Preventivní kontrola
Napsal: 20 bře 2025 22:10
Zdravím,
moc prosím o preventivní kontrolu. Děkuji.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-03-2025
Ran by Milan (administrator) on DESKTOP-4G0UFJU (Micro-Star International Co., Ltd. MS-7D25) (20-03-2025 22:02:19)
Running from C:\Users\Milan\Desktop\FRST64.exe
Loaded Profiles: Milan & _ashbackuppb_
Platform: Microsoft Windows 11 Home Version 24H2 26100.3476 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE ->) (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files (x86)\Kerish PC Doctor\KerishDoctor.exe ->) (KERISH PRODUCTS LLP -> Kerish Products LLP) C:\ProgramData\Kerish Products\Kerish Doctor\Database\KerishHardMon.exe
(C:\Program Files (x86)\Sticky Password\stpass.exe ->) (Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spUIAManager.exe
(C:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\backupService-abpb.exe ->) (Ashampoo GmbH & Co. KG -> ) C:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\oxHelper.exe <2>
(C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_appbroker.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe
(C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
(C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(C:\Program Files\Mozilla Firefox\firefox.exe ->) (Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spNMHost.exe
(C:\Program Files\WindowsApps\DuckDuckGo.DesktopBrowser_0.104.4.0_x64__ya2fgkz3nks94\WindowsBrowser\DuckDuckGo.exe ->) (Duck Duck Go, Inc. -> Microsoft Corporation) C:\Program Files\WindowsApps\DuckDuckGo.DesktopBrowser_0.104.4.0_x64__ya2fgkz3nks94\WindowsBrowser\WebView2\msedgewebview2.exe <6>
(C:\Program Files\WindowsApps\MSTeams_25060.205.3499.6849_x64__8wekyb3d8bbwe\ms-teams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\134.0.3124.72\msedgewebview2.exe <6>
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(explorer.exe ->) (Appwork GmbH -> AppWork GmbH) C:\Users\Milan\AppData\Local\JDownloader 2.0\JDownloader2.exe
(explorer.exe ->) (Ashampoo GmbH & Co. KG -> ) C:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\backupClient-abpb.exe
(explorer.exe ->) (Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\stpass.exe
(explorer.exe ->) (Logitech Inc -> Logitech) C:\Program Files\Logi\LogiBolt\LogiBolt.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MSTeams_25060.205.3499.6849_x64__8wekyb3d8bbwe\ms-teams.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <19>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Ashampoo GmbH & Co. KG -> ) C:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\backupService-abpb.exe
(services.exe ->) (GuinpinSoft inc) [File not signed] C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.2.0_x64.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_8a3f88e34f6b8385\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_c93fab790f948e12\WMIRegistrationService.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncHelper.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\NisSrv.exe
(services.exe ->) (Michael Maltsev -> Ramen Software) C:\Program Files (x86)\Windhawk\windhawk.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_0afec3f2050014a0\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_434f4faf6aa034b3\RtkAudUService64.exe <2>
(sihost.exe ->) (935AB26D-5E35-464D-9BB5-C3326ED6FB1E -> Comfort Software Group) C:\Program Files\WindowsApps\ComfortSoftwareGroup.619107C5A9A29_5.3.0.0_x64__2tsmkga83t66w\FreeCountdownTimer.exe
(sihost.exe ->) (Duck Duck Go, Inc. -> DuckDuckGo) C:\Program Files\WindowsApps\DuckDuckGo.DesktopBrowser_0.104.4.0_x64__ya2fgkz3nks94\WindowsBrowser\DuckDuckGo.exe
(svchost.exe ->) (KERISH PRODUCTS LLP -> Kerish Products LLP) C:\Program Files (x86)\Kerish PC Doctor\KerishDoctor.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation) [File not signed] E:\WindowsApps\Microsoft.WidgetsPlatformRuntime_1.6.8.0_x64__8wekyb3d8bbwe\WidgetService\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_434f4faf6aa034b3\RtkAudUService64.exe [2389976 2024-12-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1690368 2022-07-22] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [LogiBolt] => C:\Program Files\Logi\LogiBolt\LogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech)
HKLM\...\Run: [Ashampoo Backup PB] => C:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\backupClient-abpb.exe [975712 2024-12-16] (Ashampoo GmbH & Co. KG -> )
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3951024 2019-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech, Inc.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (Canon Inc. -> CANON INC.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-1330223131-1420727312-3009786275-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [5007680 2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1330223131-1420727312-3009786275-1001\...\Run: [LogiBolt] => C:\Program Files\Logi\LogiBolt\LogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech)
HKU\S-1-5-21-1330223131-1420727312-3009786275-1001\...\Run: [StickyPassword] => C:\Program Files (x86)\Sticky Password\stpass.exe [72088 2024-11-05] (Lamantine Software a.s. -> Lamantine Software a.s.)
HKU\S-1-5-21-1330223131-1420727312-3009786275-1001\...\Run: [MG_EDO_P] => C:\Program Files (x86)\MSTECH\MG Easy Desktop Organizer Basic\mgedo.exe [11593216 2024-03-22] (MSTech Global) [File not signed]
HKU\S-1-5-21-1330223131-1420727312-3009786275-1001\...\Run: [Spotify] => C:\Users\Milan\AppData\Roaming\Spotify\Spotify.exe [36280648 2025-02-02] (Spotify AB -> Spotify Ltd)
HKLM\...\Windows x64\Print Processors\Canon MG7100 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBR.DLL [30208 2013-03-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG7100 series: C:\WINDOWS\system32\CNMLMBR.DLL [391168 2013-03-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [359936 2013-01-24] (CANON INC.) [File not signed]
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {DD2C9C85-D197-41D8-ACF3-D2120E55CF81} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2024-12-18] (Adobe Inc. -> Adobe Inc.)
Task: {B6A53D88-C857-49D1-9139-B1122123B522} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [2774080 2025-03-11] (Microsoft Windows -> Microsoft Corporation)
Task: {1CFA3EC5-2700-4AA4-A4BD-419ADCCC1468} - System32\Tasks\Kerish Doctor => C:\Program Files (x86)\Kerish PC Doctor\KerishDoctor.exe [4557104 2025-01-12] (KERISH PRODUCTS LLP -> Kerish Products LLP)
Task: {029AFF26-E3A8-48CA-9282-08B91FD6AA18} - System32\Tasks\mazání souborů starších 30 dnů => C:\Users\Milan\Desktop\soubory 30.bat [84 2024-11-28] () [File not signed] <==== ATTENTION
Task: {797A8E7A-10FE-46F6-A06A-778DA2268ABA} - System32\Tasks\Microsoft\Office\Office Apps Prewarm => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [314512 2025-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {E71EB059-A18C-488D-8ED5-0D361B746458} - System32\Tasks\Microsoft\Office\Office Apps Prewarm Recurring => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [314512 2025-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {EE648BB9-E2AB-4390-8B7C-C5FD034531A9} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28895464 2025-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {4C49C6AC-C246-4795-B8E2-BC6A22D18BB3} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\opushutil.exe [67256 2025-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {46F94318-FE4E-410A-8F04-FE2E13ACCC61} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28895464 2025-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {46B41238-3DBC-4072-98DE-0300E3DEB1C9} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [314512 2025-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {7C83769A-3FDA-4F95-B801-296E08B73029} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [314512 2025-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {D9036A44-69B1-47D4-B2BE-6494DE118B97} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [197256 2025-03-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {0BF745B9-75CE-44C0-80D4-104B6D7DFF6D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpCmdRun.exe [1732816 2025-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {045B6427-6FB4-4AED-A927-C64F012FE7CF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpCmdRun.exe [1732816 2025-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F77C9EFD-6772-4C4F-AA09-5C25515841FD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpCmdRun.exe [1732816 2025-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5779A3BE-9F0C-4139-AF36-68E7310D7908} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpCmdRun.exe [1732816 2025-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EEC1DE73-E5CC-4592-834B-9C4B23EC4F86} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-1330223131-1420727312-3009786275-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [682560 2025-03-19] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {294F20F7-C439-4DD4-83FA-ED441D36BF55} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34880 2025-03-19] (Mozilla Corporation -> Mozilla Foundation)
Task: {A5A18E3E-63CD-45D1-A610-C808D121F39B} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222800 2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {15259F53-4FAA-48C2-BAE5-B72300493EA9} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1330223131-1420727312-3009786275-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222800 2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {53320AF8-58B9-4156-A14A-927CFC7BB6F8} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1330223131-1420727312-3009786275-1002 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222800 2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {C9C41BDD-7BA4-445F-8D49-A7B1D0B072DD} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1330223131-1420727312-3009786275-1003 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222800 2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {D18ACFA1-96F6-4A8F-9FA4-2241920F6315} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1330223131-1420727312-3009786275-1004 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222800 2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {931AB9D3-2C83-4088-95CD-7387C9F0FFE9} - System32\Tasks\OneDrive Startup Task-S-1-5-21-1330223131-1420727312-3009786275-1001 => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\OneDriveLauncher.exe [669528 2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {7FBC6AB6-67BD-4897-9915-8D387AF27C5F} - System32\Tasks\OneDrive Startup Task-S-1-5-21-1330223131-1420727312-3009786275-1004 => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\OneDriveLauncher.exe [669528 2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {85C99713-23D9-4FC2-AB88-9BA3717CA1D1} - System32\Tasks\Opera scheduled Autoupdate 1711231502 => C:\Users\Milan\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [5645720 2025-02-28] (Opera Norway AS -> Opera Software)
Task: {5AAD39C0-559A-4962-A881-43A2DEBDAA7A} - System32\Tasks\Spuštění => C:\Program Files\Collectorz.com\Music Collector\MusicCollector.exe [87480440 2023-08-31] (Collectorz.com B.V. -> Collectorz.com)
Task: {7C62FF67-4EF5-49D1-BBC4-044CB9AB8C75} - System32\Tasks\Uninstaller_SkipUac_Milan => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [9914736 2024-05-07] (IObit CO., LTD -> IObit) -> C:\Program Files (x86)\IObit\IObit Uninstaller\\/UninstallExplorer
Task: {42ACA3F2-2882-447F-99CC-42D1D1655F8E} - System32\Tasks\WindhawkRunUITask => C:\Program Files (x86)\Windhawk\windhawk.exe [781688 2024-08-03] (Michael Maltsev -> Ramen Software)
Task: {8E5C5773-7151-415F-BDEF-3ED10E77F161} - System32\Tasks\WindhawkUpdateTask => C:\Program Files (x86)\Windhawk\windhawk.exe [781688 2024-08-03] (Michael Maltsev -> Ramen Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 81.200.55.222 81.200.55.223
Tcpip\..\Interfaces\{e2a08bb4-c274-43c6-94a9-9f0ec9019c31}: [DhcpNameServer] 81.200.55.222 81.200.55.223
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Milan\AppData\Local\Microsoft\Edge\User Data\Default [2025-03-13]
Edge Extension: (Dokumenty Google offline) - C:\Users\Milan\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-02-26]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Edge relevant text changes) - C:\Users\Milan\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-13]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
FireFox:
========
FF DefaultProfile: wzvvobbe.default
FF ProfilePath: C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\v4g1ojmf.Nepojmenovaný-1715281350361 [2025-03-20]
FF Extension: (PocketTube: Youtube Subscription Manager) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\v4g1ojmf.Nepojmenovaný-1715281350361\Extensions\danabok16@gmail.com.xpi [2025-03-11]
FF Extension: (Imageye - Image downloader) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\v4g1ojmf.Nepojmenovaný-1715281350361\Extensions\imageye@marenauta.com.xpi [2024-05-09]
FF Extension: (MyJDownloader Browser Extension) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\v4g1ojmf.Nepojmenovaný-1715281350361\Extensions\jid1-OY8Xu5BsKZQa6A@jetpack.xpi [2025-03-07] [UpdateUrl:hxxps://my.jdownloader.org/extensions/firefox.json]
FF Extension: (visitedlinkenabler) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\v4g1ojmf.Nepojmenovaný-1715281350361\Extensions\jid1-yDnsmkBoiRtgNA@jetpack.xpi [2024-05-09]
FF Extension: (PocketTube: Youtube PlayList Manager) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\v4g1ojmf.Nepojmenovaný-1715281350361\Extensions\playlist@yousub.info.xpi [2025-03-18]
FF Extension: (S3.Translator) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\v4g1ojmf.Nepojmenovaný-1715281350361\Extensions\s3@translator.xpi [2025-03-04]
FF Extension: (Session Sync) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\v4g1ojmf.Nepojmenovaný-1715281350361\Extensions\session-sync@gabrielivanica.com.xpi [2024-05-09]
FF Extension: (uBlock Origin) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\v4g1ojmf.Nepojmenovaný-1715281350361\Extensions\uBlock0@raymondhill.net.xpi [2025-03-20]
FF Extension: (Youtube Watchmarker) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\v4g1ojmf.Nepojmenovaný-1715281350361\Extensions\yourect@coderect.com.xpi [2025-02-06]
FF Extension: (No Name) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\v4g1ojmf.Nepojmenovaný-1715281350361\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2025-03-18]
FF Extension: (Sticky Password - správce hesel) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\v4g1ojmf.Nepojmenovaný-1715281350361\Extensions\{ecb80162-dfbd-4d91-a8da-17b35ba4707a}.xpi [2025-03-19]
FF ProfilePath: C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\wzvvobbe.default [2024-05-06]
FF ProfilePath: C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\rpd2vbfa.default-release-1711223784799 [2024-06-04]
FF Extension: (PocketTube: Youtube Subscription Manager) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\rpd2vbfa.default-release-1711223784799\Extensions\danabok16@gmail.com.xpi [2024-04-25]
FF Extension: (Imageye - Image downloader) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\rpd2vbfa.default-release-1711223784799\Extensions\imageye@marenauta.com.xpi [2024-03-24]
FF Extension: (visitedlinkenabler) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\rpd2vbfa.default-release-1711223784799\Extensions\jid1-yDnsmkBoiRtgNA@jetpack.xpi [2024-04-25]
FF Extension: (PocketTube: Youtube PlayList Manager) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\rpd2vbfa.default-release-1711223784799\Extensions\playlist@yousub.info.xpi [2024-05-05]
FF Extension: (S3.Translator) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\rpd2vbfa.default-release-1711223784799\Extensions\s3@translator.xpi [2024-03-24]
FF Extension: (Session Sync) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\rpd2vbfa.default-release-1711223784799\Extensions\session-sync@gabrielivanica.com.xpi [2024-03-23]
FF Extension: (uBlock Origin) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\rpd2vbfa.default-release-1711223784799\Extensions\uBlock0@raymondhill.net.xpi [2024-04-11]
FF Extension: (Youtube Watchmarker) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\rpd2vbfa.default-release-1711223784799\Extensions\yourect@coderect.com.xpi [2024-03-24]
FF Extension: (The floret blooms fully.01) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\rpd2vbfa.default-release-1711223784799\Extensions\{9560f976-3f23-46d9-b1d5-4ac6e384fdca}.xpi [2024-03-24]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-12-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-03-06] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2019-07-02] (CANON INC.) [File not signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-12-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.20 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.21 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
Opera:
=======
OPR DefaultProfile: Default
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2024-12-18] (Adobe Inc. -> Adobe Inc.)
R2 ashbackuppb; c:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\backupService-abpb.exe [40288 2024-12-16] (Ashampoo GmbH & Co. KG -> )
R2 CdRomArbiterService; C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.2.0_x64.exe [9728 2024-04-14] (GuinpinSoft inc) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13768912 2025-03-10] (Microsoft Corporation -> Microsoft Corporation)
R3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncHelper.exe [3533648 2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [167432 2024-04-26] (IObit CO., LTD -> IObit)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpDefenderCoreService.exe [1926976 2025-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_0afec3f2050014a0\Display.NvContainer\NVDisplay.Container.exe [1275000 2024-09-15] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\25.031.0217.0003\OneDriveUpdaterService.exe [3880256 2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
R2 OptionsPlusUpdaterService; C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe [22217608 2025-03-04] (Logitech Inc -> Logitech, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\NisSrv.exe [4352456 2025-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MsMpEng.exe [270056 2025-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Windhawk; C:\Program Files (x86)\Windhawk\windhawk.exe [781688 2024-08-03] (Michael Maltsev -> Ramen Software)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 cpuz158; C:\WINDOWS\temp\cpuz158\cpuz158_x64.sys [44592 2025-03-20] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
S3 e2f68; C:\WINDOWS\System32\drivers\e2f68.sys [526184 2021-01-19] (INTELEPGSW2022 -> Intel Corporation)
R3 e2fexpress; C:\WINDOWS\System32\DriverStore\FileRepository\e2f.inf_amd64_d0d0d2073f0fc12f\e2f.sys [536160 2024-05-12] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_GPIO2_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_6f8ae740d22247ce\iaLPSS2_GPIO2_ADL.sys [141288 2024-11-15] (Intel Corporation -> Intel Corporation)
R3 IntelGNA; C:\WINDOWS\System32\DriverStore\FileRepository\gna.inf_amd64_8e2f374849f1eba9\gna.sys [90208 2024-11-15] (Intel Corporation -> Intel Corporation)
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [28240 2024-04-26] (Microsoft Windows Hardware Compatibility Publisher -> IObit)
R3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [37112 2024-04-26] (IObit Information Technology -> IObit)
R3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [36432 2024-04-26] (Microsoft Windows Hardware Compatibility Publisher -> IObit)
R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [278944 2025-03-05] (Microsoft Windows -> Microsoft Corporation)
S3 SIVDriver; C:\Windows\system32\Drivers\SIVX64.sys [208456 2024-08-28] (Microsoft Windows Hardware Compatibility Publisher -> Ray Hinchliffe)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20016 2025-03-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [601520 2025-03-05] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100768 2025-03-05] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-03-20 22:02 - 2025-03-20 22:02 - 000029572 _____ C:\Users\Milan\Desktop\FRST.txt
2025-03-20 22:01 - 2025-03-20 22:01 - 002404352 _____ (Farbar) C:\Users\Milan\Desktop\FRST64.exe
2025-03-20 21:03 - 2025-03-20 21:03 - 000677108 _____ C:\WINDOWS\system32\perfh005.dat
2025-03-20 21:03 - 2025-03-20 21:03 - 000144960 _____ C:\WINDOWS\system32\perfc005.dat
2025-03-20 17:31 - 2025-03-20 21:05 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2025-03-20 14:15 - 2025-03-20 14:15 - 000000000 ____D C:\Users\Milan\Desktop\ThReaQuee33
2025-03-20 14:14 - 2025-03-20 14:14 - 000000000 ____D C:\Users\Milan\Desktop\asicr161
2025-03-20 13:36 - 2025-03-20 14:28 - 000000000 ____D C:\Users\Milan\Desktop\Double Face Sitting
2025-03-19 23:04 - 2025-03-19 23:04 - 008523403 _____ C:\Users\Milan\Downloads\1790_20250319195502740100_prilohaMD12073_2025940_4.pdf
2025-03-19 15:04 - 2025-03-20 21:06 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-03-18 21:07 - 2025-03-18 21:07 - 001997267 _____ C:\Users\Milan\Downloads\document.pdf
2025-03-15 20:54 - 2025-03-15 20:54 - 000000000 ____D C:\Users\Milan\AppData\Local\Deployment
2025-03-15 15:31 - 2025-03-15 15:31 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2025-03-15 15:31 - 2025-03-15 15:31 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-03-14 19:51 - 2025-03-14 19:51 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2025-03-13 13:42 - 2025-03-13 13:42 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2025-03-13 13:42 - 2025-03-13 13:42 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2025-03-12 23:25 - 2025-03-12 23:25 - 000000000 ____D C:\WINDOWS\Windows.SystemToast.PresenceSensing.OnlookerDetection
2025-03-12 20:28 - 2025-03-12 20:28 - 009538802 _____ C:\Users\Milan\Downloads\1790_20250312194202320100_prilohaMD13145_2025940_4.pdf
2025-03-12 18:18 - 2025-03-12 18:18 - 001455272 _____ C:\Users\Milan\Downloads\DIO_ulice_Dlouha_142.pdf
2025-03-12 09:06 - 2025-03-20 15:11 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-03-11 21:50 - 2025-03-11 21:50 - 000070484 _____ C:\WINDOWS\SysWOW64\ctac.json
2025-03-11 21:50 - 2025-03-11 21:50 - 000070484 _____ C:\WINDOWS\system32\ctac.json
2025-03-11 18:34 - 2025-03-11 18:34 - 000776506 _____ C:\Users\Milan\Documents\IMG_20250311_0002.pdf
2025-03-11 18:31 - 2025-03-11 18:31 - 000776471 _____ C:\Users\Milan\Documents\IMG_20250311_0001.pdf
2025-03-09 20:24 - 2025-03-09 20:26 - 001358084 _____ C:\Users\Milan\Documents\IMG_20250309_0001.pdf
2025-03-05 18:23 - 2025-03-05 18:23 - 000004266 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1711231502
2025-03-05 18:23 - 2025-03-05 18:23 - 000001390 _____ C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2025-03-05 09:05 - 2025-03-05 09:06 - 000000000 ____D C:\Program Files\LogiOptionsPlus
2025-03-04 20:24 - 2025-03-04 20:24 - 000082902 _____ C:\Users\Milan\Desktop\Solen_med-200502-0009.pdf
2025-03-04 20:13 - 2025-03-04 20:13 - 000171867 _____ C:\Users\Milan\Desktop\Solen_med-201212-0006.pdf
2025-03-04 09:08 - 2025-03-12 17:28 - 000000000 ____D C:\WINDOWS\Minidump
2025-03-04 09:06 - 2025-03-20 21:05 - 000012288 ___SH C:\DumpStack.log.tmp
2025-03-03 17:36 - 2025-03-03 17:36 - 007149693 _____ C:\Users\Milan\Downloads\DIO_Tr._Osvobozeni.pdf
2025-03-03 17:36 - 2025-03-03 17:36 - 000235185 _____ C:\Users\Milan\Downloads\Opatreni_obecne_povahy.pdf
2025-02-28 23:11 - 2025-02-28 23:11 - 000000000 ____D C:\Users\Milan\Documents\Ashampoo Burning Studio 2024
2025-02-26 22:05 - 2025-02-26 22:05 - 000748326 _____ C:\Users\Milan\Downloads\MUP_obec_Solenice_MK.pdf
2025-02-24 11:21 - 2025-02-24 12:49 - 000000000 ____D C:\totalcmd
2025-02-23 20:19 - 2025-03-14 13:06 - 000000000 ____D C:\ProgramData\TEMP
2025-02-23 20:18 - 2025-03-14 13:06 - 000000000 ____D C:\Users\Milan\AppData\Roaming\VideoReDo-TVSuite6
2025-02-23 20:18 - 2025-02-23 20:20 - 000000000 ____D C:\Program Files (x86)\VideoReDoTVSuite6
2025-02-23 20:18 - 2025-02-23 20:19 - 000000000 ____D C:\Users\Milan\Documents\VideoReDo
2025-02-23 20:18 - 2025-02-23 20:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoReDo
2025-02-19 18:26 - 2025-03-20 20:25 - 000001067 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2025-02-19 18:26 - 2025-02-19 18:26 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Thunderbird
2025-02-19 18:26 - 2025-02-19 18:26 - 000000000 ____D C:\Users\Milan\AppData\Local\Thunderbird
2025-02-18 20:05 - 2025-02-18 20:05 - 000297542 _____ C:\Users\Milan\Downloads\DIO_Picin_silnice_III_11418_30km_hod_1.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-03-20 22:02 - 2024-05-11 12:38 - 000000000 ____D C:\FRST
2025-03-20 21:53 - 2025-02-02 16:12 - 000000000 ____D C:\Users\Milan\AppData\Local\Spotify
2025-03-20 21:50 - 2024-02-26 18:27 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-03-20 21:48 - 2024-06-11 17:48 - 000000000 ____D C:\Users\Milan\AppData\Roaming\foobar2000-v2
2025-03-20 21:47 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-03-20 21:24 - 2024-04-01 08:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-03-20 21:24 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-03-20 21:23 - 2025-01-29 21:13 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-03-20 21:23 - 2023-02-09 18:20 - 000000000 ____D C:\Users\Milan\AppData\Local\D3DSCache
2025-03-20 21:19 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-03-20 21:10 - 2024-06-04 17:06 - 000000000 ____D C:\ProgramData\ProductData3
2025-03-20 21:06 - 2025-02-02 16:11 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Spotify
2025-03-20 21:06 - 2025-01-29 21:17 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2025-03-20 21:06 - 2024-06-16 19:14 - 000000000 ___HD C:\OneDriveTemp
2025-03-20 21:06 - 2024-05-09 20:02 - 000001079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-03-20 21:06 - 2024-05-09 20:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-03-20 21:06 - 2024-04-28 17:16 - 000000000 ___RD C:\Users\Milan\Documents\My EDO Desktop
2025-03-20 21:06 - 2024-04-26 17:23 - 000000000 ____D C:\Users\Milan\AppData\Local\JDownloader 2.0
2025-03-20 21:06 - 2024-04-11 19:48 - 000000000 ____D C:\Users\Milan\Documents\Music Collector
2025-03-20 21:06 - 2023-02-18 10:15 - 000000000 ____D C:\Users\Milan\AppData\Local\LogiOptionsPlus
2025-03-20 21:05 - 2025-01-29 21:17 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-03-20 21:05 - 2025-01-29 21:15 - 000001022 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-03-20 21:05 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ServiceState
2025-03-20 21:05 - 2024-03-17 20:47 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2025-03-20 21:05 - 2024-02-24 17:45 - 000000000 ____D C:\Users\Milan\Documents\Sticky Passwords
2025-03-20 21:05 - 2023-03-07 17:24 - 000000000 ____D C:\Users\Milan\AppData\Local\LogiBolt
2025-03-20 21:05 - 2023-02-11 14:29 - 000000000 ____D C:\ProgramData\NVIDIA
2025-03-20 21:05 - 2023-02-09 18:21 - 000000000 ___RD C:\Users\Milan\OneDrive
2025-03-20 21:03 - 2025-01-29 21:17 - 001603798 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-03-20 21:03 - 2024-04-01 08:24 - 000000000 ____D C:\WINDOWS\INF
2025-03-20 21:02 - 2024-03-24 20:26 - 000000000 ____D C:\Users\Milan\AppData\Local\Ashampoo Backup PB
2025-03-20 21:01 - 2024-03-25 18:20 - 005661051 _____ C:\Users\Milan\Documents\youtube.xlsx
2025-03-20 21:01 - 2024-03-05 19:58 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Microsoft\Excel
2025-03-20 20:31 - 2024-06-04 17:21 - 000000000 ____D C:\Users\Milan\AppData\Roaming\XnViewMP
2025-03-20 14:00 - 2024-03-24 23:39 - 000000000 ____D C:\Users\Milan\Documents\WM & PT
2025-03-16 20:42 - 2025-02-09 11:49 - 000000000 ____D C:\Users\Milan\AppData\Roaming\LosslessCut
2025-03-16 19:10 - 2023-02-09 18:15 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-03-15 15:31 - 2025-02-06 20:40 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1330223131-1420727312-3009786275-1004
2025-03-15 15:31 - 2025-02-06 20:40 - 000003552 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-1330223131-1420727312-3009786275-1004
2025-03-15 15:31 - 2025-02-06 20:40 - 000003552 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-1330223131-1420727312-3009786275-1001
2025-03-15 15:31 - 2025-01-29 21:17 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1330223131-1420727312-3009786275-1001
2025-03-14 19:51 - 2024-06-16 16:27 - 000000000 ____D C:\Program Files\Microsoft Office
2025-03-14 13:11 - 2025-01-29 21:14 - 000000000 ____D C:\Users\Milan
2025-03-14 13:11 - 2025-01-29 21:14 - 000000000 ____D C:\Users\_ashbackuppb_
2025-03-14 13:10 - 2025-01-29 21:12 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2025-03-13 22:53 - 2023-02-09 18:20 - 000000000 ____D C:\Users\Milan\AppData\Local\Packages
2025-03-13 22:52 - 2024-03-24 11:35 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Microsoft\Word
2025-03-13 09:04 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\USOPrivate
2025-03-12 23:26 - 2025-01-29 21:13 - 000842944 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-03-12 23:26 - 2024-04-01 08:21 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2025-03-12 23:25 - 2025-01-29 21:09 - 000000000 ____D C:\WINDOWS\InboxApps
2025-03-12 23:25 - 2024-04-01 17:30 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2025-03-12 23:25 - 2024-04-01 17:30 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\system32\UNP
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\system32\F12
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ___RD C:\Program Files\Windows Defender
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\UUS
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\Provisioning
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-03-12 23:25 - 2024-04-01 08:21 - 000000000 ____D C:\WINDOWS\servicing
2025-03-11 21:50 - 2025-01-29 21:17 - 003346432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-03-11 18:34 - 2024-12-07 12:36 - 000000000 ___HD C:\ProgramData\CanonIJMIG
2025-03-09 00:10 - 2024-05-15 02:46 - 000000000 ____D C:\Users\Milan\AppData\Local\CrashDumps
2025-03-08 09:04 - 2025-01-29 21:17 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-03-08 09:04 - 2025-01-29 21:17 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-03-05 21:26 - 2023-02-09 18:14 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2025-03-05 09:06 - 2023-03-07 17:24 - 000000000 ____D C:\Program Files\Logi
2025-03-05 09:05 - 2023-02-18 10:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2025-03-01 09:46 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\NDF
2025-02-28 23:09 - 2024-03-24 20:26 - 000000000 ____D C:\Users\Milan\AppData\Local\Ashampoo
2025-02-28 12:33 - 2024-03-30 21:49 - 000000000 ____D C:\Users\Milan\AppData\Roaming\vlc
2025-02-25 22:17 - 2025-02-09 11:48 - 000000000 ____D C:\Users\Milan\Desktop\Losslesscut
2025-02-25 22:07 - 2024-02-26 15:48 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Microsoft\HTML Help
2025-02-25 18:46 - 2024-03-24 17:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView MP
2025-02-25 18:46 - 2024-03-24 17:37 - 000000000 ____D C:\Program Files\XnViewMP
==================== Files in the root of some directories ========
2025-01-14 00:05 - 2025-01-14 00:05 - 000000218 _____ () C:\Users\Milan\AppData\Local\recently-used.xbel
2024-07-05 22:06 - 2024-07-05 22:06 - 000007602 _____ () C:\Users\Milan\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-03-2025
Ran by Milan (20-03-2025 22:03:34)
Running from C:\Users\Milan\Desktop
Microsoft Windows 11 Home Version 24H2 26100.3476 (X64) (2025-01-29 20:17:18)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1330223131-1420727312-3009786275-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1330223131-1420727312-3009786275-503 - Limited - Disabled)
Guest (S-1-5-21-1330223131-1420727312-3009786275-501 - Limited - Disabled)
Milan (S-1-5-21-1330223131-1420727312-3009786275-1001 - Administrator - Enabled) => C:\Users\Milan
WDAGUtilityAccount (S-1-5-21-1330223131-1420727312-3009786275-504 - Limited - Disabled)
_ashbackuppb_ (S-1-5-21-1330223131-1420727312-3009786275-1004 - Administrator - Enabled) => C:\Users\_ashbackuppb_
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 25.001.20432 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601108}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Advanced Renamer (HKLM\...\Advanced Renamer_is1) (Version: 3.95 - Hulubulu Software)
Ashampoo Backup Pro 25 (HKLM\...\{91B33C97-4DF6-313E-7BC4-BB89CF1606D7}_is1) (Version: 25.06 - Ashampoo GmbH & Co. KG)
Ashampoo Burning Studio 2024 (HKLM-x32\...\{91B33C97-3112-6AB3-3983-6816FE1F1516}_is1) (Version: 1.25.0 - Ashampoo GmbH & Co. KG)
Attribute Changer 11.30c (HKLM\...\{27263813-8BDE-4CD2-84D3-02536743428A}_is1) (Version: 11.30c - Romain Petges)
Audials Music SE 2025 (HKLM\...\{3FCE3BDD-BADA-4B75-8D0C-C59E4AE04206}) (Version: 25.0.64.0 - Audials AG)
Audials Radio SE 2025 (HKLM\...\{67D2EDE6-6FC5-4C28-BEC9-231ECD65F761}) (Version: 25.0.64.0 - Audials AG)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG7100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG7100_series) (Version: 1.01 - Canon Inc.)
Canon MG7100 series On-screen Manual (HKLM-x32\...\Canon MG7100 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.4 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
CrystalDiskInfo 9.5.0 (HKLM\...\CrystalDiskInfo_is1) (Version: 9.5.0 - Crystal Dew World)
Deluge 2.1.1 (HKLM-x32\...\Deluge) (Version: - )
DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version: - )
EaseFab LosslessCopy (HKLM-x32\...\EaseFabLosslessCopy) (Version: 5.8.5 - EaseFab)
EaseFab Video Converter (HKLM-x32\...\EaseVideoConverter) (Version: 5.8.5 - EaseFab)
foobar2000 v2.1.5 (x64) (HKLM\...\foobar2000 (x64)) (Version: 2.1.5 - Peter Pawlowski)
HandBrake 1.7.3 (HKLM-x32\...\HandBrake) (Version: 1.7.3 - )
Icaros (HKLM\...\Icaros_is1) (Version: 3.3.2.0 - Tabibito Technology)
IObit Uninstaller 13 (HKLM-x32\...\IObitUninstall) (Version: 13.5.0.1 - IObit)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0.1 - AppWork GmbH)
Kerish PC Doctor (HKLM-x32\...\{EF70A54F-E09E-4570-8F21-C7674CDDB5B6}_is1) (Version: 4.95 - Kerish Products LLP)
LockHunter 3.4, 32/64 bit (HKLM\...\LockHunter_is1) (Version: 3.4.3.146 - Crystal Rich Ltd)
Logi Bolt (HKLM\...\LogiBolt) (Version: 1.2.6024.0 - Logi)
Logi Options+ (HKLM\...\{850cdc16-85df-4052-b06e-4e3e9e83c5c6}) (Version: 1.87.684086 - Logitech)
Logi Plugin Service (HKLM\...\{712A3B82-AEFE-406E-B0F3-38AFFCE2ACE9}) (Version: 6.0.5.21571 - Logitech)
Logitech Options (HKLM\...\LogiOptions) (Version: 9.70.68 - Logitech)
Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
MAGIX Cloud Import (HKLM\...\{84D3CED2-2EDB-46D9-984D-F654750FBC15}) (Version: 0.1.0.5 - MAGIX Software GmbH) Hidden
MAGIX Cloud Import (HKLM\...\MX.{84D3CED2-2EDB-46D9-984D-F654750FBC15}) (Version: 0.1.0.5 - MAGIX Software GmbH)
MAGIX Movie Studio (Migrate Content) (HKLM\...\{44A9D239-E67A-4334-8580-EF70B1A03C1E}) (Version: 22.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Movie Studio (Templates and effects) (HKLM-x32\...\MAGIX_GlobalContent.Video_deluxe) (Version: 1.0.0.0 - MAGIX Software GmbH)
Mahjong Carnival (HKLM-x32\...\Mahjong Carnival_is1) (Version: - ToomkyGames.com)
MakeMKV v1.17.6 (HKLM-x32\...\MakeMKV) (Version: v1.17.6 - GuinpinSoft inc)
Medieval CUE Splitter (HKLM-x32\...\{B96D2269-568B-4CBF-9332-12FAE8B158F7}) (Version: 1.2.0 - Medieval Software)
MG Easy Desktop Organizer Basic (HKLM-x32\...\{5E38A89C-35BF-44D9-AED4-19FEBDDEDE30}) (Version: 5.8.5.3190 - MSTECH GLOBAL)
Microsoft .NET Host - 6.0.36 (x64) (HKLM\...\{D6932D97-36F1-40B8-9CDC-CA8365B21000}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.16 (x64) (HKLM\...\{B8537ACA-B210-4DF5-B928-E41CEB76723D}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.36 (x64) (HKLM\...\{A9E32B25-994B-4856-A12B-0EBED3050410}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.16 (x64) (HKLM\...\{C71E93D2-B8B4-4858-B2A1-4C967DBC1C5F}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.36 (x64) (HKLM\...\{C912E33F-956A-4921-9F55-CC11AE8F09AF}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.18526.20168 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 134.0.3124.72 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 134.0.3124.72 - Microsoft Corporation) Hidden
Microsoft Office 2016 pro profesionály - cs-cz (HKLM\...\ProfessionalRetail - cs-cz) (Version: 16.0.18526.20168 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 25.031.0217.0003 - Microsoft Corporation)
Microsoft Support and Recovery Assistant (HKU\S-1-5-21-1330223131-1420727312-3009786275-1001\...\eb27b72449f9557b) (Version: 17.1.1814.0 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.24.14501 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.42.34433 (HKLM-x32\...\{804e7d66-ccc2-4c12-84ba-476da31d103d}) (Version: 14.42.34433.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.42.34433 (HKLM-x32\...\{e7802eac-3305-4da0-9378-e55d1ed05518}) (Version: 14.42.34433.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.42.34433 (HKLM\...\{E1902FC6-C423-4719-AB8A-AC7B2694B367}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.42.34433 (HKLM\...\{382F1166-A409-4C5B-9B1E-85ED538B8291}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.42.34433 (HKLM-x32\...\{84E3E712-6343-484B-8B6C-9F145F019A70}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.42.34433 (HKLM-x32\...\{C2BB95AA-90F3-4891-81C1-A7E565BB836C}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.16 (x64) (HKLM\...\{805626FF-2BC9-4567-A71E-A76A470D000A}) (Version: 48.67.58484 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.16 (x64) (HKLM-x32\...\{8d173101-98c1-4e92-97c6-47c6840745a7}) (Version: 6.0.16.32327 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.36 (x64) (HKLM\...\{61D4736B-3325-4D4A-BD41-8BD206C6A86E}) (Version: 48.144.23186 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.36 (x64) (HKLM-x32\...\{0532b8f2-12d7-43de-95fc-7b87006758a8}) (Version: 6.0.36.34217 - Microsoft Corporation)
MKVToolNix 83.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 83.0.0 - Moritz Bunkus)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 136.0.2 (x64 cs)) (Version: 136.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 128.7.1 - Mozilla)
Mozilla Thunderbird (x64 cs) (HKLM\...\Mozilla Thunderbird 128.8.1 (x64 cs)) (Version: 128.8.1 - Mozilla)
Mp3tag v3.25 (HKLM\...\Mp3tag) (Version: 3.25 - Florian Heidenreich)
Mp3tag v3.28 (HKLM-x32\...\Mp3tag) (Version: 3.28 - Florian Heidenreich)
Music Collector (HKLM\...\{8CDFF5D2-89BF-4391-9D20-7D95C88DC98C}_is1) (Version: - Collectorz.com)
NVIDIA Ovladače grafiky 560.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 560.94 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.18526.20168 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.18526.20168 - Microsoft Corporation) Hidden
Opera Stable 117.0.5408.53 (HKU\S-1-5-21-1330223131-1420727312-3009786275-1001\...\Opera 117.0.5408.53) (Version: 117.0.5408.53 - Opera Software)
Registrace uživatele zařízení Canon MG7100 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG7100 series) (Version: - Canon Inc.)
SDÍLEJ.CZ Manager (HKU\S-1-5-21-1330223131-1420727312-3009786275-1001\...\69f070f18ade444c) (Version: 0.0.1.42 - SDÍLEJ.CZ)
Spotify (HKU\S-1-5-21-1330223131-1420727312-3009786275-1001\...\Spotify) (Version: 1.2.56.502.ga68d2d4f - Spotify AB)
Sticky Password (HKLM-x32\...\Sticky Password_is1) (Version: 8.8.6.1987 - Lamantine Software)
tinyMediaManager 5.0.13 (HKU\S-1-5-21-1330223131-1420727312-3009786275-1001\...\{DA6AE47C-B91D-4C9D-A582-9B8DD433256C}_is1) (Version: 5.0.13 - Manuel Laggner)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 11.51 - Ghisler Software GmbH)
VideoReDo TVSuite Version 6.63.7.836 (HKLM-x32\...\VideoReDo6_is1) (Version: - DRD Systems, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.21 - VideoLAN)
Windhawk v1.5.1 (HKLM-x32\...\Windhawk) (Version: 1.5.1 - Ramen Software)
WinRAR 7.10 beta 2 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.10.2 - win.rar GmbH)
XnView MP (x64) (HKLM\...\XnView MP (x64)_is1) (Version: 1.8.6.0 - Pierre-e Gougelet)
Packages:
=========
DuckDuckGo -> C:\Program Files\WindowsApps\DuckDuckGo.DesktopBrowser_0.104.4.0_x64__ya2fgkz3nks94 [2025-03-19] (DuckDuckGo) [Startup Task]
Free Countdown Timer -> C:\Program Files\WindowsApps\ComfortSoftwareGroup.619107C5A9A29_5.3.0.0_x64__2tsmkga83t66w [2025-02-11] (Comfort Software Group) [Startup Task]
Free Duplicate Finder - Videos and Photos -> C:\Program Files\WindowsApps\37309CoolLeGetInc.FreeDuplicateFinder-VideosandPho_2.0.9.0_x64__g0y9d13zmhd68 [2024-12-27] (CoolLeGet Inc)
Microsoft Clipchamp -> C:\Program Files\WindowsApps\Clipchamp.Clipchamp_4.0.10820.0_x64__yxz26nhyzhsrt [2025-03-07] (Microsoft Corp.)
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2503.14002.0_x64__8wekyb3d8bbwe [2025-03-20] (Microsoft Corporation) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2024-11-13] (Microsoft Corp.)
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_4.6.12100.0_x64__8wekyb3d8bbwe [2025-01-23] (Microsoft Studios)
Microsoft.StartExperiencesApp -> C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.282.0_x64__8wekyb3d8bbwe [2025-03-12] (Microsoft Corporation)
Mp3tag -> C:\Program Files (x86)\Mp3tag [2024-12-27] (Florian Heidenreich)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.967.0_x64__56jybvy8sckqj [2025-01-29] (NVIDIA Corp.)
OfficePushNotificationsUtility -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE16 [2025-03-15] ()
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.52.354.0_x64__dt26b99r8h8gj [2025-01-31] (Realtek Semiconductor Corp)
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.373.1736.0_x64__8wekyb3d8bbwe [2025-01-23] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_6000.424.1611.0_x64__8wekyb3d8bbwe [2025-03-19] (Microsoft Corp.)
WinRAR -> C:\Program Files\WinRAR [2024-12-07] (win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1330223131-1420727312-3009786275-1001_Classes\CLSID\{04271989-C4D2-6060-A52B-D5AEB5C3D2F1} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-1330223131-1420727312-3009786275-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-1330223131-1420727312-3009786275-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Milan\AppData\Local\Microsoft\TeamsMeetingAdd-in\1.24.14501\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1330223131-1420727312-3009786275-1001_Classes\CLSID\{1a46400f-4c81-802a-c2c1-1e9a687a9340}\localserver32 -> C:\Program Files\HandBrake\HandBrake.exe (HandBrake Team) [File not signed]
CustomCLSID: HKU\S-1-5-21-1330223131-1420727312-3009786275-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-1330223131-1420727312-3009786275-1001_Classes\CLSID\{86ca1aa0-34aa-4e8b-a509-50c905bae2a2}\InprocServer32 -> => No File
CustomCLSID: HKU\S-1-5-21-1330223131-1420727312-3009786275-1001_Classes\CLSID\{E7D85F24-A5C2-4940-978E-9EB4AD1E8587}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll (Mozilla Corporation -> Mozilla Foundation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1-x32: [ARenGUID_ContextMenuEntry] -> {E30FF514-33BF-4C2F-A3BD-83C26DC7325C} => C:\Program Files\Advanced Renamer\arencm.dll [2014-04-04] (Kim Jensen) [File not signed]
ContextMenuHandlers1: [ARenGUID_ContextMenuEntry64] -> {85EF5100-D10C-11E1-82EF-B60A140DCD93} => C:\Program Files\Advanced Renamer\arencm64.dll [2014-11-29] (Kim Jensen) [File not signed]
ContextMenuHandlers1: [EdoShellEx] -> {106eb2af-e41c-3d77-8b72-618781a1a8e4} => C:\Program Files (x86)\MSTECH\MG Easy Desktop Organizer Basic\mgshellex.DLL [2024-03-22] (MSTech Global) [File not signed] [File is in use]
ContextMenuHandlers1: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2024-04-26] (IObit CO., LTD -> IObit)
ContextMenuHandlers1: [IXnView] -> {A5D35F9F-6A11-4EAA-B70B-7BB6FE32663A} => C:\Program Files\XnViewMP\XnViewShellExt64.dll [2024-11-25] (Pierre GOUGELET -> )
ContextMenuHandlers1: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2021-06-24] (Crystal Rich Ltd -> Crystal Rich Ltd)
ContextMenuHandlers2: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2021-06-24] (Crystal Rich Ltd -> Crystal Rich Ltd)
ContextMenuHandlers3: [ACShell] -> {D3F9A525-8824-497A-BE36-B23E22F141FC} => C:\Program Files\Attribute Changer\acshell.dll [2024-10-15] (Romain Petges) [File not signed]
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4-x32: [ARenGUID_ContextMenuEntry] -> {E30FF514-33BF-4C2F-A3BD-83C26DC7325C} => C:\Program Files\Advanced Renamer\arencm.dll [2014-04-04] (Kim Jensen) [File not signed]
ContextMenuHandlers4: [ARenGUID_ContextMenuEntry64] -> {85EF5100-D10C-11E1-82EF-B60A140DCD93} => C:\Program Files\Advanced Renamer\arencm64.dll [2014-11-29] (Kim Jensen) [File not signed]
ContextMenuHandlers4: [EdoShellEx] -> {106eb2af-e41c-3d77-8b72-618781a1a8e4} => C:\Program Files (x86)\MSTECH\MG Easy Desktop Organizer Basic\mgshellex.DLL [2024-03-22] (MSTech Global) [File not signed] [File is in use]
ContextMenuHandlers4: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2024-04-26] (IObit CO., LTD -> IObit)
ContextMenuHandlers4: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2021-06-24] (Crystal Rich Ltd -> Crystal Rich Ltd)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [EdoShellEx] -> {106eb2af-e41c-3d77-8b72-618781a1a8e4} => C:\Program Files (x86)\MSTECH\MG Easy Desktop Organizer Basic\mgshellex.DLL [2024-03-22] (MSTech Global) [File not signed] [File is in use]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_0afec3f2050014a0\nvshext.dll [2024-09-15] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2024-04-26] (IObit CO., LTD -> IObit)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2024-10-07 19:19 - 2024-07-26 12:17 - 002011648 _____ () [File not signed] C:\ProgramData\Windhawk\Engine\Mods\64\libc++.dll
2024-10-07 19:19 - 2024-07-26 12:17 - 000217600 _____ () [File not signed] C:\ProgramData\Windhawk\Engine\Mods\64\libunwind.dll
2024-12-08 20:24 - 2024-12-08 20:24 - 000173056 _____ () [File not signed] C:\ProgramData\Windhawk\Engine\Mods\64\taskbar-grouping_1.3.7_536176.dll
2024-12-08 20:16 - 2024-12-08 20:16 - 000234496 _____ () [File not signed] C:\ProgramData\Windhawk\Engine\Mods\64\taskbar-icon-size_1.2.16_723722.dll
2024-12-08 20:44 - 2024-12-08 20:44 - 000271872 _____ () [File not signed] C:\ProgramData\Windhawk\Engine\Mods\64\taskbar-labels_1.3.3_712919.dll
2025-03-20 21:06 - 2025-03-20 21:06 - 004193064 _____ () [File not signed] C:\Users\Milan\AppData\Local\JDownloader 2.0\tmp\7zip\SevenZipJBinding-Do9iQmsMdyfO\lib7-Zip-JBinding.dll
2024-05-06 20:54 - 2023-08-02 09:59 - 000594432 _____ (CANON INC.) [File not signed] [File is in use] C:\Program Files (x86)\Canon\Quick Menu\CNQMMWRP.dll
2024-05-06 21:41 - 2013-02-19 15:37 - 000008192 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_CSY.DLL
2024-05-06 21:41 - 2013-02-19 15:36 - 000307200 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_IMG.dll
2024-05-06 20:54 - 2017-07-05 12:43 - 000561152 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\Quick Menu\CCL.dll
2024-05-06 20:54 - 2013-01-24 15:24 - 000359936 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2025-03-20 21:06 - 2025-03-20 21:06 - 000211456 ____N (Java(TM) Native Access (JNA)) [File not signed] C:\Users\Milan\AppData\Local\JDownloader 2.0\tmp\jna\jna3645521907879055237.dll
2024-06-11 20:32 - 2014-11-29 21:55 - 000656896 _____ (Kim Jensen) [File not signed] C:\Program Files\Advanced Renamer\arencm64.dll
2024-06-16 18:06 - 2024-06-16 18:06 - 000126976 ____N (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\UpdatePolicyScenarioReliabilityAggregator.dll
2025-02-09 11:05 - 2024-10-15 18:00 - 000638976 _____ (Romain Petges) [File not signed] C:\Program Files\Attribute Changer\acshell.dll
2025-01-20 23:51 - 2018-06-27 09:58 - 002135040 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\ash_libcurl.dll
2025-01-20 23:51 - 2024-12-12 11:38 - 000436736 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\libcurl.dll
2025-01-20 23:51 - 2024-12-12 10:49 - 003469824 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\libcrypto-1_1-x64.dll
2025-01-20 23:51 - 2024-12-12 10:49 - 000692224 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\libssl-1_1-x64.dll
2025-01-20 23:51 - 2024-12-12 10:49 - 000150528 _____ (wxWidgets development team) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\wxbase310u_net_vc_ox.dll
2025-01-20 23:51 - 2024-12-12 10:49 - 002107392 _____ (wxWidgets development team) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\wxbase310u_vc_ox.dll
2025-01-20 23:51 - 2024-12-12 10:49 - 000168448 _____ (wxWidgets development team) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\wxbase310u_xml_vc_ox.dll
2025-01-20 23:51 - 2024-12-12 10:49 - 001379328 _____ (wxWidgets development team) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\wxmsw310u_adv_vc_ox.dll
2025-01-20 23:51 - 2024-12-12 10:49 - 004959232 _____ (wxWidgets development team) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\wxmsw310u_core_vc_ox.dll
2025-01-20 23:51 - 2024-12-12 10:49 - 000644608 _____ (wxWidgets development team) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\wxmsw310u_html_vc_ox.dll
2025-01-20 23:51 - 2024-12-12 10:49 - 000108032 _____ (wxWidgets development team) [File not signed] C:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\wxmsw310u_webview_vc_ox.dll
2025-01-20 23:51 - 2024-12-12 10:49 - 000764928 _____ (wxWidgets development team) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\wxmsw310u_xrc_vc_ox.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\OneDriveTemp:{44004F00-6900-6B00-4700-430062004400} [1004]
AlternateDataStreams: C:\ProgramData\TEMP:0888F409 [143]
AlternateDataStreams: C:\ProgramData\TEMP:3440EB47 [141]
AlternateDataStreams: C:\ProgramData\TEMP:66633281 [152]
AlternateDataStreams: C:\ProgramData\TEMP:93433455 [158]
AlternateDataStreams: C:\ProgramData\TEMP:EFDFF94D [346]
AlternateDataStreams: C:\Users\Milan\Documents\Music Collector:{32007700-6C00-5A00-7800-670076006200} [216]
AlternateDataStreams: C:\Users\Milan\Documents\Music Collector:{44004F00-6900-6B00-4700-430062004400} [1004]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1330223131-1420727312-3009786275-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2024-04-26] (IObit CO., LTD -> IObit)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-12-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-03-08] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2022-05-07 06:24 - 2022-05-07 06:22 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1330223131-1420727312-3009786275-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-1330223131-1420727312-3009786275-1004\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 81.200.55.222 - 81.200.55.223
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: Intel(R) Ethernet Controller (3) I225-V -> e2f.sys
Síťové připojení Bluetooth 4: Bluetooth Device (Personal Area Network) #4 -> bthpan.sys
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{43888747-89E3-4805-9EFF-43B0E2AAB832}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{FB6423D3-FB0F-4E67-8133-56F1B6C06FE2}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{E68D1D24-E523-4761-B498-B4B3FDCF5E26}] => (Allow) C:\Program Files\Common Files\MAGIX Services\MxCloudSync\MxCloudSync.exe (MAGIX Software GmbH -> MAGIX)
FirewallRules: [{D97E2971-7A3C-4950-BE60-49B8689EF39B}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe (Lamantine Software a.s. -> Lamantine Software a.s.)
FirewallRules: [{6DB8CF11-4DC1-43CF-93D9-A45306CC2E8B}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe (Lamantine Software a.s. -> Lamantine Software a.s.)
FirewallRules: [{1CC9BD7D-BC94-4ACA-9753-A3BD617ECEB4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FDE1F63A-D549-41A0-B356-10E589866DF7}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24193.1904.3031.6050_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8021A966-C408-45CE-9DB6-50FCD2EFC74B}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24193.1904.3031.6050_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{1EEB9DB7-32CB-4988-9034-6C43CC797E52}C:\program files\deluge\deluge.exe] => (Allow) C:\program files\deluge\deluge.exe () [File not signed]
FirewallRules: [TCP Query User{649DA3C0-FAFF-47AB-9D6B-7F54FFF390A3}C:\program files\deluge\deluge.exe] => (Allow) C:\program files\deluge\deluge.exe () [File not signed]
FirewallRules: [{1F60E86A-69FF-43C2-9D43-32FD70A89BF4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B187E00C-E90F-4B0E-9E51-D71D42A731FC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{48DD536A-1A30-427F-9E3C-F4594B2DEA04}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{67BAB162-8430-4592-854D-69F44353C85D}] => (Allow) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{DE8CD9A6-C4C6-413B-B61F-E0F481FEC025}] => (Allow) C:\Program Files\Audials\RadioEdition 2025\Audials.exe (Audials AG -> Audials AG)
FirewallRules: [{BB4EFBC5-7C55-4201-AB18-ED9D9BABFEC7}] => (Allow) LPort=12972
FirewallRules: [{A8A1C8B2-915B-4BE8-9FE8-FF2444C824DC}] => (Allow) LPort=14714
FirewallRules: [{5E2715C4-1531-4FB4-AA63-2BBC09E66C50}] => (Allow) LPort=31931
FirewallRules: [{4EEB0DC7-DBA5-4DC8-9D0E-3DF82F342E33}] => (Allow) C:\Program Files\Audials\MusicEdition 2025\Audials.exe (Audials AG -> Audials AG)
FirewallRules: [TCP Query User{ADDB913D-C625-4518-AA18-9F86D454E9F7}C:\users\milan\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\milan\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{808A79DF-1254-4EB2-8EF9-CCE1C1FF6F8E}C:\users\milan\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\milan\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{79411591-30C8-4D35-9A80-AE525D493EB3}C:\users\milan\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\milan\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{E3010F74-FB47-4676-AF58-71F48390EF84}C:\users\milan\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\milan\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DD77B8FC-8531-4F42-B90C-335C702F8449}] => (Allow) C:\Program Files\Logi\LogiPluginService\LogiPluginService.exe (LoupeDeck Oy -> Logitech)
FirewallRules: [{CC84519C-7713-4974-8582-68700A9F3A61}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\134.0.3124.72\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0B9F1CAE-64EE-49AF-A4FF-707960E90676}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25060.205.3499.6849_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{97B7EA4A-385C-4119-928D-14196C41CFA7}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25060.205.3499.6849_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1B2F7382-C208-4E7B-B2BD-CAA4EC3BC4BD}] => (Allow) C:\Program Files\WindowsApps\DuckDuckGo.DesktopBrowser_0.104.4.0_x64__ya2fgkz3nks94\WindowsBrowser\WebView2\msedgewebview2.exe (Duck Duck Go, Inc. -> Microsoft Corporation)
FirewallRules: [{DE6FD5C8-A6CD-41F4-8331-D710DAD189AC}] => (Allow) C:\Program Files\WindowsApps\DuckDuckGo.DesktopBrowser_0.104.4.0_x64__ya2fgkz3nks94\WindowsBrowser\WebView2\msedgewebview2.exe (Duck Duck Go, Inc. -> Microsoft Corporation)
==================== Restore Points =========================
18-03-2025 21:30:50 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (03/20/2025 09:05:51 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: DESKTOP-4G0UFJU)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).
Error: (03/20/2025 09:03:24 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..
Error: (03/20/2025 09:03:24 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]
Error: (03/20/2025 08:59:02 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: Verze 2.0.0.3 programu JDownloader2.exe ukončila interakci se systémem Windows a byla ukončena. Pokud chcete zjistit, zda jsou k dispozici další informace o problému, zkontrolujte historii problémů v ovládacím panelu Zabezpečení a údržba.
Error: (03/14/2025 01:11:32 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: DESKTOP-4G0UFJU)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).
Error: (03/14/2025 01:08:54 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: Verze 23.1.0.1 programu MusicCollector.exe ukončila interakci se systémem Windows a byla ukončena. Pokud chcete zjistit, zda jsou k dispozici další informace o problému, zkontrolujte historii problémů v ovládacím panelu Zabezpečení a údržba.
Error: (03/14/2025 01:07:48 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: Verze 83.0.0.0 programu mkvtoolnix-gui.exe ukončila interakci se systémem Windows a byla ukončena. Pokud chcete zjistit, zda jsou k dispozici další informace o problému, zkontrolujte historii problémů v ovládacím panelu Zabezpečení a údržba.
Error: (03/12/2025 11:27:30 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: DESKTOP-4G0UFJU)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).
System errors:
=============
Error: (03/20/2025 10:02:44 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou 192.168.0.186.
Počítač s IP adresou 192.168.0.196 nepovolil získání názvu
tímto počítačem.
Error: (03/20/2025 09:57:34 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou 192.168.0.186.
Počítač s IP adresou 192.168.0.196 nepovolil získání názvu
tímto počítačem.
Error: (03/20/2025 09:52:21 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou 192.168.0.186.
Počítač s IP adresou 192.168.0.196 nepovolil získání názvu
tímto počítačem.
Error: (03/20/2025 09:47:11 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou 192.168.0.186.
Počítač s IP adresou 192.168.0.196 nepovolil získání názvu
tímto počítačem.
Error: (03/20/2025 09:42:01 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou 192.168.0.186.
Počítač s IP adresou 192.168.0.196 nepovolil získání názvu
tímto počítačem.
Error: (03/20/2025 09:36:51 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou 192.168.0.186.
Počítač s IP adresou 192.168.0.196 nepovolil získání názvu
tímto počítačem.
Error: (03/20/2025 09:31:41 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou 192.168.0.186.
Počítač s IP adresou 192.168.0.196 nepovolil získání názvu
tímto počítačem.
Error: (03/20/2025 09:26:31 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou 192.168.0.186.
Počítač s IP adresou 192.168.0.196 nepovolil získání názvu
tímto počítačem.
Windows Defender:
================
Date: 2025-03-20 00:04:30
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-03-18 21:45:32
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-03-18 09:15:31
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-03-16 21:57:05
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-03-16 00:29:22
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
CodeIntegrity:
===============
Date: 2025-03-20 21:06:16
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\WindowsApps\DuckDuckGo.DesktopBrowser_0.104.4.0_x64__ya2fgkz3nks94\WindowsBrowser\WebView2\msedgewebview2.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Windhawk\Engine\1.5.1\64\windhawk.dll that did not meet the Microsoft signing level requirements.
Date: 2025-03-20 21:06:15
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\EdgeWebView\Application\134.0.3124.72\msedgewebview2.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Windhawk\Engine\1.5.1\64\windhawk.dll that did not meet the Microsoft signing level requirements.
Date: 2025-03-20 21:05:35
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Windhawk\Engine\1.5.1\64\windhawk.dll that did not meet the Microsoft signing level requirements.
Date: 2025-03-20 09:14:48
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Windhawk\Engine\1.5.1\64\windhawk.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends International, LLC. 1.20 02/24/2022
Motherboard: Micro-Star International Co., Ltd. PRO Z690-A DDR4(MS-7D25)
Processor: 12th Gen Intel(R) Core(TM) i5-12400F
Percentage of memory in use: 55%
Total physical RAM: 16243.87 MB
Available physical RAM: 7172.5 MB
Total Virtual: 28531.87 MB
Available Virtual: 15838.95 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.71 GB) (Free:766.92 GB) (Model: Samsung SSD 980 PRO 1TB) NTFS
Drive e: (Data) (Fixed) (Total:1863 GB) (Free:1059.32 GB) (Model: KINGSTON SNV2S2000G) NTFS
Drive f: (Hudba) (Fixed) (Total:931.51 GB) (Free:267.13 GB) (Model: WDC WDS100T2B0A-00SM50) NTFS
Drive g: (HOPPY LABEL) (Fixed) (Total:596.17 GB) (Free:596.01 GB) (Model: WD 6400AAV External USB Device) NTFS
Drive i: (Záloha) (Fixed) (Total:3725.9 GB) (Free:3724.61 GB) (Model: CT4000P3 SSD8 SCSI Disk Device) NTFS
\\?\Volume{a98bb4c8-c399-44ed-8b5c-fcdafea5d897}\ () (Fixed) (Total:0.69 GB) (Free:0.15 GB) NTFS
\\?\Volume{9d60c426-e1a7-4ca9-90aa-37581c31cb96}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 456D789A)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 2 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 3 (Size: 596.2 GB) (Disk ID: 060F38E2)
Partition 1: (Not Active) - (Size=596.2 GB) - (Type=07 NTFS)
==========================================================
Disk: 4 (Size: 3726 GB) (Disk ID: 88A4B328)
Partition: GPT.
==================== End of Addition.txt =======================
moc prosím o preventivní kontrolu. Děkuji.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-03-2025
Ran by Milan (administrator) on DESKTOP-4G0UFJU (Micro-Star International Co., Ltd. MS-7D25) (20-03-2025 22:02:19)
Running from C:\Users\Milan\Desktop\FRST64.exe
Loaded Profiles: Milan & _ashbackuppb_
Platform: Microsoft Windows 11 Home Version 24H2 26100.3476 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE ->) (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files (x86)\Kerish PC Doctor\KerishDoctor.exe ->) (KERISH PRODUCTS LLP -> Kerish Products LLP) C:\ProgramData\Kerish Products\Kerish Doctor\Database\KerishHardMon.exe
(C:\Program Files (x86)\Sticky Password\stpass.exe ->) (Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spUIAManager.exe
(C:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\backupService-abpb.exe ->) (Ashampoo GmbH & Co. KG -> ) C:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\oxHelper.exe <2>
(C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_appbroker.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe
(C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
(C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(C:\Program Files\Mozilla Firefox\firefox.exe ->) (Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spNMHost.exe
(C:\Program Files\WindowsApps\DuckDuckGo.DesktopBrowser_0.104.4.0_x64__ya2fgkz3nks94\WindowsBrowser\DuckDuckGo.exe ->) (Duck Duck Go, Inc. -> Microsoft Corporation) C:\Program Files\WindowsApps\DuckDuckGo.DesktopBrowser_0.104.4.0_x64__ya2fgkz3nks94\WindowsBrowser\WebView2\msedgewebview2.exe <6>
(C:\Program Files\WindowsApps\MSTeams_25060.205.3499.6849_x64__8wekyb3d8bbwe\ms-teams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\134.0.3124.72\msedgewebview2.exe <6>
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(explorer.exe ->) (Appwork GmbH -> AppWork GmbH) C:\Users\Milan\AppData\Local\JDownloader 2.0\JDownloader2.exe
(explorer.exe ->) (Ashampoo GmbH & Co. KG -> ) C:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\backupClient-abpb.exe
(explorer.exe ->) (Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\stpass.exe
(explorer.exe ->) (Logitech Inc -> Logitech) C:\Program Files\Logi\LogiBolt\LogiBolt.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MSTeams_25060.205.3499.6849_x64__8wekyb3d8bbwe\ms-teams.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <19>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Ashampoo GmbH & Co. KG -> ) C:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\backupService-abpb.exe
(services.exe ->) (GuinpinSoft inc) [File not signed] C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.2.0_x64.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_8a3f88e34f6b8385\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_c93fab790f948e12\WMIRegistrationService.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncHelper.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\NisSrv.exe
(services.exe ->) (Michael Maltsev -> Ramen Software) C:\Program Files (x86)\Windhawk\windhawk.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_0afec3f2050014a0\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_434f4faf6aa034b3\RtkAudUService64.exe <2>
(sihost.exe ->) (935AB26D-5E35-464D-9BB5-C3326ED6FB1E -> Comfort Software Group) C:\Program Files\WindowsApps\ComfortSoftwareGroup.619107C5A9A29_5.3.0.0_x64__2tsmkga83t66w\FreeCountdownTimer.exe
(sihost.exe ->) (Duck Duck Go, Inc. -> DuckDuckGo) C:\Program Files\WindowsApps\DuckDuckGo.DesktopBrowser_0.104.4.0_x64__ya2fgkz3nks94\WindowsBrowser\DuckDuckGo.exe
(svchost.exe ->) (KERISH PRODUCTS LLP -> Kerish Products LLP) C:\Program Files (x86)\Kerish PC Doctor\KerishDoctor.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation) [File not signed] E:\WindowsApps\Microsoft.WidgetsPlatformRuntime_1.6.8.0_x64__8wekyb3d8bbwe\WidgetService\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_434f4faf6aa034b3\RtkAudUService64.exe [2389976 2024-12-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1690368 2022-07-22] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [LogiBolt] => C:\Program Files\Logi\LogiBolt\LogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech)
HKLM\...\Run: [Ashampoo Backup PB] => C:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\backupClient-abpb.exe [975712 2024-12-16] (Ashampoo GmbH & Co. KG -> )
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3951024 2019-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech, Inc.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (Canon Inc. -> CANON INC.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-1330223131-1420727312-3009786275-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [5007680 2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1330223131-1420727312-3009786275-1001\...\Run: [LogiBolt] => C:\Program Files\Logi\LogiBolt\LogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech)
HKU\S-1-5-21-1330223131-1420727312-3009786275-1001\...\Run: [StickyPassword] => C:\Program Files (x86)\Sticky Password\stpass.exe [72088 2024-11-05] (Lamantine Software a.s. -> Lamantine Software a.s.)
HKU\S-1-5-21-1330223131-1420727312-3009786275-1001\...\Run: [MG_EDO_P] => C:\Program Files (x86)\MSTECH\MG Easy Desktop Organizer Basic\mgedo.exe [11593216 2024-03-22] (MSTech Global) [File not signed]
HKU\S-1-5-21-1330223131-1420727312-3009786275-1001\...\Run: [Spotify] => C:\Users\Milan\AppData\Roaming\Spotify\Spotify.exe [36280648 2025-02-02] (Spotify AB -> Spotify Ltd)
HKLM\...\Windows x64\Print Processors\Canon MG7100 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBR.DLL [30208 2013-03-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG7100 series: C:\WINDOWS\system32\CNMLMBR.DLL [391168 2013-03-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [359936 2013-01-24] (CANON INC.) [File not signed]
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {DD2C9C85-D197-41D8-ACF3-D2120E55CF81} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2024-12-18] (Adobe Inc. -> Adobe Inc.)
Task: {B6A53D88-C857-49D1-9139-B1122123B522} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [2774080 2025-03-11] (Microsoft Windows -> Microsoft Corporation)
Task: {1CFA3EC5-2700-4AA4-A4BD-419ADCCC1468} - System32\Tasks\Kerish Doctor => C:\Program Files (x86)\Kerish PC Doctor\KerishDoctor.exe [4557104 2025-01-12] (KERISH PRODUCTS LLP -> Kerish Products LLP)
Task: {029AFF26-E3A8-48CA-9282-08B91FD6AA18} - System32\Tasks\mazání souborů starších 30 dnů => C:\Users\Milan\Desktop\soubory 30.bat [84 2024-11-28] () [File not signed] <==== ATTENTION
Task: {797A8E7A-10FE-46F6-A06A-778DA2268ABA} - System32\Tasks\Microsoft\Office\Office Apps Prewarm => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [314512 2025-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {E71EB059-A18C-488D-8ED5-0D361B746458} - System32\Tasks\Microsoft\Office\Office Apps Prewarm Recurring => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [314512 2025-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {EE648BB9-E2AB-4390-8B7C-C5FD034531A9} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28895464 2025-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {4C49C6AC-C246-4795-B8E2-BC6A22D18BB3} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\opushutil.exe [67256 2025-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {46F94318-FE4E-410A-8F04-FE2E13ACCC61} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28895464 2025-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {46B41238-3DBC-4072-98DE-0300E3DEB1C9} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [314512 2025-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {7C83769A-3FDA-4F95-B801-296E08B73029} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [314512 2025-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {D9036A44-69B1-47D4-B2BE-6494DE118B97} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [197256 2025-03-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {0BF745B9-75CE-44C0-80D4-104B6D7DFF6D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpCmdRun.exe [1732816 2025-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {045B6427-6FB4-4AED-A927-C64F012FE7CF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpCmdRun.exe [1732816 2025-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F77C9EFD-6772-4C4F-AA09-5C25515841FD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpCmdRun.exe [1732816 2025-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5779A3BE-9F0C-4139-AF36-68E7310D7908} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpCmdRun.exe [1732816 2025-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EEC1DE73-E5CC-4592-834B-9C4B23EC4F86} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-1330223131-1420727312-3009786275-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [682560 2025-03-19] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {294F20F7-C439-4DD4-83FA-ED441D36BF55} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34880 2025-03-19] (Mozilla Corporation -> Mozilla Foundation)
Task: {A5A18E3E-63CD-45D1-A610-C808D121F39B} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222800 2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {15259F53-4FAA-48C2-BAE5-B72300493EA9} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1330223131-1420727312-3009786275-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222800 2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {53320AF8-58B9-4156-A14A-927CFC7BB6F8} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1330223131-1420727312-3009786275-1002 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222800 2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {C9C41BDD-7BA4-445F-8D49-A7B1D0B072DD} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1330223131-1420727312-3009786275-1003 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222800 2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {D18ACFA1-96F6-4A8F-9FA4-2241920F6315} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1330223131-1420727312-3009786275-1004 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222800 2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {931AB9D3-2C83-4088-95CD-7387C9F0FFE9} - System32\Tasks\OneDrive Startup Task-S-1-5-21-1330223131-1420727312-3009786275-1001 => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\OneDriveLauncher.exe [669528 2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {7FBC6AB6-67BD-4897-9915-8D387AF27C5F} - System32\Tasks\OneDrive Startup Task-S-1-5-21-1330223131-1420727312-3009786275-1004 => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\OneDriveLauncher.exe [669528 2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {85C99713-23D9-4FC2-AB88-9BA3717CA1D1} - System32\Tasks\Opera scheduled Autoupdate 1711231502 => C:\Users\Milan\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [5645720 2025-02-28] (Opera Norway AS -> Opera Software)
Task: {5AAD39C0-559A-4962-A881-43A2DEBDAA7A} - System32\Tasks\Spuštění => C:\Program Files\Collectorz.com\Music Collector\MusicCollector.exe [87480440 2023-08-31] (Collectorz.com B.V. -> Collectorz.com)
Task: {7C62FF67-4EF5-49D1-BBC4-044CB9AB8C75} - System32\Tasks\Uninstaller_SkipUac_Milan => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [9914736 2024-05-07] (IObit CO., LTD -> IObit) -> C:\Program Files (x86)\IObit\IObit Uninstaller\\/UninstallExplorer
Task: {42ACA3F2-2882-447F-99CC-42D1D1655F8E} - System32\Tasks\WindhawkRunUITask => C:\Program Files (x86)\Windhawk\windhawk.exe [781688 2024-08-03] (Michael Maltsev -> Ramen Software)
Task: {8E5C5773-7151-415F-BDEF-3ED10E77F161} - System32\Tasks\WindhawkUpdateTask => C:\Program Files (x86)\Windhawk\windhawk.exe [781688 2024-08-03] (Michael Maltsev -> Ramen Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 81.200.55.222 81.200.55.223
Tcpip\..\Interfaces\{e2a08bb4-c274-43c6-94a9-9f0ec9019c31}: [DhcpNameServer] 81.200.55.222 81.200.55.223
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Milan\AppData\Local\Microsoft\Edge\User Data\Default [2025-03-13]
Edge Extension: (Dokumenty Google offline) - C:\Users\Milan\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-02-26]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Edge relevant text changes) - C:\Users\Milan\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-13]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
FireFox:
========
FF DefaultProfile: wzvvobbe.default
FF ProfilePath: C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\v4g1ojmf.Nepojmenovaný-1715281350361 [2025-03-20]
FF Extension: (PocketTube: Youtube Subscription Manager) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\v4g1ojmf.Nepojmenovaný-1715281350361\Extensions\danabok16@gmail.com.xpi [2025-03-11]
FF Extension: (Imageye - Image downloader) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\v4g1ojmf.Nepojmenovaný-1715281350361\Extensions\imageye@marenauta.com.xpi [2024-05-09]
FF Extension: (MyJDownloader Browser Extension) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\v4g1ojmf.Nepojmenovaný-1715281350361\Extensions\jid1-OY8Xu5BsKZQa6A@jetpack.xpi [2025-03-07] [UpdateUrl:hxxps://my.jdownloader.org/extensions/firefox.json]
FF Extension: (visitedlinkenabler) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\v4g1ojmf.Nepojmenovaný-1715281350361\Extensions\jid1-yDnsmkBoiRtgNA@jetpack.xpi [2024-05-09]
FF Extension: (PocketTube: Youtube PlayList Manager) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\v4g1ojmf.Nepojmenovaný-1715281350361\Extensions\playlist@yousub.info.xpi [2025-03-18]
FF Extension: (S3.Translator) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\v4g1ojmf.Nepojmenovaný-1715281350361\Extensions\s3@translator.xpi [2025-03-04]
FF Extension: (Session Sync) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\v4g1ojmf.Nepojmenovaný-1715281350361\Extensions\session-sync@gabrielivanica.com.xpi [2024-05-09]
FF Extension: (uBlock Origin) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\v4g1ojmf.Nepojmenovaný-1715281350361\Extensions\uBlock0@raymondhill.net.xpi [2025-03-20]
FF Extension: (Youtube Watchmarker) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\v4g1ojmf.Nepojmenovaný-1715281350361\Extensions\yourect@coderect.com.xpi [2025-02-06]
FF Extension: (No Name) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\v4g1ojmf.Nepojmenovaný-1715281350361\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2025-03-18]
FF Extension: (Sticky Password - správce hesel) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\v4g1ojmf.Nepojmenovaný-1715281350361\Extensions\{ecb80162-dfbd-4d91-a8da-17b35ba4707a}.xpi [2025-03-19]
FF ProfilePath: C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\wzvvobbe.default [2024-05-06]
FF ProfilePath: C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\rpd2vbfa.default-release-1711223784799 [2024-06-04]
FF Extension: (PocketTube: Youtube Subscription Manager) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\rpd2vbfa.default-release-1711223784799\Extensions\danabok16@gmail.com.xpi [2024-04-25]
FF Extension: (Imageye - Image downloader) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\rpd2vbfa.default-release-1711223784799\Extensions\imageye@marenauta.com.xpi [2024-03-24]
FF Extension: (visitedlinkenabler) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\rpd2vbfa.default-release-1711223784799\Extensions\jid1-yDnsmkBoiRtgNA@jetpack.xpi [2024-04-25]
FF Extension: (PocketTube: Youtube PlayList Manager) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\rpd2vbfa.default-release-1711223784799\Extensions\playlist@yousub.info.xpi [2024-05-05]
FF Extension: (S3.Translator) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\rpd2vbfa.default-release-1711223784799\Extensions\s3@translator.xpi [2024-03-24]
FF Extension: (Session Sync) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\rpd2vbfa.default-release-1711223784799\Extensions\session-sync@gabrielivanica.com.xpi [2024-03-23]
FF Extension: (uBlock Origin) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\rpd2vbfa.default-release-1711223784799\Extensions\uBlock0@raymondhill.net.xpi [2024-04-11]
FF Extension: (Youtube Watchmarker) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\rpd2vbfa.default-release-1711223784799\Extensions\yourect@coderect.com.xpi [2024-03-24]
FF Extension: (The floret blooms fully.01) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\rpd2vbfa.default-release-1711223784799\Extensions\{9560f976-3f23-46d9-b1d5-4ac6e384fdca}.xpi [2024-03-24]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-12-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-03-06] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2019-07-02] (CANON INC.) [File not signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-12-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.20 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.21 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
Opera:
=======
OPR DefaultProfile: Default
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2024-12-18] (Adobe Inc. -> Adobe Inc.)
R2 ashbackuppb; c:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\backupService-abpb.exe [40288 2024-12-16] (Ashampoo GmbH & Co. KG -> )
R2 CdRomArbiterService; C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.2.0_x64.exe [9728 2024-04-14] (GuinpinSoft inc) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13768912 2025-03-10] (Microsoft Corporation -> Microsoft Corporation)
R3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncHelper.exe [3533648 2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [167432 2024-04-26] (IObit CO., LTD -> IObit)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpDefenderCoreService.exe [1926976 2025-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_0afec3f2050014a0\Display.NvContainer\NVDisplay.Container.exe [1275000 2024-09-15] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\25.031.0217.0003\OneDriveUpdaterService.exe [3880256 2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
R2 OptionsPlusUpdaterService; C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe [22217608 2025-03-04] (Logitech Inc -> Logitech, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\NisSrv.exe [4352456 2025-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MsMpEng.exe [270056 2025-03-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Windhawk; C:\Program Files (x86)\Windhawk\windhawk.exe [781688 2024-08-03] (Michael Maltsev -> Ramen Software)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 cpuz158; C:\WINDOWS\temp\cpuz158\cpuz158_x64.sys [44592 2025-03-20] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
S3 e2f68; C:\WINDOWS\System32\drivers\e2f68.sys [526184 2021-01-19] (INTELEPGSW2022 -> Intel Corporation)
R3 e2fexpress; C:\WINDOWS\System32\DriverStore\FileRepository\e2f.inf_amd64_d0d0d2073f0fc12f\e2f.sys [536160 2024-05-12] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_GPIO2_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_6f8ae740d22247ce\iaLPSS2_GPIO2_ADL.sys [141288 2024-11-15] (Intel Corporation -> Intel Corporation)
R3 IntelGNA; C:\WINDOWS\System32\DriverStore\FileRepository\gna.inf_amd64_8e2f374849f1eba9\gna.sys [90208 2024-11-15] (Intel Corporation -> Intel Corporation)
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [28240 2024-04-26] (Microsoft Windows Hardware Compatibility Publisher -> IObit)
R3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [37112 2024-04-26] (IObit Information Technology -> IObit)
R3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [36432 2024-04-26] (Microsoft Windows Hardware Compatibility Publisher -> IObit)
R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [278944 2025-03-05] (Microsoft Windows -> Microsoft Corporation)
S3 SIVDriver; C:\Windows\system32\Drivers\SIVX64.sys [208456 2024-08-28] (Microsoft Windows Hardware Compatibility Publisher -> Ray Hinchliffe)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20016 2025-03-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [601520 2025-03-05] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100768 2025-03-05] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-03-20 22:02 - 2025-03-20 22:02 - 000029572 _____ C:\Users\Milan\Desktop\FRST.txt
2025-03-20 22:01 - 2025-03-20 22:01 - 002404352 _____ (Farbar) C:\Users\Milan\Desktop\FRST64.exe
2025-03-20 21:03 - 2025-03-20 21:03 - 000677108 _____ C:\WINDOWS\system32\perfh005.dat
2025-03-20 21:03 - 2025-03-20 21:03 - 000144960 _____ C:\WINDOWS\system32\perfc005.dat
2025-03-20 17:31 - 2025-03-20 21:05 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2025-03-20 14:15 - 2025-03-20 14:15 - 000000000 ____D C:\Users\Milan\Desktop\ThReaQuee33
2025-03-20 14:14 - 2025-03-20 14:14 - 000000000 ____D C:\Users\Milan\Desktop\asicr161
2025-03-20 13:36 - 2025-03-20 14:28 - 000000000 ____D C:\Users\Milan\Desktop\Double Face Sitting
2025-03-19 23:04 - 2025-03-19 23:04 - 008523403 _____ C:\Users\Milan\Downloads\1790_20250319195502740100_prilohaMD12073_2025940_4.pdf
2025-03-19 15:04 - 2025-03-20 21:06 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-03-18 21:07 - 2025-03-18 21:07 - 001997267 _____ C:\Users\Milan\Downloads\document.pdf
2025-03-15 20:54 - 2025-03-15 20:54 - 000000000 ____D C:\Users\Milan\AppData\Local\Deployment
2025-03-15 15:31 - 2025-03-15 15:31 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2025-03-15 15:31 - 2025-03-15 15:31 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-03-14 19:51 - 2025-03-14 19:51 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2025-03-13 13:42 - 2025-03-13 13:42 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2025-03-13 13:42 - 2025-03-13 13:42 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2025-03-12 23:25 - 2025-03-12 23:25 - 000000000 ____D C:\WINDOWS\Windows.SystemToast.PresenceSensing.OnlookerDetection
2025-03-12 20:28 - 2025-03-12 20:28 - 009538802 _____ C:\Users\Milan\Downloads\1790_20250312194202320100_prilohaMD13145_2025940_4.pdf
2025-03-12 18:18 - 2025-03-12 18:18 - 001455272 _____ C:\Users\Milan\Downloads\DIO_ulice_Dlouha_142.pdf
2025-03-12 09:06 - 2025-03-20 15:11 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-03-11 21:50 - 2025-03-11 21:50 - 000070484 _____ C:\WINDOWS\SysWOW64\ctac.json
2025-03-11 21:50 - 2025-03-11 21:50 - 000070484 _____ C:\WINDOWS\system32\ctac.json
2025-03-11 18:34 - 2025-03-11 18:34 - 000776506 _____ C:\Users\Milan\Documents\IMG_20250311_0002.pdf
2025-03-11 18:31 - 2025-03-11 18:31 - 000776471 _____ C:\Users\Milan\Documents\IMG_20250311_0001.pdf
2025-03-09 20:24 - 2025-03-09 20:26 - 001358084 _____ C:\Users\Milan\Documents\IMG_20250309_0001.pdf
2025-03-05 18:23 - 2025-03-05 18:23 - 000004266 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1711231502
2025-03-05 18:23 - 2025-03-05 18:23 - 000001390 _____ C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2025-03-05 09:05 - 2025-03-05 09:06 - 000000000 ____D C:\Program Files\LogiOptionsPlus
2025-03-04 20:24 - 2025-03-04 20:24 - 000082902 _____ C:\Users\Milan\Desktop\Solen_med-200502-0009.pdf
2025-03-04 20:13 - 2025-03-04 20:13 - 000171867 _____ C:\Users\Milan\Desktop\Solen_med-201212-0006.pdf
2025-03-04 09:08 - 2025-03-12 17:28 - 000000000 ____D C:\WINDOWS\Minidump
2025-03-04 09:06 - 2025-03-20 21:05 - 000012288 ___SH C:\DumpStack.log.tmp
2025-03-03 17:36 - 2025-03-03 17:36 - 007149693 _____ C:\Users\Milan\Downloads\DIO_Tr._Osvobozeni.pdf
2025-03-03 17:36 - 2025-03-03 17:36 - 000235185 _____ C:\Users\Milan\Downloads\Opatreni_obecne_povahy.pdf
2025-02-28 23:11 - 2025-02-28 23:11 - 000000000 ____D C:\Users\Milan\Documents\Ashampoo Burning Studio 2024
2025-02-26 22:05 - 2025-02-26 22:05 - 000748326 _____ C:\Users\Milan\Downloads\MUP_obec_Solenice_MK.pdf
2025-02-24 11:21 - 2025-02-24 12:49 - 000000000 ____D C:\totalcmd
2025-02-23 20:19 - 2025-03-14 13:06 - 000000000 ____D C:\ProgramData\TEMP
2025-02-23 20:18 - 2025-03-14 13:06 - 000000000 ____D C:\Users\Milan\AppData\Roaming\VideoReDo-TVSuite6
2025-02-23 20:18 - 2025-02-23 20:20 - 000000000 ____D C:\Program Files (x86)\VideoReDoTVSuite6
2025-02-23 20:18 - 2025-02-23 20:19 - 000000000 ____D C:\Users\Milan\Documents\VideoReDo
2025-02-23 20:18 - 2025-02-23 20:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoReDo
2025-02-19 18:26 - 2025-03-20 20:25 - 000001067 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2025-02-19 18:26 - 2025-02-19 18:26 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Thunderbird
2025-02-19 18:26 - 2025-02-19 18:26 - 000000000 ____D C:\Users\Milan\AppData\Local\Thunderbird
2025-02-18 20:05 - 2025-02-18 20:05 - 000297542 _____ C:\Users\Milan\Downloads\DIO_Picin_silnice_III_11418_30km_hod_1.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-03-20 22:02 - 2024-05-11 12:38 - 000000000 ____D C:\FRST
2025-03-20 21:53 - 2025-02-02 16:12 - 000000000 ____D C:\Users\Milan\AppData\Local\Spotify
2025-03-20 21:50 - 2024-02-26 18:27 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-03-20 21:48 - 2024-06-11 17:48 - 000000000 ____D C:\Users\Milan\AppData\Roaming\foobar2000-v2
2025-03-20 21:47 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-03-20 21:24 - 2024-04-01 08:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-03-20 21:24 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-03-20 21:23 - 2025-01-29 21:13 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-03-20 21:23 - 2023-02-09 18:20 - 000000000 ____D C:\Users\Milan\AppData\Local\D3DSCache
2025-03-20 21:19 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-03-20 21:10 - 2024-06-04 17:06 - 000000000 ____D C:\ProgramData\ProductData3
2025-03-20 21:06 - 2025-02-02 16:11 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Spotify
2025-03-20 21:06 - 2025-01-29 21:17 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2025-03-20 21:06 - 2024-06-16 19:14 - 000000000 ___HD C:\OneDriveTemp
2025-03-20 21:06 - 2024-05-09 20:02 - 000001079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-03-20 21:06 - 2024-05-09 20:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-03-20 21:06 - 2024-04-28 17:16 - 000000000 ___RD C:\Users\Milan\Documents\My EDO Desktop
2025-03-20 21:06 - 2024-04-26 17:23 - 000000000 ____D C:\Users\Milan\AppData\Local\JDownloader 2.0
2025-03-20 21:06 - 2024-04-11 19:48 - 000000000 ____D C:\Users\Milan\Documents\Music Collector
2025-03-20 21:06 - 2023-02-18 10:15 - 000000000 ____D C:\Users\Milan\AppData\Local\LogiOptionsPlus
2025-03-20 21:05 - 2025-01-29 21:17 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-03-20 21:05 - 2025-01-29 21:15 - 000001022 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-03-20 21:05 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ServiceState
2025-03-20 21:05 - 2024-03-17 20:47 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2025-03-20 21:05 - 2024-02-24 17:45 - 000000000 ____D C:\Users\Milan\Documents\Sticky Passwords
2025-03-20 21:05 - 2023-03-07 17:24 - 000000000 ____D C:\Users\Milan\AppData\Local\LogiBolt
2025-03-20 21:05 - 2023-02-11 14:29 - 000000000 ____D C:\ProgramData\NVIDIA
2025-03-20 21:05 - 2023-02-09 18:21 - 000000000 ___RD C:\Users\Milan\OneDrive
2025-03-20 21:03 - 2025-01-29 21:17 - 001603798 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-03-20 21:03 - 2024-04-01 08:24 - 000000000 ____D C:\WINDOWS\INF
2025-03-20 21:02 - 2024-03-24 20:26 - 000000000 ____D C:\Users\Milan\AppData\Local\Ashampoo Backup PB
2025-03-20 21:01 - 2024-03-25 18:20 - 005661051 _____ C:\Users\Milan\Documents\youtube.xlsx
2025-03-20 21:01 - 2024-03-05 19:58 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Microsoft\Excel
2025-03-20 20:31 - 2024-06-04 17:21 - 000000000 ____D C:\Users\Milan\AppData\Roaming\XnViewMP
2025-03-20 14:00 - 2024-03-24 23:39 - 000000000 ____D C:\Users\Milan\Documents\WM & PT
2025-03-16 20:42 - 2025-02-09 11:49 - 000000000 ____D C:\Users\Milan\AppData\Roaming\LosslessCut
2025-03-16 19:10 - 2023-02-09 18:15 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-03-15 15:31 - 2025-02-06 20:40 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1330223131-1420727312-3009786275-1004
2025-03-15 15:31 - 2025-02-06 20:40 - 000003552 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-1330223131-1420727312-3009786275-1004
2025-03-15 15:31 - 2025-02-06 20:40 - 000003552 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-1330223131-1420727312-3009786275-1001
2025-03-15 15:31 - 2025-01-29 21:17 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1330223131-1420727312-3009786275-1001
2025-03-14 19:51 - 2024-06-16 16:27 - 000000000 ____D C:\Program Files\Microsoft Office
2025-03-14 13:11 - 2025-01-29 21:14 - 000000000 ____D C:\Users\Milan
2025-03-14 13:11 - 2025-01-29 21:14 - 000000000 ____D C:\Users\_ashbackuppb_
2025-03-14 13:10 - 2025-01-29 21:12 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2025-03-13 22:53 - 2023-02-09 18:20 - 000000000 ____D C:\Users\Milan\AppData\Local\Packages
2025-03-13 22:52 - 2024-03-24 11:35 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Microsoft\Word
2025-03-13 09:04 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\USOPrivate
2025-03-12 23:26 - 2025-01-29 21:13 - 000842944 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-03-12 23:26 - 2024-04-01 08:21 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2025-03-12 23:25 - 2025-01-29 21:09 - 000000000 ____D C:\WINDOWS\InboxApps
2025-03-12 23:25 - 2024-04-01 17:30 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2025-03-12 23:25 - 2024-04-01 17:30 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\system32\UNP
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\system32\F12
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ___RD C:\Program Files\Windows Defender
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\UUS
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\Provisioning
2025-03-12 23:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-03-12 23:25 - 2024-04-01 08:21 - 000000000 ____D C:\WINDOWS\servicing
2025-03-11 21:50 - 2025-01-29 21:17 - 003346432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-03-11 18:34 - 2024-12-07 12:36 - 000000000 ___HD C:\ProgramData\CanonIJMIG
2025-03-09 00:10 - 2024-05-15 02:46 - 000000000 ____D C:\Users\Milan\AppData\Local\CrashDumps
2025-03-08 09:04 - 2025-01-29 21:17 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-03-08 09:04 - 2025-01-29 21:17 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-03-05 21:26 - 2023-02-09 18:14 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2025-03-05 09:06 - 2023-03-07 17:24 - 000000000 ____D C:\Program Files\Logi
2025-03-05 09:05 - 2023-02-18 10:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2025-03-01 09:46 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\NDF
2025-02-28 23:09 - 2024-03-24 20:26 - 000000000 ____D C:\Users\Milan\AppData\Local\Ashampoo
2025-02-28 12:33 - 2024-03-30 21:49 - 000000000 ____D C:\Users\Milan\AppData\Roaming\vlc
2025-02-25 22:17 - 2025-02-09 11:48 - 000000000 ____D C:\Users\Milan\Desktop\Losslesscut
2025-02-25 22:07 - 2024-02-26 15:48 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Microsoft\HTML Help
2025-02-25 18:46 - 2024-03-24 17:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView MP
2025-02-25 18:46 - 2024-03-24 17:37 - 000000000 ____D C:\Program Files\XnViewMP
==================== Files in the root of some directories ========
2025-01-14 00:05 - 2025-01-14 00:05 - 000000218 _____ () C:\Users\Milan\AppData\Local\recently-used.xbel
2024-07-05 22:06 - 2024-07-05 22:06 - 000007602 _____ () C:\Users\Milan\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-03-2025
Ran by Milan (20-03-2025 22:03:34)
Running from C:\Users\Milan\Desktop
Microsoft Windows 11 Home Version 24H2 26100.3476 (X64) (2025-01-29 20:17:18)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1330223131-1420727312-3009786275-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1330223131-1420727312-3009786275-503 - Limited - Disabled)
Guest (S-1-5-21-1330223131-1420727312-3009786275-501 - Limited - Disabled)
Milan (S-1-5-21-1330223131-1420727312-3009786275-1001 - Administrator - Enabled) => C:\Users\Milan
WDAGUtilityAccount (S-1-5-21-1330223131-1420727312-3009786275-504 - Limited - Disabled)
_ashbackuppb_ (S-1-5-21-1330223131-1420727312-3009786275-1004 - Administrator - Enabled) => C:\Users\_ashbackuppb_
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 25.001.20432 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601108}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Advanced Renamer (HKLM\...\Advanced Renamer_is1) (Version: 3.95 - Hulubulu Software)
Ashampoo Backup Pro 25 (HKLM\...\{91B33C97-4DF6-313E-7BC4-BB89CF1606D7}_is1) (Version: 25.06 - Ashampoo GmbH & Co. KG)
Ashampoo Burning Studio 2024 (HKLM-x32\...\{91B33C97-3112-6AB3-3983-6816FE1F1516}_is1) (Version: 1.25.0 - Ashampoo GmbH & Co. KG)
Attribute Changer 11.30c (HKLM\...\{27263813-8BDE-4CD2-84D3-02536743428A}_is1) (Version: 11.30c - Romain Petges)
Audials Music SE 2025 (HKLM\...\{3FCE3BDD-BADA-4B75-8D0C-C59E4AE04206}) (Version: 25.0.64.0 - Audials AG)
Audials Radio SE 2025 (HKLM\...\{67D2EDE6-6FC5-4C28-BEC9-231ECD65F761}) (Version: 25.0.64.0 - Audials AG)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG7100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG7100_series) (Version: 1.01 - Canon Inc.)
Canon MG7100 series On-screen Manual (HKLM-x32\...\Canon MG7100 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.4 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
CrystalDiskInfo 9.5.0 (HKLM\...\CrystalDiskInfo_is1) (Version: 9.5.0 - Crystal Dew World)
Deluge 2.1.1 (HKLM-x32\...\Deluge) (Version: - )
DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version: - )
EaseFab LosslessCopy (HKLM-x32\...\EaseFabLosslessCopy) (Version: 5.8.5 - EaseFab)
EaseFab Video Converter (HKLM-x32\...\EaseVideoConverter) (Version: 5.8.5 - EaseFab)
foobar2000 v2.1.5 (x64) (HKLM\...\foobar2000 (x64)) (Version: 2.1.5 - Peter Pawlowski)
HandBrake 1.7.3 (HKLM-x32\...\HandBrake) (Version: 1.7.3 - )
Icaros (HKLM\...\Icaros_is1) (Version: 3.3.2.0 - Tabibito Technology)
IObit Uninstaller 13 (HKLM-x32\...\IObitUninstall) (Version: 13.5.0.1 - IObit)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0.1 - AppWork GmbH)
Kerish PC Doctor (HKLM-x32\...\{EF70A54F-E09E-4570-8F21-C7674CDDB5B6}_is1) (Version: 4.95 - Kerish Products LLP)
LockHunter 3.4, 32/64 bit (HKLM\...\LockHunter_is1) (Version: 3.4.3.146 - Crystal Rich Ltd)
Logi Bolt (HKLM\...\LogiBolt) (Version: 1.2.6024.0 - Logi)
Logi Options+ (HKLM\...\{850cdc16-85df-4052-b06e-4e3e9e83c5c6}) (Version: 1.87.684086 - Logitech)
Logi Plugin Service (HKLM\...\{712A3B82-AEFE-406E-B0F3-38AFFCE2ACE9}) (Version: 6.0.5.21571 - Logitech)
Logitech Options (HKLM\...\LogiOptions) (Version: 9.70.68 - Logitech)
Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
MAGIX Cloud Import (HKLM\...\{84D3CED2-2EDB-46D9-984D-F654750FBC15}) (Version: 0.1.0.5 - MAGIX Software GmbH) Hidden
MAGIX Cloud Import (HKLM\...\MX.{84D3CED2-2EDB-46D9-984D-F654750FBC15}) (Version: 0.1.0.5 - MAGIX Software GmbH)
MAGIX Movie Studio (Migrate Content) (HKLM\...\{44A9D239-E67A-4334-8580-EF70B1A03C1E}) (Version: 22.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Movie Studio (Templates and effects) (HKLM-x32\...\MAGIX_GlobalContent.Video_deluxe) (Version: 1.0.0.0 - MAGIX Software GmbH)
Mahjong Carnival (HKLM-x32\...\Mahjong Carnival_is1) (Version: - ToomkyGames.com)
MakeMKV v1.17.6 (HKLM-x32\...\MakeMKV) (Version: v1.17.6 - GuinpinSoft inc)
Medieval CUE Splitter (HKLM-x32\...\{B96D2269-568B-4CBF-9332-12FAE8B158F7}) (Version: 1.2.0 - Medieval Software)
MG Easy Desktop Organizer Basic (HKLM-x32\...\{5E38A89C-35BF-44D9-AED4-19FEBDDEDE30}) (Version: 5.8.5.3190 - MSTECH GLOBAL)
Microsoft .NET Host - 6.0.36 (x64) (HKLM\...\{D6932D97-36F1-40B8-9CDC-CA8365B21000}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.16 (x64) (HKLM\...\{B8537ACA-B210-4DF5-B928-E41CEB76723D}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.36 (x64) (HKLM\...\{A9E32B25-994B-4856-A12B-0EBED3050410}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.16 (x64) (HKLM\...\{C71E93D2-B8B4-4858-B2A1-4C967DBC1C5F}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.36 (x64) (HKLM\...\{C912E33F-956A-4921-9F55-CC11AE8F09AF}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.18526.20168 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 134.0.3124.72 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 134.0.3124.72 - Microsoft Corporation) Hidden
Microsoft Office 2016 pro profesionály - cs-cz (HKLM\...\ProfessionalRetail - cs-cz) (Version: 16.0.18526.20168 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 25.031.0217.0003 - Microsoft Corporation)
Microsoft Support and Recovery Assistant (HKU\S-1-5-21-1330223131-1420727312-3009786275-1001\...\eb27b72449f9557b) (Version: 17.1.1814.0 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.24.14501 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.42.34433 (HKLM-x32\...\{804e7d66-ccc2-4c12-84ba-476da31d103d}) (Version: 14.42.34433.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.42.34433 (HKLM-x32\...\{e7802eac-3305-4da0-9378-e55d1ed05518}) (Version: 14.42.34433.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.42.34433 (HKLM\...\{E1902FC6-C423-4719-AB8A-AC7B2694B367}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.42.34433 (HKLM\...\{382F1166-A409-4C5B-9B1E-85ED538B8291}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.42.34433 (HKLM-x32\...\{84E3E712-6343-484B-8B6C-9F145F019A70}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.42.34433 (HKLM-x32\...\{C2BB95AA-90F3-4891-81C1-A7E565BB836C}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.16 (x64) (HKLM\...\{805626FF-2BC9-4567-A71E-A76A470D000A}) (Version: 48.67.58484 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.16 (x64) (HKLM-x32\...\{8d173101-98c1-4e92-97c6-47c6840745a7}) (Version: 6.0.16.32327 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.36 (x64) (HKLM\...\{61D4736B-3325-4D4A-BD41-8BD206C6A86E}) (Version: 48.144.23186 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.36 (x64) (HKLM-x32\...\{0532b8f2-12d7-43de-95fc-7b87006758a8}) (Version: 6.0.36.34217 - Microsoft Corporation)
MKVToolNix 83.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 83.0.0 - Moritz Bunkus)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 136.0.2 (x64 cs)) (Version: 136.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 128.7.1 - Mozilla)
Mozilla Thunderbird (x64 cs) (HKLM\...\Mozilla Thunderbird 128.8.1 (x64 cs)) (Version: 128.8.1 - Mozilla)
Mp3tag v3.25 (HKLM\...\Mp3tag) (Version: 3.25 - Florian Heidenreich)
Mp3tag v3.28 (HKLM-x32\...\Mp3tag) (Version: 3.28 - Florian Heidenreich)
Music Collector (HKLM\...\{8CDFF5D2-89BF-4391-9D20-7D95C88DC98C}_is1) (Version: - Collectorz.com)
NVIDIA Ovladače grafiky 560.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 560.94 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.18526.20168 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.18526.20168 - Microsoft Corporation) Hidden
Opera Stable 117.0.5408.53 (HKU\S-1-5-21-1330223131-1420727312-3009786275-1001\...\Opera 117.0.5408.53) (Version: 117.0.5408.53 - Opera Software)
Registrace uživatele zařízení Canon MG7100 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG7100 series) (Version: - Canon Inc.)
SDÍLEJ.CZ Manager (HKU\S-1-5-21-1330223131-1420727312-3009786275-1001\...\69f070f18ade444c) (Version: 0.0.1.42 - SDÍLEJ.CZ)
Spotify (HKU\S-1-5-21-1330223131-1420727312-3009786275-1001\...\Spotify) (Version: 1.2.56.502.ga68d2d4f - Spotify AB)
Sticky Password (HKLM-x32\...\Sticky Password_is1) (Version: 8.8.6.1987 - Lamantine Software)
tinyMediaManager 5.0.13 (HKU\S-1-5-21-1330223131-1420727312-3009786275-1001\...\{DA6AE47C-B91D-4C9D-A582-9B8DD433256C}_is1) (Version: 5.0.13 - Manuel Laggner)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 11.51 - Ghisler Software GmbH)
VideoReDo TVSuite Version 6.63.7.836 (HKLM-x32\...\VideoReDo6_is1) (Version: - DRD Systems, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.21 - VideoLAN)
Windhawk v1.5.1 (HKLM-x32\...\Windhawk) (Version: 1.5.1 - Ramen Software)
WinRAR 7.10 beta 2 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.10.2 - win.rar GmbH)
XnView MP (x64) (HKLM\...\XnView MP (x64)_is1) (Version: 1.8.6.0 - Pierre-e Gougelet)
Packages:
=========
DuckDuckGo -> C:\Program Files\WindowsApps\DuckDuckGo.DesktopBrowser_0.104.4.0_x64__ya2fgkz3nks94 [2025-03-19] (DuckDuckGo) [Startup Task]
Free Countdown Timer -> C:\Program Files\WindowsApps\ComfortSoftwareGroup.619107C5A9A29_5.3.0.0_x64__2tsmkga83t66w [2025-02-11] (Comfort Software Group) [Startup Task]
Free Duplicate Finder - Videos and Photos -> C:\Program Files\WindowsApps\37309CoolLeGetInc.FreeDuplicateFinder-VideosandPho_2.0.9.0_x64__g0y9d13zmhd68 [2024-12-27] (CoolLeGet Inc)
Microsoft Clipchamp -> C:\Program Files\WindowsApps\Clipchamp.Clipchamp_4.0.10820.0_x64__yxz26nhyzhsrt [2025-03-07] (Microsoft Corp.)
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2503.14002.0_x64__8wekyb3d8bbwe [2025-03-20] (Microsoft Corporation) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2024-11-13] (Microsoft Corp.)
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_4.6.12100.0_x64__8wekyb3d8bbwe [2025-01-23] (Microsoft Studios)
Microsoft.StartExperiencesApp -> C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.282.0_x64__8wekyb3d8bbwe [2025-03-12] (Microsoft Corporation)
Mp3tag -> C:\Program Files (x86)\Mp3tag [2024-12-27] (Florian Heidenreich)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.967.0_x64__56jybvy8sckqj [2025-01-29] (NVIDIA Corp.)
OfficePushNotificationsUtility -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE16 [2025-03-15] ()
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.52.354.0_x64__dt26b99r8h8gj [2025-01-31] (Realtek Semiconductor Corp)
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.373.1736.0_x64__8wekyb3d8bbwe [2025-01-23] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_6000.424.1611.0_x64__8wekyb3d8bbwe [2025-03-19] (Microsoft Corp.)
WinRAR -> C:\Program Files\WinRAR [2024-12-07] (win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1330223131-1420727312-3009786275-1001_Classes\CLSID\{04271989-C4D2-6060-A52B-D5AEB5C3D2F1} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-1330223131-1420727312-3009786275-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-1330223131-1420727312-3009786275-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Milan\AppData\Local\Microsoft\TeamsMeetingAdd-in\1.24.14501\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1330223131-1420727312-3009786275-1001_Classes\CLSID\{1a46400f-4c81-802a-c2c1-1e9a687a9340}\localserver32 -> C:\Program Files\HandBrake\HandBrake.exe (HandBrake Team) [File not signed]
CustomCLSID: HKU\S-1-5-21-1330223131-1420727312-3009786275-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-1330223131-1420727312-3009786275-1001_Classes\CLSID\{86ca1aa0-34aa-4e8b-a509-50c905bae2a2}\InprocServer32 -> => No File
CustomCLSID: HKU\S-1-5-21-1330223131-1420727312-3009786275-1001_Classes\CLSID\{E7D85F24-A5C2-4940-978E-9EB4AD1E8587}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll (Mozilla Corporation -> Mozilla Foundation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1-x32: [ARenGUID_ContextMenuEntry] -> {E30FF514-33BF-4C2F-A3BD-83C26DC7325C} => C:\Program Files\Advanced Renamer\arencm.dll [2014-04-04] (Kim Jensen) [File not signed]
ContextMenuHandlers1: [ARenGUID_ContextMenuEntry64] -> {85EF5100-D10C-11E1-82EF-B60A140DCD93} => C:\Program Files\Advanced Renamer\arencm64.dll [2014-11-29] (Kim Jensen) [File not signed]
ContextMenuHandlers1: [EdoShellEx] -> {106eb2af-e41c-3d77-8b72-618781a1a8e4} => C:\Program Files (x86)\MSTECH\MG Easy Desktop Organizer Basic\mgshellex.DLL [2024-03-22] (MSTech Global) [File not signed] [File is in use]
ContextMenuHandlers1: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2024-04-26] (IObit CO., LTD -> IObit)
ContextMenuHandlers1: [IXnView] -> {A5D35F9F-6A11-4EAA-B70B-7BB6FE32663A} => C:\Program Files\XnViewMP\XnViewShellExt64.dll [2024-11-25] (Pierre GOUGELET -> )
ContextMenuHandlers1: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2021-06-24] (Crystal Rich Ltd -> Crystal Rich Ltd)
ContextMenuHandlers2: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2021-06-24] (Crystal Rich Ltd -> Crystal Rich Ltd)
ContextMenuHandlers3: [ACShell] -> {D3F9A525-8824-497A-BE36-B23E22F141FC} => C:\Program Files\Attribute Changer\acshell.dll [2024-10-15] (Romain Petges) [File not signed]
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4-x32: [ARenGUID_ContextMenuEntry] -> {E30FF514-33BF-4C2F-A3BD-83C26DC7325C} => C:\Program Files\Advanced Renamer\arencm.dll [2014-04-04] (Kim Jensen) [File not signed]
ContextMenuHandlers4: [ARenGUID_ContextMenuEntry64] -> {85EF5100-D10C-11E1-82EF-B60A140DCD93} => C:\Program Files\Advanced Renamer\arencm64.dll [2014-11-29] (Kim Jensen) [File not signed]
ContextMenuHandlers4: [EdoShellEx] -> {106eb2af-e41c-3d77-8b72-618781a1a8e4} => C:\Program Files (x86)\MSTECH\MG Easy Desktop Organizer Basic\mgshellex.DLL [2024-03-22] (MSTech Global) [File not signed] [File is in use]
ContextMenuHandlers4: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2024-04-26] (IObit CO., LTD -> IObit)
ContextMenuHandlers4: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2021-06-24] (Crystal Rich Ltd -> Crystal Rich Ltd)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [EdoShellEx] -> {106eb2af-e41c-3d77-8b72-618781a1a8e4} => C:\Program Files (x86)\MSTECH\MG Easy Desktop Organizer Basic\mgshellex.DLL [2024-03-22] (MSTech Global) [File not signed] [File is in use]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_0afec3f2050014a0\nvshext.dll [2024-09-15] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2024-04-26] (IObit CO., LTD -> IObit)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2024-10-07 19:19 - 2024-07-26 12:17 - 002011648 _____ () [File not signed] C:\ProgramData\Windhawk\Engine\Mods\64\libc++.dll
2024-10-07 19:19 - 2024-07-26 12:17 - 000217600 _____ () [File not signed] C:\ProgramData\Windhawk\Engine\Mods\64\libunwind.dll
2024-12-08 20:24 - 2024-12-08 20:24 - 000173056 _____ () [File not signed] C:\ProgramData\Windhawk\Engine\Mods\64\taskbar-grouping_1.3.7_536176.dll
2024-12-08 20:16 - 2024-12-08 20:16 - 000234496 _____ () [File not signed] C:\ProgramData\Windhawk\Engine\Mods\64\taskbar-icon-size_1.2.16_723722.dll
2024-12-08 20:44 - 2024-12-08 20:44 - 000271872 _____ () [File not signed] C:\ProgramData\Windhawk\Engine\Mods\64\taskbar-labels_1.3.3_712919.dll
2025-03-20 21:06 - 2025-03-20 21:06 - 004193064 _____ () [File not signed] C:\Users\Milan\AppData\Local\JDownloader 2.0\tmp\7zip\SevenZipJBinding-Do9iQmsMdyfO\lib7-Zip-JBinding.dll
2024-05-06 20:54 - 2023-08-02 09:59 - 000594432 _____ (CANON INC.) [File not signed] [File is in use] C:\Program Files (x86)\Canon\Quick Menu\CNQMMWRP.dll
2024-05-06 21:41 - 2013-02-19 15:37 - 000008192 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_CSY.DLL
2024-05-06 21:41 - 2013-02-19 15:36 - 000307200 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_IMG.dll
2024-05-06 20:54 - 2017-07-05 12:43 - 000561152 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\Quick Menu\CCL.dll
2024-05-06 20:54 - 2013-01-24 15:24 - 000359936 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2025-03-20 21:06 - 2025-03-20 21:06 - 000211456 ____N (Java(TM) Native Access (JNA)) [File not signed] C:\Users\Milan\AppData\Local\JDownloader 2.0\tmp\jna\jna3645521907879055237.dll
2024-06-11 20:32 - 2014-11-29 21:55 - 000656896 _____ (Kim Jensen) [File not signed] C:\Program Files\Advanced Renamer\arencm64.dll
2024-06-16 18:06 - 2024-06-16 18:06 - 000126976 ____N (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\UpdatePolicyScenarioReliabilityAggregator.dll
2025-02-09 11:05 - 2024-10-15 18:00 - 000638976 _____ (Romain Petges) [File not signed] C:\Program Files\Attribute Changer\acshell.dll
2025-01-20 23:51 - 2018-06-27 09:58 - 002135040 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\ash_libcurl.dll
2025-01-20 23:51 - 2024-12-12 11:38 - 000436736 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\libcurl.dll
2025-01-20 23:51 - 2024-12-12 10:49 - 003469824 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\libcrypto-1_1-x64.dll
2025-01-20 23:51 - 2024-12-12 10:49 - 000692224 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\libssl-1_1-x64.dll
2025-01-20 23:51 - 2024-12-12 10:49 - 000150528 _____ (wxWidgets development team) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\wxbase310u_net_vc_ox.dll
2025-01-20 23:51 - 2024-12-12 10:49 - 002107392 _____ (wxWidgets development team) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\wxbase310u_vc_ox.dll
2025-01-20 23:51 - 2024-12-12 10:49 - 000168448 _____ (wxWidgets development team) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\wxbase310u_xml_vc_ox.dll
2025-01-20 23:51 - 2024-12-12 10:49 - 001379328 _____ (wxWidgets development team) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\wxmsw310u_adv_vc_ox.dll
2025-01-20 23:51 - 2024-12-12 10:49 - 004959232 _____ (wxWidgets development team) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\wxmsw310u_core_vc_ox.dll
2025-01-20 23:51 - 2024-12-12 10:49 - 000644608 _____ (wxWidgets development team) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\wxmsw310u_html_vc_ox.dll
2025-01-20 23:51 - 2024-12-12 10:49 - 000108032 _____ (wxWidgets development team) [File not signed] C:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\wxmsw310u_webview_vc_ox.dll
2025-01-20 23:51 - 2024-12-12 10:49 - 000764928 _____ (wxWidgets development team) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 25\bin\wxmsw310u_xrc_vc_ox.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\OneDriveTemp:{44004F00-6900-6B00-4700-430062004400} [1004]
AlternateDataStreams: C:\ProgramData\TEMP:0888F409 [143]
AlternateDataStreams: C:\ProgramData\TEMP:3440EB47 [141]
AlternateDataStreams: C:\ProgramData\TEMP:66633281 [152]
AlternateDataStreams: C:\ProgramData\TEMP:93433455 [158]
AlternateDataStreams: C:\ProgramData\TEMP:EFDFF94D [346]
AlternateDataStreams: C:\Users\Milan\Documents\Music Collector:{32007700-6C00-5A00-7800-670076006200} [216]
AlternateDataStreams: C:\Users\Milan\Documents\Music Collector:{44004F00-6900-6B00-4700-430062004400} [1004]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1330223131-1420727312-3009786275-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2024-04-26] (IObit CO., LTD -> IObit)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-12-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-03-08] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2022-05-07 06:24 - 2022-05-07 06:22 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1330223131-1420727312-3009786275-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-1330223131-1420727312-3009786275-1004\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 81.200.55.222 - 81.200.55.223
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: Intel(R) Ethernet Controller (3) I225-V -> e2f.sys
Síťové připojení Bluetooth 4: Bluetooth Device (Personal Area Network) #4 -> bthpan.sys
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{43888747-89E3-4805-9EFF-43B0E2AAB832}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{FB6423D3-FB0F-4E67-8133-56F1B6C06FE2}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{E68D1D24-E523-4761-B498-B4B3FDCF5E26}] => (Allow) C:\Program Files\Common Files\MAGIX Services\MxCloudSync\MxCloudSync.exe (MAGIX Software GmbH -> MAGIX)
FirewallRules: [{D97E2971-7A3C-4950-BE60-49B8689EF39B}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe (Lamantine Software a.s. -> Lamantine Software a.s.)
FirewallRules: [{6DB8CF11-4DC1-43CF-93D9-A45306CC2E8B}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe (Lamantine Software a.s. -> Lamantine Software a.s.)
FirewallRules: [{1CC9BD7D-BC94-4ACA-9753-A3BD617ECEB4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FDE1F63A-D549-41A0-B356-10E589866DF7}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24193.1904.3031.6050_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8021A966-C408-45CE-9DB6-50FCD2EFC74B}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24193.1904.3031.6050_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{1EEB9DB7-32CB-4988-9034-6C43CC797E52}C:\program files\deluge\deluge.exe] => (Allow) C:\program files\deluge\deluge.exe () [File not signed]
FirewallRules: [TCP Query User{649DA3C0-FAFF-47AB-9D6B-7F54FFF390A3}C:\program files\deluge\deluge.exe] => (Allow) C:\program files\deluge\deluge.exe () [File not signed]
FirewallRules: [{1F60E86A-69FF-43C2-9D43-32FD70A89BF4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B187E00C-E90F-4B0E-9E51-D71D42A731FC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{48DD536A-1A30-427F-9E3C-F4594B2DEA04}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{67BAB162-8430-4592-854D-69F44353C85D}] => (Allow) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{DE8CD9A6-C4C6-413B-B61F-E0F481FEC025}] => (Allow) C:\Program Files\Audials\RadioEdition 2025\Audials.exe (Audials AG -> Audials AG)
FirewallRules: [{BB4EFBC5-7C55-4201-AB18-ED9D9BABFEC7}] => (Allow) LPort=12972
FirewallRules: [{A8A1C8B2-915B-4BE8-9FE8-FF2444C824DC}] => (Allow) LPort=14714
FirewallRules: [{5E2715C4-1531-4FB4-AA63-2BBC09E66C50}] => (Allow) LPort=31931
FirewallRules: [{4EEB0DC7-DBA5-4DC8-9D0E-3DF82F342E33}] => (Allow) C:\Program Files\Audials\MusicEdition 2025\Audials.exe (Audials AG -> Audials AG)
FirewallRules: [TCP Query User{ADDB913D-C625-4518-AA18-9F86D454E9F7}C:\users\milan\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\milan\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{808A79DF-1254-4EB2-8EF9-CCE1C1FF6F8E}C:\users\milan\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\milan\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{79411591-30C8-4D35-9A80-AE525D493EB3}C:\users\milan\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\milan\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{E3010F74-FB47-4676-AF58-71F48390EF84}C:\users\milan\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\milan\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DD77B8FC-8531-4F42-B90C-335C702F8449}] => (Allow) C:\Program Files\Logi\LogiPluginService\LogiPluginService.exe (LoupeDeck Oy -> Logitech)
FirewallRules: [{CC84519C-7713-4974-8582-68700A9F3A61}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\134.0.3124.72\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0B9F1CAE-64EE-49AF-A4FF-707960E90676}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25060.205.3499.6849_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{97B7EA4A-385C-4119-928D-14196C41CFA7}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25060.205.3499.6849_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1B2F7382-C208-4E7B-B2BD-CAA4EC3BC4BD}] => (Allow) C:\Program Files\WindowsApps\DuckDuckGo.DesktopBrowser_0.104.4.0_x64__ya2fgkz3nks94\WindowsBrowser\WebView2\msedgewebview2.exe (Duck Duck Go, Inc. -> Microsoft Corporation)
FirewallRules: [{DE6FD5C8-A6CD-41F4-8331-D710DAD189AC}] => (Allow) C:\Program Files\WindowsApps\DuckDuckGo.DesktopBrowser_0.104.4.0_x64__ya2fgkz3nks94\WindowsBrowser\WebView2\msedgewebview2.exe (Duck Duck Go, Inc. -> Microsoft Corporation)
==================== Restore Points =========================
18-03-2025 21:30:50 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (03/20/2025 09:05:51 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: DESKTOP-4G0UFJU)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).
Error: (03/20/2025 09:03:24 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..
Error: (03/20/2025 09:03:24 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]
Error: (03/20/2025 08:59:02 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: Verze 2.0.0.3 programu JDownloader2.exe ukončila interakci se systémem Windows a byla ukončena. Pokud chcete zjistit, zda jsou k dispozici další informace o problému, zkontrolujte historii problémů v ovládacím panelu Zabezpečení a údržba.
Error: (03/14/2025 01:11:32 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: DESKTOP-4G0UFJU)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).
Error: (03/14/2025 01:08:54 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: Verze 23.1.0.1 programu MusicCollector.exe ukončila interakci se systémem Windows a byla ukončena. Pokud chcete zjistit, zda jsou k dispozici další informace o problému, zkontrolujte historii problémů v ovládacím panelu Zabezpečení a údržba.
Error: (03/14/2025 01:07:48 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: Verze 83.0.0.0 programu mkvtoolnix-gui.exe ukončila interakci se systémem Windows a byla ukončena. Pokud chcete zjistit, zda jsou k dispozici další informace o problému, zkontrolujte historii problémů v ovládacím panelu Zabezpečení a údržba.
Error: (03/12/2025 11:27:30 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: DESKTOP-4G0UFJU)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).
System errors:
=============
Error: (03/20/2025 10:02:44 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou 192.168.0.186.
Počítač s IP adresou 192.168.0.196 nepovolil získání názvu
tímto počítačem.
Error: (03/20/2025 09:57:34 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou 192.168.0.186.
Počítač s IP adresou 192.168.0.196 nepovolil získání názvu
tímto počítačem.
Error: (03/20/2025 09:52:21 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou 192.168.0.186.
Počítač s IP adresou 192.168.0.196 nepovolil získání názvu
tímto počítačem.
Error: (03/20/2025 09:47:11 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou 192.168.0.186.
Počítač s IP adresou 192.168.0.196 nepovolil získání názvu
tímto počítačem.
Error: (03/20/2025 09:42:01 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou 192.168.0.186.
Počítač s IP adresou 192.168.0.196 nepovolil získání názvu
tímto počítačem.
Error: (03/20/2025 09:36:51 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou 192.168.0.186.
Počítač s IP adresou 192.168.0.196 nepovolil získání názvu
tímto počítačem.
Error: (03/20/2025 09:31:41 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou 192.168.0.186.
Počítač s IP adresou 192.168.0.196 nepovolil získání názvu
tímto počítačem.
Error: (03/20/2025 09:26:31 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou 192.168.0.186.
Počítač s IP adresou 192.168.0.196 nepovolil získání názvu
tímto počítačem.
Windows Defender:
================
Date: 2025-03-20 00:04:30
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-03-18 21:45:32
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-03-18 09:15:31
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-03-16 21:57:05
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-03-16 00:29:22
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
CodeIntegrity:
===============
Date: 2025-03-20 21:06:16
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\WindowsApps\DuckDuckGo.DesktopBrowser_0.104.4.0_x64__ya2fgkz3nks94\WindowsBrowser\WebView2\msedgewebview2.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Windhawk\Engine\1.5.1\64\windhawk.dll that did not meet the Microsoft signing level requirements.
Date: 2025-03-20 21:06:15
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\EdgeWebView\Application\134.0.3124.72\msedgewebview2.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Windhawk\Engine\1.5.1\64\windhawk.dll that did not meet the Microsoft signing level requirements.
Date: 2025-03-20 21:05:35
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Windhawk\Engine\1.5.1\64\windhawk.dll that did not meet the Microsoft signing level requirements.
Date: 2025-03-20 09:14:48
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Windhawk\Engine\1.5.1\64\windhawk.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends International, LLC. 1.20 02/24/2022
Motherboard: Micro-Star International Co., Ltd. PRO Z690-A DDR4(MS-7D25)
Processor: 12th Gen Intel(R) Core(TM) i5-12400F
Percentage of memory in use: 55%
Total physical RAM: 16243.87 MB
Available physical RAM: 7172.5 MB
Total Virtual: 28531.87 MB
Available Virtual: 15838.95 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.71 GB) (Free:766.92 GB) (Model: Samsung SSD 980 PRO 1TB) NTFS
Drive e: (Data) (Fixed) (Total:1863 GB) (Free:1059.32 GB) (Model: KINGSTON SNV2S2000G) NTFS
Drive f: (Hudba) (Fixed) (Total:931.51 GB) (Free:267.13 GB) (Model: WDC WDS100T2B0A-00SM50) NTFS
Drive g: (HOPPY LABEL) (Fixed) (Total:596.17 GB) (Free:596.01 GB) (Model: WD 6400AAV External USB Device) NTFS
Drive i: (Záloha) (Fixed) (Total:3725.9 GB) (Free:3724.61 GB) (Model: CT4000P3 SSD8 SCSI Disk Device) NTFS
\\?\Volume{a98bb4c8-c399-44ed-8b5c-fcdafea5d897}\ () (Fixed) (Total:0.69 GB) (Free:0.15 GB) NTFS
\\?\Volume{9d60c426-e1a7-4ca9-90aa-37581c31cb96}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 456D789A)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 2 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 3 (Size: 596.2 GB) (Disk ID: 060F38E2)
Partition 1: (Not Active) - (Size=596.2 GB) - (Type=07 NTFS)
==========================================================
Disk: 4 (Size: 3726 GB) (Disk ID: 88A4B328)
Partition: GPT.
==================== End of Addition.txt =======================