805914660-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 22.01 (x64) (HKLM\...\7-Zip) (Version: 22.01 - Igor Pavlov)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-FF00-7760-BC15014EA700}) (Version: 25.001.21111 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601120}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AniMeVisionFont_MB (HKLM\...\{93E38BA3-9745-4D67-91BC-F65F81523D0A}) (Version: 1.0.1 - ASUSTek Computer Inc.) Hidden
Armoury Crate Service (HKLM\...\Armoury Crate Service) (Version: 6.2.11 - ASUSTeK COMPUTER INC.)
ASUS AIOFan HAL (HKLM\...\{EAE80DED-1A39-41C5-9F60-87CC947F6454}) (Version: 1.4.6.0 - ASUSTeK COMPUTER INC.) Hidden
ASUS AIOFan HAL (HKLM-x32\...\{ec89ca82-ee79-4e81-b2de-dc9328a482f2}) (Version: 1.4.6.0 - ASUSTeK COMPUTER INC.) Hidden
ASUS Ambient HAL (HKLM\...\{BC4DB8AE-8E55-4B06-8656-FB1E4A035A11}) (Version: 6.5.0.0 - ASUSTeK COMPUTER INC.) Hidden
ASUS Ambient HAL (HKLM-x32\...\{f9a8e352-4536-4d05-a61c-6586b177bc28}) (Version: 6.5.0.0 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM\...\{237E1CAC-1708-4940-AC34-DF15C079AB70}) (Version: 1.1.0.20 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\...\{49c4358d-054e-4cf1-9ec1-dca3487f304a}) (Version: 1.1.0.20 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM\...\{359B9A9D-A289-4962-BCE2-13EBFD50D532}) (Version: 1.5.0.2 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM-x32\...\{00aac91e-7198-484b-b29d-1c9990d843ae}) (Version: 1.5.0.2 - ASUSTeK COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.05.10 - ASUSTeK COMPUTER INC.) Hidden
ASUS Framework Service (HKLM-x32\...\{339A6383-7862-46DA-8A9D-E84180EF9424}) (Version: 4.2.4.4 - ASUSTeK Computer Inc.)
ASUS Motherboard (HKLM-x32\...\{93795eb8-bd86-4d4d-ab27-ff80f9467b37}) (Version: 4.05.06 - ASUSTek Computer Inc.)
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.145 - ASUSTeK Computer Inc.) Hidden
AURA DRAM Component (HKLM\...\{86D4C8A2-DB22-4948-950D-28DD5145F91C}) (Version: 1.1.29 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{f70a8a88-540d-485d-9aa8-001486fb050e}) (Version: 1.1.29 - ASUS) Hidden
AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.49 - ASUSTek COMPUTER INC.)
AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.49 - ASUSTek COMPUTER INC.)
AURA Service (HKLM-x32\...\{56EEEF7D-0AE3-401A-898B-581719D005AE}) (Version: 3.08.52 - ASUSTeK COMPUTER INC.) Hidden
AURA Service (HKLM-x32\...\{bb9ee5ec-749d-429a-ad53-7c1a8d164e04}) (Version: 3.08.52 - ASUSTeK COMPUTER INC.)
calibre (HKLM-x32\...\{CF5F9723-E951-4080-BF78-7263A1C9C396}) (Version: 3.32.0 - Kovid Goyal)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - ‪Canon Inc.‬)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MG3200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3200_series) (Version: 1.01 - Canon Inc.)
Canon MG3200 series On-screen Manual (HKLM-x32\...\Canon MG3200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
Creative Pack Volume 1 (HKLM\...\{997BE27F-A97F-4EF4-B841-D20ABF1CD6DC}) (Version: 4.0.0 - Corel Corporation)
Dazzle Video Capture DVC100 X64 Driver 1.08 (HKLM-x32\...\{FB4B9EB9-68B2-4C42-8C38-B65F8FE5A5CA}) (Version: 1.08.0000 - Pinnacle)
ENE RGB HAL (HKLM\...\{E050E98C-5524-4AFB-9E53-97700BEF2C02}) (Version: 1.1.57.0 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{aed74e04-f110-4d4d-bcfc-e8e9ad5fc0aa}) (Version: 1.1.57.0 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{c1d017c2-8846-4000-9254-5689eccd462e}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
GameSDK Service (HKLM-x32\...\{021d69c3-d686-4a94-8fb5-fd1ee782fb14}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.)
GameSDK Service (HKLM-x32\...\{7160DA8D-3F25-4F6E-ABC8-F693551D82FA}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 144.0.7559.96 - Google LLC)
Hollywood FX Volumes 1-3 (HKLM\...\{48C2040D-B49F-4B4D-AE4A-0DCED3305692}) (Version: 3.0 - Corel Corporation)
iZotope Music & Speech Cleaner (HKLM-x32\...\iZotope Music & Speech Cleaner_is1) (Version: 1.00 - iZotope, Inc.)
Kingston AURA DRAM Component (HKLM\...\{965CDF5F-901C-476F-B3A8-7396701B1129}) (Version: 1.1.39 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{20c88a0d-98f7-40db-b062-3f319a507889}) (Version: 1.1.39 - KINGSTON COMPONENTS INC.) Hidden
Microsoft .NET Host - 6.0.16 (x64) (HKLM\...\{1D0AC7F1-2B34-44AF-91F6-88757D768DA7}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Host - 8.0.13 (x64) (HKLM\...\{6CD2C0A9-55E7-4133-BC19-205CCF2B64C9}) (Version: 64.52.27977 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.16 (x64) (HKLM\...\{B8537ACA-B210-4DF5-B928-E41CEB76723D}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.13 (x64) (HKLM\...\{BB5AC4BC-A263-43DA-A530-9CB56342D6B8}) (Version: 64.52.27977 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.16 (x64) (HKLM\...\{C71E93D2-B8B4-4858-B2A1-4C967DBC1C5F}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.16 (x64) (HKLM-x32\...\{2a8d0f2b-911b-4b58-8252-46b29e7a4590}) (Version: 6.0.16.32323 - Microsoft Corporation)
Microsoft .NET Runtime - 8.0.13 (x64) (HKLM\...\{C7FB4EEE-D481-4AC1-B113-120A9124FE50}) (Version: 64.52.27977 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.13 (x64) (HKLM-x32\...\{8def024a-2c3c-4c48-a40d-05682ee1ec65}) (Version: 8.0.13.34516 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 144.0.3719.92 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 144.0.3719.93 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Czech) 2007 (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (HKLM\...\{90120000-002A-0000-1000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2007 (HKLM-x32\...\{90120000-001A-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2007 (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proof (Czech) 2007 (HKLM-x32\...\{90120000-001F-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2007 (HKLM-x32\...\{90120000-001F-041B-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2007 (HKLM-x32\...\{90120000-002C-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2007 (HKLM\...\{90120000-002A-0405-1000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2007 (HKLM-x32\...\{90120000-006E-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Standard 2007 (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Standard 2007 (HKLM-x32\...\STANDARD) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Word MUI (Czech) 2007 (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-1965252194-2230838174-2805914660-1001\...\OneDriveSetup.exe) (Version: 25.243.1211.0001 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.25.28902 - Microsoft)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.42.34438 (HKLM-x32\...\{b49c10dd-4d54-45f8-ad13-fa25704456a4}) (Version: 14.42.34438.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.40.33810 (HKLM-x32\...\{47109d57-d746-4f8b-9618-ed6a17cc922b}) (Version: 14.40.33810.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.42.34438 (HKLM\...\{E528AD94-12D7-42C4-91A3-908BE28E9BD2}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.42.34438 (HKLM\...\{2E15F519-4FDA-4834-B4EE-7EFCE7D8D4EE}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.40.33810 (HKLM-x32\...\{5EA6C998-D5AC-4ED9-89C3-9F25B17CCD3D}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.40.33810 (HKLM-x32\...\{0C3457A0-3DCE-4A33-BEF0-9B528C557771}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox) (Version: 146.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 135.0 - Mozilla)
Mp3tag v2.73 (HKLM-x32\...\Mp3tag) (Version: v2.73 - Florian Heidenreich)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.15 - F.J. Wechselberger)
NewBlue Effects (HKLM\...\{C68BAB1A-C7DF-4D81-83FC-981B31921924}) (Version: 2.1.0 - Corel Corporation)
NVIDIA Ovladače grafiky 560.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 560.94 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Patriot Viper DRAM RGB (HKLM\...\{1F9C282E-CCB4-4D8E-A5CB-7B74DFCD8C95}) (Version: 1.0.9.8 - Patriot Memory) Hidden
Patriot Viper DRAM RGB (HKLM-x32\...\{55993b50-5bec-47c8-8b2b-1aecad927e48}) (Version: 1.0.9.8 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.1.0.3 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{6e0eff60-c502-43bb-8f56-360ca07e73d9}) (Version: 1.1.0.3 - Patriot Memory) Hidden
PDF24 Creator 7.3.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PDF-XChange Editor (HKLM\...\{D0B4B563-918D-42CE-8ADF-1E1549A7DCF9}) (Version: 7.0.324.3 - Tracker Software Products (Canada) Ltd.) Hidden
PDF-XChange Editor (HKLM-x32\...\{e63a1903-34cf-4f96-90f3-fb0c70694630}) (Version: 7.0.324.3 - Tracker Software Products (Canada) Ltd.)
Pinnacle Studio 19 - Install Manager (HKLM\...\{891ED714-E54D-4BE1-8DE8-4EE54D9BB402}) (Version: 19.1.245 - Corel Corporation)
Pinnacle Studio 19 - Standard Content Pack (HKLM\...\{91D1B712-604F-49C8-943F-FD257D647161}) (Version: 19.1 - Corel Corporation)
Pinnacle Studio 19 (HKLM\...\{CF91A83C-B84F-43CE-BCCE-7247E6137173}) (Version: 19.1.3.320 - Corel Corporation)
REDlauncher (HKU\S-1-5-21-1965252194-2230838174-2805914660-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - CD Projekt RED)
Registrace uživatele zařízení Canon MG3200 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG3200 series) (Version: - Canon Inc.‎)
ROG FAN XPERT 4 (HKLM-x32\...\{2dfe216d-3481-4684-ad4d-2566bd7cfe4f}) (Version: 4.02.04 - ASUSTek Computer Inc.)
ROG Live Service (HKLM\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 3.3.12.0 - ASUSTek COMPUTER INC.)
ROGFontInstaller (HKLM\...\{605108C1-153E-43D8-8A67-7CE326B00ECA}) (Version: 1.0.0 - ASUS)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.9.0.0 - Samsung Electronics Co., Ltd.)
ScoreFitter Volumes 1-2 (HKLM\...\{5CA29919-6361-4A17-91C5-6819E43794B1}) (Version: 3.0 - Corel Corporation)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.3.24094.1 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.3.24094.1 - Samsung Electronics Co., Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
System Explorer 7.0.0 (HKLM-x32\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version: - Mister Group)
Title Extreme (HKLM\...\{3B519225-B4B2-40B7-A431-3C6AAE2831B4}) (Version: 3.0 - Corel Corporation)
Universal Holtek RGB DRAM (HKLM\...\{826388E4-E31F-4514-948B-3BB954FB3EAF}) (Version: 1.0.0.7 - PD) Hidden
Universal Holtek RGB DRAM (HKLM-x32\...\{9a732423-e2f4-47d0-87ab-ef745c7dba69}) (Version: 1.0.0.7 - PD) Hidden
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{e42c5874-37b0-4977-9e8d-70bf006e1f76}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden

Packages:
=========
@{MicrosoftWindows.55182690.Taskbar_1000.26100.3775.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.55182690.Taskbar/Resources/ProductPkgDisplayName} -> C:\Windows\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-06-13] ()
@{MicrosoftWindows.55182690.Taskbar_1000.26100.3912.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.55182690.Taskbar/Resources/ProductPkgDisplayName} -> C:\Windows\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-06-13] ()
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Assets [2026-01-23] ()
Armoury Crate -> C:\Program Files\ASUS\AacAmbientHal [2025-07-12] (Sparse Package)
Armoury Crate -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_6.3.9.0_x64__qmba6cd70vzyy [2025-12-17] (ASUSTeK COMPUTER INC.)
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2025-02-12] (Microsoft Corp.)
Microsoft.HEVCVideoExtensions -> C:\Program Files\WindowsApps\Microsoft.HEVCVideoExtensions_2.4.37.0_x64__8wekyb3d8bbwe [2025-11-28] (Microsoft Corporation)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_7.0.8.0_neutral__mcm4njqhnhss8 [2025-02-11] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.969.0_x64__56jybvy8sckqj [2025-11-07] (NVIDIA Corp.)
SpotifyAB.SpotifyMusic -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.281.264.0_x64__zpdnekdrzrea0 [2026-01-16] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1965252194-2230838174-2805914660-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-1965252194-2230838174-2805914660-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-1965252194-2230838174-2805914660-1001_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> C:\Users\RSlos\AppData\Local\Microsoft\OneDrive\25.243.1211.0001\OneDrive.Sync.Service.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1965252194-2230838174-2805914660-1001_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> C:\Users\RSlos\AppData\Local\Microsoft\OneDrive\25.243.1211.0001\OneDrive.Sync.Service.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1965252194-2230838174-2805914660-1001_Classes\CLSID\{DFF20505-B08F-455B-AD70-4FBD055088E0}\localserver32 -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-1965252194-2230838174-2805914660-1001_Classes\CLSID\{EABAE40C-B27C-455A-B672-F234DD780948}\InprocServer32 -> C:\Users\RSlos\AppData\Local\Microsoft\TeamsMeetingAdd-in\1.25.28902\x64\Microsoft.Teams.MeetingAddin.DLL (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Programs\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2026-01-20] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => D:\Programs\Mp3tag\Mp3tagShell64.dll [2015-12-19] (Florian Heidenreich) [File not signed]
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => D:\Programs\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) [File not signed]
ContextMenuHandlers1: [PDFXChange Editor Context menu] -> {2ACD35AB-F74A-4C20-AA9B-2DE80081626D} => C:\Program Files\Tracker Software\Shell Extensions\XCShellMenu.x64.dll [2018-02-27] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => D:\Programs\Mp3tag\Mp3tagShell64.dll [2015-12-19] (Florian Heidenreich) [File not signed]
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Programs\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => D:\Programs\Mp3tag\Mp3tagShell64.dll [2015-12-19] (Florian Heidenreich) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvmd.inf_amd64_aa54f7a758543a0a\nvshext.dll [2024-11-19] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Programs\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.mjpg] => pvmjpgx40.dll
HKLM\...\Drivers32: [vidc.pDAD] => C:\Windows\SysWOW64\prodad-codec.dll [506312 2014-01-08] (proDAD GmbH -> proDAD GmbH)

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2025-06-19 16:14 - 2025-02-03 16:17 - 000349184 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\@img\sharp-win32-ia32\lib\sharp-win32-ia32.node
2025-03-05 16:34 - 2012-03-28 18:01 - 000359936 _____ (CANON INC.) [File not signed] C:\Windows\System32\CNMN6PPM.DLL
2003-03-18 22:23 - 2003-03-18 22:23 - 000024576 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\1029\mdmui.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2024-04-01 08:26 - 2024-04-01 08:24 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Network ===========================

(Currently there is no automatic fix for this section.)

DNS Servers: 192.168.1.1
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: Realtek Gaming 2.5GbE Family Controller -> rt25cx21x64.sys

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\;C:\Program Files (x86)\Calibre2\
HKU\S-1-5-21-1965252194-2230838174-2805914660-1001\Control Panel\Desktop\\Wallpaper -> D:\Obrázky\Examples\Wallpapers\Hamad Darwish (7).jpg
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 1) (TamperProtectionSource: 5)
HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0)


==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKU\S-1-5-21-1965252194-2230838174-2805914660-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_C543EDFAD1B810FB9BE29157554F9BEC"
HKU\S-1-5-21-1965252194-2230838174-2805914660-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1965252194-2230838174-2805914660-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-1965252194-2230838174-2805914660-1001\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D955988A-A71B-47A9-92AA-C9DC0DC4EF07}] => (Allow) C:\Users\RSlos\AppData\Local\Packages\B9ECED6F.ArmouryCrate_qmba6cd70vzyy\LocalState\GridUpdateFile\ASUSGCDriverUpdateClient.exe (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
FirewallRules: [{6C2D8810-0743-4D4A-B6D6-6FB2FE828C51}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9351A06C-5D08-4088-85EE-D92E21EF1B24}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CC85613F-E509-43EB-A0F7-BA686CA557A0}] => (Allow) D:\Programs\Pinnacle\programs\RM.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{4F9454B6-C3E6-4867-B049-05CC63866A8E}] => (Allow) D:\Programs\Pinnacle\programs\RM.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{0211B5CA-7CF1-4046-BAFB-61E650F64784}] => (Allow) D:\Programs\Pinnacle\programs\NGStudio.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{5BC0FFDB-26FF-4725-AC8A-07F04D5610AE}] => (Allow) D:\Programs\Pinnacle\programs\NGStudio.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{F1FA1B53-4A11-4C05-A46F-A04EC0D41FE6}] => (Allow) D:\Programs\Pinnacle\programs\UMI.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{FF730039-34CA-46F5-99EB-992829D6AA7D}] => (Allow) D:\Programs\Pinnacle\programs\UMI.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{70E95F38-2F60-4426-95E9-A56EAB39A5F5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{32C31587-A697-44D5-A8AE-A6564AB001D2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{489F00E0-3C6E-48BE-AAD2-F4C553536ADB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{D96307E3-F15E-488B-BDAF-F4CC12483812}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{50DDF47D-8F46-4615-8848-23874D653B47}] => (Allow) C:\Users\RSlos\AppData\Local\Temp\ACFL\ACSetup\ACSetup.exe => No File
FirewallRules: [{9DDE2F6C-30CC-4D3C-96C3-513927262082}] => (Allow) C:\Users\RSlos\AppData\Local\Temp\ACFL\ACSetup\ACSetup.exe => No File
FirewallRules: [TCP Query User{D279D1B3-4DD5-45EF-BFF6-3D57248E33A4}E:\steamlibrary\steamapps\common\outlast\binaries\win64\olgame.exe] => (Block) E:\steamlibrary\steamapps\common\outlast\binaries\win64\olgame.exe => No File
FirewallRules: [UDP Query User{7A579673-FC58-4F8F-AEA8-60CD68AF8112}E:\steamlibrary\steamapps\common\outlast\binaries\win64\olgame.exe] => (Block) E:\steamlibrary\steamapps\common\outlast\binaries\win64\olgame.exe => No File
FirewallRules: [TCP Query User{B9764F29-B717-49CA-B8E2-D4EEF7E32BE6}K:\bin\miniweb.exe] => (Allow) K:\bin\miniweb.exe => No File
FirewallRules: [UDP Query User{43BDE742-9E99-484A-8EAA-BBE2885A1CF0}K:\bin\miniweb.exe] => (Allow) K:\bin\miniweb.exe => No File
FirewallRules: [TCP Query User{FA8AB47D-15F3-43D2-86F0-5E4A1F0699AD}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{6E28CBC4-A74A-4F94-9AD8-2AB4650A8E05}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{04AD0C16-EEC1-47B3-B398-72A83ABED82C}] => (Allow) D:\Programs\Blackmagic Design\DaVinci Resolve\Resolve.exe => No File
FirewallRules: [{0AC918DC-9FEE-4337-984C-8E125EA69DA1}] => (Allow) D:\Programs\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe => No File
FirewallRules: [{A1835894-C48C-4A40-BB56-5354AF848E94}] => (Allow) D:\Programs\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe => No File
FirewallRules: [{9D6BAB66-E5F4-4451-95FC-5F5EA5C5336F}] => (Allow) D:\Programs\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe => No File
FirewallRules: [{302FC022-1948-44D1-AB53-3F5B64F14EEE}] => (Allow) D:\Programs\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe => No File
FirewallRules: [{755EB247-3035-407A-B4E7-8E40A053759C}] => (Allow) D:\Programs\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe => No File
FirewallRules: [{AC91C145-D30E-4808-BFEE-3D6B70833A8C}] => (Allow) D:\Programs\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [{F524A3BC-5136-4551-9018-6E0663B3D26B}] => (Allow) D:\Programs\Blackmagic Design\DaVinci Resolve\fuscript.exe => No File
FirewallRules: [{1E83B02D-6356-417C-8ABB-DF810AE884F2}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{EA1F282E-96DF-4262-87C8-70F89EA8CE2D}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{9F7083B9-6D40-48A5-AC05-5A55E7506CD9}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [{DDFCD51C-715D-49C8-875C-62A444CA8681}] => (Allow) C:\Program Files\ASUS\AacAmbientHal\AacAmbientLighting.exe (ASUSTeK COMPUTER INC. -> )
FirewallRules: [{1DF3D5B2-B764-4885-96D6-2BC7DDECB426}] => (Allow) E:\program files\asus\aacambienthal\aacambientlighting.exe => No File
FirewallRules: [{80BADE11-CB6B-4863-BC6F-CA4476BB0B90}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cry of Fear\CoFLaunchApp.exe (Team Psykskallar) [File not signed]
FirewallRules: [{14F70F7E-BF18-4F51-BCE7-DD5E3AA2A453}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cry of Fear\CoFLaunchApp.exe (Team Psykskallar) [File not signed]
FirewallRules: [{13791279-384C-442B-81FD-6B885046C38E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II\pc\mafia2.exe (Valve Corp. -> 2K Czech)
FirewallRules: [{C2E5A336-972B-403E-835B-679C011BC15E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II\pc\mafia2.exe (Valve Corp. -> 2K Czech)
FirewallRules: [{91BFFFF4-7DD6-4DEA-A881-DE131A3FCC22}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\OMORI\OMORI.exe (KADOKAWA) [File not signed]
FirewallRules: [{38F616E0-E7EC-4634-9BE6-DD105A28779D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\OMORI\OMORI.exe (KADOKAWA) [File not signed]
FirewallRules: [TCP Query User{B880478F-07FC-4ACF-A123-F2E982FCB691}D:\programs\myphoneexplorer\myphoneexplorer.exe] => (Allow) D:\programs\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [UDP Query User{E81A401C-E241-406A-BD0B-F691604A45B3}D:\programs\myphoneexplorer\myphoneexplorer.exe] => (Allow) D:\programs\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [{5C3DCA5F-D1C6-4A88-9245-6B90E54D2256}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{2FD1C432-E3F9-4184-87FF-836F5C28016D}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [TCP Query User{3A7E5DDA-EE7D-4284-8973-0020D9925D81}E:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) E:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe => No File
FirewallRules: [UDP Query User{BD9E6989-B9BF-4AA3-B164-1CBFD428ECC8}E:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) E:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe => No File
FirewallRules: [{88287CC4-7B62-45B3-9E7F-B7DF8324A3AE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A897AAC2-649F-49BA-9753-4F0B8E108B67}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{C03D6310-7787-4D47-B627-CC3FF7CE92FF}] => (Allow) E:\SteamLibrary\steamapps\common\The Witcher 3\REDprelauncher.exe (GOG sp. z o.o -> GOG.com)
FirewallRules: [{9D347CF1-6338-4F37-B1AD-FD2BEC078B34}] => (Allow) E:\SteamLibrary\steamapps\common\The Witcher 3\REDprelauncher.exe (GOG sp. z o.o -> GOG.com)
FirewallRules: [{24C76520-AFF1-41BB-969D-C001D55E85FD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.281.264.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5AA6A906-BC25-418A-B722-21C2900EC6F8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.281.264.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2D6D41E9-1D39-42D6-A9B0-64D1EF34B5E6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.281.264.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{AF35CB88-8075-4093-8E7A-3BDA04CDFED4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.281.264.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EF46B57B-4DC7-4AEB-BF2D-6F0E8AC96178}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.281.264.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E61BE991-CDF7-4D26-87AD-A81F19752450}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.281.264.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D211590C-733D-4275-8770-5EF00E0329B7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.281.264.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{CB434548-DE67-4F9B-9627-07A19A028BAD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.281.264.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{85E14512-9C7F-4EA8-9ED9-D38E35BB1E41}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.281.264.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6F64815E-2DB3-44BF-A966-00A07237145A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.281.264.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{97F55EBE-3B74-426F-AF78-01D5A1480203}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.281.264.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A192BC22-945B-4F77-8B87-6288A173B395}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.281.264.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{723D4C2D-B4B1-45F7-B0BE-81C4EA26C10D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.281.264.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7DA81383-4B6D-45FE-8839-06F373325BA2}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{932C8BFB-14AC-46CE-BCDC-18BC9FE7982D}] => (Allow) E:\SteamLibrary\steamapps\common\narcissu2\narci2.exe (Studio OGA/insani/Haeleth/Sonozaki) [File not signed]
FirewallRules: [{22A5BD41-0678-4F4D-835A-90D310D95915}] => (Allow) E:\SteamLibrary\steamapps\common\narcissu2\narci2.exe (Studio OGA/insani/Haeleth/Sonozaki) [File not signed]
FirewallRules: [{98F02558-2745-4D66-8C80-6DA5FD31CE61}] => (Allow) E:\SteamLibrary\steamapps\common\DUET\DUET\DUET.exe () [File not signed]
FirewallRules: [{7534CB37-7849-49D0-ACC1-F135C5F1E05E}] => (Allow) E:\SteamLibrary\steamapps\common\DUET\DUET\DUET.exe () [File not signed]
FirewallRules: [{5C7DFAC4-B028-4B1E-A414-F4369C1D2EF1}] => (Allow) E:\SteamLibrary\steamapps\common\A Date with Death\ADatewithDeath.exe () [File not signed]
FirewallRules: [{3FCCCB76-C668-4570-B2CE-026CFD7ACD70}] => (Allow) E:\SteamLibrary\steamapps\common\A Date with Death\ADatewithDeath.exe () [File not signed]
FirewallRules: [{98F42D58-342D-41AB-B413-ECA53805EBE9}] => (Allow) E:\SteamLibrary\steamapps\common\Paper Lily - Project Kat\ProjectKat.exe (Leef 6010) [File not signed]
FirewallRules: [{9AC29EF1-4C00-433E-9606-C66FA8515C59}] => (Allow) E:\SteamLibrary\steamapps\common\Paper Lily - Project Kat\ProjectKat.exe (Leef 6010) [File not signed]

==================== Restore Points =========================

19-01-2026 15:26:40 Windows Update
19-01-2026 15:26:46 Windows Update
22-01-2026 16:03:18 Windows Update
26-01-2026 15:17:12 Windows Update

==================== Faulty Device Manager Devices ============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Zařízení PCI
Description: Zařízení PCI
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Řadič RAID
Description: Řadič RAID
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Zařízení PCI
Description: Zařízení PCI
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Řadič sběrnice SM
Description: Řadič sběrnice SM
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (01/29/2026 06:15:33 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro D:\Programs\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.26100.7309_none_3e05feeae336a044.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.26100.7623_none_85b5be99f7b06325.manifest.

Error: (01/29/2026 06:06:08 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro D:\Programs\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.26100.7309_none_3e05feeae336a044.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.26100.7623_none_85b5be99f7b06325.manifest.

Error: (01/29/2026 02:59:55 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\Windows\system32\sysmain.dll (kód chyby Win32 126).

Error: (01/29/2026 02:59:35 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro D:\Programs\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.26100.7309_none_3e05feeae336a044.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.26100.7623_none_85b5be99f7b06325.manifest.

Error: (01/28/2026 12:10:29 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: Verze 1.25121.73.0 programu Copilot.exe ukončila interakci se systémem Windows a byla ukončena. Pokud chcete zjistit, zda jsou k dispozici další informace o problému, zkontrolujte historii problémů v ovládacím panelu Zabezpečení a údržba.

Error: (01/28/2026 12:09:56 PM) (Source: Application Error) (EventID: 1000) (User: PC)
Description: Název chybující aplikace: Copilot.exe, verze: 1.25121.73.0, časové razítko: 0x68d50000
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0x80131623
Posun chyby: 0x00007ffb8d01b701
ID chybujícího procesu: 0x39f8
Čas spuštění chybující aplikace: 0x1dc904482cb0885
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.Copilot_1.25121.73.0_x64__8wekyb3d8bbwe\Copilot.exe
Cesta k chybujícímu modulu: unknown
ID sestavy: 57acae71-21f3-4764-93b0-c50b69d1d901
Celý název chybujícího balíčku: Microsoft.Copilot_1.25121.73.0_x64__8wekyb3d8bbwe
ID chybující aplikace relativní vzhledem k balíčku: App

Error: (01/28/2026 12:09:56 PM) (Source: .NET Runtime) (EventID: 1025) (User: )
Description: Application: Copilot.exe
CoreCLR Version: 9.0.1025.47515
.NET Version: 9.0.10
Description: The application requested process termination through System.Environment.FailFast.
Message: Task Faulted at File: UXHostApplication.cs Method: OnLaunched Line: 81
Description: The process was terminated due to an unhandled exception.System.TypeInitializationException: The type initializer for 'CopilotNative.Core.UX.Controls.TextBlockEx' threw an exception.
---> System.Runtime.InteropServices.COMException (0x8001010E)
at WinRT.ExceptionHelpers.<ThrowExceptionForHR>g__Throw|38_0(Int32 hr)
at ABI.Microsoft.UI.Xaml.IApplicationMethods.get_Resources(IObjectReference _obj)
at Microsoft.UI.Xaml.Application.get_Resources()
at CopilotNative.Core.UX.Controls.TextBlockEx..cctor()
--- End of inner exception stack trace ---
at CopilotNative.Core.UX.Controls.TextBlockEx.remove_HyperlinkClicked(TypedEventHandler`2 value)
at CopilotNative.Providers.CopilotOnTaskbarDiscoveryDialogProvider.Dispose()
at Microsoft.Extensions.DependencyInjection.ServiceLookup.ServiceProviderEngineScope.<DisposeAsync>g__Await|26_0(Int32 i, ValueTask vt, List`1 toDispose)
at Microsoft.Extensions.Hosting.Internal.Host.DisposeAsync()
at CopilotNative.UXHostApplication.OnLaunchedAsync(DateTimeOffset startTimeUtc, TimingBundle timingBundle, CancellationToken token)
Stack:
at System.Environment.FailFast(System.Runtime.CompilerServices.StackCrawlMarkHandle, System.String, System.Runtime.CompilerServices.ObjectHandleOnStack, System.String)
at System.Environment.FailFast(System.Threading.StackCrawlMark ByRef, System.String, System.Exception, System.String)
at System.Environment.FailFast(System.String, System.Exception)
at CopilotNative.Core.Utilities.Extensions.TaskExtensions+<>c__DisplayClass6_0.<HandleTaskContinueWith>b__0(System.Threading.Tasks.Task)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.Tasks.Task.ExecuteWithThreadLocal(System.Threading.Tasks.Task ByRef, System.Threading.Thread)
at System.Threading.Tasks.ThreadPoolTaskScheduler.TryExecuteTaskInline(System.Threading.Tasks.Task, Boolean)
at System.Threading.Tasks.TaskScheduler.TryRunInline(System.Threading.Tasks.Task, Boolean)
at System.Threading.Tasks.TaskContinuation.InlineIfPossibleOrElseQueue(System.Threading.Tasks.Task, Boolean)
at System.Threading.Tasks.ContinueWithTaskContinuation.Run(System.Threading.Tasks.Task, Boolean)
at System.Threading.Tasks.Task.RunContinuations(System.Object)
at System.Threading.Tasks.Task.FinishSlow(Boolean)
at System.Threading.Tasks.Task.TrySetException(System.Object)
at System.Runtime.CompilerServices.AsyncTaskMethodBuilder`1[[System.Threading.Tasks.VoidTaskResult, System.Private.CoreLib, Version=9.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e]].SetException(System.Exception, System.Threading.Tasks.Task`1<System.Threading.Tasks.VoidTaskResult> ByRef)
at CopilotNative.UXHostApplication+<OnLaunchedAsync>d__14.MoveNext()
at System.Runtime.CompilerServices.AsyncTaskMethodBuilder`1+AsyncStateMachineBox`1[[System.Threading.Tasks.VoidTaskResult, System.Private.CoreLib, Version=9.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e],[CopilotNative.UXHostApplication+<OnLaunchedAsync>d__14, Copilot, Version=1.25121.73.0, Culture=neutral, PublicKeyToken=null]].ExecutionContextCallback(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Runtime.CompilerServices.AsyncTaskMethodBuilder`1+AsyncStateMachineBox`1[[System.Threading.Tasks.VoidTaskResult, System.Private.CoreLib, Version=9.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e],[CopilotNative.UXHostApplication+<OnLaunchedAsync>d__14, Copilot, Version=1.25121.73.0, Culture=neutral, PublicKeyToken=null]].MoveNext(System.Threading.Thread)
at System.Runtime.CompilerServices.AsyncTaskMethodBuilder`1+AsyncStateMachineBox`1[[System.Threading.Tasks.VoidTaskResult, System.Private.CoreLib, Version=9.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e],[CopilotNative.UXHostApplication+<OnLaunchedAsync>d__14, Copilot, Version=1.25121.73.0, Culture=neutral, PublicKeyToken=null]].MoveNext()
at CopilotNative.Core.UX.DispatcherQueueSynchronizationContext+<>c__DisplayClass2_0.<Post>b__0(System.Object)
at CopilotNative.Core.UX.DispatcherQueueSynchronizationContext+Invoker.InvokeCore()
at CopilotNative.Core.UX.DispatcherQueueSynchronizationContext+Invoker.InvokeInContext(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at CopilotNative.Core.UX.DispatcherQueueSynchronizationContext+Invoker.Invoke()
at ABI.Microsoft.UI.Dispatching.DispatcherQueueHandler.Do_Abi_Invoke(IntPtr)
at ABI.Microsoft.UI.Xaml.IApplicationStaticsMethods.Start(WinRT.IObjectReference, Microsoft.UI.Xaml.ApplicationInitializationCallback)
at Microsoft.UI.Xaml.Application.Start(Microsoft.UI.Xaml.ApplicationInitializationCallback)
at CopilotNative.Extensions.IHostExtensions.RunApplication(Microsoft.Extensions.Hosting.IHost, System.Func`1<CopilotNative.UXHostApplication>)
at CopilotNative.Program.Main(System.String[])

Error: (01/28/2026 11:54:24 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro D:\Programs\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.26100.7309_none_3e05feeae336a044.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.26100.7623_none_85b5be99f7b06325.manifest.


System errors:
=============
Error: (01/29/2026 06:20:32 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1801) (User: NT AUTHORITY)
Description: Updated Secure Boot certificates are available on this device but have not yet been applied to the firmware. Review the published guidance to complete the update and maintain full protection. This device signature information is included here.
DeviceAttributes: BaseBoardManufacturer:ASUSTeK COMPUTER INC.;FirmwareManufacturer:American Megatrends Inc.;FirmwareVersion:0407;OEMModelBaseBoard:PRIME B760M-K D4;OEMManufacturerName:ASUS;OSArchitecture:amd64;
BucketId: 1cb243beada2b81b54b8fc201503235785a5fa426933edd7ba0b77fc2f73489f
BucketConfidenceLevel:
UpdateType:
For more information, please see https://go.microsoft.com/fwlink/?linkid=2301018.

Error: (01/29/2026 06:11:06 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1801) (User: NT AUTHORITY)
Description: Updated Secure Boot certificates are available on this device but have not yet been applied to the firmware. Review the published guidance to complete the update and maintain full protection. This device signature information is included here.
DeviceAttributes: BaseBoardManufacturer:ASUSTeK COMPUTER INC.;FirmwareManufacturer:American Megatrends Inc.;FirmwareVersion:0407;OEMModelBaseBoard:PRIME B760M-K D4;OEMManufacturerName:ASUS;OSArchitecture:amd64;
BucketId: 1cb243beada2b81b54b8fc201503235785a5fa426933edd7ba0b77fc2f73489f
BucketConfidenceLevel:
UpdateType:
For more information, please see https://go.microsoft.com/fwlink/?linkid=2301018.

Error: (01/29/2026 03:04:32 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1801) (User: NT AUTHORITY)
Description: Updated Secure Boot certificates are available on this device but have not yet been applied to the firmware. Review the published guidance to complete the update and maintain full protection. This device signature information is included here.
DeviceAttributes: BaseBoardManufacturer:ASUSTeK COMPUTER INC.;FirmwareManufacturer:American Megatrends Inc.;FirmwareVersion:0407;OEMModelBaseBoard:PRIME B760M-K D4;OEMManufacturerName:ASUS;OSArchitecture:amd64;
BucketId: 1cb243beada2b81b54b8fc201503235785a5fa426933edd7ba0b77fc2f73489f
BucketConfidenceLevel:
UpdateType:
For more information, please see https://go.microsoft.com/fwlink/?linkid=2301018.

Error: (01/28/2026 08:09:50 PM) (Source: DCOM) (EventID: 10000) (User: PC)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (01/28/2026 05:56:39 PM) (Source: Microsoft-Windows-HAL) (EventID: 21) (User: NT AUTHORITY)
Description: Hardwarové hodiny v reálném čase nebyly nastaveny, protože selhalo vyhodnocení metody ACPI Time and Alarm Device. Stav: 3221225473.

Error: (01/28/2026 05:56:39 PM) (Source: Microsoft-Windows-HAL) (EventID: 21) (User: NT AUTHORITY)
Description: Hardwarové hodiny v reálném čase nebyly nastaveny, protože selhalo vyhodnocení metody ACPI Time and Alarm Device. Stav: 3221225473.

Error: (01/28/2026 05:56:39 PM) (Source: Microsoft-Windows-HAL) (EventID: 21) (User: NT AUTHORITY)
Description: Hardwarové hodiny v reálném čase nebyly nastaveny, protože selhalo vyhodnocení metody ACPI Time and Alarm Device. Stav: 3221225473.

Error: (01/28/2026 05:53:26 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9MSSGKG348SP-MicrosoftWindows.Client.WebExperience.


Windows Defender:
================
Date: 2026-01-29 18:03:19
Description:
Antivirová ochrana v programu Microsoft Defender śсǻη ħдѕ ъэεή šтőρρéδ ьëƒόѓë ςσмрļєťíőň.%л %τŞčąη ĮÐ:%в{ADEE5ECD-FF72-478A-A889-58BD950CE4FF}%й %ŧŚčâń Τỳφε:%вAntimalwarový program%ń %ŧŜċăņ Ρдѓámĕťëяš:%ъVlastní prohledávání%π %ţÚѕêґ:%ьPC\RSlos%ń %тŠŧõρ Ŕéāşôň:%ьŪⁿкйθẃή

Date: 2026-01-29 17:56:43
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Script/Sabsik.EN.A!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_D:\Downloads\01_OnlyFans_Full_DB_drive.google.com_260128_dirv2.vbs
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: PC\RSlos
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.443.906.0, AS: 1.443.906.0, NIS: 1.443.906.0
Verze modulu: AM: 1.1.25110.1, NIS: 1.1.25110.1

Date: 2026-01-28 19:10:56
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Malgent
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_D:\$RECYCLE.BIN\S-1-5-21-1965252194-2230838174-2805914660-1001\$R8KEJ3Q.vbs
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Uživatel
Uživatel: PC\RSlos
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.443.886.0, AS: 1.443.886.0, NIS: 1.443.886.0
Verze modulu: AM: 1.1.25110.1, NIS: 1.1.25110.1

Date: 2026-01-28 18:20:45
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Malgent
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_D:\Downloads\2.74_BTC_Wallet_Transaction_ID_260128vd2.vbs
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: PC\RSlos
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.443.886.0, AS: 1.443.886.0, NIS: 1.443.886.0
Verze modulu: AM: 1.1.25110.1, NIS: 1.1.25110.1

Date: 2026-01-25 13:36:44
Description:
Antivirová ochrana v programu Microsoft Defender śсǻη ħдѕ ъэεή šтőρρéδ ьëƒόѓë ςσмрļєťíőň.%л %τŞčąη ĮÐ:%в{4EAB6666-3DEF-4BCB-A170-41D3E4BC2361}%й %ŧŚčâń Τỳφε:%вAntimalwarový program%ń %ŧŜċăņ Ρдѓámĕťëяš:%ъRychlé prohledávání%π %ţÚѕêґ:%ьNT AUTHORITY\SYSTEM%ń %тŠŧõρ Ŕéāşôň:%ьΓΡ€ çоňиέčťíбʼn ŗúⁿδόώй
Event[0]

Date: 2026-01-18 11:54:23
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.443.706.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.25110.1
Kód chyby: 0x80072ee2
Popis chyby: Operace nebyla v požadované době dokončena.

Date: 2026-01-18 09:03:59
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.443.706.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.25110.1
Kód chyby: 0x80072ee2
Popis chyby: Operace nebyla v požadované době dokončena.

Date: 2026-01-17 20:36:17
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.443.706.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.25110.1
Kód chyby: 0x80072ee2
Popis chyby: Operace nebyla v požadované době dokončena.

Date: 2026-01-17 20:09:34
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.443.706.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.25110.1
Kód chyby: 0x80072ee2
Popis chyby: Operace nebyla v požadované době dokončena.

Date: 2026-01-17 19:51:43
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.443.706.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.25110.1
Kód chyby: 0x80072ee2
Popis chyby: Operace nebyla v požadované době dokončena.

CodeIntegrity:
===============
Date: 2025-10-05 12:56:42
Description:
Code Integrity determined that a process (System) attempted to load \Device\HarddiskVolume3\Users\RSlos\AppData\Local\Temp\ehdrv.sys that is not compatible with hypervisor enforcement. Failure bitmap 0x1. Status 0xC00000BB.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 0407 11/16/2022
Motherboard: ASUSTeK COMPUTER INC. PRIME B760M-K D4
Processor: Intel(R) Core(TM) i5-14400
Percentage of memory in use: 17%
Total physical RAM: 32577.87 MB
Available physical RAM: 26762.1 MB
Total Virtual: 34625.87 MB
Available Virtual: 27957.06 MB

==================== Drives ================================

Drive c: (SYSTEM) (Fixed) (Total:232.06 GB) (Free:125.73 GB) (Model: Samsung SSD 860 EVO 250GB) (Protected) NTFS
Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:539.31 GB) (Model: ST1000DM003-1CH162) NTFS
Drive e: (DATA_2) (Fixed) (Total:931.31 GB) (Free:685.57 GB) (Model: ST1000DM003-1CH162) NTFS

\\?\Volume{5e73f3a5-38f4-4613-9ec6-7168b2f1f4c9}\ () (Fixed) (Total:0.71 GB) (Free:0.09 GB) NTFS
\\?\Volume{280c8559-c876-4c17-b9e3-0bc4be4ee020}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: BCE5A315)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 856E1FCF)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 67D6D998)
Partition 1: (Active) - (Size=931.3 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

[Rudy]

Zdravím!
Ještě poprosím O sken ADW Cleanerem. Onlyfans může být celkem závažný.

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[pasik68]

šlo pouze skenovat,opravy a čištění nenabídl.
# -------------------------------
# Malwarebytes AdwCleaner 8.7.0.619
# -------------------------------
# Build: 12-17-2025
# Database: 2025-12-16.1 (Cloud)
# Support: https://help.malwarebytes.com/
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 01-29-2026
# Duration: 00:00:05
# OS: Windows 11 (Build 26200.7623)
# Scanned: 32071
# Detected: 4


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.SamsungSmartSwitch Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAMSUNG\SMART SWITCH PC
Preinstalled.SamsungSmartSwitch Folder C:\Users\RSlos\AppData\Roaming\SAMSUNG\SMART SWITCH PC
Preinstalled.SamsungSmartSwitch Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}
Preinstalled.SamsungSmartSwitch Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

[Rudy]

Totzo je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM-x32\...\Run: [SystemExplorerAutoStart] => "D:\Programs\System Explorer\SystemExplorer.exe" /TRAY (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
S3 cpuz159; \??\C:\Windows\temp\cpuz159\cpuz159_x64.sys [X] <==== ATTENTION
C:\Windows\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
C:\Users\RSlos\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
FirewallRules: [{489F00E0-3C6E-48BE-AAD2-F4C553536ADB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{D96307E3-F15E-488B-BDAF-F4CC12483812}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{50DDF47D-8F46-4615-8848-23874D653B47}] => (Allow) C:\Users\RSlos\AppData\Local\Temp\ACFL\ACSetup\ACSetup.exe => No File
FirewallRules: [{9DDE2F6C-30CC-4D3C-96C3-513927262082}] => (Allow) C:\Users\RSlos\AppData\Local\Temp\ACFL\ACSetup\ACSetup.exe => No File
FirewallRules: [TCP Query User{B9764F29-B717-49CA-B8E2-D4EEF7E32BE6}K:\bin\miniweb.exe] => (Allow) K:\bin\miniweb.exe => No File
FirewallRules: [UDP Query User{43BDE742-9E99-484A-8EAA-BBE2885A1CF0}K:\bin\miniweb.exe] => (Allow) K:\bin\miniweb.exe => No File
FirewallRules: [{04AD0C16-EEC1-47B3-B398-72A83ABED82C}] => (Allow) D:\Programs\Blackmagic Design\DaVinci Resolve\Resolve.exe => No File
FirewallRules: [{0AC918DC-9FEE-4337-984C-8E125EA69DA1}] => (Allow) D:\Programs\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe => No File
FirewallRules: [{A1835894-C48C-4A40-BB56-5354AF848E94}] => (Allow) D:\Programs\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe => No File
FirewallRules: [{9D6BAB66-E5F4-4451-95FC-5F5EA5C5336F}] => (Allow) D:\Programs\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe => No File
FirewallRules: [{302FC022-1948-44D1-AB53-3F5B64F14EEE}] => (Allow) D:\Programs\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe => No File
FirewallRules: [{755EB247-3035-407A-B4E7-8E40A053759C}] => (Allow) D:\Programs\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe => No File
FirewallRules: [{AC91C145-D30E-4808-BFEE-3D6B70833A8C}] => (Allow) D:\Programs\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [{F524A3BC-5136-4551-9018-6E0663B3D26B}] => (Allow) D:\Programs\Blackmagic Design\DaVinci Resolve\fuscript.exe => No File
FirewallRules: [{1DF3D5B2-B764-4885-96D6-2BC7DDECB426}] => (Allow) E:\program files\asus\aacambienthal\aacambientlighting.exe => No File
FirewallRules: [TCP Query User{3A7E5DDA-EE7D-4284-8973-0020D9925D81}E:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) E:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe => No File
FirewallRules: [UDP Query User{BD9E6989-B9BF-4AA3-B164-1CBFD428ECC8}E:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) E:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe => No File
FirewallRules: [TCP Query User{3A7E5DDA-EE7D-4284-8973-0020D9925D81}E:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) E:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe => No File
D:\Downloads\01_OnlyFans_Full_DB_drive.google.com_260128_dirv2.vbs
D:\$RECYCLE.BIN\S-1-5-21-1965252194-2230838174-2805914660-1001\$R8KEJ3Q.vbs
D:\Downloads\2.74_BTC_Wallet_Transaction_ID_260128vd2.vbs

EmptyTemp:
End

Uložte do D:\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[pasik68]

Fix result of Farbar Recovery Scan Tool (x64) Version: 29-01-2026
Ran by RSlos (29-01-2026 20:17:20) Run:1
Running from D:\Downloads
Loaded Profiles: RSlos
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SystemExplorerAutoStart] => "D:\Programs\System Explorer\SystemExplorer.exe" /TRAY (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
S3 cpuz159; \??\C:\Windows\temp\cpuz159\cpuz159_x64.sys [X] <==== ATTENTION
C:\Windows\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
C:\Users\RSlos\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
FirewallRules: [{489F00E0-3C6E-48BE-AAD2-F4C553536ADB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{D96307E3-F15E-488B-BDAF-F4CC12483812}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{50DDF47D-8F46-4615-8848-23874D653B47}] => (Allow) C:\Users\RSlos\AppData\Local\Temp\ACFL\ACSetup\ACSetup.exe => No File
FirewallRules: [{9DDE2F6C-30CC-4D3C-96C3-513927262082}] => (Allow) C:\Users\RSlos\AppData\Local\Temp\ACFL\ACSetup\ACSetup.exe => No File
FirewallRules: [TCP Query User{B9764F29-B717-49CA-B8E2-D4EEF7E32BE6}K:\bin\miniweb.exe] => (Allow) K:\bin\miniweb.exe => No File
FirewallRules: [UDP Query User{43BDE742-9E99-484A-8EAA-BBE2885A1CF0}K:\bin\miniweb.exe] => (Allow) K:\bin\miniweb.exe => No File
FirewallRules: [{04AD0C16-EEC1-47B3-B398-72A83ABED82C}] => (Allow) D:\Programs\Blackmagic Design\DaVinci Resolve\Resolve.exe => No File
FirewallRules: [{0AC918DC-9FEE-4337-984C-8E125EA69DA1}] => (Allow) D:\Programs\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe => No File
FirewallRules: [{A1835894-C48C-4A40-BB56-5354AF848E94}] => (Allow) D:\Programs\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe => No File
FirewallRules: [{9D6BAB66-E5F4-4451-95FC-5F5EA5C5336F}] => (Allow) D:\Programs\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe => No File
FirewallRules: [{302FC022-1948-44D1-AB53-3F5B64F14EEE}] => (Allow) D:\Programs\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe => No File
FirewallRules: [{755EB247-3035-407A-B4E7-8E40A053759C}] => (Allow) D:\Programs\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe => No File
FirewallRules: [{AC91C145-D30E-4808-BFEE-3D6B70833A8C}] => (Allow) D:\Programs\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [{F524A3BC-5136-4551-9018-6E0663B3D26B}] => (Allow) D:\Programs\Blackmagic Design\DaVinci Resolve\fuscript.exe => No File
FirewallRules: [{1DF3D5B2-B764-4885-96D6-2BC7DDECB426}] => (Allow) E:\program files\asus\aacambienthal\aacambientlighting.exe => No File
FirewallRules: [TCP Query User{3A7E5DDA-EE7D-4284-8973-0020D9925D81}E:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) E:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe => No File
FirewallRules: [UDP Query User{BD9E6989-B9BF-4AA3-B164-1CBFD428ECC8}E:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) E:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe => No File
FirewallRules: [TCP Query User{3A7E5DDA-EE7D-4284-8973-0020D9925D81}E:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) E:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe => No File
D:\Downloads\01_OnlyFans_Full_DB_drive.google.com_260128_dirv2.vbs
D:\$RECYCLE.BIN\S-1-5-21-1965252194-2230838174-2805914660-1001\$R8KEJ3Q.vbs
D:\Downloads\2.74_BTC_Wallet_Transaction_ID_260128vd2.vbs

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SystemExplorerAutoStart" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
HKLM\System\CurrentControlSet\Services\cpuz159 => removed successfully
cpuz159 => service removed successfully
Could not move "C:\Windows\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2" => Scheduled to move on reboot.
C:\Users\RSlos\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{489F00E0-3C6E-48BE-AAD2-F4C553536ADB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D96307E3-F15E-488B-BDAF-F4CC12483812}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{50DDF47D-8F46-4615-8848-23874D653B47}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9DDE2F6C-30CC-4D3C-96C3-513927262082}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B9764F29-B717-49CA-B8E2-D4EEF7E32BE6}K:\bin\miniweb.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{43BDE742-9E99-484A-8EAA-BBE2885A1CF0}K:\bin\miniweb.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{04AD0C16-EEC1-47B3-B398-72A83ABED82C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0AC918DC-9FEE-4337-984C-8E125EA69DA1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A1835894-C48C-4A40-BB56-5354AF848E94}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9D6BAB66-E5F4-4451-95FC-5F5EA5C5336F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{302FC022-1948-44D1-AB53-3F5B64F14EEE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{755EB247-3035-407A-B4E7-8E40A053759C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AC91C145-D30E-4808-BFEE-3D6B70833A8C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F524A3BC-5136-4551-9018-6E0663B3D26B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1DF3D5B2-B764-4885-96D6-2BC7DDECB426}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3A7E5DDA-EE7D-4284-8973-0020D9925D81}E:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BD9E6989-B9BF-4AA3-B164-1CBFD428ECC8}E:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3A7E5DDA-EE7D-4284-8973-0020D9925D81}E:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe" => not found
"D:\Downloads\01_OnlyFans_Full_DB_drive.google.com_260128_dirv2.vbs" => not found
"D:\$RECYCLE.BIN\S-1-5-21-1965252194-2230838174-2805914660-1001\$R8KEJ3Q.vbs" => not found
"D:\Downloads\2.74_BTC_Wallet_Transaction_ID_260128vd2.vbs" => not found

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11789893 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 610384390 B
Windows/system/drivers => 4414577 B
Edge => 1508064 B
Chrome => 1975008 B
Firefox => 29671505 B
Opera => 0 B

Local\Temp, Local\*.tmp, LocalLow\Temp, Roaming\Temp, Roaming\*.tmp , IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 3653 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 1286 B
RSlos => 68588 B

RecycleBin => 12169035 B
EmptyTemp: => 642.1 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 29-01-2026 20:18:11)

C:\Windows\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2 => Could not move

==== End of Fixlog 20:18:12 ====

[Rudy]

Vše bylo smazáno, PC by měl být již čistý.

[pasik68]

Díky moc, posílám příspěvek.

[Rudy]

Za příspěvek děkujeme a nemáte zač!