Zdravím,
norton power eraser mi našel v pc nějakou havět, ale u jednoho souboru (btha2dp.sys) ji nedokáže odstranit.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-04-2026
Ran by robin (administrator) on PC (Gigabyte Technology Co., Ltd. A620M GAMING X) (21-04-2026 18:49:47)
Running from C:\Users\robin\Desktop\FRST64.exe
Loaded Profiles: robin & Rob
Platform: Microsoft Windows 11 Home Version 25H2 26200.8246 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files\Logi\LogiPluginService\LogiPluginService.exe ->) (Logitech Inc -> ) C:\Program Files\Logi\LogiPluginService\LogiPluginServiceExt.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe ->) (Logitech Inc -> Logitech) C:\Program Files\Logi\LogiPluginService\LogiPluginService.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_appbroker.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe
(DriverStore\FileRepository\u0405277.inf_amd64_00f6bd87014da3b2\B404941\atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0405277.inf_amd64_00f6bd87014da3b2\B404941\atieclxx.exe
(explorer.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.ScreenSketch_11.2601.12.0_x64__8wekyb3d8bbwe\SnippingTool\SnippingTool.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Windows\System32\GigabyteUpdateService.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Windows\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_cdf3ca3c77d5f267\logi_lamparray_service.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_987f8cede005f427\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0405277.inf_amd64_00f6bd87014da3b2\B404941\atiesrxx.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_adc55ecfca814224\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_4401706d277a86e0\RtkAudUService64.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_4401706d277a86e0\RtkAudUService64.exe [1886616 2023-12-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3952720 2022-06-01] (Microsoft Windows Hardware Compatibility Publisher -> Logitech, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2526688 2026-04-16] (Adobe Inc. -> Adobe Inc.)
HKU\S-1-5-21-2287906516-366990468-377022076-1003\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2287906516-366990468-377022076-1010\...\Run: [MicrosoftEdgeAutoLaunch_C29AEE9D78A5497880E4815AC2DDEBDB] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [5026856 2026-04-16] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{49210152-871f-4ffa-961d-a172abcbc09d}] -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe [3101848 2026-03-18] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\147.0.7727.102\Installer\chrmstp.exe [7429272 2026-04-20] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {A5D58C2B-4A75-4964-B64D-F32A7EC098BE} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe [671440 2024-07-24] (Advanced Micro Devices -> )
Task: {B8D5A29D-F250-4BF6-994F-A26E19014D03} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem148.0.7730.0{35CB6863-B582-4967-A6E5-337E8DAB936A} => C:\Program Files (x86)\Google\GoogleUpdater\148.0.7730.0\updater.exe [6517400 2026-03-12] (Google LLC -> Google LLC)
Task: {49EC0529-479A-425B-81FA-1B61090F182B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {563B63CB-5B66-48B2-A416-DF77BB89E710} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C1EFE4DC-989C-4EEE-B88E-01BB0CF0B1E0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A6888BA0-CD3E-4826-B6F5-FF2B104CEDB6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0F2F17F2-BB58-47DC-BBA9-38985B1493DA} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-2287906516-366990468-377022076-1003 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [705152 2026-04-07] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {7268B805-B88E-47DD-AB00-82FD37651DFD} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [33920 2026-04-07] (Mozilla Corporation -> Mozilla Foundation)
Task: {9DBEEF93-438D-4946-A201-6CB9AE624AD9} - System32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA App.exe [3337328 2026-01-16] (NVIDIA Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{61898aea-927b-4d01-86d9-80f8fc2267b7}: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF TaskBarID: 308046B0AF4A39CB -> C:\Program Files\Mozilla Firefox
FF DefaultProfile: xw42x6tx.default-release -> 308046B0AF4A39CB
FF ProfilePath: C:\Users\robin\AppData\Roaming\Mozilla\Firefox\Profiles\9cel8fmy.default [2026-02-28]
FF ProfilePath: C:\Users\robin\AppData\Roaming\Mozilla\Firefox\Profiles\xw42x6tx.default-release [2026-04-21]
FF DownloadDir: D:\stažené soubory
FF Homepage: Mozilla\Firefox\Profiles\xw42x6tx.default-release -> hxxps://www.seznam.cz/
FF NewTab: Mozilla\Firefox\Profiles\xw42x6tx.default-release -> about:newtab
FF Notifications: Mozilla\Firefox\Profiles\xw42x6tx.default-release -> hxxps://www.facebook.com; hxxps://www.youtube.com
FF Extension: (Ghostery AdBlocker for Privacy) - C:\Users\robin\AppData\Roaming\Mozilla\Firefox\Profiles\xw42x6tx.default-release\Extensions\firefox@ghostery.com.xpi [2026-04-09]
FF Extension: (Image downloader - Imageye) - C:\Users\robin\AppData\Roaming\Mozilla\Firefox\Profiles\xw42x6tx.default-release\Extensions\imageye@marenauta.com.xpi [2026-04-11]
FF Extension: (Awesome Screenshot: Screen capture, Annotate) - C:\Users\robin\AppData\Roaming\Mozilla\Firefox\Profiles\xw42x6tx.default-release\Extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi [2025-11-25]
FF Extension: (uBlock Origin) - C:\Users\robin\AppData\Roaming\Mozilla\Firefox\Profiles\xw42x6tx.default-release\Extensions\uBlock0@raymondhill.net.xpi [2026-03-16]
FF Extension: (TWP - Translate Web Pages) - C:\Users\robin\AppData\Roaming\Mozilla\Firefox\Profiles\xw42x6tx.default-release\Extensions\{036a55b4-5e72-4d05-a06c-cba2dfcc134a}.xpi [2025-03-28]
FF Extension: (Manga Downloader) - C:\Users\robin\AppData\Roaming\Mozilla\Firefox\Profiles\xw42x6tx.default-release\Extensions\{1462db07-8e35-4dee-b90d-591e29e29f47}.xpi [2026-04-11]
FF Extension: (Photon Colors) - C:\Users\robin\AppData\Roaming\Mozilla\Firefox\Profiles\xw42x6tx.default-release\Extensions\{2c6c94f3-c656-41e9-aa4b-1edba5be9c21}.xpi [2024-02-25]
FF Extension: (Search on Google Lens) - C:\Users\robin\AppData\Roaming\Mozilla\Firefox\Profiles\xw42x6tx.default-release\Extensions\{56b8308e-566b-4dc0-9957-f6341ceb8552}.xpi [2025-12-12]
FF Extension: (DownThemAll!) - C:\Users\robin\AppData\Roaming\Mozilla\Firefox\Profiles\xw42x6tx.default-release\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2025-12-03]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2026-03-17] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2026-03-17] (Adobe Inc. -> Adobe Systems)
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\robin\AppData\Local\Microsoft\Edge\User Data\Default [2026-04-20]
Edge Extension: (Dokumenty Google offline) - C:\Users\robin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-03-28]
Edge Extension: (Edge relevant text changes) - C:\Users\robin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2025-11-01]
Edge Profile: C:\Users\robin\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2026-03-01]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default [2026-04-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-04-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2026-04-12]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [944608 2026-03-17] (Adobe Inc. -> Adobe Inc.)
R2 logi_lamparray_service; C:\WINDOWS\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_cdf3ca3c77d5f267\logi_lamparray_service.exe [9893864 2024-06-25] (Logitech Inc -> Logitech, Inc.)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpDefenderCoreService.exe [2088128 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_adc55ecfca814224\Display.NvContainer\NVDisplay.Container.exe [1275624 2026-01-22] (NVIDIA Corporation -> NVIDIA Corporation)
R2 OptionsPlusUpdaterService; C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe [21837464 2026-04-20] (Logitech Inc -> Logitech, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\NisSrv.exe [4480592 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MsMpEng.exe [290744 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 GigabyteUpdateService; C:\WINDOWS\system32\GigabyteUpdateService.exe [878840 2026-04-21] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdfendrmgr; C:\WINDOWS\System32\DriverStore\FileRepository\amdfendr.inf_amd64_987f8cede005f427\amdfendrmgr.sys [55456 2024-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amduw23g; C:\WINDOWS\System32\DriverStore\FileRepository\u0405277.inf_amd64_00f6bd87014da3b2\B404941\amdkmdag.sys [106144848 2024-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [61888 2023-05-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [573440 2025-01-17] (Microsoft Corporation) [File not signed]
R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [82352 2026-02-10] (Microsoft Windows -> Microsoft Corporation)
S3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2024-06-25] (Logitech Inc -> Logitech)
R3 logi_lamparray; C:\WINDOWS\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_cdf3ca3c77d5f267\logi_lamparray.sys [89064 2024-06-25] (Logitech Inc -> Logitech, Inc.)
R3 rt68cx21; C:\WINDOWS\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_92b2eef9fcc25565\rt68cx21x64.sys [779752 2023-12-18] (Realtek Semiconductor Corp. -> Realtek)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [21888 2026-04-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [647560 2026-04-14] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100744 2026-04-14] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2026-04-21 18:49 - 2026-04-21 18:50 - 000016413 _____ C:\Users\robin\Desktop\FRST.txt
2026-04-21 18:49 - 2026-04-21 18:49 - 000000000 ____D C:\FRST
2026-04-21 18:48 - 2026-04-21 18:48 - 002447360 _____ (Farbar) C:\Users\robin\Desktop\FRST64.exe
2026-04-21 18:34 - 2026-04-21 18:34 - 000000000 ____D C:\Users\robin\AppData\Local\DBG
2026-04-21 16:15 - 2026-04-21 16:15 - 000711764 _____ C:\WINDOWS\system32\perfh005.dat
2026-04-21 16:15 - 2026-04-21 16:15 - 000152978 _____ C:\WINDOWS\system32\perfc005.dat
2026-04-21 16:10 - 2026-04-21 16:10 - 000001426 _____ C:\WINDOWS\ntbtlog.txt
2026-04-21 15:21 - 2026-04-21 15:21 - 000119048 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SMR540.SYS.bak
2026-04-21 15:20 - 2026-04-21 15:20 - 000000859 _____ C:\Users\Public\Desktop\Logi Options+.lnk
2026-04-21 15:20 - 2026-04-21 15:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2026-04-21 15:20 - 2026-04-21 15:20 - 000000000 ____D C:\Program Files\LogiOptionsPlus
2026-04-19 07:46 - 2026-04-21 18:33 - 000000000 ____D C:\WINDOWS\CbsTemp
2026-04-16 19:30 - 2026-04-16 19:30 - 000001349 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2026-04-13 20:43 - 2026-04-13 20:43 - 000000000 ____D C:\Users\robin\AppData\Roaming\Microsoft\IME
2026-04-12 09:09 - 2026-04-12 09:09 - 000000080 _____ C:\Users\robin\Desktop\kagane.bat
2026-04-12 06:59 - 2026-04-12 09:06 - 000000000 ____D C:\Users\robin\AppData\Roaming\undetected_chromedriver
2026-04-12 06:57 - 2026-04-12 06:57 - 000000000 ____D C:\Users\robin\AppData\Local\KaganeDownloader
2026-04-12 06:55 - 2026-04-12 06:59 - 000000000 ____D C:\Users\robin\kagane-downloader
2026-04-12 06:46 - 2026-04-21 01:58 - 000002214 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2026-04-12 06:46 - 2026-04-12 15:19 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleUserPEH
2026-04-12 06:46 - 2026-04-12 06:46 - 000000000 ____D C:\Users\robin\AppData\Local\Google
2026-04-12 06:46 - 2026-04-12 06:46 - 000000000 ____D C:\Program Files\Google
2026-04-12 06:45 - 2026-04-12 06:45 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem
2026-04-12 06:45 - 2026-04-12 06:45 - 000000000 ____D C:\Program Files (x86)\Google
2026-04-12 06:38 - 2026-04-12 06:38 - 000000000 ____D C:\Users\robin\AppData\Local\pip
2026-04-12 06:36 - 2026-04-12 06:36 - 000001031 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2026.lnk
2026-04-12 06:36 - 2026-04-12 06:36 - 000000000 ____D C:\Program Files\Git
2026-04-12 06:32 - 2026-04-12 06:32 - 000000000 ____D C:\Users\robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.14
2026-04-12 06:32 - 2026-04-12 06:32 - 000000000 ____D C:\Users\robin\AppData\Local\Package Cache
2026-04-11 20:39 - 2026-04-11 20:48 - 000000000 ____D C:\Users\robin\AppData\Local\ms-playwright
2026-04-11 19:51 - 2026-04-11 20:35 - 000000063 _____ C:\Users\robin\.node_repl_history
2026-04-11 19:50 - 2026-04-11 21:18 - 000020580 _____ C:\Users\robin\package-lock.json
2026-04-11 19:50 - 2026-04-11 21:18 - 000000318 _____ C:\Users\robin\package.json
2026-04-11 19:50 - 2026-04-11 21:18 - 000000000 ____D C:\Users\robin\node_modules
2026-04-11 19:50 - 2026-04-11 19:50 - 000000000 ____D C:\Users\robin\AppData\Local\npm-cache
2026-04-11 19:48 - 2026-04-11 19:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js
2026-04-11 19:48 - 2026-04-11 19:48 - 000000000 ____D C:\Program Files\nodejs
2026-04-10 23:07 - 2026-04-10 23:07 - 000036843 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2026-04-10 23:07 - 2026-04-10 23:07 - 000036843 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2026-04-10 23:07 - 2026-04-10 23:07 - 000004575 _____ C:\WINDOWS\system32\ResPriUHMImageList
2026-04-10 23:07 - 2026-04-10 23:07 - 000004575 _____ C:\WINDOWS\system32\ResPriLMImageList
2026-04-10 23:07 - 2026-04-10 23:07 - 000004575 _____ C:\WINDOWS\system32\ResPriImageList
2026-04-10 23:07 - 2026-04-10 23:07 - 000004575 _____ C:\WINDOWS\system32\ResPriHMImageList
2026-04-07 15:30 - 2026-04-11 05:28 - 000000000 ____D C:\Program Files\Mozilla Firefox
2026-04-05 11:04 - 2026-04-21 15:52 - 000000000 ____D C:\Program Files\7-Zip
2026-04-05 10:56 - 2026-04-05 11:00 - 000000000 ____D C:\Users\robin\AppData\Roaming\Filestar
2026-03-31 20:42 - 2026-04-20 19:04 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2026-04-21 18:48 - 2026-03-01 10:26 - 000000000 ____D C:\Users\robin\AppData\Local\NPE
2026-04-21 18:45 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2026-04-21 18:43 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2026-04-21 18:39 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2026-04-21 18:33 - 2026-03-18 01:27 - 000000000 ____D C:\Users\robin\AppData\Local\LogiOptionsPlus
2026-04-21 16:15 - 2025-01-18 09:24 - 001692332 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2026-04-21 16:15 - 2024-04-01 09:24 - 000000000 ____D C:\WINDOWS\INF
2026-04-21 16:10 - 2025-01-18 01:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2026-04-21 16:10 - 2025-01-18 01:20 - 000006570 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2026-04-21 16:10 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ServiceState
2026-04-21 16:10 - 2024-04-01 09:21 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2026-04-21 16:10 - 2024-02-22 11:05 - 000000000 ____D C:\ProgramData\NVIDIA
2026-04-21 16:10 - 2024-02-09 18:33 - 000089336 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\WINDOWS\system32\GigabyteDownloadAssistant.exe
2026-04-21 16:10 - 2024-02-09 18:30 - 000906528 _____ C:\WINDOWS\system32\wpbbin.exe
2026-04-21 16:10 - 2024-02-09 18:30 - 000878840 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\WINDOWS\system32\GigabyteUpdateService.exe
2026-04-21 16:10 - 2024-02-09 18:30 - 000012288 ___SH C:\DumpStack.log.tmp
2026-04-21 16:03 - 2024-03-02 23:40 - 000000000 ____D C:\Hry
2026-04-21 15:58 - 2025-01-18 01:19 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2026-04-21 15:52 - 2024-05-19 12:57 - 000000000 ____D C:\SmartStitch
2026-04-21 15:52 - 2024-02-25 15:55 - 000000000 ____D C:\Program Files\Shareaza
2026-04-21 15:20 - 2024-10-14 20:07 - 000000000 ____D C:\ProgramData\Logi
2026-04-21 15:20 - 2024-06-25 17:17 - 000000000 ____D C:\Program Files\Logi
2026-04-21 01:07 - 2024-02-25 08:53 - 000000000 ____D C:\Users\robin\AppData\Local\D3DSCache
2026-04-20 21:48 - 2025-02-03 22:38 - 000000000 ____D C:\Users\robin\AppData\Roaming\Microsoft\Excel
2026-04-20 00:53 - 2026-03-18 01:28 - 000000000 ____D C:\Users\robin\AppData\Roaming\logioptionsplus
2026-04-18 10:58 - 2025-01-18 01:19 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2026-04-18 07:15 - 2024-02-09 18:31 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2026-04-17 16:36 - 2024-04-01 09:26 - 000000000 ___HD C:\Program Files\WindowsApps
2026-04-17 01:54 - 2025-01-18 01:19 - 000506304 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2026-04-17 01:53 - 2024-04-01 18:30 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2026-04-17 01:53 - 2024-04-01 09:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2026-04-17 01:53 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemResources
2026-04-17 01:53 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2026-04-17 01:53 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2026-04-17 01:53 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2026-04-17 01:53 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2026-04-16 22:30 - 2024-02-25 16:24 - 000000000 ____D C:\WINDOWS\system32\MRT
2026-04-16 22:29 - 2024-02-25 16:24 - 218249592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2026-04-16 19:30 - 2024-02-28 20:27 - 000000000 ____D C:\Program Files\Common Files\Adobe
2026-04-16 19:30 - 2024-02-28 20:27 - 000000000 ____D C:\Program Files\Adobe
2026-04-16 19:30 - 2024-02-28 20:27 - 000000000 ____D C:\Program Files (x86)\Adobe
2026-04-16 19:30 - 2024-02-25 08:53 - 000000000 ____D C:\Users\robin\AppData\Local\CrashDumps
2026-04-16 18:51 - 2024-02-22 11:05 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2026-04-15 15:38 - 2025-01-18 09:20 - 003268096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2026-04-14 16:07 - 2024-02-09 18:30 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2026-04-13 01:32 - 2025-01-17 17:25 - 000000000 ____D C:\Users\robin
2026-04-12 15:17 - 2025-09-27 18:44 - 000000000 ____D C:\WINDOWS\Minidump
2026-04-12 15:17 - 2024-02-22 10:53 - 000223232 ____N C:\WINDOWS\Minidump\041226-11406-01.dmp
2026-04-12 09:49 - 2024-02-29 18:00 - 000000000 ____D C:\Users\robin\AppData\Roaming\XnConvert
2026-04-12 09:03 - 2024-02-25 08:52 - 000000000 ____D C:\Users\robin\AppData\Local\Packages
2026-04-12 06:36 - 2025-10-28 11:08 - 000001025 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge 2026.lnk
2026-04-12 06:36 - 2024-11-14 17:01 - 000000000 ___HD C:\adobeTemp
2026-04-12 06:35 - 2024-02-28 20:27 - 000000000 ____D C:\ProgramData\Adobe
2026-04-11 18:44 - 2024-02-25 09:15 - 000000000 ____D C:\Users\robin\AppData\Local\NVIDIA
2026-04-11 05:28 - 2024-02-25 09:20 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2026-04-11 05:27 - 2025-07-21 07:42 - 000000000 ____D C:\WINDOWS\system32\ruxim
2026-04-11 05:27 - 2024-04-01 18:28 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2026-04-11 05:27 - 2024-04-01 18:28 - 000000000 ____D C:\WINDOWS\system32\cs
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\system32\F12
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\qps-plocm
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\qps-ploc
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\InstallShield
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\hi-IN
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\te-IN
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ta-IN
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\setup
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\qps-plocm
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\qps-ploc
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\or-IN
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\migwiz
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\km-KH
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\is-IS
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\id-ID
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\hi-IN
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\et-EE
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\es-MX
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\be-BY
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\as-IN
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\am-ET
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\Provisioning
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\DiagTrack
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\BrowserCore
2026-04-11 05:27 - 2024-04-01 09:26 - 000000000 ____D C:\Program Files\Common Files\System
2026-04-11 05:27 - 2024-04-01 09:21 - 000000000 ____D C:\WINDOWS\servicing
2026-04-11 05:26 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2026-04-10 23:13 - 2024-04-01 09:26 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2026-04-10 23:13 - 2024-04-01 09:26 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2026-04-10 15:25 - 2025-01-18 01:21 - 000003638 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2026-04-10 15:25 - 2025-01-18 01:21 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2026-04-09 22:02 - 2025-05-21 21:22 - 000000985 _____ C:\Users\Public\Desktop\PotPlayer 64 bit.lnk
2026-04-08 16:09 - 2025-01-18 01:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2026-04-08 16:09 - 2024-02-25 09:20 - 000001080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2026-04-07 15:30 - 2025-12-12 21:27 - 000392320 _____ (Mozilla Foundation) C:\Users\robin\Desktop\Firefox.exe
2026-04-05 11:34 - 2025-01-17 17:25 - 000000000 ____D C:\Users\Rob
2026-04-05 11:00 - 2024-12-08 09:53 - 000000000 ____D C:\ProgramData\Piriform
2026-03-31 20:46 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2026-03-31 20:42 - 2024-02-25 15:24 - 000001062 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2026-03-31 20:42 - 2024-02-25 09:20 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2026-03-24 17:41 - 2024-02-25 08:53 - 000000000 ____D C:\Users\robin\AppData\Local\NVIDIA Corporation
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-04-2026
Ran by robin (21-04-2026 18:50:38)
Running from C:\Users\robin\Desktop
Microsoft Windows 11 Home Version 25H2 26200.8246 (X64) (2025-01-18 07:19:27)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2287906516-366990468-377022076-500 - Administrators - Disabled)
DefaultAccount (S-1-5-21-2287906516-366990468-377022076-503 - Limited - Disabled)
Guest (S-1-5-21-2287906516-366990468-377022076-501 - Limited - Disabled)
Rob (S-1-5-21-2287906516-366990468-377022076-1010 - Limited - Enabled) => C:\Users\Rob
robin (S-1-5-21-2287906516-366990468-377022076-1003 - Administrators - Enabled) => C:\Users\robin
WDAGUtilityAccount (S-1-5-21-2287906516-366990468-377022076-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 26.00 (x64) (HKLM\...\7-Zip) (Version: 26.00 - Igor Pavlov)
Adobe Bridge 2026 (HKLM-x32\...\KBRG_16_0_3) (Version: 16.0.3 - Adobe Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 6.9.1.1 - Adobe Inc.)
Adobe Photoshop 2026 (HKLM-x32\...\PHSP_27_5) (Version: 27.5.0.13 - Adobe Inc.)
AMD Ryzen Master (HKLM\...\{02247819-03CD-414E-AC8D-FD518BFBA445}) (Version: 2.14.1.3286 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 2.14.1.3286 - Advanced Micro Devices, Inc.)
Ant Renamer (HKLM-x32\...\Ant Renamer 2_is1) (Version: 2.12.0 - Ant Software)
Baldurs Gate 3 MULTi13 - ElAmigos version 5849914 (HKLM-x32\...\{11F1C23F-D931-4A8F-8E21-8119485681A9}_is1) (Version: 5849914 - Larian Studios)
CPUID CPU-Z 2.09 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.09 - CPUID, Inc.)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Git (HKLM\...\Git_is1) (Version: 2.53.0.2 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 147.0.7727.102 - Google LLC)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0.1 - AppWork GmbH)
Logi Options+ (HKLM\...\{850cdc16-85df-4052-b06e-4e3e9e83c5c6}) (Version: 2.2.872704 - Logitech)
Logi Plugin Service (HKLM\...\{FB4DBF89-6BCB-485D-AFA7-6E298885E6A5}) (Version: 6.2.6.1611 - Logitech)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 147.0.3912.72 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 147.0.3912.72 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Czech) 2007 (HKLM-x32\...\{90120000-0015-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Excel MUI (Czech) 2007 (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Czech) 2007 (HKLM-x32\...\{90120000-00BA-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2007 (HKLM-x32\...\{90120000-0044-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (HKLM\...\{90120000-002A-0000-1000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2007 (HKLM-x32\...\{90120000-00A1-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2007 (HKLM-x32\...\{90120000-001A-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2007 (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proof (Czech) 2007 (HKLM-x32\...\{90120000-001F-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2007 (HKLM-x32\...\{90120000-001F-041B-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2007 (HKLM-x32\...\{90120000-002C-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Czech) 2007 (HKLM-x32\...\{90120000-0019-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2007 (HKLM\...\{90120000-002A-0405-1000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2007 (HKLM-x32\...\{90120000-006E-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2007 (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-2287906516-366990468-377022076-1010\...\OneDriveSetup.exe) (Version: 24.166.0818.0003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.50727.4053 False (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x64 8.0.50727.42 False (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x64 8.0.51011 False (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x64 8.0.56336 False (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x64 8.0.57102 False (HKLM\...\{f0cbd694-71ce-4391-9690-5da93b2f0445}) (Version: 8.0.57102 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x64 8.0.58298 False (HKLM\...\{f45b48a7-f616-4211-b927-17cab6a96613}) (Version: 8.0.58298 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x64 8.0.59192 False (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.50727.4053 False (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x86 8.0.50727.42 False (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x86 8.0.51011 False (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x86 8.0.56336 False (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x86 8.0.57103 False (HKLM-x32\...\{d8fea624-4f2c-432d-9a54-6eee9cd1a77e}) (Version: 8.0.57103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x86 8.0.58299 False (HKLM-x32\...\{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}) (Version: 8.0.58299 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x86 8.0.59193 False (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 False (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.0 False (HKLM\...\{D04659D1-EB2D-3DE5-A833-837A623CCCF7}) (Version: 9.0.21022 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 False (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30411 False (HKLM\...\{D93AC9C8-B6CF-391E-BD2F-48AF4727476C}) (Version: 9.0.30411 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 False (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.0 False (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 False (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 False (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 False (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148.0 False (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.5570 False (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 False (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.0 False (HKLM-x32\...\{DCB46B42-723F-350E-B18A-449BC6C21636}) (Version: 9.0.21022 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 False (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 False (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 False (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.0 False (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 False (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 False (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 False (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148.0 False (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.5570 False (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.30319 False (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.30319 False (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 False Eng (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 False Eng (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 False (HKLM\...\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 False (HKLM\...\{3C28BFD4-90C7-3138-87EF-418DC16E9598}) (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 False (HKLM\...\{764384C5-BCA9-307C-9AAC-FD443662686A}) (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 False (HKLM\...\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 False (HKLM\...\{5AF4E09F-5C9B-3AAF-B731-544D3DC821DD}) (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 False (HKLM\...\{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}) (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 False (HKLM-x32\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 False (HKLM-x32\...\{6C772996-BFF3-3C8C-860B-B3D48FF05D65}) (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 False (HKLM-x32\...\{3D6AD258-61EA-35F5-812C-B7A02152996E}) (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 False (HKLM-x32\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 False (HKLM-x32\...\{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}) (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 False (HKLM-x32\...\{E7D4E834-93EB-351F-B8FB-82CDAE623003}) (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 False (HKLM-x32\...\{51adbf11-493f-431c-a862-967a0fae2944}) (Version: 12.0.21005.1 - Корпорация Майкрософт) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 False Eng (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 False (HKLM-x32\...\{1a63c099-febd-4eaf-83ad-a82ea4fdac49}) (Version: 12.0.30501.0 - Корпорация Майкрософт) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 False Eng (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{49e969a1-2990-464d-92b5-25f6f34573c6}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 False Eng (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 False (HKLM-x32\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 False Eng (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 False (HKLM-x32\...\{b55f7208-e02b-4828-ac78-59c73ddf5bc7}) (Version: 12.0.30501.0 - Корпорация Майкрософт) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 False Eng (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40649 False (HKLM-x32\...\{78142960-066b-4581-b984-0bdcf560c4be}) (Version: 12.0.40649.5 - Корпорация Майкрософт) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40649 False Eng (HKLM-x32\...\{35b83883-40fa-423c-ae73-2aff7e1ea820}) (Version: 12.0.40649.5 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 False (HKLM-x32\...\{10dc8dbf-d3d7-4e23-be07-120fe5c66b78}) (Version: 12.0.40660.0 - Корпорация Майкрософт) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 False Eng (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{d2c8df0e-f15d-4426-9e51-f13f329f9cb4}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 False Eng (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 False (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40649 False (HKLM\...\{20C1086D-C843-36B1-B678-990089D1BD44}) (Version: 12.0.40649 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 False (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 False (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40649 False (HKLM\...\{ABB19BB4-838D-3082-BDA4-87C6604181A2}) (Version: 12.0.40649 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 False (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 False (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40649 False (HKLM-x32\...\{A8589745-51BC-3963-B4E9-201CF8693538}) (Version: 12.0.40649 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 False (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 False (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40649 False (HKLM-x32\...\{DEA7F8E3-B7B9-3C3C-945B-7F8CE9041748}) (Version: 12.0.40649 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 False (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.40.33810 (HKLM-x32\...\{5af95fd8-a22e-458f-acee-c61bd787178e}) (Version: 14.40.33810.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.44.35211 (HKLM-x32\...\{d8bbe9f9-7c5b-42c6-b715-9ee898a2e515}) (Version: 14.44.35211.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.40.33810 (HKLM-x32\...\{47109d57-d746-4f8b-9618-ed6a17cc922b}) (Version: 14.40.33810.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.44.35211 (HKLM-x32\...\{0b5169e3-39da-4313-808e-1f9c0407f3bf}) (Version: 14.44.35211.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.44.35211 (HKLM\...\{86AB2CC9-08BD-4643-B0F9-F82D006D72FF}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.44.35211 (HKLM\...\{43B0D101-A022-48F4-9D04-BA404CEB1D53}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.44.35211 (HKLM-x32\...\{C18FB403-1E88-43C8-AD8A-CED50F23DE8B}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.44.35211 (HKLM-x32\...\{922480B5-CAEB-4B1B-AAA4-9716EFDCE26B}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{C931A1C6-A7BF-3737-874A-818881A37E1B}) (Version: 10.0.60915 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.60910 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox) (Version: 149.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 140.0.1 - Mozilla)
Mozilla Thunderbird (x64 cs) (HKLM\...\Mozilla Thunderbird 149.0.1 (x64 cs)) (Version: 149.0.1 - Mozilla)
Node.js (HKLM\...\{1B257839-6CC3-4882-B2C2-E4C0E70B97EF}) (Version: 24.14.1 - Node.js Foundation)
NVIDIA App 11.0.6.383 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NvApp) (Version: 11.0.6.383 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.5.11821.36727370 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.5.11821.36727370 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.4.5.7 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.5.7 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 591.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 591.86 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
Paradox Launcher v2 (HKLM\...\{8799CFDA-C94C-47A2-9EF0-170BC84F88C7}) (Version: 2.4.0 - Paradox Interactive)
PhotoImpact X3 (HKLM-x32\...\InstallShield_{15803703-25FA-4C01-A062-3F4A59937E87}) (Version: 13.0 - Corel)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 26.04.01.0 - Kakao Corp.)
Python 3.14.4 (64-bit) (HKU\S-1-5-21-2287906516-366990468-377022076-1003\...\{21bd423a-1cbb-41b4-b464-5e7c059ec5a4}) (Version: 3.14.4150.0 - Python Software Foundation)
Python 3.14.4 Add to Path (64-bit) (HKLM\...\{8D190621-B91A-4664-8506-C21DEEF6690A}) (Version: 3.14.4150.0 - Python Software Foundation) Hidden
Python 3.14.4 Core Interpreter (64-bit) (HKLM\...\{C72ADAF1-CF64-4C34-9485-2EE63BF0EA8B}) (Version: 3.14.4150.0 - Python Software Foundation) Hidden
Python 3.14.4 Development Libraries (64-bit) (HKLM\...\{7C0B1F9F-EF7E-4CCF-BF13-84B2B9EC0272}) (Version: 3.14.4150.0 - Python Software Foundation) Hidden
Python 3.14.4 Documentation (64-bit) (HKLM\...\{A69DA17D-3DBA-4A57-B9AF-7ED9696E3EF6}) (Version: 3.14.4150.0 - Python Software Foundation) Hidden
Python 3.14.4 Executables (64-bit) (HKLM\...\{2269A76D-370C-462C-B5AB-56758AABB756}) (Version: 3.14.4150.0 - Python Software Foundation) Hidden
Python 3.14.4 pip Bootstrap (64-bit) (HKLM\...\{E841439F-9F10-4B58-BA75-7B6A71565A28}) (Version: 3.14.4150.0 - Python Software Foundation) Hidden
Python 3.14.4 Standard Library (64-bit) (HKLM\...\{6C0E5B22-995D-4D14-94D2-9F556CF4812E}) (Version: 3.14.4150.0 - Python Software Foundation) Hidden
Python 3.14.4 Tcl/Tk Support (64-bit) (HKLM\...\{19AB4ED7-05CC-4497-9935-AF829093B5CE}) (Version: 3.14.4150.0 - Python Software Foundation) Hidden
Python 3.14.4 Test Suite (64-bit) (HKLM\...\{E67B3149-FEEE-4623-A24B-9C096A09D789}) (Version: 3.14.4150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{CF2C2B82-E540-4ACE-B007-DF0C216EFC40}) (Version: 3.14.4150.0 - Python Software Foundation)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9618.1 - Realtek Semiconductor Corp.)
Shareaza 2.7.10.2 (HKLM\...\Shareaza_is1) (Version: 2.7.10.2 - Shareaza Development Team)
SumatraPDF (HKU\S-1-5-21-2287906516-366990468-377022076-1003\...\SumatraPDF) (Version: 3.5.2 - Krzysztof Kowalczyk)
The Witcher 3: Wild Hunt - Game of the Year Edition (HKLM-x32\...\1495134320_is1) (Version: 4.04a - GOG.com)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
UXP WebView Support (HKLM-x32\...\UXPW_1_6_1) (Version: 1.6.1 - Adobe Inc.)
WinRAR 7.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.11.0 - win.rar GmbH)
XnConvert (x64) (HKLM\...\XnConvert (x64)_is1) (Version: 1.105.0.0 - Pierre-e Gougelet)
XnView 2.51.6 (HKLM-x32\...\XnView_is1) (Version: 2.51.6 - Gougelet Pierre-e)
Packages:
=========
Microsoft.D3DMappingLayers -> C:\Program Files\WindowsApps\Microsoft.D3DMappingLayers_1.2602.1.0_x64__8wekyb3d8bbwe [2026-02-03] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.969.0_x64__56jybvy8sckqj [2025-11-11] (NVIDIA Corp.)
WinAppRuntime.Main.1.8 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.8_8000.806.2252.0_x64__8wekyb3d8bbwe [2026-04-02] (Microsoft Corp.)
WinRAR -> C:\Program Files\WinRAR [2025-07-21] (win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2287906516-366990468-377022076-1003_Classes\CLSID\{21CBAAF2-E3D4-455A-B4E6-223467B53D1A}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll (Mozilla Corporation -> Mozilla Foundation)
CustomCLSID: HKU\S-1-5-21-2287906516-366990468-377022076-1003_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-2287906516-366990468-377022076-1003_Classes\CLSID\{BEA218D2-6950-497B-9434-61683EC065FE}\InprocServer32 -> C:\Users\robin\AppData\Local\Programs\Python\Launcher\pyshellext.amd64.dll (Python Software Foundation -> Python Software Foundation)
CustomCLSID: HKU\S-1-5-21-2287906516-366990468-377022076-1003_Classes\CLSID\{DFF20505-B08F-455B-AD70-4FBD055088E0}\localserver32 -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-2287906516-366990468-377022076-1003_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2025-12-04] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2025-12-04] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2025-12-04] (Adobe Inc. -> )
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2026-02-12] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2025-12-04] (Adobe Inc. -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2026-02-12] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvAppDesktopContext] -> {F2E8B4A1-9C7D-4F6E-B3A5-8D2C1F4E9B7A} => C:\Program Files\NVIDIA Corporation\NVIDIA App\NvCpl\nvui.dll [2026-01-16] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_adc55ecfca814224\nvshext.dll [2026-01-22] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2026-02-12] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2025-12-04] (Adobe Inc. -> )
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [MidisrvTransferComplete] => 1
HKLM\...\Drivers32: [midi1] => C:\WINDOWS\system32\wdmaud2.drv [143360 2026-04-10] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32: [midi1] => C:\Windows\SysWOW64\wdmaud2.drv [94720 2026-04-10] (Microsoft Windows -> Microsoft Corporation)
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2025-11-03 09:23 - 2025-11-03 09:23 - 001368064 _____ () [File not signed] C:\Program Files\Logi\LogiPluginService\win\LogiEventTracingNativeLibrary.dll
2025-11-03 09:23 - 2025-11-03 09:23 - 000173568 _____ () [File not signed] C:\Program Files\Logi\LogiPluginService\win\LogiLocalConnectionNativeLibrary.dll
2026-04-05 11:04 - 2026-02-12 12:00 - 000101888 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2024-11-23 13:26 - 2026-03-01 11:08 - 000000000 ____L (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA App\MessageBus\NvMessageBusBroadcast.dll] C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\NvMessageBusBroadcast.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\robin\Downloads:Shareaza.GUID [16]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{75416E63-5912-4DFA-AE8F-3EFACCAFFB14} => ""="NvmeDisk"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{75416E63-5912-4DFA-AE8F-3EFACCAFFB14} => ""="NvmeDisk"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2022-05-07 07:24 - 2026-04-16 19:30 - 000000735 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Network ===========================
(Currently there is no automatic fix for this section.)
DNS Servers: 192.168.0.1
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: Realtek PCIe GbE Family Controller -> rt68cx21x64.sys
Síťové připojení Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2287906516-366990468-377022076-1003\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\themea\img20.jpg
HKU\S-1-5-21-2287906516-366990468-377022076-1010\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\themea\img20.jpg
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 1) (TamperProtectionSource: 5)
HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "CzcScript"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{6219F238-14E3-4D2F-AFAA-79AB74138C7D}C:\hry\baldurs gate 3\bin\bg3.exe] => (Block) C:\hry\baldurs gate 3\bin\bg3.exe (Larian Studios Games Ltd. -> )
FirewallRules: [TCP Query User{222B68AD-991F-4AE3-B878-25702F8FBDB3}C:\hry\baldurs gate 3\bin\bg3.exe] => (Block) C:\hry\baldurs gate 3\bin\bg3.exe (Larian Studios Games Ltd. -> )
FirewallRules: [UDP Query User{3C5D80BD-74F9-48B9-BDB6-A82FE900CF36}C:\hry\phoenixpoint\phoenixpointwin64.exe] => (Block) C:\hry\phoenixpoint\phoenixpointwin64.exe (Snapshot Games Inc. -> )
FirewallRules: [TCP Query User{0C9B7B7C-D6AE-4F3F-AD96-76DACBB16765}C:\hry\phoenixpoint\phoenixpointwin64.exe] => (Block) C:\hry\phoenixpoint\phoenixpointwin64.exe (Snapshot Games Inc. -> )
FirewallRules: [{324404DA-ECFE-4594-9DB6-6180391BCAA3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.MinecraftEducationEdition_1.21.500.0_x64__8wekyb3d8bbwe\Minecraft.Windows.exe (Microsoft Corporation -> )
FirewallRules: [{0CDD3622-18BD-439F-941A-0FBB1580B082}] => (Allow) C:\Program Files\WindowsApps\Microsoft.MinecraftEducationEdition_1.21.500.0_x64__8wekyb3d8bbwe\Minecraft.Windows.exe (Microsoft Corporation -> )
FirewallRules: [UDP Query User{47E8A489-1DA9-4983-A6B5-C7CCBA4C1B38}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{B5483232-0203-4AC8-AA71-1014C2CD6738}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{0C2FFB3B-9AA1-42B5-AD83-A16E184826BE}C:\program files\shareaza\shareaza.exe] => (Allow) C:\program files\shareaza\shareaza.exe => No File
FirewallRules: [TCP Query User{0C163D42-DB27-4F82-8EEA-8CFC4A378E36}C:\program files\shareaza\shareaza.exe] => (Allow) C:\program files\shareaza\shareaza.exe => No File
FirewallRules: [{66C07F00-32D2-4A0E-B9BB-1361C5C46CB9}] => (Allow) C:\Program Files\Shareaza\Shareaza.exe => No File
FirewallRules: [{818C3769-3F53-4196-9502-3F36031927CE}] => (Allow) C:\Program Files\Shareaza\Shareaza.exe => No File
FirewallRules: [{1518EA64-605B-4A06-A75B-4E5FA81F386F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6C9619A3-7BDD-4AA2-8EFF-CAD775ADB86B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9BEA8409-0BB7-4EFC-A663-5676548D3515}] => (Allow) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{04237B67-4C0C-406B-8DDC-B97771CE5C53}] => (Allow) C:\Program Files\Logi\LogiPluginService\LogiPluginService.exe (Logitech Inc -> Logitech)
FirewallRules: [{0F7CE566-8D47-47F5-A95E-EAE32253AC4B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
31-03-2026 20:46:19 Instalační služba modulů systému Windows
09-04-2026 00:43:26 Naplánovaný kontrolní bod
10-04-2026 23:05:34 Instalační služba modulů systému Windows
11-04-2026 19:48:07 Installed Node.js
15-04-2026 15:36:40 Instalační služba modulů systému Windows
21-04-2026 15:29:34 NPE v6.6.0.2153
21-04-2026 16:04:47 NPE v6.6.0.2153
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (04/21/2026 04:18:23 PM) (Source: Application Error) (EventID: 1000) (User: PC)
Description: Název chybující aplikace: NPE.exe, verze: 6.6.0.2153, časové razítko: 0x62c73692
Název chybujícího modulu: NPE.exe, verze: 6.6.0.2153, časové razítko: 0x62c73692
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000002f13b5
ID chybujícího procesu: 0x23f4
Čas spuštění chybující aplikace: 0x1dcd198b53e15ca
Cesta k chybující aplikaci: C:\Users\robin\Desktop\NPE.exe
Cesta k chybujícímu modulu: C:\Users\robin\Desktop\NPE.exe
ID sestavy: 55a68268-acec-4710-a8f2-bf2a818d613a
Celý název chybujícího balíčku:
ID chybující aplikace relativní vzhledem k balíčku:
Error: (04/21/2026 04:08:31 PM) (Source: Firefox Default Browser Agent) (EventID: 1155) (User: )
Description: Event-ID 1155
Error: (04/21/2026 04:04:47 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen..To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {56ee9605-91f5-4ca7-940d-cb10ed34833c}
Error: (04/21/2026 03:29:34 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen..To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {3d78941d-4351-4ee7-934f-ca235dc10b21}
Error: (04/20/2026 04:08:31 PM) (Source: Firefox Default Browser Agent) (EventID: 1155) (User: )
Description: Event-ID 1155
Error: (04/19/2026 04:08:30 PM) (Source: Firefox Default Browser Agent) (EventID: 1155) (User: )
Description: Event-ID 1155
Error: (04/18/2026 04:08:30 PM) (Source: Firefox Default Browser Agent) (EventID: 1155) (User: )
Description: Event-ID 1155
Error: (04/17/2026 04:08:30 PM) (Source: Firefox Default Browser Agent) (EventID: 1155) (User: )
Description: Event-ID 1155
System errors:
=============
Error: (04/21/2026 04:15:53 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update Boot Manager (2023) with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931
Error: (04/21/2026 04:15:53 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update KEK 2023 with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931
Error: (04/21/2026 04:15:53 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update 3P UEFI CA 2023 (DB) with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931
Error: (04/21/2026 04:15:53 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update Option ROM CA 2023 (DB) with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931
Error: (04/21/2026 04:15:53 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update Windows UEFI CA 2023 (DB) with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931
Error: (04/21/2026 04:15:53 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1801) (User: NT AUTHORITY)
Description: Updated Secure Boot certificates are available on this device but have not yet been applied to the firmware. Review the published guidance to complete the update and maintain full protection. This device signature information is included here.
DeviceAttributes: BaseBoardManufacturer:Gigabyte Technology Co., Ltd.;FirmwareManufacturer:American Megatrends International, LLC.;FirmwareVersion:F22b;OEMModelNumber:A620M GAMING X;OEMModelBaseBoard:A620M GAMING X;OEMModelSystemFamily:A620 MB;OEMManufacturerName:Gigabyte Technology Co., Ltd.;OEMModelSKU:Default string;OSArchitecture:amd64;
BucketId: e27fc230be533f3a00800b0c01fa13da6d4b9840a09053ae8fff5f6a9a1134b8
BucketConfidenceLevel: High Confidence
UpdateType: Windows UEFI CA 2023 (DB), Option ROM CA 2023 (DB), 3P UEFI CA 2023 (DB), KEK 2023, Boot Manager (2023)
For more information, please see https://go.microsoft.com/fwlink/?linkid=2301018.
Error: (04/21/2026 04:11:33 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba SysMain byla ukončena s následující chybou:
Parametr není správný.
Error: (04/21/2026 04:03:13 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update Boot Manager (2023) with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931
Windows Defender:
================
Date: 2026-04-21 01:06:46
Description:
Antivirová ochrana v programu Microsoft Defender ŝςал ĥäѕ ъέзй šŧŏφφзδ ъ℮ƒǿŕě ĉόmрℓ℮ţįσń.%η %τŚçāл İĐ:%в{FCF5A0EB-403E-4ACC-85EC-52F7723C26B5}%ň %τŞĉąл Τўφέ:%ъAntimalwarový program%ή %ŧЅĉάп Рαґάмεťзřş:%вRychlé prohledávání%ņ %ťŲŝзґ:%ьNT AUTHORITY\SYSTEM%ň %тŜτόφ Ŗздšóñ:%ъЅċћêďùℓêð šςāņ ẃάš ѕķįррέð ъέĉąύšě ŧħє ŀäѕŧ śџć¢éŝѕƒũℓ şčãň ώăѕ ωîŧћίŋ ŧĥë ŀāşτ 7 ðåýŝ
Date: 2026-04-19 20:06:40
Description:
Antivirová ochrana v programu Microsoft Defender ŝςал ĥäѕ ъέзй šŧŏφφзδ ъ℮ƒǿŕě ĉόmрℓ℮ţįσń.%η %τŚçāл İĐ:%в{7BB089B7-7B9A-4C64-81A5-0B20CA93DD35}%ň %τŞĉąл Τўφέ:%ъAntimalwarový program%ή %ŧЅĉάп Рαґάмεťзřş:%вRychlé prohledávání%ņ %ťŲŝзґ:%ьNT AUTHORITY\SYSTEM%ň %тŜτόφ Ŗздšóñ:%ъЅċћêďùℓêð šςāņ ẃάš ѕķįррέð ъέĉąύšě ŧħє ŀäѕŧ śџć¢éŝѕƒũℓ şčãň ώăѕ ωîŧћίŋ ŧĥë ŀāşτ 7 ðåýŝ
Date: 2026-04-18 18:15:20
Description:
Antivirová ochrana v programu Microsoft Defender ŝςал ĥäѕ ъέзй šŧŏφφзδ ъ℮ƒǿŕě ĉόmрℓ℮ţįσń.%η %τŚçāл İĐ:%в{89248BEB-6A55-4859-B4A4-B3704371DA6F}%ň %τŞĉąл Τўφέ:%ъAntimalwarový program%ή %ŧЅĉάп Рαґάмεťзřş:%вRychlé prohledávání%ņ %ťŲŝзґ:%ьNT AUTHORITY\SYSTEM%ň %тŜτόφ Ŗздšóñ:%ъЅċћêďùℓêð šςāņ ẃάš ѕķįррέð ъέĉąύšě ŧħє ŀäѕŧ śџć¢éŝѕƒũℓ şčãň ώăѕ ωîŧћίŋ ŧĥë ŀāşτ 7 ðåýŝ
Date: 2026-04-16 18:51:21
Description:
Antivirová ochrana v programu Microsoft Defender ŝςал ĥäѕ ъέзй šŧŏφφзδ ъ℮ƒǿŕě ĉόmрℓ℮ţįσń.%η %τŚçāл İĐ:%в{52598CF7-E53B-405F-A665-1F9343F17FEF}%ň %τŞĉąл Τўφέ:%ъAntimalwarový program%ή %ŧЅĉάп Рαґάмεťзřş:%вRychlé prohledávání%ņ %ťŲŝзґ:%ьNT AUTHORITY\SYSTEM%ň %тŜτόφ Ŗздšóñ:%ъŖΡĆ ćøñⁿēčŧϊσл ѓúπďôши
Date: 2026-04-16 16:12:08
Description:
Antivirová ochrana v programu Microsoft Defender ŝςал ĥäѕ ъέзй šŧŏφφзδ ъ℮ƒǿŕě ĉόmрℓ℮ţįσń.%η %τŚçāл İĐ:%в{1FC622A1-F82F-4FEA-8380-A6B43897CDC4}%ň %τŞĉąл Τўφέ:%ъAntimalwarový program%ή %ŧЅĉάп Рαґάмεťзřş:%вRychlé prohledávání%ņ %ťŲŝзґ:%ьNT AUTHORITY\SYSTEM%ň %тŜτόφ Ŗздšóñ:%ъŖΡĆ ćøñⁿēčŧϊσл ѓúπďôши
Event[0]
Date: 2026-02-28 20:33:11
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.445.290.0
Předchozí verze bezpečnostních informací: 1.445.280.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.26010.1
Předchozí verze modulu: 1.1.26010.1
Kód chyby: 0x8050a004
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.
Date: 2026-02-28 20:33:11
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.445.290.0
Předchozí verze bezpečnostních informací: 1.445.280.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.26010.1
Předchozí verze modulu: 1.1.26010.1
Kód chyby: 0x8050a004
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.
Date: 2025-07-20 17:14:46
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80070003
Popis chyby: Systém nemůže nalézt uvedenou cestu.
Verze bezpečnostních informací: 0.0.0.0;0.0.0.0
Verze modulu: 0.0.0.0
CodeIntegrity:
===============
Date: 2025-07-20 17:14:02
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\hidusb.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2025-07-20 17:14:01
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\ks.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2025-07-20 17:14:01
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\portcls.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2025-07-20 17:14:01
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\hdaudbus.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: American Megatrends International, LLC. F22b 02/06/2024
Motherboard: Gigabyte Technology Co., Ltd. A620M GAMING X
Processor: AMD Ryzen 5 7600X 6-Core Processor
Percentage of memory in use: 18%
Total physical RAM: 31893.9 MB
Available physical RAM: 25898.32 MB
Total Virtual: 33941.9 MB
Available Virtual: 27651.11 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:952.44 GB) (Free:522.51 GB) (Model: ADATA SX8200PNP) NTFS
Drive d: () (Fixed) (Total:976.56 GB) (Free:183.36 GB) (Model: Samsung SSD 870 QVO 4TB) NTFS
Drive e: (filmy) (Fixed) (Total:2749.46 GB) (Free:358.48 GB) (Model: Samsung SSD 870 QVO 4TB) NTFS
\\?\Volume{c19c1102-c882-44c0-ad11-f56df7cbfa3c}\ () (Fixed) (Total:0.73 GB) (Free:0.05 GB) NTFS
\\?\Volume{90cba374-ae74-4937-8c1c-d913159142eb}\ (Recovery) (Fixed) (Total:0.59 GB) (Free:0.57 GB) NTFS
\\?\Volume{7b948908-ac83-4b25-885c-bf73cd57240d}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 3726 GB) (Disk ID: 83EB098B)
Partition: GPT.
==========================================================
Disk: 1 (Size: 953.9 GB) (Disk ID: 83EB09B9)
Partition: GPT.
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
nejde odstranit vir
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
nejde odstranit vir
Vyrostl jsem v tak chudé rodině, že kdybych se nenarodil jako chlapeček, tak bych si neměl s čím hrát.
-
Rudy
- Site Admin
- Příspěvky: 119889
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: nejde odstranit vir
Zdravím!
Pokud máte na mysli, tento soubor: C:\WINDOWS\System32\drivers\BthA2dp.sys, půjde o nělakou haluz programu Norton power eraser. Toto je zcela regulérní ovladač bluetooth. Pokud ho vyhodíte, přestane bluetooth fungovat. Pokud je ovšem umístěn někde jinde ( v jiném adresáři), může jít o virus.
Pokud máte na mysli, tento soubor: C:\WINDOWS\System32\drivers\BthA2dp.sys, půjde o nělakou haluz programu Norton power eraser. Toto je zcela regulérní ovladač bluetooth. Pokud ho vyhodíte, přestane bluetooth fungovat. Pokud je ovšem umístěn někde jinde ( v jiném adresáři), může jít o virus.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: nejde odstranit vir
Buď se NPE zbláznil, nebo mi v pc něco řádí. Když jsem jím dneska projel pc tak tam byly ty samé programy + ještě hromada dalších. Opravil je smazáním. Smartstich a sharezu jsem mezitím doinstaloval a teď je našel znovu + FRST.
- Snímek obrazovky 2026-04-21 201420.png (123.81 KiB) Zobrazeno 236 x
Vyrostl jsem v tak chudé rodině, že kdybych se nenarodil jako chlapeček, tak bych si neměl s čím hrát.
-
Rudy
- Site Admin
- Příspěvky: 119889
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: nejde odstranit vir
Osobně program Norton power eraser nepoužívám . Používám takové, pomocí kterých tady čistíme PC i tady. Pro jistotu udělejte sken ADWC:
Rozhodně ale nebudu odstraňovat Bluetooth ovladač. To, co vypadlo z toho programu je podle mého naprostý nesmysl.Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: nejde odstranit vir
# -------------------------------
# Malwarebytes AdwCleaner 8.5.0.595
# -------------------------------
# Build: 03-05-2025
# Database: 2024-10-23.4 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-21-2026
# Duration: 00:00:00
# OS: Windows 11 (Build 26200.8246)
# Cleaned: 7
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Classes\CLSID\{0EEDB912-C5FA-486F-8334-57288578C627}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0EEDB912-C5FA-486F-8334-57288578C627}
Deleted HKLM\Software\Classes\CLSID\{0EEDB912-C5FA-486F-8334-57288578C627}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0EEDB912-C5FA-486F-8334-57288578C627}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{0EEDB912-C5FA-486F-8334-57288578C627}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0EEDB912-C5FA-486F-8334-57288578C627}
Deleted HKU\S-1-5-21-2287906516-366990468-377022076-1010\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0EEDB912-C5FA-486F-8334-57288578C627}
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1422 octets] - [14/10/2025 20:21:09]
AdwCleaner[S01].txt - [1483 octets] - [18/10/2025 19:11:28]
AdwCleaner[C01].txt - [1673 octets] - [18/10/2025 19:12:58]
AdwCleaner[S02].txt - [1605 octets] - [22/11/2025 08:31:52]
AdwCleaner[S03].txt - [1666 octets] - [05/12/2025 15:12:34]
AdwCleaner[S04].txt - [1727 octets] - [24/12/2025 14:50:57]
AdwCleaner[S05].txt - [1788 octets] - [30/12/2025 22:47:21]
AdwCleaner[S06].txt - [1849 octets] - [10/01/2026 08:44:23]
AdwCleaner[S07].txt - [1910 octets] - [27/01/2026 22:20:53]
AdwCleaner[S08].txt - [1971 octets] - [19/02/2026 20:24:50]
AdwCleaner[S09].txt - [2032 octets] - [21/02/2026 15:29:06]
AdwCleaner[S10].txt - [2093 octets] - [25/02/2026 01:00:19]
AdwCleaner[S11].txt - [2154 octets] - [28/02/2026 14:30:08]
AdwCleaner[S12].txt - [2215 octets] - [01/03/2026 08:57:42]
AdwCleaner[S13].txt - [2276 octets] - [04/03/2026 19:53:38]
AdwCleaner[S14].txt - [2337 octets] - [14/03/2026 20:05:52]
AdwCleaner[S15].txt - [2398 octets] - [18/03/2026 00:16:19]
AdwCleaner[S16].txt - [2459 octets] - [22/03/2026 23:29:01]
AdwCleaner[S17].txt - [2520 octets] - [05/04/2026 11:35:03]
AdwCleaner[S18].txt - [2581 octets] - [11/04/2026 22:21:13]
AdwCleaner[S19].txt - [2642 octets] - [21/04/2026 15:21:16]
AdwCleaner[S20].txt - [3595 octets] - [21/04/2026 21:12:00]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C20].txt ##########
# Malwarebytes AdwCleaner 8.5.0.595
# -------------------------------
# Build: 03-05-2025
# Database: 2024-10-23.4 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-21-2026
# Duration: 00:00:00
# OS: Windows 11 (Build 26200.8246)
# Cleaned: 7
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Classes\CLSID\{0EEDB912-C5FA-486F-8334-57288578C627}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0EEDB912-C5FA-486F-8334-57288578C627}
Deleted HKLM\Software\Classes\CLSID\{0EEDB912-C5FA-486F-8334-57288578C627}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0EEDB912-C5FA-486F-8334-57288578C627}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{0EEDB912-C5FA-486F-8334-57288578C627}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0EEDB912-C5FA-486F-8334-57288578C627}
Deleted HKU\S-1-5-21-2287906516-366990468-377022076-1010\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0EEDB912-C5FA-486F-8334-57288578C627}
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1422 octets] - [14/10/2025 20:21:09]
AdwCleaner[S01].txt - [1483 octets] - [18/10/2025 19:11:28]
AdwCleaner[C01].txt - [1673 octets] - [18/10/2025 19:12:58]
AdwCleaner[S02].txt - [1605 octets] - [22/11/2025 08:31:52]
AdwCleaner[S03].txt - [1666 octets] - [05/12/2025 15:12:34]
AdwCleaner[S04].txt - [1727 octets] - [24/12/2025 14:50:57]
AdwCleaner[S05].txt - [1788 octets] - [30/12/2025 22:47:21]
AdwCleaner[S06].txt - [1849 octets] - [10/01/2026 08:44:23]
AdwCleaner[S07].txt - [1910 octets] - [27/01/2026 22:20:53]
AdwCleaner[S08].txt - [1971 octets] - [19/02/2026 20:24:50]
AdwCleaner[S09].txt - [2032 octets] - [21/02/2026 15:29:06]
AdwCleaner[S10].txt - [2093 octets] - [25/02/2026 01:00:19]
AdwCleaner[S11].txt - [2154 octets] - [28/02/2026 14:30:08]
AdwCleaner[S12].txt - [2215 octets] - [01/03/2026 08:57:42]
AdwCleaner[S13].txt - [2276 octets] - [04/03/2026 19:53:38]
AdwCleaner[S14].txt - [2337 octets] - [14/03/2026 20:05:52]
AdwCleaner[S15].txt - [2398 octets] - [18/03/2026 00:16:19]
AdwCleaner[S16].txt - [2459 octets] - [22/03/2026 23:29:01]
AdwCleaner[S17].txt - [2520 octets] - [05/04/2026 11:35:03]
AdwCleaner[S18].txt - [2581 octets] - [11/04/2026 22:21:13]
AdwCleaner[S19].txt - [2642 octets] - [21/04/2026 15:21:16]
AdwCleaner[S20].txt - [3595 octets] - [21/04/2026 21:12:00]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C20].txt ##########
Vyrostl jsem v tak chudé rodině, že kdybych se nenarodil jako chlapeček, tak bych si neměl s čím hrát.
-
Rudy
- Site Admin
- Příspěvky: 119889
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: nejde odstranit vir
Něco smazal, ale nemá to nic společného s těmi nálezy Norton power eraseru. Dočistíme přímo podle logu FRST. Otevřte poznámkový blok a zkopírujte do něj:
Uložte do C:\Users\robin\Desktop jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Start
CloseProcesses:
HKU\S-1-5-21-2287906516-366990468-377022076-1003\...\Run: [AdobeBridge] => [X]
C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
AlternateDataStreams: C:\Users\robin\Downloads:Shareaza.GUID [16]
irewallRules: [UDP Query User{0C2FFB3B-9AA1-42B5-AD83-A16E184826BE}C:\program files\shareaza\shareaza.exe] => (Allow) C:\program files\shareaza\shareaza.exe => No File
FirewallRules: [TCP Query User{0C163D42-DB27-4F82-8EEA-8CFC4A378E36}C:\program files\shareaza\shareaza.exe] => (Allow) C:\program files\shareaza\shareaza.exe => No File
FirewallRules: [{66C07F00-32D2-4A0E-B9BB-1361C5C46CB9}] => (Allow) C:\Program Files\Shareaza\Shareaza.exe => No File
FirewallRules: [{818C3769-3F53-4196-9502-3F36031927CE}] => (Allow) C:\Program Files\Shareaza\Shareaza.exe => No File
EmptyTemp:
End
Uložte do C:\Users\robin\Desktop jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: nejde odstranit vir
Fix result of Farbar Recovery Scan Tool (x64) Version: 20-04-2026
Ran by robin (21-04-2026 22:36:34) Run:1
Running from C:\Users\robin\Desktop
Loaded Profiles: robin & Rob
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-2287906516-366990468-377022076-1003\...\Run: [AdobeBridge] => [X]
C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
AlternateDataStreams: C:\Users\robin\Downloads:Shareaza.GUID [16]
irewallRules: [UDP Query User{0C2FFB3B-9AA1-42B5-AD83-A16E184826BE}C:\program files\shareaza\shareaza.exe] => (Allow) C:\program files\shareaza\shareaza.exe => No File
FirewallRules: [TCP Query User{0C163D42-DB27-4F82-8EEA-8CFC4A378E36}C:\program files\shareaza\shareaza.exe] => (Allow) C:\program files\shareaza\shareaza.exe => No File
FirewallRules: [{66C07F00-32D2-4A0E-B9BB-1361C5C46CB9}] => (Allow) C:\Program Files\Shareaza\Shareaza.exe => No File
FirewallRules: [{818C3769-3F53-4196-9502-3F36031927CE}] => (Allow) C:\Program Files\Shareaza\Shareaza.exe => No File
EmptyTemp:
End
*****************
Processes closed successfully.
"HKU\S-1-5-21-2287906516-366990468-377022076-1003\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge" => removed successfully
Could not move "C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2" => Scheduled to move on reboot.
C:\Users\robin\Downloads => ":Shareaza.GUID" ADS could not remove.
irewallRules: [UDP Query User{0C2FFB3B-9AA1-42B5-AD83-A16E184826BE}C:\program files\shareaza\shareaza.exe] => (Allow) C:\program files\shareaza\shareaza.exe => No File => Error: No automatic fix found for this entry.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0C163D42-DB27-4F82-8EEA-8CFC4A378E36}C:\program files\shareaza\shareaza.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{66C07F00-32D2-4A0E-B9BB-1361C5C46CB9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{818C3769-3F53-4196-9502-3F36031927CE}" => removed successfully
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12828848 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 74643044 B
Edge => 72379023 B
Chrome => 16015264 B
Firefox => 1311084876 B
Opera => 0 B
Local\Temp, Local\*.tmp, LocalLow\Temp, Roaming\Temp, Roaming\*.tmp , IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 51462 B
robin => 248714291 B
Rob => 0 B
RecycleBin => 14856542347 B
EmptyTemp: => 15.5 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 21-04-2026 22:38:26)
C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2 => Could not move
==== End of Fixlog 22:38:26 ====
Ran by robin (21-04-2026 22:36:34) Run:1
Running from C:\Users\robin\Desktop
Loaded Profiles: robin & Rob
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-2287906516-366990468-377022076-1003\...\Run: [AdobeBridge] => [X]
C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
AlternateDataStreams: C:\Users\robin\Downloads:Shareaza.GUID [16]
irewallRules: [UDP Query User{0C2FFB3B-9AA1-42B5-AD83-A16E184826BE}C:\program files\shareaza\shareaza.exe] => (Allow) C:\program files\shareaza\shareaza.exe => No File
FirewallRules: [TCP Query User{0C163D42-DB27-4F82-8EEA-8CFC4A378E36}C:\program files\shareaza\shareaza.exe] => (Allow) C:\program files\shareaza\shareaza.exe => No File
FirewallRules: [{66C07F00-32D2-4A0E-B9BB-1361C5C46CB9}] => (Allow) C:\Program Files\Shareaza\Shareaza.exe => No File
FirewallRules: [{818C3769-3F53-4196-9502-3F36031927CE}] => (Allow) C:\Program Files\Shareaza\Shareaza.exe => No File
EmptyTemp:
End
*****************
Processes closed successfully.
"HKU\S-1-5-21-2287906516-366990468-377022076-1003\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge" => removed successfully
Could not move "C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2" => Scheduled to move on reboot.
C:\Users\robin\Downloads => ":Shareaza.GUID" ADS could not remove.
irewallRules: [UDP Query User{0C2FFB3B-9AA1-42B5-AD83-A16E184826BE}C:\program files\shareaza\shareaza.exe] => (Allow) C:\program files\shareaza\shareaza.exe => No File => Error: No automatic fix found for this entry.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0C163D42-DB27-4F82-8EEA-8CFC4A378E36}C:\program files\shareaza\shareaza.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{66C07F00-32D2-4A0E-B9BB-1361C5C46CB9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{818C3769-3F53-4196-9502-3F36031927CE}" => removed successfully
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12828848 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 74643044 B
Edge => 72379023 B
Chrome => 16015264 B
Firefox => 1311084876 B
Opera => 0 B
Local\Temp, Local\*.tmp, LocalLow\Temp, Roaming\Temp, Roaming\*.tmp , IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 51462 B
robin => 248714291 B
Rob => 0 B
RecycleBin => 14856542347 B
EmptyTemp: => 15.5 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 21-04-2026 22:38:26)
C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2 => Could not move
==== End of Fixlog 22:38:26 ====
Vyrostl jsem v tak chudé rodině, že kdybych se nenarodil jako chlapeček, tak bych si neměl s čím hrát.
-
Rudy
- Site Admin
- Příspěvky: 119889
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: nejde odstranit vir
Vše bylo smazáno, logh je již OK. Doporučuji nepoužívat sw Norton power eraser. Log již vypadá OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: nejde odstranit vir
ok díky
Vyrostl jsem v tak chudé rodině, že kdybych se nenarodil jako chlapeček, tak bych si neměl s čím hrát.
-
Rudy
- Site Admin
- Příspěvky: 119889
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: nejde odstranit vir
Rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?