Zdravím,
moc prosím o preventivní kontrolu. Děkuji.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-03-2025
Ran by Milan (administrator) on DESKTOP-4G0UFJU (Micro-Star International Co., Ltd. MS-7D25) (20-03-2025 22:02:19)
Running from C:\Users\Milan\Desktop\FRST64.exe
Loaded Profiles: Milan & _ashbackuppb_
Platform: Microsoft Windows 11 Home Version 24H2 26100.3476 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE ->) (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files (x86)\Kerish PC Doctor\KerishDoctor.exe ->) (KERISH PRODUCTS LLP -> Kerish Products LLP) C:\ProgramData\Kerish Products\Kerish Doctor\Database\KerishHardMon.exe
(C:\Program Files (x86)\Sticky Password\stpass.exe ->) (Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spUIAManager.exe
(C:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\backupService-abpb.exe ->) (Ashampoo GmbH & Co. KG -> ) C:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\oxHelper.exe <2>
(C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_appbroker.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe
(C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
(C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(C:\Program Files\Mozilla Firefox\firefox.exe ->) (Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spNMHost.exe
(C:\Program Files\WindowsApps\DuckDuckGo.DesktopBrowser_0.104.4.0_x64__ya2fgkz3nks94\WindowsBrowser\DuckDuckGo.exe ->) (Duck Duck Go, Inc. -> Microsoft Corporation) C:\Program Files\WindowsApps\DuckDuckGo.DesktopBrowser_0.104.4.0_x64__ya2fgkz3nks94\WindowsBrowser\WebView2\msedgewebview2.exe <6>
(C:\Program Files\WindowsApps\MSTeams_25060.205.3499.6849_x64__8wekyb3d8bbwe\ms-teams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\134.0.3124.72\msedgewebview2.exe <6>
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(explorer.exe ->) (Appwork GmbH -> AppWork GmbH) C:\Users\Milan\AppData\Local\JDownloader 2.0\JDownloader2.exe
(explorer.exe ->) (Ashampoo GmbH & Co. KG -> ) C:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\backupClient-abpb.exe
(explorer.exe ->) (Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\stpass.exe
(explorer.exe ->) (Logitech Inc -> Logitech) C:\Program Files\Logi\LogiBolt\LogiBolt.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MSTeams_25060.205.3499.6849_x64__8wekyb3d8bbwe\ms-teams.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <19>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Ashampoo GmbH & Co. KG -> ) C:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\backupService-abpb.exe
(services.exe ->) (GuinpinSoft inc) [File not signed] C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.2.0_x64.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_8a3f88e34f6b8385\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_c93fab790f948e12\WMIRegistrationService.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncHelper.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\NisSrv.exe
(services.exe ->) (Michael Maltsev -> Ramen Software) C:\Program Files (x86)\Windhawk\windhawk.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_0afec3f2050014a0\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_434f4faf6aa034b3\RtkAudUService64.exe <2>
(sihost.exe ->) (935AB26D-5E35-464D-9BB5-C3326ED6FB1E -> Comfort Software Group) C:\Program Files\WindowsApps\ComfortSoftwareGroup.619107C5A9A29_5.3.0.0_x64__2tsmkga83t66w\FreeCountdownTimer.exe
(sihost.exe ->) (Duck Duck Go, Inc. -> DuckDuckGo) C:\Program Files\WindowsApps\DuckDuckGo.DesktopBrowser_0.104.4.0_x64__ya2fgkz3nks94\WindowsBrowser\DuckDuckGo.exe
(svchost.exe ->) (KERISH PRODUCTS LLP -> Kerish Products LLP) C:\Program Files (x86)\Kerish PC Doctor\KerishDoctor.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation) [File not signed] E:\WindowsApps\Microsoft.WidgetsPlatformRuntime_1.6.8.0_x64__8wekyb3d8bbwe\WidgetService\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_434f4faf6aa034b3\RtkAudUService64.exe [2389976 2024-12-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1690368 2022-07-22] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [LogiBolt] => C:\Program Files\Logi\LogiBolt\LogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech)
HKLM\...\Run: [Ashampoo Backup PB] => C:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\backupClient-abpb.exe [975712 2024-12-16] (Ashampoo GmbH & Co. KG -> )
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3951024 2019-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech, Inc.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (Canon Inc. -> CANON INC.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-1330223131-1420727312-3009786275-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [5007680 2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1330223131-1420727312-3009786275-1001\...\Run: [LogiBolt] => C:\Program Files\Logi\LogiBolt\LogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech)
HKU\S-1-5-21-1330223131-1420727312-3009786275-1001\...\Run: [StickyPassword] => C:\Program Files (x86)\Sticky Password\stpass.exe [72088 2024-11-05] (Lamantine Software a.s. -> Lamantine Software a.s.)
HKU\S-1-5-21-1330223131-1420727312-3009786275-1001\...\Run: [MG_EDO_P] => C:\Program Files (x86)\MSTECH\MG Easy Desktop Organizer Basic\mgedo.exe [11593216 2024-03-22] (MSTech Global) [File not signed]
HKU\S-1-5-21-1330223131-1420727312-3009786275-1001\...\Run: [Spotify] => C:\Users\Milan\AppData\Roaming\Spotify\Spotify.exe [36280648 2025-02-02] (Spotify AB -> Spotify Ltd)
HKLM\...\Windows x64\Print Processors\Canon MG7100 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBR.DLL [30208 2013-03-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG7100 series: C:\WINDOWS\system32\CNMLMBR.DLL [391168 2013-03-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [359936 2013-01-24] (CANON INC.) [File not signed]
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {DD2C9C85-D197-41D8-ACF3-D2120E55CF81} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2024-12-18] (Adobe Inc. -> Adobe Inc.)
Task: {B6A53D88-C857-49D1-9139-B1122123B522} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [2774080 2025-03-11] (Microsoft Windows -> Microsoft Corporation)
Task: {1CFA3EC5-2700-4AA4-A4BD-419ADCCC1468} - System32\Tasks\Kerish Doctor => C:\Program Files (x86)\Kerish PC Doctor\KerishDoctor.exe [4557104 2025-01-12] (KERISH PRODUCTS LLP -> Kerish Products LLP)
Task: {029AFF26-E3A8-48CA-9282-08B91FD6AA18} - System32\Tasks\mazání souborů starších 30 dnů => C:\Users\Milan\Desktop\soubory 30.bat [84 2024-11-28] () [File not signed] <==== ATTENTION
Task: {797A8E7A-10FE-46F6-A06A-778DA2268ABA} - System32\Tasks\Microsoft\Office\Office Apps Prewarm => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [314512 2025-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {E71EB059-A18C-488D-8ED5-0D361B746458} - System32\Tasks\Microsoft\Office\Office Apps Prewarm Recurring => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [314512 2025-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {EE648BB9-E2AB-4390-8B7C-C5FD034531A9} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28895464 2025-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {4C49C6AC-C246-4795-B8E2-BC6A22D18BB3} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\opushutil.exe [67256 2025-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {46F94318-FE4E-410A-8F04-FE2E13ACCC61} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28895464 2025-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {46B41238-3DBC-4072-98DE-0300E3DEB1C9} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [314512 2025-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {7C83769A-3FDA-4F95-B801-296E08B73029} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [314512 2025-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {D9036A44-69B1-47D4-B2BE-6494DE118B97} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [197256 2025-03-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {0BF745B9-75CE-44C0-80D4-104B6D7DFF6D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpCmdRun.exe [1732816 2025-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {045B6427-6FB4-4AED-A927-C64F012FE7CF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpCmdRun.exe [1732816 2025-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F77C9EFD-6772-4C4F-AA09-5C25515841FD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpCmdRun.exe [1732816 2025-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5779A3BE-9F0C-4139-AF36-68E7310D7908} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpCmdRun.exe [1732816 2025-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EEC1DE73-E5CC-4592-834B-9C4B23EC4F86} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-1330223131-1420727312-3009786275-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [682560 2025-03-19] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {294F20F7-C439-4DD4-83FA-ED441D36BF55} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34880 2025-03-19] (Mozilla Corporation -> Mozilla Foundation)
Task: {A5A18E3E-63CD-45D1-A610-C808D121F39B} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222800 2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {15259F53-4FAA-48C2-BAE5-B72300493EA9} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1330223131-1420727312-3009786275-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222800 2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {53320AF8-58B9-4156-A14A-927CFC7BB6F8} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1330223131-1420727312-3009786275-1002 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222800 2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {C9C41BDD-7BA4-445F-8D49-A7B1D0B072DD} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1330223131-1420727312-3009786275-1003 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222800 2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {D18ACFA1-96F6-4A8F-9FA4-2241920F6315} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1330223131-1420727312-3009786275-1004 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222800 2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {931AB9D3-2C83-4088-95CD-7387C9F0FFE9} - System32\Tasks\OneDrive Startup Task-S-1-5-21-1330223131-1420727312-3009786275-1001 => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\OneDriveLauncher.exe [669528 2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {7FBC6AB6-67BD-4897-9915-8D387AF27C5F} - System32\Tasks\OneDrive Startup Task-S-1-5-21-1330223131-1420727312-3009786275-1004 => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\OneDriveLauncher.exe [669528 2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {85C99713-23D9-4FC2-AB88-9BA3717CA1D1} - System32\Tasks\Opera scheduled Autoupdate 1711231502 => C:\Users\Milan\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [5645720 2025-02-28] (Opera Norway AS -> Opera Software)
Task: {5AAD39C0-559A-4962-A881-43A2DEBDAA7A} - System32\Tasks\Spuštění => C:\Program Files\Collectorz.com\Music Collector\MusicCollector.exe [87480440 2023-08-31] (Collectorz.com B.V. -> Collectorz.com)
Task: {7C62FF67-4EF5-49D1-BBC4-044CB9AB8C75} - System32\Tasks\Uninstaller_SkipUac_Milan => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [9914736 2024-05-07] (IObit CO., LTD -> IObit) -> C:\Program Files (x86)\IObit\IObit Uninstaller\\/UninstallExplorer
Task: {42ACA3F2-2882-447F-99CC-42D1D1655F8E} - System32\Tasks\WindhawkRunUITask => C:\Program Files (x86)\Windhawk\windhawk.exe [781688 2024-08-03] (Michael Maltsev -> Ramen Software)
Task: {8E5C5773-7151-415F-BDEF-3ED10E77F161} - System32\Tasks\WindhawkUpdateTask => C:\Program Files (x86)\Windhawk\windhawk.exe [781688 2024-08-03] (Michael Maltsev -> Ramen Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 81.200.55.222 81.200.55.223
Tcpip\..\Interfaces\{e2a08bb4-c274-43c6-94a9-9f0ec9019c31}: [DhcpNameServer] 81.200.55.222 81.200.55.223
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Milan\AppData\Local\Microsoft\Edge\User Data\Default [2025-03-13]
Edge Extension: (Dokumenty Google offline) - C:\Users\Milan\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-02-26]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Edge relevant text changes) - C:\Users\Milan\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-13]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
FireFox:
========
FF DefaultProfile: wzvvobbe.default
FF ProfilePath: C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\v4g1ojmf.Nepojmenovaný-1715281350361 [2025-03-20]
FF Extension: (PocketTube: Youtube Subscription Manager) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\v4g1ojmf.Nepojmenovaný-1715281350361\Extensions\danabok16@gmail.com.xpi [2025-03-11]
FF Extension: (Imageye - Image downloader) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\v4g1ojmf.Nepojmenovaný-1715281350361\Extensions\imageye@marenauta.com.xpi [2024-05-09]
FF Extension: (MyJDownloader Browser Extension) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\v4g1ojmf.Nepojmenovaný-1715281350361\Extensions\jid1-OY8Xu5BsKZQa6A@jetpack.xpi [2025-03-07] [UpdateUrl:hxxps://my.jdownloader.org/extensions/firefox.json]
FF Extension: (visitedlinkenabler) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\v4g1ojmf.Nepojmenovaný-1715281350361\Extensions\jid1-yDnsmkBoiRtgNA@jetpack.xpi [2024-05-09]
FF Extension: (PocketTube: Youtube PlayList Manager) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\v4g1ojmf.Nepojmenovaný-1715281350361\Extensions\playlist@yousub.info.xpi [2025-03-18]
FF Extension: (S3.Translator) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\v4g1ojmf.Nepojmenovaný-1715281350361\Extensions\s3@translator.xpi [2025-03-04]
FF Extension: (Session Sync) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\v4g1ojmf.Nepojmenovaný-1715281350361\Extensions\session-sync@gabrielivanica.com.xpi [2024-05-09]
FF Extension: (uBlock Origin) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\v4g1ojmf.Nepojmenovaný-1715281350361\Extensions\uBlock0@raymondhill.net.xpi [2025-03-20]
FF Extension: (Youtube Watchmarker) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\v4g1ojmf.Nepojmenovaný-1715281350361\Extensions\yourect@coderect.com.xpi [2025-02-06]
FF Extension: (No Name) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\v4g1ojmf.Nepojmenovaný-1715281350361\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2025-03-18]
FF Extension: (Sticky Password - správce hesel) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\v4g1ojmf.Nepojmenovaný-1715281350361\Extensions\{ecb80162-dfbd-4d91-a8da-17b35ba4707a}.xpi [2025-03-19]
FF ProfilePath: C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\wzvvobbe.default [2024-05-06]
FF ProfilePath: C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\rpd2vbfa.default-release-1711223784799 [2024-06-04]
FF Extension: (PocketTube: Youtube Subscription Manager) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\rpd2vbfa.default-release-1711223784799\Extensions\danabok16@gmail.com.xpi [2024-04-25]
FF Extension: (Imageye - Image downloader) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\rpd2vbfa.default-release-1711223784799\Extensions\imageye@marenauta.com.xpi [2024-03-24]
FF Extension: (visitedlinkenabler) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\rpd2vbfa.default-release-1711223784799\Extensions\jid1-yDnsmkBoiRtgNA@jetpack.xpi [2024-04-25]
FF Extension: (PocketTube: Youtube PlayList Manager) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\rpd2vbfa.default-release-1711223784799\Extensions\playlist@yousub.info.xpi [2024-05-05]
FF Extension: (S3.Translator) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\rpd2vbfa.default-release-1711223784799\Extensions\s3@translator.xpi [2024-03-24]
FF Extension: (Session Sync) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\rpd2vbfa.default-release-1711223784799\Extensions\session-sync@gabrielivanica.com.xpi [2024-03-23]
FF Extension: (uBlock Origin) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\rpd2vbfa.default-release-1711223784799\Extensions\uBlock0@raymondhill.net.xpi [2024-04-11]
FF Extension: (Youtube Watchmarker) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\rpd2vbfa.default-release-1711223784799\Extensions\yourect@coderect.com.xpi [2024-03-24]
FF Extension: (The floret blooms fully.01) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\rpd2vbfa.default-release-1711223784799\Extensions\{9560f976-3f23-46d9-b1d5-4ac6e384fdca}.xpi [2024-03-24]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-12-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-03-06] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2019-07-02] (CANON INC.) [File not signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-12-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.20 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.21 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
Opera:
=======
OPR DefaultProfile: Default
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2024-12-18] (Adobe Inc. -> Adobe Inc.)
R2 ashbackuppb; c:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\backupService-abpb.exe [40288 2024-12-16] (Ashampoo GmbH & Co. KG -> )
R2 CdRomArbiterService; C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.2.0_x64.exe [9728 2024-04-14] (GuinpinSoft inc) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13768912 2025-03-10] (Microsoft Corporation -> Microsoft Corporation)
R3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncHelper.exe [3533648 2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [167432 2024-04-26] (IObit CO., LTD -> IObit)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpDefenderCoreService.exe [1926976 2025-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_0afec3f2050014a0\Display.NvContainer\NVDisplay.Container.exe [1275000 2024-09-15] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\25.031.0217.0003\OneDriveUpdaterService.exe [3880256 2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
R2 OptionsPlusUpdaterService; C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe [22217608 2025-03-04] (Logitech Inc -> Logitech, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\NisSrv.exe [4352456 2025-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MsMpEng.exe [270056 2025-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Windhawk; C:\Program Files (x86)\Windhawk\windhawk.exe [781688 2024-08-03] (Michael Maltsev -> Ramen Software)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 cpuz158; C:\WINDOWS\temp\cpuz158\cpuz158_x64.sys [44592 2025-03-20] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
S3 e2f68; C:\WINDOWS\System32\drivers\e2f68.sys [526184 2021-01-19] (INTELEPGSW2022 -> Intel Corporation)
R3 e2fexpress; C:\WINDOWS\System32\DriverStore\FileRepository\e2f.inf_amd64_d0d0d2073f0fc12f\e2f.sys [536160 2024-05-12] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_GPIO2_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_6f8ae740d22247ce\iaLPSS2_GPIO2_ADL.sys [141288 2024-11-15] (Intel Corporation -> Intel Corporation)
R3 IntelGNA; C:\WINDOWS\System32\DriverStore\FileRepository\gna.inf_amd64_8e2f374849f1eba9\gna.sys [90208 2024-11-15] (Intel Corporation -> Intel Corporation)
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [28240 2024-04-26] (Microsoft Windows Hardware Compatibility Publisher -> IObit)
R3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [37112 2024-04-26] (IObit Information Technology -> IObit)
R3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [36432 2024-04-26] (Microsoft Windows Hardware Compatibility Publisher -> IObit)
R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [278944 2025-03-05] (Microsoft Windows -> Microsoft Corporation)
S3 SIVDriver; C:\Windows\system32\Drivers\SIVX64.sys [208456 2024-08-28] (Microsoft Windows Hardware Compatibility Publisher -> Ray Hinchliffe)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20016 2025-03-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [601520 2025-03-05] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100768 2025-03-05] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-03-20 22:02 - 2025-03-20 22:02 - 000029572 _____ C:\Users\Milan\Desktop\FRST.txt
2025-03-20 22:01 - 2025-03-20 22:01 - 002404352 _____ (Farbar) C:\Users\Milan\Desktop\FRST64.exe
2025-03-20 21:03 - 2025-03-20 21:03 - 000677108 _____ C:\WINDOWS\system32\perfh005.dat
2025-03-20 21:03 - 2025-03-20 21:03 - 000144960 _____ C:\WINDOWS\system32\perfc005.dat
2025-03-20 17:31 - 2025-03-20 21:05 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2025-03-20 14:15 - 2025-03-20 14:15 - 000000000 ____D C:\Users\Milan\Desktop\ThReaQuee33
2025-03-20 14:14 - 2025-03-20 14:14 - 000000000 ____D C:\Users\Milan\Desktop\asicr161
2025-03-20 13:36 - 2025-03-20 14:28 - 000000000 ____D C:\Users\Milan\Desktop\Double Face Sitting
2025-03-19 23:04 - 2025-03-19 23:04 - 008523403 _____ C:\Users\Milan\Downloads\1790_20250319195502740100_prilohaMD12073_2025940_4.pdf
2025-03-19 15:04 - 2025-03-20 21:06 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-03-18 21:07 - 2025-03-18 21:07 - 001997267 _____ C:\Users\Milan\Downloads\document.pdf
2025-03-15 20:54 - 2025-03-15 20:54 - 000000000 ____D C:\Users\Milan\AppData\Local\Deployment
2025-03-15 15:31 - 2025-03-15 15:31 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2025-03-15 15:31 - 2025-03-15 15:31 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-03-14 19:51 - 2025-03-14 19:51 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2025-03-13 13:42 - 2025-03-13 13:42 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2025-03-13 13:42 - 2025-03-13 13:42 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2025-03-12 23:25 - 2025-03-12 23:25 - 000000000 ____D C:\WINDOWS\Windows.SystemToast.PresenceSensing.OnlookerDetection
2025-03-12 20:28 - 2025-03-12 20:28 - 009538802 _____ C:\Users\Milan\Downloads\1790_20250312194202320100_prilohaMD13145_2025940_4.pdf
2025-03-12 18:18 - 2025-03-12 18:18 - 001455272 _____ C:\Users\Milan\Downloads\DIO_ulice_Dlouha_142.pdf
2025-03-12 09:06 - 2025-03-20 15:11 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-03-11 21:50 - 2025-03-11 21:50 - 000070484 _____ C:\WINDOWS\SysWOW64\ctac.json
2025-03-11 21:50 - 2025-03-11 21:50 - 000070484 _____ C:\WINDOWS\system32\ctac.json
2025-03-11 18:34 - 2025-03-11 18:34 - 000776506 _____ C:\Users\Milan\Documents\IMG_20250311_0002.pdf
2025-03-11 18:31 - 2025-03-11 18:31 - 000776471 _____ C:\Users\Milan\Documents\IMG_20250311_0001.pdf
2025-03-09 20:24 - 2025-03-09 20:26 - 001358084 _____ C:\Users\Milan\Documents\IMG_20250309_0001.pdf
2025-03-05 18:23 - 2025-03-05 18:23 - 000004266 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1711231502
2025-03-05 18:23 - 2025-03-05 18:23 - 000001390 _____ C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2025-03-05 09:05 - 2025-03-05 09:06 - 000000000 ____D C:\Program Files\LogiOptionsPlus
2025-03-04 20:24 - 2025-03-04 20:24 - 000082902 _____ C:\Users\Milan\Desktop\Solen_med-200502-0009.pdf
2025-03-04 20:13 - 2025-03-04 20:13 - 000171867 _____ C:\Users\Milan\Desktop\Solen_med-201212-0006.pdf
2025-03-04 09:08 - 2025-03-12 17:28 - 000000000 ____D C:\WINDOWS\Minidump
2025-03-04 09:06 - 2025-03-20 21:05 - 000012288 ___SH C:\DumpStack.log.tmp
2025-03-03 17:36 - 2025-03-03 17:36 - 007149693 _____ C:\Users\Milan\Downloads\DIO_Tr._Osvobozeni.pdf
2025-03-03 17:36 - 2025-03-03 17:36 - 000235185 _____ C:\Users\Milan\Downloads\Opatreni_obecne_povahy.pdf
2025-02-28 23:11 - 2025-02-28 23:11 - 000000000 ____D C:\Users\Milan\Documents\Ashampoo Burning Studio 2024
2025-02-26 22:05 - 2025-02-26 22:05 - 000748326 _____ C:\Users\Milan\Downloads\MUP_obec_Solenice_MK.pdf
2025-02-24 11:21 - 2025-02-24 12:49 - 000000000 ____D C:\totalcmd
2025-02-23 20:19 - 2025-03-14 13:06 - 000000000 ____D C:\ProgramData\TEMP
2025-02-23 20:18 - 2025-03-14 13:06 - 000000000 ____D C:\Users\Milan\AppData\Roaming\VideoReDo-TVSuite6
2025-02-23 20:18 - 2025-02-23 20:20 - 000000000 ____D C:\Program Files (x86)\VideoReDoTVSuite6
2025-02-23 20:18 - 2025-02-23 20:19 - 000000000 ____D C:\Users\Milan\Documents\VideoReDo
2025-02-23 20:18 - 2025-02-23 20:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoReDo
2025-02-19 18:26 - 2025-03-20 20:25 - 000001067 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2025-02-19 18:26 - 2025-02-19 18:26 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Thunderbird
2025-02-19 18:26 - 2025-02-19 18:26 - 000000000 ____D C:\Users\Milan\AppData\Local\Thunderbird
2025-02-18 20:05 - 2025-02-18 20:05 - 000297542 _____ C:\Users\Milan\Downloads\DIO_Picin_silnice_III_11418_30km_hod_1.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-03-20 22:02 - 2024-05-11 12:38 - 000000000 ____D C:\FRST
2025-03-20 21:53 - 2025-02-02 16:12 - 000000000 ____D C:\Users\Milan\AppData\Local\Spotify
2025-03-20 21:50 - 2024-02-26 18:27 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-03-20 21:48 - 2024-06-11 17:48 - 000000000 ____D C:\Users\Milan\AppData\Roaming\foobar2000-v2
2025-03-20 21:47 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-03-20 21:24 - 2024-04-01 08:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-03-20 21:24 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-03-20 21:23 - 2025-01-29 21:13 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-03-20 21:23 - 2023-02-09 18:20 - 000000000 ____D C:\Users\Milan\AppData\Local\D3DSCache
2025-03-20 21:19 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-03-20 21:10 - 2024-06-04 17:06 - 000000000 ____D C:\ProgramData\ProductData3
2025-03-20 21:06 - 2025-02-02 16:11 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Spotify
2025-03-20 21:06 - 2025-01-29 21:17 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2025-03-20 21:06 - 2024-06-16 19:14 - 000000000 ___HD C:\OneDriveTemp
2025-03-20 21:06 - 2024-05-09 20:02 - 000001079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-03-20 21:06 - 2024-05-09 20:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-03-20 21:06 - 2024-04-28 17:16 - 000000000 ___RD C:\Users\Milan\Documents\My EDO Desktop
2025-03-20 21:06 - 2024-04-26 17:23 - 000000000 ____D C:\Users\Milan\AppData\Local\JDownloader 2.0
2025-03-20 21:06 - 2024-04-11 19:48 - 000000000 ____D C:\Users\Milan\Documents\Music Collector
2025-03-20 21:06 - 2023-02-18 10:15 - 000000000 ____D C:\Users\Milan\AppData\Local\LogiOptionsPlus
2025-03-20 21:05 - 2025-01-29 21:17 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-03-20 21:05 - 2025-01-29 21:15 - 000001022 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-03-20 21:05 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ServiceState
2025-03-20 21:05 - 2024-03-17 20:47 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2025-03-20 21:05 - 2024-02-24 17:45 - 000000000 ____D C:\Users\Milan\Documents\Sticky Passwords
2025-03-20 21:05 - 2023-03-07 17:24 - 000000000 ____D C:\Users\Milan\AppData\Local\LogiBolt
2025-03-20 21:05 - 2023-02-11 14:29 - 000000000 ____D C:\ProgramData\NVIDIA
2025-03-20 21:05 - 2023-02-09 18:21 - 000000000 ___RD C:\Users\Milan\OneDrive
2025-03-20 21:03 - 2025-01-29 21:17 - 001603798 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-03-20 21:03 - 2024-04-01 08:24 - 000000000 ____D C:\WINDOWS\INF
2025-03-20 21:02 - 2024-03-24 20:26 - 000000000 ____D C:\Users\Milan\AppData\Local\Ashampoo Backup PB
2025-03-20 21:01 - 2024-03-25 18:20 - 005661051 _____ C:\Users\Milan\Documents\youtube.xlsx
2025-03-20 21:01 - 2024-03-05 19:58 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Microsoft\Excel
2025-03-20 20:31 - 2024-06-04 17:21 - 000000000 ____D C:\Users\Milan\AppData\Roaming\XnViewMP
2025-03-20 14:00 - 2024-03-24 23:39 - 000000000 ____D C:\Users\Milan\Documents\WM & PT
2025-03-16 20:42 - 2025-02-09 11:49 - 000000000 ____D C:\Users\Milan\AppData\Roaming\LosslessCut
2025-03-16 19:10 - 2023-02-09 18:15 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-03-15 15:31 - 2025-02-06 20:40 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1330223131-1420727312-3009786275-1004
2025-03-15 15:31 - 2025-02-06 20:40 - 000003552 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-1330223131-1420727312-3009786275-1004
2025-03-15 15:31 - 2025-02-06 20:40 - 000003552 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-1330223131-1420727312-3009786275-1001
2025-03-15 15:31 - 2025-01-29 21:17 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1330223131-1420727312-3009786275-1001
2025-03-14 19:51 - 2024-06-16 16:27 - 000000000 ____D C:\Program Files\Microsoft Office
2025-03-14 13:11 - 2025-01-29 21:14 - 000000000 ____D C:\Users\Milan
2025-03-14 13:11 - 2025-01-29 21:14 - 000000000 ____D C:\Users\_ashbackuppb_
2025-03-14 13:10 - 2025-01-29 21:12 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2025-03-13 22:53 - 2023-02-09 18:20 - 000000000 ____D C:\Users\Milan\AppData\Local\Packages
2025-03-13 22:52 - 2024-03-24 11:35 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Microsoft\Word
2025-03-13 09:04 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\USOPrivate
2025-03-12 23:26 - 2025-01-29 21:13 - 000842944 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-03-12 23:26 - 2024-04-01 08:21 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2025-03-12 23:25 - 2025-01-29 21:09 - 000000000 ____D C:\WINDOWS\InboxApps
2025-03-12 23:25 - 2024-04-01 17:30 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2025-03-12 23:25 - 2024-04-01 17:30 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\system32\UNP
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\system32\F12
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ___RD C:\Program Files\Windows Defender
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\UUS
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\Provisioning
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-03-12 23:25 - 2024-04-01 08:21 - 000000000 ____D C:\WINDOWS\servicing
2025-03-11 21:50 - 2025-01-29 21:17 - 003346432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-03-11 18:34 - 2024-12-07 12:36 - 000000000 ___HD C:\ProgramData\CanonIJMIG
2025-03-09 00:10 - 2024-05-15 02:46 - 000000000 ____D C:\Users\Milan\AppData\Local\CrashDumps
2025-03-08 09:04 - 2025-01-29 21:17 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-03-08 09:04 - 2025-01-29 21:17 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-03-05 21:26 - 2023-02-09 18:14 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2025-03-05 09:06 - 2023-03-07 17:24 - 000000000 ____D C:\Program Files\Logi
2025-03-05 09:05 - 2023-02-18 10:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2025-03-01 09:46 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\NDF
2025-02-28 23:09 - 2024-03-24 20:26 - 000000000 ____D C:\Users\Milan\AppData\Local\Ashampoo
2025-02-28 12:33 - 2024-03-30 21:49 - 000000000 ____D C:\Users\Milan\AppData\Roaming\vlc
2025-02-25 22:17 - 2025-02-09 11:48 - 000000000 ____D C:\Users\Milan\Desktop\Losslesscut
2025-02-25 22:07 - 2024-02-26 15:48 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Microsoft\HTML Help
2025-02-25 18:46 - 2024-03-24 17:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView MP
2025-02-25 18:46 - 2024-03-24 17:37 - 000000000 ____D C:\Program Files\XnViewMP
==================== Files in the root of some directories ========
2025-01-14 00:05 - 2025-01-14 00:05 - 000000218 _____ () C:\Users\Milan\AppData\Local\recently-used.xbel
2024-07-05 22:06 - 2024-07-05 22:06 - 000007602 _____ () C:\Users\Milan\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-03-2025
Ran by Milan (20-03-2025 22:03:34)
Running from C:\Users\Milan\Desktop
Microsoft Windows 11 Home Version 24H2 26100.3476 (X64) (2025-01-29 20:17:18)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1330223131-1420727312-3009786275-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1330223131-1420727312-3009786275-503 - Limited - Disabled)
Guest (S-1-5-21-1330223131-1420727312-3009786275-501 - Limited - Disabled)
Milan (S-1-5-21-1330223131-1420727312-3009786275-1001 - Administrator - Enabled) => C:\Users\Milan
WDAGUtilityAccount (S-1-5-21-1330223131-1420727312-3009786275-504 - Limited - Disabled)
_ashbackuppb_ (S-1-5-21-1330223131-1420727312-3009786275-1004 - Administrator - Enabled) => C:\Users\_ashbackuppb_
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 25.001.20432 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601108}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Advanced Renamer (HKLM\...\Advanced Renamer_is1) (Version: 3.95 - Hulubulu Software)
Ashampoo Backup Pro 25 (HKLM\...\{91B33C97-4DF6-313E-7BC4-BB89CF1606D7}_is1) (Version: 25.06 - Ashampoo GmbH & Co. KG)
Ashampoo Burning Studio 2024 (HKLM-x32\...\{91B33C97-3112-6AB3-3983-6816FE1F1516}_is1) (Version: 1.25.0 - Ashampoo GmbH & Co. KG)
Attribute Changer 11.30c (HKLM\...\{27263813-8BDE-4CD2-84D3-02536743428A}_is1) (Version: 11.30c - Romain Petges)
Audials Music SE 2025 (HKLM\...\{3FCE3BDD-BADA-4B75-8D0C-C59E4AE04206}) (Version: 25.0.64.0 - Audials AG)
Audials Radio SE 2025 (HKLM\...\{67D2EDE6-6FC5-4C28-BEC9-231ECD65F761}) (Version: 25.0.64.0 - Audials AG)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG7100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG7100_series) (Version: 1.01 - Canon Inc.)
Canon MG7100 series On-screen Manual (HKLM-x32\...\Canon MG7100 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.4 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
CrystalDiskInfo 9.5.0 (HKLM\...\CrystalDiskInfo_is1) (Version: 9.5.0 - Crystal Dew World)
Deluge 2.1.1 (HKLM-x32\...\Deluge) (Version: - )
DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version: - )
EaseFab LosslessCopy (HKLM-x32\...\EaseFabLosslessCopy) (Version: 5.8.5 - EaseFab)
EaseFab Video Converter (HKLM-x32\...\EaseVideoConverter) (Version: 5.8.5 - EaseFab)
foobar2000 v2.1.5 (x64) (HKLM\...\foobar2000 (x64)) (Version: 2.1.5 - Peter Pawlowski)
HandBrake 1.7.3 (HKLM-x32\...\HandBrake) (Version: 1.7.3 - )
Icaros (HKLM\...\Icaros_is1) (Version: 3.3.2.0 - Tabibito Technology)
IObit Uninstaller 13 (HKLM-x32\...\IObitUninstall) (Version: 13.5.0.1 - IObit)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0.1 - AppWork GmbH)
Kerish PC Doctor (HKLM-x32\...\{EF70A54F-E09E-4570-8F21-C7674CDDB5B6}_is1) (Version: 4.95 - Kerish Products LLP)
LockHunter 3.4, 32/64 bit (HKLM\...\LockHunter_is1) (Version: 3.4.3.146 - Crystal Rich Ltd)
Logi Bolt (HKLM\...\LogiBolt) (Version: 1.2.6024.0 - Logi)
Logi Options+ (HKLM\...\{850cdc16-85df-4052-b06e-4e3e9e83c5c6}) (Version: 1.87.684086 - Logitech)
Logi Plugin Service (HKLM\...\{712A3B82-AEFE-406E-B0F3-38AFFCE2ACE9}) (Version: 6.0.5.21571 - Logitech)
Logitech Options (HKLM\...\LogiOptions) (Version: 9.70.68 - Logitech)
Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
MAGIX Cloud Import (HKLM\...\{84D3CED2-2EDB-46D9-984D-F654750FBC15}) (Version: 0.1.0.5 - MAGIX Software GmbH) Hidden
MAGIX Cloud Import (HKLM\...\MX.{84D3CED2-2EDB-46D9-984D-F654750FBC15}) (Version: 0.1.0.5 - MAGIX Software GmbH)
MAGIX Movie Studio (Migrate Content) (HKLM\...\{44A9D239-E67A-4334-8580-EF70B1A03C1E}) (Version: 22.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Movie Studio (Templates and effects) (HKLM-x32\...\MAGIX_GlobalContent.Video_deluxe) (Version: 1.0.0.0 - MAGIX Software GmbH)
Mahjong Carnival (HKLM-x32\...\Mahjong Carnival_is1) (Version: - ToomkyGames.com)
MakeMKV v1.17.6 (HKLM-x32\...\MakeMKV) (Version: v1.17.6 - GuinpinSoft inc)
Medieval CUE Splitter (HKLM-x32\...\{B96D2269-568B-4CBF-9332-12FAE8B158F7}) (Version: 1.2.0 - Medieval Software)
MG Easy Desktop Organizer Basic (HKLM-x32\...\{5E38A89C-35BF-44D9-AED4-19FEBDDEDE30}) (Version: 5.8.5.3190 - MSTECH GLOBAL)
Microsoft .NET Host - 6.0.36 (x64) (HKLM\...\{D6932D97-36F1-40B8-9CDC-CA8365B21000}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.16 (x64) (HKLM\...\{B8537ACA-B210-4DF5-B928-E41CEB76723D}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.36 (x64) (HKLM\...\{A9E32B25-994B-4856-A12B-0EBED3050410}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.16 (x64) (HKLM\...\{C71E93D2-B8B4-4858-B2A1-4C967DBC1C5F}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.36 (x64) (HKLM\...\{C912E33F-956A-4921-9F55-CC11AE8F09AF}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.18526.20168 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 134.0.3124.72 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 134.0.3124.72 - Microsoft Corporation) Hidden
Microsoft Office 2016 pro profesionály - cs-cz (HKLM\...\ProfessionalRetail - cs-cz) (Version: 16.0.18526.20168 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 25.031.0217.0003 - Microsoft Corporation)
Microsoft Support and Recovery Assistant (HKU\S-1-5-21-1330223131-1420727312-3009786275-1001\...\eb27b72449f9557b) (Version: 17.1.1814.0 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.24.14501 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.42.34433 (HKLM-x32\...\{804e7d66-ccc2-4c12-84ba-476da31d103d}) (Version: 14.42.34433.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.42.34433 (HKLM-x32\...\{e7802eac-3305-4da0-9378-e55d1ed05518}) (Version: 14.42.34433.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.42.34433 (HKLM\...\{E1902FC6-C423-4719-AB8A-AC7B2694B367}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.42.34433 (HKLM\...\{382F1166-A409-4C5B-9B1E-85ED538B8291}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.42.34433 (HKLM-x32\...\{84E3E712-6343-484B-8B6C-9F145F019A70}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.42.34433 (HKLM-x32\...\{C2BB95AA-90F3-4891-81C1-A7E565BB836C}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.16 (x64) (HKLM\...\{805626FF-2BC9-4567-A71E-A76A470D000A}) (Version: 48.67.58484 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.16 (x64) (HKLM-x32\...\{8d173101-98c1-4e92-97c6-47c6840745a7}) (Version: 6.0.16.32327 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.36 (x64) (HKLM\...\{61D4736B-3325-4D4A-BD41-8BD206C6A86E}) (Version: 48.144.23186 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.36 (x64) (HKLM-x32\...\{0532b8f2-12d7-43de-95fc-7b87006758a8}) (Version: 6.0.36.34217 - Microsoft Corporation)
MKVToolNix 83.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 83.0.0 - Moritz Bunkus)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 136.0.2 (x64 cs)) (Version: 136.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 128.7.1 - Mozilla)
Mozilla Thunderbird (x64 cs) (HKLM\...\Mozilla Thunderbird 128.8.1 (x64 cs)) (Version: 128.8.1 - Mozilla)
Mp3tag v3.25 (HKLM\...\Mp3tag) (Version: 3.25 - Florian Heidenreich)
Mp3tag v3.28 (HKLM-x32\...\Mp3tag) (Version: 3.28 - Florian Heidenreich)
Music Collector (HKLM\...\{8CDFF5D2-89BF-4391-9D20-7D95C88DC98C}_is1) (Version: - Collectorz.com)
NVIDIA Ovladače grafiky 560.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 560.94 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.18526.20168 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.18526.20168 - Microsoft Corporation) Hidden
Opera Stable 117.0.5408.53 (HKU\S-1-5-21-1330223131-1420727312-3009786275-1001\...\Opera 117.0.5408.53) (Version: 117.0.5408.53 - Opera Software)
Registrace uživatele zařízení Canon MG7100 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG7100 series) (Version: - Canon Inc.)
SDÍLEJ.CZ Manager (HKU\S-1-5-21-1330223131-1420727312-3009786275-1001\...\69f070f18ade444c) (Version: 0.0.1.42 - SDÍLEJ.CZ)
Spotify (HKU\S-1-5-21-1330223131-1420727312-3009786275-1001\...\Spotify) (Version: 1.2.56.502.ga68d2d4f - Spotify AB)
Sticky Password (HKLM-x32\...\Sticky Password_is1) (Version: 8.8.6.1987 - Lamantine Software)
tinyMediaManager 5.0.13 (HKU\S-1-5-21-1330223131-1420727312-3009786275-1001\...\{DA6AE47C-B91D-4C9D-A582-9B8DD433256C}_is1) (Version: 5.0.13 - Manuel Laggner)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 11.51 - Ghisler Software GmbH)
VideoReDo TVSuite Version 6.63.7.836 (HKLM-x32\...\VideoReDo6_is1) (Version: - DRD Systems, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.21 - VideoLAN)
Windhawk v1.5.1 (HKLM-x32\...\Windhawk) (Version: 1.5.1 - Ramen Software)
WinRAR 7.10 beta 2 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.10.2 - win.rar GmbH)
XnView MP (x64) (HKLM\...\XnView MP (x64)_is1) (Version: 1.8.6.0 - Pierre-e Gougelet)
Packages:
=========
DuckDuckGo -> C:\Program Files\WindowsApps\DuckDuckGo.DesktopBrowser_0.104.4.0_x64__ya2fgkz3nks94 [2025-03-19] (DuckDuckGo) [Startup Task]
Free Countdown Timer -> C:\Program Files\WindowsApps\ComfortSoftwareGroup.619107C5A9A29_5.3.0.0_x64__2tsmkga83t66w [2025-02-11] (Comfort Software Group) [Startup Task]
Free Duplicate Finder - Videos and Photos -> C:\Program Files\WindowsApps\37309CoolLeGetInc.FreeDuplicateFinder-VideosandPho_2.0.9.0_x64__g0y9d13zmhd68 [2024-12-27] (CoolLeGet Inc)
Microsoft Clipchamp -> C:\Program Files\WindowsApps\Clipchamp.Clipchamp_4.0.10820.0_x64__yxz26nhyzhsrt [2025-03-07] (Microsoft Corp.)
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2503.14002.0_x64__8wekyb3d8bbwe [2025-03-20] (Microsoft Corporation) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2024-11-13] (Microsoft Corp.)
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_4.6.12100.0_x64__8wekyb3d8bbwe [2025-01-23] (Microsoft Studios)
Microsoft.StartExperiencesApp -> C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.282.0_x64__8wekyb3d8bbwe [2025-03-12] (Microsoft Corporation)
Mp3tag -> C:\Program Files (x86)\Mp3tag [2024-12-27] (Florian Heidenreich)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.967.0_x64__56jybvy8sckqj [2025-01-29] (NVIDIA Corp.)
OfficePushNotificationsUtility -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE16 [2025-03-15] ()
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.52.354.0_x64__dt26b99r8h8gj [2025-01-31] (Realtek Semiconductor Corp)
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.373.1736.0_x64__8wekyb3d8bbwe [2025-01-23] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_6000.424.1611.0_x64__8wekyb3d8bbwe [2025-03-19] (Microsoft Corp.)
WinRAR -> C:\Program Files\WinRAR [2024-12-07] (win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1330223131-1420727312-3009786275-1001_Classes\CLSID\{04271989-C4D2-6060-A52B-D5AEB5C3D2F1} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-1330223131-1420727312-3009786275-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-1330223131-1420727312-3009786275-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Milan\AppData\Local\Microsoft\TeamsMeetingAdd-in\1.24.14501\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1330223131-1420727312-3009786275-1001_Classes\CLSID\{1a46400f-4c81-802a-c2c1-1e9a687a9340}\localserver32 -> C:\Program Files\HandBrake\HandBrake.exe (HandBrake Team) [File not signed]
CustomCLSID: HKU\S-1-5-21-1330223131-1420727312-3009786275-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-1330223131-1420727312-3009786275-1001_Classes\CLSID\{86ca1aa0-34aa-4e8b-a509-50c905bae2a2}\InprocServer32 -> => No File
CustomCLSID: HKU\S-1-5-21-1330223131-1420727312-3009786275-1001_Classes\CLSID\{E7D85F24-A5C2-4940-978E-9EB4AD1E8587}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll (Mozilla Corporation -> Mozilla Foundation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1-x32: [ARenGUID_ContextMenuEntry] -> {E30FF514-33BF-4C2F-A3BD-83C26DC7325C} => C:\Program Files\Advanced Renamer\arencm.dll [2014-04-04] (Kim Jensen) [File not signed]
ContextMenuHandlers1: [ARenGUID_ContextMenuEntry64] -> {85EF5100-D10C-11E1-82EF-B60A140DCD93} => C:\Program Files\Advanced Renamer\arencm64.dll [2014-11-29] (Kim Jensen) [File not signed]
ContextMenuHandlers1: [EdoShellEx] -> {106eb2af-e41c-3d77-8b72-618781a1a8e4} => C:\Program Files (x86)\MSTECH\MG Easy Desktop Organizer Basic\mgshellex.DLL [2024-03-22] (MSTech Global) [File not signed] [File is in use]
ContextMenuHandlers1: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2024-04-26] (IObit CO., LTD -> IObit)
ContextMenuHandlers1: [IXnView] -> {A5D35F9F-6A11-4EAA-B70B-7BB6FE32663A} => C:\Program Files\XnViewMP\XnViewShellExt64.dll [2024-11-25] (Pierre GOUGELET -> )
ContextMenuHandlers1: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2021-06-24] (Crystal Rich Ltd -> Crystal Rich Ltd)
ContextMenuHandlers2: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2021-06-24] (Crystal Rich Ltd -> Crystal Rich Ltd)
ContextMenuHandlers3: [ACShell] -> {D3F9A525-8824-497A-BE36-B23E22F141FC} => C:\Program Files\Attribute Changer\acshell.dll [2024-10-15] (Romain Petges) [File not signed]
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4-x32: [ARenGUID_ContextMenuEntry] -> {E30FF514-33BF-4C2F-A3BD-83C26DC7325C} => C:\Program Files\Advanced Renamer\arencm.dll [2014-04-04] (Kim Jensen) [File not signed]
ContextMenuHandlers4: [ARenGUID_ContextMenuEntry64] -> {85EF5100-D10C-11E1-82EF-B60A140DCD93} => C:\Program Files\Advanced Renamer\arencm64.dll [2014-11-29] (Kim Jensen) [File not signed]
ContextMenuHandlers4: [EdoShellEx] -> {106eb2af-e41c-3d77-8b72-618781a1a8e4} => C:\Program Files (x86)\MSTECH\MG Easy Desktop Organizer Basic\mgshellex.DLL [2024-03-22] (MSTech Global) [File not signed] [File is in use]
ContextMenuHandlers4: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2024-04-26] (IObit CO., LTD -> IObit)
ContextMenuHandlers4: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2021-06-24] (Crystal Rich Ltd -> Crystal Rich Ltd)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [EdoShellEx] -> {106eb2af-e41c-3d77-8b72-618781a1a8e4} => C:\Program Files (x86)\MSTECH\MG Easy Desktop Organizer Basic\mgshellex.DLL [2024-03-22] (MSTech Global) [File not signed] [File is in use]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_0afec3f2050014a0\nvshext.dll [2024-09-15] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2024-04-26] (IObit CO., LTD -> IObit)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2024-10-07 19:19 - 2024-07-26 12:17 - 002011648 _____ () [File not signed] C:\ProgramData\Windhawk\Engine\Mods\64\libc++.dll
2024-10-07 19:19 - 2024-07-26 12:17 - 000217600 _____ () [File not signed] C:\ProgramData\Windhawk\Engine\Mods\64\libunwind.dll
2024-12-08 20:24 - 2024-12-08 20:24 - 000173056 _____ () [File not signed] C:\ProgramData\Windhawk\Engine\Mods\64\taskbar-grouping_1.3.7_536176.dll
2024-12-08 20:16 - 2024-12-08 20:16 - 000234496 _____ () [File not signed] C:\ProgramData\Windhawk\Engine\Mods\64\taskbar-icon-size_1.2.16_723722.dll
2024-12-08 20:44 - 2024-12-08 20:44 - 000271872 _____ () [File not signed] C:\ProgramData\Windhawk\Engine\Mods\64\taskbar-labels_1.3.3_712919.dll
2025-03-20 21:06 - 2025-03-20 21:06 - 004193064 _____ () [File not signed] C:\Users\Milan\AppData\Local\JDownloader 2.0\tmp\7zip\SevenZipJBinding-Do9iQmsMdyfO\lib7-Zip-JBinding.dll
2024-05-06 20:54 - 2023-08-02 09:59 - 000594432 _____ (CANON INC.) [File not signed] [File is in use] C:\Program Files (x86)\Canon\Quick Menu\CNQMMWRP.dll
2024-05-06 21:41 - 2013-02-19 15:37 - 000008192 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_CSY.DLL
2024-05-06 21:41 - 2013-02-19 15:36 - 000307200 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_IMG.dll
2024-05-06 20:54 - 2017-07-05 12:43 - 000561152 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\Quick Menu\CCL.dll
2024-05-06 20:54 - 2013-01-24 15:24 - 000359936 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2025-03-20 21:06 - 2025-03-20 21:06 - 000211456 ____N (Java(TM) Native Access (JNA)) [File not signed] C:\Users\Milan\AppData\Local\JDownloader 2.0\tmp\jna\jna3645521907879055237.dll
2024-06-11 20:32 - 2014-11-29 21:55 - 000656896 _____ (Kim Jensen) [File not signed] C:\Program Files\Advanced Renamer\arencm64.dll
2024-06-16 18:06 - 2024-06-16 18:06 - 000126976 ____N (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\UpdatePolicyScenarioReliabilityAggregator.dll
2025-02-09 11:05 - 2024-10-15 18:00 - 000638976 _____ (Romain Petges) [File not signed] C:\Program Files\Attribute Changer\acshell.dll
2025-01-20 23:51 - 2018-06-27 09:58 - 002135040 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\ash_libcurl.dll
2025-01-20 23:51 - 2024-12-12 11:38 - 000436736 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\libcurl.dll
2025-01-20 23:51 - 2024-12-12 10:49 - 003469824 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\libcrypto-1_1-x64.dll
2025-01-20 23:51 - 2024-12-12 10:49 - 000692224 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\libssl-1_1-x64.dll
2025-01-20 23:51 - 2024-12-12 10:49 - 000150528 _____ (wxWidgets development team) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\wxbase310u_net_vc_ox.dll
2025-01-20 23:51 - 2024-12-12 10:49 - 002107392 _____ (wxWidgets development team) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\wxbase310u_vc_ox.dll
2025-01-20 23:51 - 2024-12-12 10:49 - 000168448 _____ (wxWidgets development team) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\wxbase310u_xml_vc_ox.dll
2025-01-20 23:51 - 2024-12-12 10:49 - 001379328 _____ (wxWidgets development team) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\wxmsw310u_adv_vc_ox.dll
2025-01-20 23:51 - 2024-12-12 10:49 - 004959232 _____ (wxWidgets development team) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\wxmsw310u_core_vc_ox.dll
2025-01-20 23:51 - 2024-12-12 10:49 - 000644608 _____ (wxWidgets development team) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\wxmsw310u_html_vc_ox.dll
2025-01-20 23:51 - 2024-12-12 10:49 - 000108032 _____ (wxWidgets development team) [File not signed] C:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\wxmsw310u_webview_vc_ox.dll
2025-01-20 23:51 - 2024-12-12 10:49 - 000764928 _____ (wxWidgets development team) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\wxmsw310u_xrc_vc_ox.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\OneDriveTemp:{44004F00-6900-6B00-4700-430062004400} [1004]
AlternateDataStreams: C:\ProgramData\TEMP:0888F409 [143]
AlternateDataStreams: C:\ProgramData\TEMP:3440EB47 [141]
AlternateDataStreams: C:\ProgramData\TEMP:66633281 [152]
AlternateDataStreams: C:\ProgramData\TEMP:93433455 [158]
AlternateDataStreams: C:\ProgramData\TEMP:EFDFF94D [346]
AlternateDataStreams: C:\Users\Milan\Documents\Music Collector:{32007700-6C00-5A00-7800-670076006200} [216]
AlternateDataStreams: C:\Users\Milan\Documents\Music Collector:{44004F00-6900-6B00-4700-430062004400} [1004]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1330223131-1420727312-3009786275-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2024-04-26] (IObit CO., LTD -> IObit)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-12-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-03-08] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2022-05-07 06:24 - 2022-05-07 06:22 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1330223131-1420727312-3009786275-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-1330223131-1420727312-3009786275-1004\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 81.200.55.222 - 81.200.55.223
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: Intel(R) Ethernet Controller (3) I225-V -> e2f.sys
Síťové připojení Bluetooth 4: Bluetooth Device (Personal Area Network) #4 -> bthpan.sys
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{43888747-89E3-4805-9EFF-43B0E2AAB832}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{FB6423D3-FB0F-4E67-8133-56F1B6C06FE2}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{E68D1D24-E523-4761-B498-B4B3FDCF5E26}] => (Allow) C:\Program Files\Common Files\MAGIX Services\MxCloudSync\MxCloudSync.exe (MAGIX Software GmbH -> MAGIX)
FirewallRules: [{D97E2971-7A3C-4950-BE60-49B8689EF39B}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe (Lamantine Software a.s. -> Lamantine Software a.s.)
FirewallRules: [{6DB8CF11-4DC1-43CF-93D9-A45306CC2E8B}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe (Lamantine Software a.s. -> Lamantine Software a.s.)
FirewallRules: [{1CC9BD7D-BC94-4ACA-9753-A3BD617ECEB4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FDE1F63A-D549-41A0-B356-10E589866DF7}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24193.1904.3031.6050_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8021A966-C408-45CE-9DB6-50FCD2EFC74B}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24193.1904.3031.6050_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{1EEB9DB7-32CB-4988-9034-6C43CC797E52}C:\program files\deluge\deluge.exe] => (Allow) C:\program files\deluge\deluge.exe () [File not signed]
FirewallRules: [TCP Query User{649DA3C0-FAFF-47AB-9D6B-7F54FFF390A3}C:\program files\deluge\deluge.exe] => (Allow) C:\program files\deluge\deluge.exe () [File not signed]
FirewallRules: [{1F60E86A-69FF-43C2-9D43-32FD70A89BF4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B187E00C-E90F-4B0E-9E51-D71D42A731FC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{48DD536A-1A30-427F-9E3C-F4594B2DEA04}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{67BAB162-8430-4592-854D-69F44353C85D}] => (Allow) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{DE8CD9A6-C4C6-413B-B61F-E0F481FEC025}] => (Allow) C:\Program Files\Audials\RadioEdition 2025\Audials.exe (Audials AG -> Audials AG)
FirewallRules: [{BB4EFBC5-7C55-4201-AB18-ED9D9BABFEC7}] => (Allow) LPort=12972
FirewallRules: [{A8A1C8B2-915B-4BE8-9FE8-FF2444C824DC}] => (Allow) LPort=14714
FirewallRules: [{5E2715C4-1531-4FB4-AA63-2BBC09E66C50}] => (Allow) LPort=31931
FirewallRules: [{4EEB0DC7-DBA5-4DC8-9D0E-3DF82F342E33}] => (Allow) C:\Program Files\Audials\MusicEdition 2025\Audials.exe (Audials AG -> Audials AG)
FirewallRules: [TCP Query User{ADDB913D-C625-4518-AA18-9F86D454E9F7}C:\users\milan\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\milan\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{808A79DF-1254-4EB2-8EF9-CCE1C1FF6F8E}C:\users\milan\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\milan\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{79411591-30C8-4D35-9A80-AE525D493EB3}C:\users\milan\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\milan\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{E3010F74-FB47-4676-AF58-71F48390EF84}C:\users\milan\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\milan\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DD77B8FC-8531-4F42-B90C-335C702F8449}] => (Allow) C:\Program Files\Logi\LogiPluginService\LogiPluginService.exe (LoupeDeck Oy -> Logitech)
FirewallRules: [{CC84519C-7713-4974-8582-68700A9F3A61}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\134.0.3124.72\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0B9F1CAE-64EE-49AF-A4FF-707960E90676}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25060.205.3499.6849_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{97B7EA4A-385C-4119-928D-14196C41CFA7}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25060.205.3499.6849_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1B2F7382-C208-4E7B-B2BD-CAA4EC3BC4BD}] => (Allow) C:\Program Files\WindowsApps\DuckDuckGo.DesktopBrowser_0.104.4.0_x64__ya2fgkz3nks94\WindowsBrowser\WebView2\msedgewebview2.exe (Duck Duck Go, Inc. -> Microsoft Corporation)
FirewallRules: [{DE6FD5C8-A6CD-41F4-8331-D710DAD189AC}] => (Allow) C:\Program Files\WindowsApps\DuckDuckGo.DesktopBrowser_0.104.4.0_x64__ya2fgkz3nks94\WindowsBrowser\WebView2\msedgewebview2.exe (Duck Duck Go, Inc. -> Microsoft Corporation)
==================== Restore Points =========================
18-03-2025 21:30:50 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (03/20/2025 09:05:51 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: DESKTOP-4G0UFJU)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).
Error: (03/20/2025 09:03:24 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..
Error: (03/20/2025 09:03:24 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]
Error: (03/20/2025 08:59:02 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: Verze 2.0.0.3 programu JDownloader2.exe ukončila interakci se systémem Windows a byla ukončena. Pokud chcete zjistit, zda jsou k dispozici další informace o problému, zkontrolujte historii problémů v ovládacím panelu Zabezpečení a údržba.
Error: (03/14/2025 01:11:32 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: DESKTOP-4G0UFJU)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).
Error: (03/14/2025 01:08:54 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: Verze 23.1.0.1 programu MusicCollector.exe ukončila interakci se systémem Windows a byla ukončena. Pokud chcete zjistit, zda jsou k dispozici další informace o problému, zkontrolujte historii problémů v ovládacím panelu Zabezpečení a údržba.
Error: (03/14/2025 01:07:48 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: Verze 83.0.0.0 programu mkvtoolnix-gui.exe ukončila interakci se systémem Windows a byla ukončena. Pokud chcete zjistit, zda jsou k dispozici další informace o problému, zkontrolujte historii problémů v ovládacím panelu Zabezpečení a údržba.
Error: (03/12/2025 11:27:30 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: DESKTOP-4G0UFJU)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).
System errors:
=============
Error: (03/20/2025 10:02:44 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou 192.168.0.186.
Počítač s IP adresou 192.168.0.196 nepovolil získání názvu
tímto počítačem.
Error: (03/20/2025 09:57:34 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou 192.168.0.186.
Počítač s IP adresou 192.168.0.196 nepovolil získání názvu
tímto počítačem.
Error: (03/20/2025 09:52:21 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou 192.168.0.186.
Počítač s IP adresou 192.168.0.196 nepovolil získání názvu
tímto počítačem.
Error: (03/20/2025 09:47:11 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou 192.168.0.186.
Počítač s IP adresou 192.168.0.196 nepovolil získání názvu
tímto počítačem.
Error: (03/20/2025 09:42:01 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou 192.168.0.186.
Počítač s IP adresou 192.168.0.196 nepovolil získání názvu
tímto počítačem.
Error: (03/20/2025 09:36:51 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou 192.168.0.186.
Počítač s IP adresou 192.168.0.196 nepovolil získání názvu
tímto počítačem.
Error: (03/20/2025 09:31:41 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou 192.168.0.186.
Počítač s IP adresou 192.168.0.196 nepovolil získání názvu
tímto počítačem.
Error: (03/20/2025 09:26:31 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou 192.168.0.186.
Počítač s IP adresou 192.168.0.196 nepovolil získání názvu
tímto počítačem.
Windows Defender:
================
Date: 2025-03-20 00:04:30
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-03-18 21:45:32
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-03-18 09:15:31
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-03-16 21:57:05
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-03-16 00:29:22
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
CodeIntegrity:
===============
Date: 2025-03-20 21:06:16
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\WindowsApps\DuckDuckGo.DesktopBrowser_0.104.4.0_x64__ya2fgkz3nks94\WindowsBrowser\WebView2\msedgewebview2.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Windhawk\Engine\1.5.1\64\windhawk.dll that did not meet the Microsoft signing level requirements.
Date: 2025-03-20 21:06:15
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\EdgeWebView\Application\134.0.3124.72\msedgewebview2.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Windhawk\Engine\1.5.1\64\windhawk.dll that did not meet the Microsoft signing level requirements.
Date: 2025-03-20 21:05:35
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Windhawk\Engine\1.5.1\64\windhawk.dll that did not meet the Microsoft signing level requirements.
Date: 2025-03-20 09:14:48
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Windhawk\Engine\1.5.1\64\windhawk.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends International, LLC. 1.20 02/24/2022
Motherboard: Micro-Star International Co., Ltd. PRO Z690-A DDR4(MS-7D25)
Processor: 12th Gen Intel(R) Core(TM) i5-12400F
Percentage of memory in use: 55%
Total physical RAM: 16243.87 MB
Available physical RAM: 7172.5 MB
Total Virtual: 28531.87 MB
Available Virtual: 15838.95 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.71 GB) (Free:766.92 GB) (Model: Samsung SSD 980 PRO 1TB) NTFS
Drive e: (Data) (Fixed) (Total:1863 GB) (Free:1059.32 GB) (Model: KINGSTON SNV2S2000G) NTFS
Drive f: (Hudba) (Fixed) (Total:931.51 GB) (Free:267.13 GB) (Model: WDC WDS100T2B0A-00SM50) NTFS
Drive g: (HOPPY LABEL) (Fixed) (Total:596.17 GB) (Free:596.01 GB) (Model: WD 6400AAV External USB Device) NTFS
Drive i: (Záloha) (Fixed) (Total:3725.9 GB) (Free:3724.61 GB) (Model: CT4000P3 SSD8 SCSI Disk Device) NTFS
\\?\Volume{a98bb4c8-c399-44ed-8b5c-fcdafea5d897}\ () (Fixed) (Total:0.69 GB) (Free:0.15 GB) NTFS
\\?\Volume{9d60c426-e1a7-4ca9-90aa-37581c31cb96}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 456D789A)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 2 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 3 (Size: 596.2 GB) (Disk ID: 060F38E2)
Partition 1: (Not Active) - (Size=596.2 GB) - (Type=07 NTFS)
==========================================================
Disk: 4 (Size: 3726 GB) (Disk ID: 88A4B328)
Partition: GPT.
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivní kontrola
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119309
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivní kontrola
Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
C:\DumpStack.log.tmp
C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
CustomCLSID: HKU\S-1-5-21-1330223131-1420727312-3009786275-1001_Classes\CLSID\{86ca1aa0-34aa-4e8b-a509-50c905bae2a2}\InprocServer32 -> => No File
AlternateDataStreams: C:\OneDriveTemp:{44004F00-6900-6B00-4700-430062004400} [1004]
AlternateDataStreams: C:\ProgramData\TEMP:0888F409 [143]
AlternateDataStreams: C:\ProgramData\TEMP:3440EB47 [141]
AlternateDataStreams: C:\ProgramData\TEMP:66633281 [152]
AlternateDataStreams: C:\ProgramData\TEMP:93433455 [158]
AlternateDataStreams: C:\ProgramData\TEMP:EFDFF94D [346]
AlternateDataStreams: C:\Users\Milan\Documents\Music Collector:{32007700-6C00-5A00-7800-670076006200} [216]
AlternateDataStreams: C:\Users\Milan\Documents\Music Collector:{44004F00-6900-6B00-4700-430062004400} [1004]
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Preventivní kontrola
Fix result of Farbar Recovery Scan Tool (x64) Version: 18-03-2025
Ran by Milan (21-03-2025 11:31:36) Run:1
Running from C:\Users\Milan\Desktop
Loaded Profiles: Milan & _ashbackuppb_
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
C:\DumpStack.log.tmp
C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
CustomCLSID: HKU\S-1-5-21-1330223131-1420727312-3009786275-1001_Classes\CLSID\{86ca1aa0-34aa-4e8b-a509-50c905bae2a2}\InprocServer32 -> => No File
AlternateDataStreams: C:\OneDriveTemp:{44004F00-6900-6B00-4700-430062004400} [1004]
AlternateDataStreams: C:\ProgramData\TEMP:0888F409 [143]
AlternateDataStreams: C:\ProgramData\TEMP:3440EB47 [141]
AlternateDataStreams: C:\ProgramData\TEMP:66633281 [152]
AlternateDataStreams: C:\ProgramData\TEMP:93433455 [158]
AlternateDataStreams: C:\ProgramData\TEMP:EFDFF94D [346]
AlternateDataStreams: C:\Users\Milan\Documents\Music Collector:{32007700-6C00-5A00-7800-670076006200} [216]
AlternateDataStreams: C:\Users\Milan\Documents\Music Collector:{44004F00-6900-6B00-4700-430062004400} [1004]
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
Could not move "C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2" => Scheduled to move on reboot.
HKU\S-1-5-21-1330223131-1420727312-3009786275-1001_Classes\CLSID\{86ca1aa0-34aa-4e8b-a509-50c905bae2a2} => removed successfully
C:\OneDriveTemp => ":{44004F00-6900-6B00-4700-430062004400}" ADS removed successfully
C:\ProgramData\TEMP => ":0888F409" ADS removed successfully
C:\ProgramData\TEMP => ":3440EB47" ADS removed successfully
C:\ProgramData\TEMP => ":66633281" ADS removed successfully
C:\ProgramData\TEMP => ":93433455" ADS removed successfully
C:\ProgramData\TEMP => ":EFDFF94D" ADS removed successfully
C:\Users\Milan\Documents\Music Collector => ":{32007700-6C00-5A00-7800-670076006200}" ADS removed successfully
C:\Users\Milan\Documents\Music Collector => ":{44004F00-6900-6B00-4700-430062004400}" ADS removed successfully
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 337153919 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 7355097 B
Edge => 0 B
Firefox => 6232527683 B
Opera => 1416728 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 74 B
systemprofile32 => 74 B
LocalService => 4416 B
NetworkService => 59404 B
Milan => 710959919 B
_ashbackuppb_ => 710975916 B
RecycleBin => 1311541251 B
EmptyTemp: => 8.7 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 21-03-2025 11:34:59)
C:\DumpStack.log.tmp => Could not move
C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2 => Could not move
==== End of Fixlog 11:34:59 ====
Ran by Milan (21-03-2025 11:31:36) Run:1
Running from C:\Users\Milan\Desktop
Loaded Profiles: Milan & _ashbackuppb_
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
C:\DumpStack.log.tmp
C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
CustomCLSID: HKU\S-1-5-21-1330223131-1420727312-3009786275-1001_Classes\CLSID\{86ca1aa0-34aa-4e8b-a509-50c905bae2a2}\InprocServer32 -> => No File
AlternateDataStreams: C:\OneDriveTemp:{44004F00-6900-6B00-4700-430062004400} [1004]
AlternateDataStreams: C:\ProgramData\TEMP:0888F409 [143]
AlternateDataStreams: C:\ProgramData\TEMP:3440EB47 [141]
AlternateDataStreams: C:\ProgramData\TEMP:66633281 [152]
AlternateDataStreams: C:\ProgramData\TEMP:93433455 [158]
AlternateDataStreams: C:\ProgramData\TEMP:EFDFF94D [346]
AlternateDataStreams: C:\Users\Milan\Documents\Music Collector:{32007700-6C00-5A00-7800-670076006200} [216]
AlternateDataStreams: C:\Users\Milan\Documents\Music Collector:{44004F00-6900-6B00-4700-430062004400} [1004]
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
Could not move "C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2" => Scheduled to move on reboot.
HKU\S-1-5-21-1330223131-1420727312-3009786275-1001_Classes\CLSID\{86ca1aa0-34aa-4e8b-a509-50c905bae2a2} => removed successfully
C:\OneDriveTemp => ":{44004F00-6900-6B00-4700-430062004400}" ADS removed successfully
C:\ProgramData\TEMP => ":0888F409" ADS removed successfully
C:\ProgramData\TEMP => ":3440EB47" ADS removed successfully
C:\ProgramData\TEMP => ":66633281" ADS removed successfully
C:\ProgramData\TEMP => ":93433455" ADS removed successfully
C:\ProgramData\TEMP => ":EFDFF94D" ADS removed successfully
C:\Users\Milan\Documents\Music Collector => ":{32007700-6C00-5A00-7800-670076006200}" ADS removed successfully
C:\Users\Milan\Documents\Music Collector => ":{44004F00-6900-6B00-4700-430062004400}" ADS removed successfully
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 337153919 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 7355097 B
Edge => 0 B
Firefox => 6232527683 B
Opera => 1416728 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 74 B
systemprofile32 => 74 B
LocalService => 4416 B
NetworkService => 59404 B
Milan => 710959919 B
_ashbackuppb_ => 710975916 B
RecycleBin => 1311541251 B
EmptyTemp: => 8.7 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 21-03-2025 11:34:59)
C:\DumpStack.log.tmp => Could not move
C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2 => Could not move
==== End of Fixlog 11:34:59 ====
-
Rudy
- Site Admin
- Příspěvky: 119309
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivní kontrola
Smazáno, log by již měl být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?