Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosim zase jednou o kontrolu logu. Predem moc dekuji.

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Hejdys84
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 28 úno 2026 00:23

Prosim zase jednou o kontrolu logu. Predem moc dekuji.

#1 Příspěvek od Hejdys84 »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-04-2026
Ran by hejda (administrator) on HEJDYS (ASUSTeK COMPUTER INC. ASUS TUF Gaming A15 FA506NC_FA506NC) (27-04-2026 01:23:27)
Running from C:\Users\hejda\Desktop\FRST64.exe
Loaded Profiles: hejda
Platform: Microsoft Windows 11 Home Version 25H2 26200.8246 (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe
(0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe
(453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe
(ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\GlideX\adb.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOSD.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files (x86)\LightingService\LightingService.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\AacAmbientHal\AacAmbientLighting.exe
(C:\Program Files (x86)\LightingService\LightingService.exe ->) (ASUSTeK COMPUTER INC. -> TODO: <Company name>) C:\Program Files\ASUS\AacAmbientHal\AacAmbientKeyScanner.exe
(C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA Overlay.exe <5>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA App\ShadowPlay\nvsphelper64.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\amdow.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSSrcExt.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\cncmd.exe
(C:\Program Files\WindowsApps\Microsoft.YourPhone_1.26022.64.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.26022.64.0_x64__8wekyb3d8bbwe\YourPhoneAppProxy.exe
(C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\crashpad_handler.exe <2>
(DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimization.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusHotkey.exe
(DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimization.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimizationStartupTask.exe
(DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusSoftwareManager.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe
(DriverStore\FileRepository\u0404233.inf_amd64_397a6af4950eb5ee\B402913\atiesrxx.exe ->) (AMD Test Build -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0404233.inf_amd64_397a6af4950eb5ee\B402913\atieclxx.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <9>
(services.exe ->) (AMD Test Build -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0404233.inf_amd64_397a6af4950eb5ee\B402913\atiesrxx.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUS Inc.) C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) C:\Program Files\ASUS\GlideX\GlideXRemote\GlideXRemoteService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files\ASUS\GlideX\GlideXNear\GlideXNearService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\GlideX\GlideXService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\GlideX\GlideXServiceExt.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\ASUSACCI\ArmouryCrateControlInterface.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asusptpfilter.inf_amd64_1e467870260bcd2f\AsusPTPService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\AsusAppService\AsusAppService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimization.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusSoftwareManager.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSwitch\AsusSwitch.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemAnalysis\AsusSystemAnalysis.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WSL\wslservice.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_987f8cede005f427\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <4>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_98d8c76c5f0d1f70\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a5b5950537cd134e\RtkAudUService64.exe <2>
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> WhatsApp.Root) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2613.101.0_x64__cv1g1gvanyjgm\WhatsApp.Root.exe
(svchost.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\XboxGameBarSpotify.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <4>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS Hotplug Controller\AsHotplugCtrl.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.Edge.GameAssist_1.0.3590.0_x64__8wekyb3d8bbwe\EdgeGameAssist.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Copilot\Application\mscopilot_proxy.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2604.1001.9.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.248.3.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\spaceman.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AppActions.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a5b5950537cd134e\RtkAudUService64.exe [2021320 2024-05-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [SteelSeriesGG] => C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe [20251704 2026-03-12] (GN Hearing A/S -> SteelSeries A/S)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [4148120 2026-04-12] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32\...\Run: [ASUS Smart Display Control] => C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe [178840 2024-03-29] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [14608920 2026-04-07] (GOG sp. z o.o -> GOG.com)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1008336 2026-04-23] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [5767832 2026-03-13] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2589432 2026-03-31] (Wargaming Group Limited -> Wargaming.net)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [3792032 2026-01-27] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [electron.app.Pi Network] => C:\Users\hejda\AppData\Local\Programs\pi-network-desktop\Pi Network.exe [199201592 2025-10-22] (SocialChain Inc -> Socialchain Inc.)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [RiotClient] => D:\Riot Games\Riot Client\RiotClientServices.exe [75632248 2026-04-26] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [Docker Desktop] => C:\Program Files\Docker\Docker\Docker Desktop.exe [13082544 2026-04-07] (Docker Inc -> Docker Inc.)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [MicrosoftEdgeAutoLaunch_E478EAC7BFC67F03F478E5F2D7931491] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [5026664 2026-04-24] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\...\AppCompatFlags\Custom\H3Blade.exe: [{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb] -> HoMM III Compatibility Database
HKLM\Software\...\AppCompatFlags\InstalledSDB\{62a24b39-0106-4990-90ea-3a09e9dda7a6}: [DatabasePath] -> C:\Windows\AppPatch\CustomSDB\{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb [2025-08-22]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{49210152-871f-4ffa-961d-a172abcbc09d}] -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe [3101848 2026-03-18] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\147.0.7727.103\Installer\chrmstp.exe [7429272 2026-04-22] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{ECDEB23C-E72D-F54F-081D-D2180DBF1497}] -> reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {410B4D63-12D8-4350-8F4A-E34014E8BDB6} - System32\Tasks\ASUS Hotplug Controller => C:\Program Files\ASUS\ASUS Hotplug Controller\AsHotplugCtrl.exe [208016 2024-04-08] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {ADAE697B-9848-4B6B-B869-544F532FC612} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusHotkey.exe [365064 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {889704A5-599C-40C2-AA82-B937D2F95827} - System32\Tasks\ASUS Update Checker 2.0 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusUpdateChecker.exe [852488 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {92D0D783-9E50-4AC0-8238-534D411197DD} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [359784 2024-01-15] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {0F054585-BEFC-4EB3-B450-F416C7F164B9} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [1812328 2024-01-15] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {E1B4053E-90F4-4FD6-8B4F-41D7D547725F} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [139091304 2024-04-19] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
Task: {719E5C49-92AE-4012-AD17-40F53E10A2E1} - System32\Tasks\ASUSSmartDisplayControl => C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe [178840 2024-03-29] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {3F0AD4E5-9017-4943-AE79-009EA9898A62} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemAnalysis\AsusSystemAnalysis.exe [4454920 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {B8DE8D77-5DE2-466C-A8FA-28A7FC000615} - System32\Tasks\AsusSystemDiagnosis_DriverQuality => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [1305608 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
Task: {1B0CB987-EC8F-4C09-9F3D-4A2A44055940} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem148.0.7730.0{595F8B06-08D2-4865-8F7D-5532E378B367} => C:\Program Files (x86)\Google\GoogleUpdater\148.0.7730.0\updater.exe [8459416 2026-03-12] (Google LLC -> Google LLC)
Task: {EC46F1CC-B0D4-4E08-983E-F9EF11EE6B8E} - System32\Tasks\Microsoft\Office\Office Actions Server => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ActionsServer\ActionsServer.exe [16380208 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {F178A75F-38CE-474E-BAF4-31FB056BD2EC} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28546448 2026-04-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {3DF83F57-55C6-45E5-949B-0C7AE810905A} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\opushutil.exe [73568 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {EC5D4D0B-1E6E-44BA-8850-4882A1D806BD} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28546448 2026-04-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {141D6492-8AC7-4436-BF5B-EE8F2E183B83} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [426776 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {95199692-FBC4-4D24-ADF0-63C005D1275B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [426776 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {92D30FB8-0502-4C39-A8F8-3024CCAA1602} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [1366888 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {4577BF73-D404-4AC1-A9E9-2C0F57120115} - System32\Tasks\Microsoft\Office\Office Startup Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ActionsServer\ActionsServer.exe [16380208 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {FF284009-385D-496B-AEFD-2F825AFF3F1B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {185304CA-D111-48BD-8CCA-5FEEC948BC33} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {31E8EB23-CCE6-44C5-BFAA-90B57D01590D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {62D1D874-E07F-450A-B3DF-0738B60E5CAF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {13E1DF2D-2322-4B67-9D6A-2EBEE9915C81} - System32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA App.exe [3346544 2026-04-07] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{1e830ae0-24bc-4813-841d-0138cb78e197}: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\14355535F54403: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\14355535F577966696: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\14355535F577966696F55374: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\2445D263736493D453: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\2445D263736493D453: [DhcpDomain] home
Tcpip\..\Interfaces\{e5f549ba-a1c6-454b-bee3-41a99569e0fe}: [DhcpDomain] local

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2026-01-25] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2025-12-07] (Microsoft Corporation -> Microsoft Corporation)

Edge:
=======
Edge Profile: C:\Users\hejda\AppData\Local\Microsoft\Edge\User Data\Default [2026-04-26]
Edge Extension: (VPN for Chrome: NordVPN proxy protection) - C:\Users\hejda\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2026-04-16]
Edge Extension: (Google Docs Offline) - C:\Users\hejda\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-04-23]
Edge Extension: (Edge relevant text changes) - C:\Users\hejda\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2026-03-15]
Edge HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [fjoaledfpmneenckfbpdfhkmimnjocfa]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\hejda\AppData\Local\Google\Chrome\User Data\Default [2026-04-27]
CHR DownloadDir: D:\Download
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://www.seznam.cz/"
CHR DefaultSearchURL: Default -> hxxps://thecharitych.com/search?the=QUMyZGV3cwRUUHZ2AldWcHIEVFx1cAcYVHB0BlBUdD8DU1N0cgBQUHB1TiEkCCJ7NQojAFopLDR7Sx4IHgRADzQMFV4DHS4AcFYRBRB3MSAABmslNgACdwMsAhBiIDoDNHc%3D&q={searchTerms}&source=hj
CHR DefaultSearchKeyword: Default -> yahoo.com
CHR DefaultNewTabURL: Default -> hxxps://thecharitych.com/nt?the=QUMyZGV3cwRUUHZ2AldWcHIEVFx1cAcYVHB0BlBUdD8DU1N0cgBQUHB1TiEkCCJ7NQojAFopLDR7Sx4IHgRADzQMFV4DHS4AcFYRBRB3MSAABmslNgACdwMsAhBiIDoDNHc%3D&source=hj
CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas_sfp&command={searchTerms}
CHR Extension: (VPN for Chrome: NordVPN proxy protection) - C:\Users\hejda\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2026-04-17]
CHR Extension: (Google Docs Offline) - C:\Users\hejda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-04-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\hejda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2025-08-19]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fjoaledfpmneenckfbpdfhkmimnjocfa]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ArmouryCrateControlInterface; C:\Windows\System32\ASUSACCI\ArmouryCrateControlInterface.exe [213016 2026-03-02] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe [401880 2024-05-31] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 AsusAppService; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\AsusAppService\AsusAppService.exe [1162760 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSOptimization; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimization.exe [654344 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 AsusPTPService; C:\Windows\System32\DriverStore\FileRepository\asusptpfilter.inf_amd64_1e467870260bcd2f\AsusPTPService.exe [229840 2024-09-04] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 ASUSSoftwareManager; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusSoftwareManager.exe [1422344 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSwitch; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSwitch\AsusSwitch.exe [653832 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemAnalysis\AsusSystemAnalysis.exe [4454920 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [1305608 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [3386064 2026-03-21] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13345600 2026-04-20] (Microsoft Corporation -> Microsoft Corporation)
S3 com.docker.service; C:\Program Files\Docker\Docker\com.docker.service [39344 2026-04-07] (Docker Inc -> Docker Inc.)
R2 DtsApo4Service; C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe [442368 2023-12-17] (DTS, Inc. -> DTS Inc.)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [20372640 2026-01-27] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [985896 2026-03-15] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 GalaxyClientService; \\?\C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2443288 2026-04-07] (GOG sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7656984 2026-04-07] (GOG sp. z o.o -> GOG.com)
R2 GameSDK Service; C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe [397544 2022-05-31] (ASUSTeK COMPUTER INC. -> ASUS Inc.)
R2 GlideXNearService; C:\Program Files\ASUS\GlideX\GlideXNear\GlideXNearService.exe [1825712 2025-11-13] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 GlideXRemoteService; C:\Program Files\ASUS\GlideX\GlideXRemote\GlideXRemoteService.exe [486832 2025-11-12] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​)
R2 GlideXService; C:\Program Files\ASUS\GlideX\GlideXService.exe [2985904 2025-11-13] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 GlideXServiceExt; C:\Program Files\ASUS\GlideX\GlideXServiceExt.exe [303024 2025-11-13] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [4926312 2024-05-06] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [976368 2026-04-24] (McAfee, LLC -> McAfee, LLC)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpDefenderCoreService.exe [2088128 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 MicrosoftCopilotElevationService; C:\Program Files (x86)\Microsoft\Copilot\Application\147.0.3912.84\elevation_service.exe [3602240 2026-04-23] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_98d8c76c5f0d1f70\Display.NvContainer\NVDisplay.Container.exe [1702600 2026-04-14] (NVIDIA Corporation -> NVIDIA Corporation)
R2 ROG Live Service; C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe [2045400 2024-05-13] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 SteelSeriesGGUpdateServiceProxy; C:\Program Files\SteelSeries\GG\SteelSeriesGGUpdateServiceProxy.exe [1587712 2025-03-12] (GN Hearing A/S -> )
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [55767304 2026-04-12] (Riot Games, Inc. -> Riot Games, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\NisSrv.exe [4480592 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MsMpEng.exe [290744 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 Bonjour Service; C:\Program Files\Blizzard\Bonjour Service\mDNSResponder.exe (No File)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_987f8cede005f427\amdfendrmgr.sys [36040 2024-05-09] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amduw23g; C:\Windows\System32\DriverStore\FileRepository\u0404233.inf_amd64_397a6af4950eb5ee\B402913\amdkmdag.sys [106001688 2024-06-14] (AMD Test Build -> Advanced Micro Devices, Inc.)
R2 amd_dpfc; C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_98d8c76c5f0d1f70\amd_dpfc.sys [47816 2026-04-14] (NVIDIA Corporation -> Advanced Micro Devices)
R3 AsusPTPDrv; C:\Windows\System32\DriverStore\FileRepository\asusptpfilter.inf_amd64_1e467870260bcd2f\AsusPTPFilter.sys [199632 2024-09-04] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R3 AsusSAIO; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemAnalysis\AsusSAIO.sys [51256 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R1 ATKWMIACPIIO; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusWmiAcpi.sys [50912 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [110592 2025-08-19] (Microsoft Corporation) [File not signed]
R0 fse; C:\Windows\System32\drivers\fse.sys [226688 2025-12-10] (Microsoft Windows -> Microsoft Corporation)
R3 KslD; C:\Windows\System32\drivers\wd\KslD.sys [82352 2026-03-08] (Microsoft Windows -> Microsoft Corporation)
S2 l1vhlwf; C:\Windows\System32\drivers\l1vhlwf.sys [144872 2026-04-14] (Microsoft Windows -> Microsoft Corporation)
R3 nvpcf; C:\Windows\System32\drivers\nvpcf.sys [308456 2026-02-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 ovpn-dco; C:\Windows\System32\drivers\ovpn-dco.sys [101008 2026-01-07] (WDKTestCert lev,133391533294737317 -> OpenVPN, Inc)
R3 rt68cx21; C:\Windows\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_043a02d7d5d8270f\rt68cx21x64.sys [752496 2023-08-16] (Realtek Semiconductor Corp. -> Realtek)
S3 RtkBtFilter2; C:\Windows\System32\DriverStore\FileRepository\rtkbtfilter.inf_amd64_899e279b64ed2cb5\RtkBtFilter2.sys [209640 2025-07-04] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corporation)
R3 ssdevfactory; C:\Windows\System32\drivers\ssdevfactory.sys [43568 2025-12-01] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
R3 sshid; C:\Windows\System32\drivers\sshid.sys [55856 2026-03-06] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
R3 SteelSeries_Sonar_VAD; C:\Windows\System32\DriverStore\FileRepository\steelseries-sonar-vad.inf_amd64_d2a852794d8f7bf8\SteelSeries-Sonar-VAD.sys [95912 2025-10-31] (GN Hearing A/S -> Windows (R) Win 7 DDK provider)
R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [70158624 2026-04-11] (Riot Games, Inc. -> Riot Games, Inc.)
S3 vmbusproxy; C:\Windows\system32\drivers\vmbusproxy.sys [98304 2025-08-19] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [21888 2026-04-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [647560 2026-04-14] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [100744 2026-04-14] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\Windows\System32\drivers\wintun.sys [38176 2026-03-09] (WireGuard LLC -> WireGuard LLC)
S3 WireGuard; C:\Windows\System32\drivers\wireguard.sys [489368 2026-03-09] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
U3 aswBcc; no ImagePath
U3 Avast Business Console Client Antivirus Service; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2026-04-27 01:23 - 2026-04-27 01:23 - 000036309 _____ C:\Users\hejda\Desktop\FRST.txt
2026-04-27 01:23 - 2026-04-27 01:19 - 002447360 _____ (Farbar) C:\Users\hejda\Desktop\FRST64.exe
2026-04-24 11:58 - 2026-04-26 20:21 - 000000000 ____D C:\Windows\CbsTemp
2026-04-23 00:38 - 2026-04-23 00:38 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2026-04-17 13:40 - 2026-04-17 13:40 - 000000000 ____D C:\Windows\LastGood.Tmp
2026-04-17 13:37 - 2026-04-14 14:30 - 029136584 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 028057800 _____ C:\Windows\system32\nvidia-pcc.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 021713096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 008441032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 005925064 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 005674192 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 005516456 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 005011408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 004466888 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 002421264 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 002421264 _____ C:\Windows\system32\vulkaninfo.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 002328264 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001923088 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 001923088 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 001724104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001625616 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001625616 _____ C:\Windows\system32\vulkan-1.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001621200 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 001583304 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001434640 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001434640 _____ C:\Windows\SysWOW64\vulkan-1.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001385672 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001231560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001064648 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000853704 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 000820432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000675016 _____ (NVIDIA Corporation) C:\Windows\system32\nvofapi64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000509128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvofapi.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000478928 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000469712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 000374992 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2026-04-17 13:37 - 2026-04-13 22:30 - 000162186 _____ C:\Windows\system32\nvinfo.pb
2026-04-14 21:25 - 2026-04-14 21:28 - 000000000 ___HD C:\$WinREAgent
2026-04-14 21:24 - 2026-04-14 21:24 - 000036843 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2026-04-14 21:24 - 2026-04-14 21:24 - 000036843 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2026-04-14 21:24 - 2026-04-14 21:24 - 000004575 _____ C:\Windows\system32\ResPriUHMImageList
2026-04-14 21:24 - 2026-04-14 21:24 - 000004575 _____ C:\Windows\system32\ResPriLMImageList
2026-04-14 21:24 - 2026-04-14 21:24 - 000004575 _____ C:\Windows\system32\ResPriImageList
2026-04-14 21:24 - 2026-04-14 21:24 - 000004575 _____ C:\Windows\system32\ResPriHMImageList
2026-04-14 20:33 - 2026-04-14 20:33 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2026-04-12 00:00 - 2026-04-12 00:00 - 000000000 ____D C:\Program Files (x86)\Intel
2026-04-11 23:59 - 2026-04-11 23:59 - 000000000 ____D C:\Program Files\Intel
2026-04-08 13:35 - 2026-04-08 13:35 - 000000000 ____D C:\Windows\system32\Tasks\SoftLanding
2026-04-07 12:55 - 2026-04-07 12:55 - 000002108 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Docker Desktop.lnk
2026-04-07 12:55 - 2026-04-07 12:55 - 000002102 _____ C:\Users\hejda\Desktop\Docker Desktop.lnk
2026-03-29 14:19 - 2026-03-29 14:19 - 000000000 ____D C:\Users\hejda\AppData\Local\Spotify

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2026-04-27 01:23 - 2026-02-28 00:11 - 000000000 ____D C:\FRST
2026-04-27 01:15 - 2025-08-19 18:05 - 000000000 ____D C:\Program Files (x86)\Steam
2026-04-27 01:13 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2026-04-27 01:11 - 2025-08-19 16:10 - 000000000 ____D C:\Users\hejda\AppData\Local\Battle.net
2026-04-27 00:33 - 2024-04-01 08:24 - 000000000 ____D C:\Windows\INF
2026-04-27 00:21 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SystemTemp
2026-04-27 00:03 - 2025-08-19 14:38 - 000003752 _____ C:\Windows\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2026-04-26 22:51 - 2026-03-03 20:43 - 134222904 _____ C:\Windows\392667600.dat
2026-04-26 22:51 - 2026-03-03 20:43 - 000000001 _____ C:\Windows\vgkbootstatus.dat
2026-04-26 22:49 - 2025-08-19 15:33 - 000000000 ____D C:\Users\hejda\AppData\Local\D3DSCache
2026-04-26 22:48 - 2026-03-03 20:13 - 000000000 ____D C:\ProgramData\Riot Games
2026-04-26 22:47 - 2026-03-03 20:17 - 000000000 ____D C:\Program Files\Riot Vanguard
2026-04-26 22:47 - 2026-03-03 20:14 - 000000000 ____D C:\Users\hejda\AppData\Roaming\riot-client-ux
2026-04-26 22:47 - 2026-03-03 20:14 - 000000000 ____D C:\Users\hejda\AppData\Roaming\Riot Client
2026-04-26 18:28 - 2025-03-13 01:19 - 000791266 _____ C:\Windows\system32\PerfStringBackup.INI
2026-04-26 18:26 - 2025-12-14 18:57 - 000003822 _____ C:\Windows\system32\Tasks\AsusSystemDiagnosis_DriverQuality
2026-04-26 18:21 - 2026-03-01 19:45 - 000008614 _____ C:\Windows\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2026-04-26 18:21 - 2025-09-14 22:39 - 000000000 ____D C:\Users\hejda\AppData\Roaming\Pi Network
2026-04-26 18:21 - 2025-08-19 15:43 - 000000000 ____D C:\Users\hejda\AppData\Roaming\asus_framework
2026-04-26 18:21 - 2025-03-13 01:24 - 000000000 ____D C:\Windows\system32\ASUSACCI
2026-04-26 18:21 - 2025-03-13 01:13 - 000000000 ____D C:\ProgramData\NVIDIA
2026-04-26 18:21 - 2024-05-26 10:14 - 000012288 ___SH C:\DumpStack.log.tmp
2026-04-26 18:21 - 2024-05-26 10:14 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2026-04-26 18:21 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\AppReadiness
2026-04-26 18:20 - 2024-04-01 08:21 - 000786432 _____ C:\Windows\system32\config\BBI
2026-04-26 18:10 - 2025-08-19 15:33 - 000000000 ____D C:\Users\hejda\AppData\Local\Packages
2026-04-26 18:07 - 2024-04-01 08:26 - 000000000 ___HD C:\Program Files\WindowsApps
2026-04-26 17:50 - 2024-05-26 10:14 - 000000000 ____D C:\Windows\system32\SleepStudy
2026-04-26 16:34 - 2024-05-26 10:14 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2026-04-24 10:39 - 2025-11-02 03:08 - 000000000 ____D C:\ProgramData\Whesvc
2026-04-23 23:58 - 2025-08-19 16:10 - 000000000 ____D C:\Program Files (x86)\Battle.net
2026-04-23 00:39 - 2025-08-19 18:12 - 000000000 ____D C:\Users\hejda\AppData\Local\NVIDIA
2026-04-23 00:38 - 2024-05-26 10:17 - 000000000 ____D C:\Program Files\Microsoft Office
2026-04-23 00:28 - 2025-08-19 16:58 - 000002209 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2026-04-23 00:28 - 2025-08-19 16:58 - 000002168 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2026-04-20 20:44 - 2025-08-19 15:44 - 000003576 _____ C:\Windows\system32\Tasks\OneDrive Startup Task-S-1-5-21-1589204013-1864288644-3288743639-1001
2026-04-20 20:44 - 2025-08-19 15:43 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1589204013-1864288644-3288743639-1001
2026-04-20 20:44 - 2025-08-19 15:43 - 000003362 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1589204013-1864288644-3288743639-1001
2026-04-20 20:44 - 2025-08-19 15:43 - 000002385 _____ C:\Users\hejda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2026-04-20 15:24 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\LiveKernelReports
2026-04-17 13:36 - 2025-08-19 15:43 - 000000000 ____D C:\Users\hejda\AppData\Local\NVIDIA Corporation
2026-04-15 00:58 - 2025-03-13 01:19 - 000001623 _____ C:\Windows\system32\config\VSMIDK
2026-04-15 00:56 - 2026-03-13 23:32 - 000480856 _____ C:\Windows\system32\FNTCACHE.DAT
2026-04-15 00:55 - 2025-08-19 15:24 - 000000000 ____D C:\Windows\system32\ruxim
2026-04-15 00:55 - 2024-05-26 10:54 - 000000000 ____D C:\Windows\system32\Drivers\en-GB
2026-04-15 00:55 - 2024-05-26 10:54 - 000000000 ____D C:\Windows\en-GB
2026-04-15 00:55 - 2024-04-01 09:08 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ___SD C:\Windows\SysWOW64\F12
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ___SD C:\Windows\system32\F12
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\vi-VN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ur-PK
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ug-CN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\tt-RU
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\te-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ta-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\sq-AL
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\quz-PE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\qps-plocm
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\qps-ploc
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\pa-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\or-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\oobe
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\nn-NO
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ne-NP
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\mt-MT
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\mr-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ml-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\mk-MK
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\mi-NZ
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\lo-LA
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\lb-LU
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\kok-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\kn-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\km-KH
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\kk-KZ
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ka-GE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\is-IS
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\InstallShield
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\id-ID
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\hy-AM
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\hi-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\gu-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\gl-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\gd-GB
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ga-IE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\fil-PH
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\fa-IR
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\eu-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\Dism
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\cy-GB
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ca-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\bn-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\be-BY
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\as-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\am-ET
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\af-ZA
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SystemResources
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\WinMetadata
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\vi-VN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ur-PK
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ug-CN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\tt-RU
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\te-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ta-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\sq-AL
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ShellExperiences
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\setup
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\quz-PE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\qps-plocm
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\qps-ploc
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\pa-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\or-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\oobe
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\nn-NO
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ne-NP
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\mt-MT
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\mr-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ml-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\mk-MK
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\mi-NZ
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\migwiz
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\lv-LV
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\lt-LT
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\lo-LA
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\lb-LU
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\kok-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\kn-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\km-KH
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\kk-KZ
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ka-GE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\is-IS
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\id-ID
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\hy-AM
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\hi-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\HealthAttestationClient
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\gu-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\gl-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\gd-GB
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ga-IE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\fil-PH
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\fa-IR
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\eu-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\et-EE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\es-MX
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\Dism
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\cy-GB
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ca-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\bn-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\be-BY
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\as-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\appraiser
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\am-ET
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\af-ZA
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\ShellExperiences
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\ShellComponents
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\Provisioning
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\DiagTrack
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\BrowserCore
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\bcastdvr
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\System
2026-04-15 00:55 - 2024-04-01 08:21 - 000000000 ____D C:\Windows\servicing
2026-04-14 21:34 - 2024-04-01 08:26 - 000282624 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2026-04-14 21:34 - 2024-04-01 08:26 - 000235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2026-04-14 21:24 - 2024-05-26 10:16 - 003268096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2026-04-14 21:03 - 2025-08-19 21:11 - 000000000 ____D C:\Windows\system32\MRT
2026-04-14 21:01 - 2025-08-19 21:11 - 218249592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2026-04-14 20:49 - 2025-08-19 15:32 - 000000000 ____D C:\Users\hejda\AppData\Local\PlaceholderTileLogoFolder
2026-04-14 20:49 - 2025-03-13 01:10 - 000000000 ____D C:\ProgramData\Packages
2026-04-14 20:49 - 2024-05-26 10:14 - 000000000 ____D C:\Windows\system32\Drivers\wd
2026-04-14 20:46 - 2025-08-19 15:44 - 000000000 ____D C:\Users\hejda\AppData\Local\Comms
2026-04-12 02:57 - 2025-09-08 04:42 - 000001396 _____ C:\Users\Public\Desktop\NVIDIA App.lnk
2026-04-12 02:57 - 2025-09-08 04:35 - 000003834 _____ C:\Windows\system32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2026-04-12 02:57 - 2025-08-19 15:43 - 000000000 ___RD C:\Users\hejda\OneDrive
2026-04-12 02:57 - 2025-03-13 01:14 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2026-04-11 23:59 - 2025-03-13 01:15 - 000000000 ____D C:\ProgramData\Package Cache
2026-04-11 22:44 - 2025-10-13 21:36 - 000000434 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2026-04-11 14:27 - 2025-10-13 21:34 - 000000000 ____D C:\Users\hejda\AppData\Roaming\Docker Desktop
2026-04-11 12:51 - 2025-10-13 21:34 - 000000000 ____D C:\Users\hejda\AppData\Local\docker-secrets-engine
2026-04-11 12:51 - 2025-10-13 21:31 - 000000000 ____D C:\Users\hejda\.docker
2026-04-11 12:51 - 2025-10-13 21:29 - 000000000 ____D C:\Users\hejda\AppData\Roaming\Docker
2026-04-11 01:18 - 2024-05-26 10:14 - 000003610 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{0D77E3DA-EDAC-4B78-8B97-3078243A3EB0}
2026-04-11 01:18 - 2024-05-26 10:14 - 000003484 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{04F810C2-61C9-48F3-A74E-6C906168D8E8}
2026-04-09 23:05 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\SecurityHealth
2026-04-07 12:55 - 2026-03-03 22:07 - 000000000 ____D C:\Program Files\Docker
2026-04-07 12:55 - 2025-10-13 21:29 - 000000000 ____D C:\ProgramData\DockerDesktop
2026-04-07 12:54 - 2025-10-13 21:29 - 000000000 ____D C:\Users\hejda\AppData\Local\Docker
2026-04-07 12:47 - 2025-08-19 15:50 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2026-04-07 06:23 - 2025-09-08 04:35 - 001311344 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2026-04-07 06:23 - 2025-09-08 04:35 - 001116272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2026-04-07 06:23 - 2025-03-13 01:15 - 000296560 _____ C:\Windows\system32\FvSDK_x64.dll
2026-04-07 06:23 - 2025-03-13 01:15 - 000271472 _____ C:\Windows\SysWOW64\FvSDK_x86.dll
2026-04-07 06:00 - 2026-02-05 00:52 - 000161936 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap32v.dll
2026-04-07 06:00 - 2025-09-08 04:34 - 000185496 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2026-04-07 05:59 - 2025-09-08 04:35 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2026-04-05 22:13 - 2026-01-21 17:57 - 000004132 _____ C:\Windows\system32\Tasks\ASUS Update Checker 2.0
2026-04-05 22:13 - 2025-03-13 01:06 - 000003756 _____ C:\Windows\system32\Tasks\ASUS Optimization 36D18D69AFC3
2026-04-05 03:42 - 2025-08-19 15:51 - 000000000 ____D C:\Users\hejda\AppData\Local\CrashDumps
2026-03-29 00:50 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\microsoft shared

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-04-2026
Ran by hejda (administrator) on HEJDYS (ASUSTeK COMPUTER INC. ASUS TUF Gaming A15 FA506NC_FA506NC) (27-04-2026 01:23:27)
Running from C:\Users\hejda\Desktop\FRST64.exe
Loaded Profiles: hejda
Platform: Microsoft Windows 11 Home Version 25H2 26200.8246 (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe
(0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe
(453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe
(ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\GlideX\adb.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOSD.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files (x86)\LightingService\LightingService.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\AacAmbientHal\AacAmbientLighting.exe
(C:\Program Files (x86)\LightingService\LightingService.exe ->) (ASUSTeK COMPUTER INC. -> TODO: <Company name>) C:\Program Files\ASUS\AacAmbientHal\AacAmbientKeyScanner.exe
(C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA Overlay.exe <5>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA App\ShadowPlay\nvsphelper64.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\amdow.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSSrcExt.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\cncmd.exe
(C:\Program Files\WindowsApps\Microsoft.YourPhone_1.26022.64.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.26022.64.0_x64__8wekyb3d8bbwe\YourPhoneAppProxy.exe
(C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\crashpad_handler.exe <2>
(DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimization.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusHotkey.exe
(DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimization.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimizationStartupTask.exe
(DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusSoftwareManager.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe
(DriverStore\FileRepository\u0404233.inf_amd64_397a6af4950eb5ee\B402913\atiesrxx.exe ->) (AMD Test Build -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0404233.inf_amd64_397a6af4950eb5ee\B402913\atieclxx.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <9>
(services.exe ->) (AMD Test Build -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0404233.inf_amd64_397a6af4950eb5ee\B402913\atiesrxx.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUS Inc.) C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) C:\Program Files\ASUS\GlideX\GlideXRemote\GlideXRemoteService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files\ASUS\GlideX\GlideXNear\GlideXNearService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\GlideX\GlideXService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\GlideX\GlideXServiceExt.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\ASUSACCI\ArmouryCrateControlInterface.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asusptpfilter.inf_amd64_1e467870260bcd2f\AsusPTPService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\AsusAppService\AsusAppService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimization.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusSoftwareManager.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSwitch\AsusSwitch.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemAnalysis\AsusSystemAnalysis.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WSL\wslservice.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_987f8cede005f427\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <4>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_98d8c76c5f0d1f70\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a5b5950537cd134e\RtkAudUService64.exe <2>
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> WhatsApp.Root) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2613.101.0_x64__cv1g1gvanyjgm\WhatsApp.Root.exe
(svchost.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\XboxGameBarSpotify.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <4>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS Hotplug Controller\AsHotplugCtrl.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.Edge.GameAssist_1.0.3590.0_x64__8wekyb3d8bbwe\EdgeGameAssist.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Copilot\Application\mscopilot_proxy.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2604.1001.9.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.248.3.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\spaceman.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AppActions.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a5b5950537cd134e\RtkAudUService64.exe [2021320 2024-05-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [SteelSeriesGG] => C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe [20251704 2026-03-12] (GN Hearing A/S -> SteelSeries A/S)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [4148120 2026-04-12] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32\...\Run: [ASUS Smart Display Control] => C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe [178840 2024-03-29] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [14608920 2026-04-07] (GOG sp. z o.o -> GOG.com)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1008336 2026-04-23] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [5767832 2026-03-13] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2589432 2026-03-31] (Wargaming Group Limited -> Wargaming.net)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [3792032 2026-01-27] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [electron.app.Pi Network] => C:\Users\hejda\AppData\Local\Programs\pi-network-desktop\Pi Network.exe [199201592 2025-10-22] (SocialChain Inc -> Socialchain Inc.)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [RiotClient] => D:\Riot Games\Riot Client\RiotClientServices.exe [75632248 2026-04-26] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [Docker Desktop] => C:\Program Files\Docker\Docker\Docker Desktop.exe [13082544 2026-04-07] (Docker Inc -> Docker Inc.)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [MicrosoftEdgeAutoLaunch_E478EAC7BFC67F03F478E5F2D7931491] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [5026664 2026-04-24] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\...\AppCompatFlags\Custom\H3Blade.exe: [{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb] -> HoMM III Compatibility Database
HKLM\Software\...\AppCompatFlags\InstalledSDB\{62a24b39-0106-4990-90ea-3a09e9dda7a6}: [DatabasePath] -> C:\Windows\AppPatch\CustomSDB\{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb [2025-08-22]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{49210152-871f-4ffa-961d-a172abcbc09d}] -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe [3101848 2026-03-18] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\147.0.7727.103\Installer\chrmstp.exe [7429272 2026-04-22] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{ECDEB23C-E72D-F54F-081D-D2180DBF1497}] -> reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {410B4D63-12D8-4350-8F4A-E34014E8BDB6} - System32\Tasks\ASUS Hotplug Controller => C:\Program Files\ASUS\ASUS Hotplug Controller\AsHotplugCtrl.exe [208016 2024-04-08] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {ADAE697B-9848-4B6B-B869-544F532FC612} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusHotkey.exe [365064 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {889704A5-599C-40C2-AA82-B937D2F95827} - System32\Tasks\ASUS Update Checker 2.0 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusUpdateChecker.exe [852488 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {92D0D783-9E50-4AC0-8238-534D411197DD} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [359784 2024-01-15] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {0F054585-BEFC-4EB3-B450-F416C7F164B9} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [1812328 2024-01-15] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {E1B4053E-90F4-4FD6-8B4F-41D7D547725F} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [139091304 2024-04-19] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
Task: {719E5C49-92AE-4012-AD17-40F53E10A2E1} - System32\Tasks\ASUSSmartDisplayControl => C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe [178840 2024-03-29] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {3F0AD4E5-9017-4943-AE79-009EA9898A62} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemAnalysis\AsusSystemAnalysis.exe [4454920 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {B8DE8D77-5DE2-466C-A8FA-28A7FC000615} - System32\Tasks\AsusSystemDiagnosis_DriverQuality => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [1305608 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
Task: {1B0CB987-EC8F-4C09-9F3D-4A2A44055940} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem148.0.7730.0{595F8B06-08D2-4865-8F7D-5532E378B367} => C:\Program Files (x86)\Google\GoogleUpdater\148.0.7730.0\updater.exe [8459416 2026-03-12] (Google LLC -> Google LLC)
Task: {EC46F1CC-B0D4-4E08-983E-F9EF11EE6B8E} - System32\Tasks\Microsoft\Office\Office Actions Server => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ActionsServer\ActionsServer.exe [16380208 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {F178A75F-38CE-474E-BAF4-31FB056BD2EC} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28546448 2026-04-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {3DF83F57-55C6-45E5-949B-0C7AE810905A} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\opushutil.exe [73568 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {EC5D4D0B-1E6E-44BA-8850-4882A1D806BD} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28546448 2026-04-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {141D6492-8AC7-4436-BF5B-EE8F2E183B83} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [426776 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {95199692-FBC4-4D24-ADF0-63C005D1275B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [426776 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {92D30FB8-0502-4C39-A8F8-3024CCAA1602} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [1366888 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {4577BF73-D404-4AC1-A9E9-2C0F57120115} - System32\Tasks\Microsoft\Office\Office Startup Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ActionsServer\ActionsServer.exe [16380208 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {FF284009-385D-496B-AEFD-2F825AFF3F1B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {185304CA-D111-48BD-8CCA-5FEEC948BC33} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {31E8EB23-CCE6-44C5-BFAA-90B57D01590D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {62D1D874-E07F-450A-B3DF-0738B60E5CAF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {13E1DF2D-2322-4B67-9D6A-2EBEE9915C81} - System32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA App.exe [3346544 2026-04-07] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{1e830ae0-24bc-4813-841d-0138cb78e197}: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\14355535F54403: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\14355535F577966696: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\14355535F577966696F55374: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\2445D263736493D453: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\2445D263736493D453: [DhcpDomain] home
Tcpip\..\Interfaces\{e5f549ba-a1c6-454b-bee3-41a99569e0fe}: [DhcpDomain] local

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2026-01-25] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2025-12-07] (Microsoft Corporation -> Microsoft Corporation)

Edge:
=======
Edge Profile: C:\Users\hejda\AppData\Local\Microsoft\Edge\User Data\Default [2026-04-26]
Edge Extension: (VPN for Chrome: NordVPN proxy protection) - C:\Users\hejda\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2026-04-16]
Edge Extension: (Google Docs Offline) - C:\Users\hejda\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-04-23]
Edge Extension: (Edge relevant text changes) - C:\Users\hejda\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2026-03-15]
Edge HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [fjoaledfpmneenckfbpdfhkmimnjocfa]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\hejda\AppData\Local\Google\Chrome\User Data\Default [2026-04-27]
CHR DownloadDir: D:\Download
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://www.seznam.cz/"
CHR DefaultSearchURL: Default -> hxxps://thecharitych.com/search?the=QUMyZGV3cwRUUHZ2AldWcHIEVFx1cAcYVHB0BlBUdD8DU1N0cgBQUHB1TiEkCCJ7NQojAFopLDR7Sx4IHgRADzQMFV4DHS4AcFYRBRB3MSAABmslNgACdwMsAhBiIDoDNHc%3D&q={searchTerms}&source=hj
CHR DefaultSearchKeyword: Default -> yahoo.com
CHR DefaultNewTabURL: Default -> hxxps://thecharitych.com/nt?the=QUMyZGV3cwRUUHZ2AldWcHIEVFx1cAcYVHB0BlBUdD8DU1N0cgBQUHB1TiEkCCJ7NQojAFopLDR7Sx4IHgRADzQMFV4DHS4AcFYRBRB3MSAABmslNgACdwMsAhBiIDoDNHc%3D&source=hj
CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas_sfp&command={searchTerms}
CHR Extension: (VPN for Chrome: NordVPN proxy protection) - C:\Users\hejda\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2026-04-17]
CHR Extension: (Google Docs Offline) - C:\Users\hejda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-04-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\hejda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2025-08-19]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fjoaledfpmneenckfbpdfhkmimnjocfa]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ArmouryCrateControlInterface; C:\Windows\System32\ASUSACCI\ArmouryCrateControlInterface.exe [213016 2026-03-02] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe [401880 2024-05-31] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 AsusAppService; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\AsusAppService\AsusAppService.exe [1162760 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSOptimization; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimization.exe [654344 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 AsusPTPService; C:\Windows\System32\DriverStore\FileRepository\asusptpfilter.inf_amd64_1e467870260bcd2f\AsusPTPService.exe [229840 2024-09-04] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 ASUSSoftwareManager; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusSoftwareManager.exe [1422344 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSwitch; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSwitch\AsusSwitch.exe [653832 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemAnalysis\AsusSystemAnalysis.exe [4454920 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [1305608 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [3386064 2026-03-21] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13345600 2026-04-20] (Microsoft Corporation -> Microsoft Corporation)
S3 com.docker.service; C:\Program Files\Docker\Docker\com.docker.service [39344 2026-04-07] (Docker Inc -> Docker Inc.)
R2 DtsApo4Service; C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe [442368 2023-12-17] (DTS, Inc. -> DTS Inc.)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [20372640 2026-01-27] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [985896 2026-03-15] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 GalaxyClientService; \\?\C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2443288 2026-04-07] (GOG sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7656984 2026-04-07] (GOG sp. z o.o -> GOG.com)
R2 GameSDK Service; C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe [397544 2022-05-31] (ASUSTeK COMPUTER INC. -> ASUS Inc.)
R2 GlideXNearService; C:\Program Files\ASUS\GlideX\GlideXNear\GlideXNearService.exe [1825712 2025-11-13] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 GlideXRemoteService; C:\Program Files\ASUS\GlideX\GlideXRemote\GlideXRemoteService.exe [486832 2025-11-12] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​)
R2 GlideXService; C:\Program Files\ASUS\GlideX\GlideXService.exe [2985904 2025-11-13] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 GlideXServiceExt; C:\Program Files\ASUS\GlideX\GlideXServiceExt.exe [303024 2025-11-13] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [4926312 2024-05-06] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [976368 2026-04-24] (McAfee, LLC -> McAfee, LLC)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpDefenderCoreService.exe [2088128 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 MicrosoftCopilotElevationService; C:\Program Files (x86)\Microsoft\Copilot\Application\147.0.3912.84\elevation_service.exe [3602240 2026-04-23] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_98d8c76c5f0d1f70\Display.NvContainer\NVDisplay.Container.exe [1702600 2026-04-14] (NVIDIA Corporation -> NVIDIA Corporation)
R2 ROG Live Service; C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe [2045400 2024-05-13] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 SteelSeriesGGUpdateServiceProxy; C:\Program Files\SteelSeries\GG\SteelSeriesGGUpdateServiceProxy.exe [1587712 2025-03-12] (GN Hearing A/S -> )
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [55767304 2026-04-12] (Riot Games, Inc. -> Riot Games, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\NisSrv.exe [4480592 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MsMpEng.exe [290744 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 Bonjour Service; C:\Program Files\Blizzard\Bonjour Service\mDNSResponder.exe (No File)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_987f8cede005f427\amdfendrmgr.sys [36040 2024-05-09] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amduw23g; C:\Windows\System32\DriverStore\FileRepository\u0404233.inf_amd64_397a6af4950eb5ee\B402913\amdkmdag.sys [106001688 2024-06-14] (AMD Test Build -> Advanced Micro Devices, Inc.)
R2 amd_dpfc; C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_98d8c76c5f0d1f70\amd_dpfc.sys [47816 2026-04-14] (NVIDIA Corporation -> Advanced Micro Devices)
R3 AsusPTPDrv; C:\Windows\System32\DriverStore\FileRepository\asusptpfilter.inf_amd64_1e467870260bcd2f\AsusPTPFilter.sys [199632 2024-09-04] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R3 AsusSAIO; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemAnalysis\AsusSAIO.sys [51256 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R1 ATKWMIACPIIO; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusWmiAcpi.sys [50912 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [110592 2025-08-19] (Microsoft Corporation) [File not signed]
R0 fse; C:\Windows\System32\drivers\fse.sys [226688 2025-12-10] (Microsoft Windows -> Microsoft Corporation)
R3 KslD; C:\Windows\System32\drivers\wd\KslD.sys [82352 2026-03-08] (Microsoft Windows -> Microsoft Corporation)
S2 l1vhlwf; C:\Windows\System32\drivers\l1vhlwf.sys [144872 2026-04-14] (Microsoft Windows -> Microsoft Corporation)
R3 nvpcf; C:\Windows\System32\drivers\nvpcf.sys [308456 2026-02-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 ovpn-dco; C:\Windows\System32\drivers\ovpn-dco.sys [101008 2026-01-07] (WDKTestCert lev,133391533294737317 -> OpenVPN, Inc)
R3 rt68cx21; C:\Windows\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_043a02d7d5d8270f\rt68cx21x64.sys [752496 2023-08-16] (Realtek Semiconductor Corp. -> Realtek)
S3 RtkBtFilter2; C:\Windows\System32\DriverStore\FileRepository\rtkbtfilter.inf_amd64_899e279b64ed2cb5\RtkBtFilter2.sys [209640 2025-07-04] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corporation)
R3 ssdevfactory; C:\Windows\System32\drivers\ssdevfactory.sys [43568 2025-12-01] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
R3 sshid; C:\Windows\System32\drivers\sshid.sys [55856 2026-03-06] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
R3 SteelSeries_Sonar_VAD; C:\Windows\System32\DriverStore\FileRepository\steelseries-sonar-vad.inf_amd64_d2a852794d8f7bf8\SteelSeries-Sonar-VAD.sys [95912 2025-10-31] (GN Hearing A/S -> Windows (R) Win 7 DDK provider)
R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [70158624 2026-04-11] (Riot Games, Inc. -> Riot Games, Inc.)
S3 vmbusproxy; C:\Windows\system32\drivers\vmbusproxy.sys [98304 2025-08-19] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [21888 2026-04-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [647560 2026-04-14] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [100744 2026-04-14] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\Windows\System32\drivers\wintun.sys [38176 2026-03-09] (WireGuard LLC -> WireGuard LLC)
S3 WireGuard; C:\Windows\System32\drivers\wireguard.sys [489368 2026-03-09] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
U3 aswBcc; no ImagePath
U3 Avast Business Console Client Antivirus Service; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2026-04-27 01:23 - 2026-04-27 01:23 - 000036309 _____ C:\Users\hejda\Desktop\FRST.txt
2026-04-27 01:23 - 2026-04-27 01:19 - 002447360 _____ (Farbar) C:\Users\hejda\Desktop\FRST64.exe
2026-04-24 11:58 - 2026-04-26 20:21 - 000000000 ____D C:\Windows\CbsTemp
2026-04-23 00:38 - 2026-04-23 00:38 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2026-04-17 13:40 - 2026-04-17 13:40 - 000000000 ____D C:\Windows\LastGood.Tmp
2026-04-17 13:37 - 2026-04-14 14:30 - 029136584 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 028057800 _____ C:\Windows\system32\nvidia-pcc.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 021713096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 008441032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 005925064 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 005674192 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 005516456 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 005011408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 004466888 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 002421264 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 002421264 _____ C:\Windows\system32\vulkaninfo.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 002328264 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001923088 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 001923088 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 001724104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001625616 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001625616 _____ C:\Windows\system32\vulkan-1.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001621200 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 001583304 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001434640 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001434640 _____ C:\Windows\SysWOW64\vulkan-1.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001385672 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001231560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001064648 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000853704 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 000820432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000675016 _____ (NVIDIA Corporation) C:\Windows\system32\nvofapi64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000509128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvofapi.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000478928 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000469712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 000374992 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2026-04-17 13:37 - 2026-04-13 22:30 - 000162186 _____ C:\Windows\system32\nvinfo.pb
2026-04-14 21:25 - 2026-04-14 21:28 - 000000000 ___HD C:\$WinREAgent
2026-04-14 21:24 - 2026-04-14 21:24 - 000036843 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2026-04-14 21:24 - 2026-04-14 21:24 - 000036843 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2026-04-14 21:24 - 2026-04-14 21:24 - 000004575 _____ C:\Windows\system32\ResPriUHMImageList
2026-04-14 21:24 - 2026-04-14 21:24 - 000004575 _____ C:\Windows\system32\ResPriLMImageList
2026-04-14 21:24 - 2026-04-14 21:24 - 000004575 _____ C:\Windows\system32\ResPriImageList
2026-04-14 21:24 - 2026-04-14 21:24 - 000004575 _____ C:\Windows\system32\ResPriHMImageList
2026-04-14 20:33 - 2026-04-14 20:33 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2026-04-12 00:00 - 2026-04-12 00:00 - 000000000 ____D C:\Program Files (x86)\Intel
2026-04-11 23:59 - 2026-04-11 23:59 - 000000000 ____D C:\Program Files\Intel
2026-04-08 13:35 - 2026-04-08 13:35 - 000000000 ____D C:\Windows\system32\Tasks\SoftLanding
2026-04-07 12:55 - 2026-04-07 12:55 - 000002108 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Docker Desktop.lnk
2026-04-07 12:55 - 2026-04-07 12:55 - 000002102 _____ C:\Users\hejda\Desktop\Docker Desktop.lnk
2026-03-29 14:19 - 2026-03-29 14:19 - 000000000 ____D C:\Users\hejda\AppData\Local\Spotify

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2026-04-27 01:23 - 2026-02-28 00:11 - 000000000 ____D C:\FRST
2026-04-27 01:15 - 2025-08-19 18:05 - 000000000 ____D C:\Program Files (x86)\Steam
2026-04-27 01:13 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2026-04-27 01:11 - 2025-08-19 16:10 - 000000000 ____D C:\Users\hejda\AppData\Local\Battle.net
2026-04-27 00:33 - 2024-04-01 08:24 - 000000000 ____D C:\Windows\INF
2026-04-27 00:21 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SystemTemp
2026-04-27 00:03 - 2025-08-19 14:38 - 000003752 _____ C:\Windows\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2026-04-26 22:51 - 2026-03-03 20:43 - 134222904 _____ C:\Windows\392667600.dat
2026-04-26 22:51 - 2026-03-03 20:43 - 000000001 _____ C:\Windows\vgkbootstatus.dat
2026-04-26 22:49 - 2025-08-19 15:33 - 000000000 ____D C:\Users\hejda\AppData\Local\D3DSCache
2026-04-26 22:48 - 2026-03-03 20:13 - 000000000 ____D C:\ProgramData\Riot Games
2026-04-26 22:47 - 2026-03-03 20:17 - 000000000 ____D C:\Program Files\Riot Vanguard
2026-04-26 22:47 - 2026-03-03 20:14 - 000000000 ____D C:\Users\hejda\AppData\Roaming\riot-client-ux
2026-04-26 22:47 - 2026-03-03 20:14 - 000000000 ____D C:\Users\hejda\AppData\Roaming\Riot Client
2026-04-26 18:28 - 2025-03-13 01:19 - 000791266 _____ C:\Windows\system32\PerfStringBackup.INI
2026-04-26 18:26 - 2025-12-14 18:57 - 000003822 _____ C:\Windows\system32\Tasks\AsusSystemDiagnosis_DriverQuality
2026-04-26 18:21 - 2026-03-01 19:45 - 000008614 _____ C:\Windows\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2026-04-26 18:21 - 2025-09-14 22:39 - 000000000 ____D C:\Users\hejda\AppData\Roaming\Pi Network
2026-04-26 18:21 - 2025-08-19 15:43 - 000000000 ____D C:\Users\hejda\AppData\Roaming\asus_framework
2026-04-26 18:21 - 2025-03-13 01:24 - 000000000 ____D C:\Windows\system32\ASUSACCI
2026-04-26 18:21 - 2025-03-13 01:13 - 000000000 ____D C:\ProgramData\NVIDIA
2026-04-26 18:21 - 2024-05-26 10:14 - 000012288 ___SH C:\DumpStack.log.tmp
2026-04-26 18:21 - 2024-05-26 10:14 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2026-04-26 18:21 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\AppReadiness
2026-04-26 18:20 - 2024-04-01 08:21 - 000786432 _____ C:\Windows\system32\config\BBI
2026-04-26 18:10 - 2025-08-19 15:33 - 000000000 ____D C:\Users\hejda\AppData\Local\Packages
2026-04-26 18:07 - 2024-04-01 08:26 - 000000000 ___HD C:\Program Files\WindowsApps
2026-04-26 17:50 - 2024-05-26 10:14 - 000000000 ____D C:\Windows\system32\SleepStudy
2026-04-26 16:34 - 2024-05-26 10:14 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2026-04-24 10:39 - 2025-11-02 03:08 - 000000000 ____D C:\ProgramData\Whesvc
2026-04-23 23:58 - 2025-08-19 16:10 - 000000000 ____D C:\Program Files (x86)\Battle.net
2026-04-23 00:39 - 2025-08-19 18:12 - 000000000 ____D C:\Users\hejda\AppData\Local\NVIDIA
2026-04-23 00:38 - 2024-05-26 10:17 - 000000000 ____D C:\Program Files\Microsoft Office
2026-04-23 00:28 - 2025-08-19 16:58 - 000002209 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2026-04-23 00:28 - 2025-08-19 16:58 - 000002168 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2026-04-20 20:44 - 2025-08-19 15:44 - 000003576 _____ C:\Windows\system32\Tasks\OneDrive Startup Task-S-1-5-21-1589204013-1864288644-3288743639-1001
2026-04-20 20:44 - 2025-08-19 15:43 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1589204013-1864288644-3288743639-1001
2026-04-20 20:44 - 2025-08-19 15:43 - 000003362 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1589204013-1864288644-3288743639-1001
2026-04-20 20:44 - 2025-08-19 15:43 - 000002385 _____ C:\Users\hejda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2026-04-20 15:24 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\LiveKernelReports
2026-04-17 13:36 - 2025-08-19 15:43 - 000000000 ____D C:\Users\hejda\AppData\Local\NVIDIA Corporation
2026-04-15 00:58 - 2025-03-13 01:19 - 000001623 _____ C:\Windows\system32\config\VSMIDK
2026-04-15 00:56 - 2026-03-13 23:32 - 000480856 _____ C:\Windows\system32\FNTCACHE.DAT
2026-04-15 00:55 - 2025-08-19 15:24 - 000000000 ____D C:\Windows\system32\ruxim
2026-04-15 00:55 - 2024-05-26 10:54 - 000000000 ____D C:\Windows\system32\Drivers\en-GB
2026-04-15 00:55 - 2024-05-26 10:54 - 000000000 ____D C:\Windows\en-GB
2026-04-15 00:55 - 2024-04-01 09:08 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ___SD C:\Windows\SysWOW64\F12
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ___SD C:\Windows\system32\F12
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\vi-VN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ur-PK
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ug-CN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\tt-RU
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\te-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ta-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\sq-AL
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\quz-PE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\qps-plocm
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\qps-ploc
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\pa-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\or-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\oobe
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\nn-NO
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ne-NP
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\mt-MT
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\mr-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ml-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\mk-MK
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\mi-NZ
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\lo-LA
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\lb-LU
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\kok-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\kn-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\km-KH
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\kk-KZ
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ka-GE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\is-IS
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\InstallShield
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\id-ID
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\hy-AM
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\hi-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\gu-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\gl-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\gd-GB
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ga-IE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\fil-PH
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\fa-IR
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\eu-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\Dism
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\cy-GB
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ca-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\bn-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\be-BY
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\as-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\am-ET
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\af-ZA
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SystemResources
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\WinMetadata
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\vi-VN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ur-PK
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ug-CN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\tt-RU
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\te-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ta-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\sq-AL
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ShellExperiences
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\setup
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\quz-PE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\qps-plocm
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\qps-ploc
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\pa-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\or-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\oobe
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\nn-NO
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ne-NP
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\mt-MT
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\mr-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ml-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\mk-MK
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\mi-NZ
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\migwiz
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\lv-LV
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\lt-LT
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\lo-LA
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\lb-LU
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\kok-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\kn-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\km-KH
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\kk-KZ
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ka-GE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\is-IS
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\id-ID
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\hy-AM
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\hi-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\HealthAttestationClient
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\gu-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\gl-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\gd-GB
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ga-IE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\fil-PH
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\fa-IR
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\eu-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\et-EE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\es-MX
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\Dism
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\cy-GB
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ca-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\bn-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\be-BY
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\as-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\appraiser
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\am-ET
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\af-ZA
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\ShellExperiences
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\ShellComponents
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\Provisioning
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\DiagTrack
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\BrowserCore
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\bcastdvr
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\System
2026-04-15 00:55 - 2024-04-01 08:21 - 000000000 ____D C:\Windows\servicing
2026-04-14 21:34 - 2024-04-01 08:26 - 000282624 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2026-04-14 21:34 - 2024-04-01 08:26 - 000235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2026-04-14 21:24 - 2024-05-26 10:16 - 003268096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2026-04-14 21:03 - 2025-08-19 21:11 - 000000000 ____D C:\Windows\system32\MRT
2026-04-14 21:01 - 2025-08-19 21:11 - 218249592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2026-04-14 20:49 - 2025-08-19 15:32 - 000000000 ____D C:\Users\hejda\AppData\Local\PlaceholderTileLogoFolder
2026-04-14 20:49 - 2025-03-13 01:10 - 000000000 ____D C:\ProgramData\Packages
2026-04-14 20:49 - 2024-05-26 10:14 - 000000000 ____D C:\Windows\system32\Drivers\wd
2026-04-14 20:46 - 2025-08-19 15:44 - 000000000 ____D C:\Users\hejda\AppData\Local\Comms
2026-04-12 02:57 - 2025-09-08 04:42 - 000001396 _____ C:\Users\Public\Desktop\NVIDIA App.lnk
2026-04-12 02:57 - 2025-09-08 04:35 - 000003834 _____ C:\Windows\system32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2026-04-12 02:57 - 2025-08-19 15:43 - 000000000 ___RD C:\Users\hejda\OneDrive
2026-04-12 02:57 - 2025-03-13 01:14 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2026-04-11 23:59 - 2025-03-13 01:15 - 000000000 ____D C:\ProgramData\Package Cache
2026-04-11 22:44 - 2025-10-13 21:36 - 000000434 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2026-04-11 14:27 - 2025-10-13 21:34 - 000000000 ____D C:\Users\hejda\AppData\Roaming\Docker Desktop
2026-04-11 12:51 - 2025-10-13 21:34 - 000000000 ____D C:\Users\hejda\AppData\Local\docker-secrets-engine
2026-04-11 12:51 - 2025-10-13 21:31 - 000000000 ____D C:\Users\hejda\.docker
2026-04-11 12:51 - 2025-10-13 21:29 - 000000000 ____D C:\Users\hejda\AppData\Roaming\Docker
2026-04-11 01:18 - 2024-05-26 10:14 - 000003610 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{0D77E3DA-EDAC-4B78-8B97-3078243A3EB0}
2026-04-11 01:18 - 2024-05-26 10:14 - 000003484 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{04F810C2-61C9-48F3-A74E-6C906168D8E8}
2026-04-09 23:05 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\SecurityHealth
2026-04-07 12:55 - 2026-03-03 22:07 - 000000000 ____D C:\Program Files\Docker
2026-04-07 12:55 - 2025-10-13 21:29 - 000000000 ____D C:\ProgramData\DockerDesktop
2026-04-07 12:54 - 2025-10-13 21:29 - 000000000 ____D C:\Users\hejda\AppData\Local\Docker
2026-04-07 12:47 - 2025-08-19 15:50 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2026-04-07 06:23 - 2025-09-08 04:35 - 001311344 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2026-04-07 06:23 - 2025-09-08 04:35 - 001116272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2026-04-07 06:23 - 2025-03-13 01:15 - 000296560 _____ C:\Windows\system32\FvSDK_x64.dll
2026-04-07 06:23 - 2025-03-13 01:15 - 000271472 _____ C:\Windows\SysWOW64\FvSDK_x86.dll
2026-04-07 06:00 - 2026-02-05 00:52 - 000161936 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap32v.dll
2026-04-07 06:00 - 2025-09-08 04:34 - 000185496 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2026-04-07 05:59 - 2025-09-08 04:35 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2026-04-05 22:13 - 2026-01-21 17:57 - 000004132 _____ C:\Windows\system32\Tasks\ASUS Update Checker 2.0
2026-04-05 22:13 - 2025-03-13 01:06 - 000003756 _____ C:\Windows\system32\Tasks\ASUS Optimization 36D18D69AFC3
2026-04-05 03:42 - 2025-08-19 15:51 - 000000000 ____D C:\Users\hejda\AppData\Local\CrashDumps
2026-03-29 00:50 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\microsoft shared

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119880
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosim zase jednou o kontrolu logu. Predem moc dekuji.

#2 Příspěvek od Rudy »

Zdravím!.txt
Aby kontrola mohla být provedena kompletně, potřebuji vidět ještě lo Addition. Najdete ho na ploše v souboru addition txt. Děkuji.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Hejdys84
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 28 úno 2026 00:23

Re: Prosim zase jednou o kontrolu logu. Predem moc dekuji.

#3 Příspěvek od Hejdys84 »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-04-2026
Ran by hejda (administrator) on HEJDYS (ASUSTeK COMPUTER INC. ASUS TUF Gaming A15 FA506NC_FA506NC) (27-04-2026 01:23:27)
Running from C:\Users\hejda\Desktop\FRST64.exe
Loaded Profiles: hejda
Platform: Microsoft Windows 11 Home Version 25H2 26200.8246 (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe
(0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe
(453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe
(ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\GlideX\adb.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOSD.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files (x86)\LightingService\LightingService.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\AacAmbientHal\AacAmbientLighting.exe
(C:\Program Files (x86)\LightingService\LightingService.exe ->) (ASUSTeK COMPUTER INC. -> TODO: <Company name>) C:\Program Files\ASUS\AacAmbientHal\AacAmbientKeyScanner.exe
(C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA Overlay.exe <5>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA App\ShadowPlay\nvsphelper64.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\amdow.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSSrcExt.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\cncmd.exe
(C:\Program Files\WindowsApps\Microsoft.YourPhone_1.26022.64.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.26022.64.0_x64__8wekyb3d8bbwe\YourPhoneAppProxy.exe
(C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\crashpad_handler.exe <2>
(DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimization.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusHotkey.exe
(DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimization.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimizationStartupTask.exe
(DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusSoftwareManager.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe
(DriverStore\FileRepository\u0404233.inf_amd64_397a6af4950eb5ee\B402913\atiesrxx.exe ->) (AMD Test Build -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0404233.inf_amd64_397a6af4950eb5ee\B402913\atieclxx.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <9>
(services.exe ->) (AMD Test Build -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0404233.inf_amd64_397a6af4950eb5ee\B402913\atiesrxx.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUS Inc.) C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) C:\Program Files\ASUS\GlideX\GlideXRemote\GlideXRemoteService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files\ASUS\GlideX\GlideXNear\GlideXNearService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\GlideX\GlideXService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\GlideX\GlideXServiceExt.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\ASUSACCI\ArmouryCrateControlInterface.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asusptpfilter.inf_amd64_1e467870260bcd2f\AsusPTPService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\AsusAppService\AsusAppService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimization.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusSoftwareManager.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSwitch\AsusSwitch.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemAnalysis\AsusSystemAnalysis.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WSL\wslservice.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_987f8cede005f427\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <4>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_98d8c76c5f0d1f70\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a5b5950537cd134e\RtkAudUService64.exe <2>
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> WhatsApp.Root) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2613.101.0_x64__cv1g1gvanyjgm\WhatsApp.Root.exe
(svchost.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\XboxGameBarSpotify.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <4>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS Hotplug Controller\AsHotplugCtrl.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.Edge.GameAssist_1.0.3590.0_x64__8wekyb3d8bbwe\EdgeGameAssist.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Copilot\Application\mscopilot_proxy.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2604.1001.9.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.248.3.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\spaceman.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AppActions.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a5b5950537cd134e\RtkAudUService64.exe [2021320 2024-05-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [SteelSeriesGG] => C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe [20251704 2026-03-12] (GN Hearing A/S -> SteelSeries A/S)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [4148120 2026-04-12] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32\...\Run: [ASUS Smart Display Control] => C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe [178840 2024-03-29] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [14608920 2026-04-07] (GOG sp. z o.o -> GOG.com)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1008336 2026-04-23] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [5767832 2026-03-13] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2589432 2026-03-31] (Wargaming Group Limited -> Wargaming.net)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [3792032 2026-01-27] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [electron.app.Pi Network] => C:\Users\hejda\AppData\Local\Programs\pi-network-desktop\Pi Network.exe [199201592 2025-10-22] (SocialChain Inc -> Socialchain Inc.)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [RiotClient] => D:\Riot Games\Riot Client\RiotClientServices.exe [75632248 2026-04-26] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [Docker Desktop] => C:\Program Files\Docker\Docker\Docker Desktop.exe [13082544 2026-04-07] (Docker Inc -> Docker Inc.)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [MicrosoftEdgeAutoLaunch_E478EAC7BFC67F03F478E5F2D7931491] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [5026664 2026-04-24] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\...\AppCompatFlags\Custom\H3Blade.exe: [{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb] -> HoMM III Compatibility Database
HKLM\Software\...\AppCompatFlags\InstalledSDB\{62a24b39-0106-4990-90ea-3a09e9dda7a6}: [DatabasePath] -> C:\Windows\AppPatch\CustomSDB\{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb [2025-08-22]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{49210152-871f-4ffa-961d-a172abcbc09d}] -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe [3101848 2026-03-18] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\147.0.7727.103\Installer\chrmstp.exe [7429272 2026-04-22] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{ECDEB23C-E72D-F54F-081D-D2180DBF1497}] -> reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {410B4D63-12D8-4350-8F4A-E34014E8BDB6} - System32\Tasks\ASUS Hotplug Controller => C:\Program Files\ASUS\ASUS Hotplug Controller\AsHotplugCtrl.exe [208016 2024-04-08] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {ADAE697B-9848-4B6B-B869-544F532FC612} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusHotkey.exe [365064 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {889704A5-599C-40C2-AA82-B937D2F95827} - System32\Tasks\ASUS Update Checker 2.0 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusUpdateChecker.exe [852488 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {92D0D783-9E50-4AC0-8238-534D411197DD} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [359784 2024-01-15] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {0F054585-BEFC-4EB3-B450-F416C7F164B9} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [1812328 2024-01-15] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {E1B4053E-90F4-4FD6-8B4F-41D7D547725F} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [139091304 2024-04-19] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
Task: {719E5C49-92AE-4012-AD17-40F53E10A2E1} - System32\Tasks\ASUSSmartDisplayControl => C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe [178840 2024-03-29] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {3F0AD4E5-9017-4943-AE79-009EA9898A62} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemAnalysis\AsusSystemAnalysis.exe [4454920 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {B8DE8D77-5DE2-466C-A8FA-28A7FC000615} - System32\Tasks\AsusSystemDiagnosis_DriverQuality => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [1305608 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
Task: {1B0CB987-EC8F-4C09-9F3D-4A2A44055940} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem148.0.7730.0{595F8B06-08D2-4865-8F7D-5532E378B367} => C:\Program Files (x86)\Google\GoogleUpdater\148.0.7730.0\updater.exe [8459416 2026-03-12] (Google LLC -> Google LLC)
Task: {EC46F1CC-B0D4-4E08-983E-F9EF11EE6B8E} - System32\Tasks\Microsoft\Office\Office Actions Server => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ActionsServer\ActionsServer.exe [16380208 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {F178A75F-38CE-474E-BAF4-31FB056BD2EC} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28546448 2026-04-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {3DF83F57-55C6-45E5-949B-0C7AE810905A} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\opushutil.exe [73568 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {EC5D4D0B-1E6E-44BA-8850-4882A1D806BD} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28546448 2026-04-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {141D6492-8AC7-4436-BF5B-EE8F2E183B83} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [426776 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {95199692-FBC4-4D24-ADF0-63C005D1275B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [426776 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {92D30FB8-0502-4C39-A8F8-3024CCAA1602} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [1366888 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {4577BF73-D404-4AC1-A9E9-2C0F57120115} - System32\Tasks\Microsoft\Office\Office Startup Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ActionsServer\ActionsServer.exe [16380208 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {FF284009-385D-496B-AEFD-2F825AFF3F1B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {185304CA-D111-48BD-8CCA-5FEEC948BC33} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {31E8EB23-CCE6-44C5-BFAA-90B57D01590D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {62D1D874-E07F-450A-B3DF-0738B60E5CAF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {13E1DF2D-2322-4B67-9D6A-2EBEE9915C81} - System32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA App.exe [3346544 2026-04-07] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{1e830ae0-24bc-4813-841d-0138cb78e197}: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\14355535F54403: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\14355535F577966696: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\14355535F577966696F55374: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\2445D263736493D453: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\2445D263736493D453: [DhcpDomain] home
Tcpip\..\Interfaces\{e5f549ba-a1c6-454b-bee3-41a99569e0fe}: [DhcpDomain] local

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2026-01-25] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2025-12-07] (Microsoft Corporation -> Microsoft Corporation)

Edge:
=======
Edge Profile: C:\Users\hejda\AppData\Local\Microsoft\Edge\User Data\Default [2026-04-26]
Edge Extension: (VPN for Chrome: NordVPN proxy protection) - C:\Users\hejda\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2026-04-16]
Edge Extension: (Google Docs Offline) - C:\Users\hejda\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-04-23]
Edge Extension: (Edge relevant text changes) - C:\Users\hejda\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2026-03-15]
Edge HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [fjoaledfpmneenckfbpdfhkmimnjocfa]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\hejda\AppData\Local\Google\Chrome\User Data\Default [2026-04-27]
CHR DownloadDir: D:\Download
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://www.seznam.cz/"
CHR DefaultSearchURL: Default -> hxxps://thecharitych.com/search?the=QUMyZGV3cwRUUHZ2AldWcHIEVFx1cAcYVHB0BlBUdD8DU1N0cgBQUHB1TiEkCCJ7NQojAFopLDR7Sx4IHgRADzQMFV4DHS4AcFYRBRB3MSAABmslNgACdwMsAhBiIDoDNHc%3D&q={searchTerms}&source=hj
CHR DefaultSearchKeyword: Default -> yahoo.com
CHR DefaultNewTabURL: Default -> hxxps://thecharitych.com/nt?the=QUMyZGV3cwRUUHZ2AldWcHIEVFx1cAcYVHB0BlBUdD8DU1N0cgBQUHB1TiEkCCJ7NQojAFopLDR7Sx4IHgRADzQMFV4DHS4AcFYRBRB3MSAABmslNgACdwMsAhBiIDoDNHc%3D&source=hj
CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas_sfp&command={searchTerms}
CHR Extension: (VPN for Chrome: NordVPN proxy protection) - C:\Users\hejda\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2026-04-17]
CHR Extension: (Google Docs Offline) - C:\Users\hejda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-04-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\hejda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2025-08-19]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fjoaledfpmneenckfbpdfhkmimnjocfa]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ArmouryCrateControlInterface; C:\Windows\System32\ASUSACCI\ArmouryCrateControlInterface.exe [213016 2026-03-02] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe [401880 2024-05-31] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 AsusAppService; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\AsusAppService\AsusAppService.exe [1162760 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSOptimization; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimization.exe [654344 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 AsusPTPService; C:\Windows\System32\DriverStore\FileRepository\asusptpfilter.inf_amd64_1e467870260bcd2f\AsusPTPService.exe [229840 2024-09-04] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 ASUSSoftwareManager; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusSoftwareManager.exe [1422344 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSwitch; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSwitch\AsusSwitch.exe [653832 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemAnalysis\AsusSystemAnalysis.exe [4454920 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [1305608 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [3386064 2026-03-21] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13345600 2026-04-20] (Microsoft Corporation -> Microsoft Corporation)
S3 com.docker.service; C:\Program Files\Docker\Docker\com.docker.service [39344 2026-04-07] (Docker Inc -> Docker Inc.)
R2 DtsApo4Service; C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe [442368 2023-12-17] (DTS, Inc. -> DTS Inc.)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [20372640 2026-01-27] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [985896 2026-03-15] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 GalaxyClientService; \\?\C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2443288 2026-04-07] (GOG sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7656984 2026-04-07] (GOG sp. z o.o -> GOG.com)
R2 GameSDK Service; C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe [397544 2022-05-31] (ASUSTeK COMPUTER INC. -> ASUS Inc.)
R2 GlideXNearService; C:\Program Files\ASUS\GlideX\GlideXNear\GlideXNearService.exe [1825712 2025-11-13] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 GlideXRemoteService; C:\Program Files\ASUS\GlideX\GlideXRemote\GlideXRemoteService.exe [486832 2025-11-12] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​)
R2 GlideXService; C:\Program Files\ASUS\GlideX\GlideXService.exe [2985904 2025-11-13] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 GlideXServiceExt; C:\Program Files\ASUS\GlideX\GlideXServiceExt.exe [303024 2025-11-13] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [4926312 2024-05-06] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [976368 2026-04-24] (McAfee, LLC -> McAfee, LLC)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpDefenderCoreService.exe [2088128 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 MicrosoftCopilotElevationService; C:\Program Files (x86)\Microsoft\Copilot\Application\147.0.3912.84\elevation_service.exe [3602240 2026-04-23] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_98d8c76c5f0d1f70\Display.NvContainer\NVDisplay.Container.exe [1702600 2026-04-14] (NVIDIA Corporation -> NVIDIA Corporation)
R2 ROG Live Service; C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe [2045400 2024-05-13] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 SteelSeriesGGUpdateServiceProxy; C:\Program Files\SteelSeries\GG\SteelSeriesGGUpdateServiceProxy.exe [1587712 2025-03-12] (GN Hearing A/S -> )
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [55767304 2026-04-12] (Riot Games, Inc. -> Riot Games, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\NisSrv.exe [4480592 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MsMpEng.exe [290744 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 Bonjour Service; C:\Program Files\Blizzard\Bonjour Service\mDNSResponder.exe (No File)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_987f8cede005f427\amdfendrmgr.sys [36040 2024-05-09] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amduw23g; C:\Windows\System32\DriverStore\FileRepository\u0404233.inf_amd64_397a6af4950eb5ee\B402913\amdkmdag.sys [106001688 2024-06-14] (AMD Test Build -> Advanced Micro Devices, Inc.)
R2 amd_dpfc; C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_98d8c76c5f0d1f70\amd_dpfc.sys [47816 2026-04-14] (NVIDIA Corporation -> Advanced Micro Devices)
R3 AsusPTPDrv; C:\Windows\System32\DriverStore\FileRepository\asusptpfilter.inf_amd64_1e467870260bcd2f\AsusPTPFilter.sys [199632 2024-09-04] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R3 AsusSAIO; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemAnalysis\AsusSAIO.sys [51256 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R1 ATKWMIACPIIO; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusWmiAcpi.sys [50912 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [110592 2025-08-19] (Microsoft Corporation) [File not signed]
R0 fse; C:\Windows\System32\drivers\fse.sys [226688 2025-12-10] (Microsoft Windows -> Microsoft Corporation)
R3 KslD; C:\Windows\System32\drivers\wd\KslD.sys [82352 2026-03-08] (Microsoft Windows -> Microsoft Corporation)
S2 l1vhlwf; C:\Windows\System32\drivers\l1vhlwf.sys [144872 2026-04-14] (Microsoft Windows -> Microsoft Corporation)
R3 nvpcf; C:\Windows\System32\drivers\nvpcf.sys [308456 2026-02-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 ovpn-dco; C:\Windows\System32\drivers\ovpn-dco.sys [101008 2026-01-07] (WDKTestCert lev,133391533294737317 -> OpenVPN, Inc)
R3 rt68cx21; C:\Windows\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_043a02d7d5d8270f\rt68cx21x64.sys [752496 2023-08-16] (Realtek Semiconductor Corp. -> Realtek)
S3 RtkBtFilter2; C:\Windows\System32\DriverStore\FileRepository\rtkbtfilter.inf_amd64_899e279b64ed2cb5\RtkBtFilter2.sys [209640 2025-07-04] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corporation)
R3 ssdevfactory; C:\Windows\System32\drivers\ssdevfactory.sys [43568 2025-12-01] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
R3 sshid; C:\Windows\System32\drivers\sshid.sys [55856 2026-03-06] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
R3 SteelSeries_Sonar_VAD; C:\Windows\System32\DriverStore\FileRepository\steelseries-sonar-vad.inf_amd64_d2a852794d8f7bf8\SteelSeries-Sonar-VAD.sys [95912 2025-10-31] (GN Hearing A/S -> Windows (R) Win 7 DDK provider)
R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [70158624 2026-04-11] (Riot Games, Inc. -> Riot Games, Inc.)
S3 vmbusproxy; C:\Windows\system32\drivers\vmbusproxy.sys [98304 2025-08-19] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [21888 2026-04-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [647560 2026-04-14] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [100744 2026-04-14] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\Windows\System32\drivers\wintun.sys [38176 2026-03-09] (WireGuard LLC -> WireGuard LLC)
S3 WireGuard; C:\Windows\System32\drivers\wireguard.sys [489368 2026-03-09] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
U3 aswBcc; no ImagePath
U3 Avast Business Console Client Antivirus Service; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2026-04-27 01:23 - 2026-04-27 01:23 - 000036309 _____ C:\Users\hejda\Desktop\FRST.txt
2026-04-27 01:23 - 2026-04-27 01:19 - 002447360 _____ (Farbar) C:\Users\hejda\Desktop\FRST64.exe
2026-04-24 11:58 - 2026-04-26 20:21 - 000000000 ____D C:\Windows\CbsTemp
2026-04-23 00:38 - 2026-04-23 00:38 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2026-04-17 13:40 - 2026-04-17 13:40 - 000000000 ____D C:\Windows\LastGood.Tmp
2026-04-17 13:37 - 2026-04-14 14:30 - 029136584 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 028057800 _____ C:\Windows\system32\nvidia-pcc.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 021713096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 008441032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 005925064 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 005674192 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 005516456 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 005011408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 004466888 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 002421264 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 002421264 _____ C:\Windows\system32\vulkaninfo.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 002328264 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001923088 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 001923088 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 001724104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001625616 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001625616 _____ C:\Windows\system32\vulkan-1.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001621200 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 001583304 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001434640 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001434640 _____ C:\Windows\SysWOW64\vulkan-1.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001385672 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001231560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001064648 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000853704 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 000820432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000675016 _____ (NVIDIA Corporation) C:\Windows\system32\nvofapi64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000509128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvofapi.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000478928 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000469712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 000374992 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2026-04-17 13:37 - 2026-04-13 22:30 - 000162186 _____ C:\Windows\system32\nvinfo.pb
2026-04-14 21:25 - 2026-04-14 21:28 - 000000000 ___HD C:\$WinREAgent
2026-04-14 21:24 - 2026-04-14 21:24 - 000036843 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2026-04-14 21:24 - 2026-04-14 21:24 - 000036843 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2026-04-14 21:24 - 2026-04-14 21:24 - 000004575 _____ C:\Windows\system32\ResPriUHMImageList
2026-04-14 21:24 - 2026-04-14 21:24 - 000004575 _____ C:\Windows\system32\ResPriLMImageList
2026-04-14 21:24 - 2026-04-14 21:24 - 000004575 _____ C:\Windows\system32\ResPriImageList
2026-04-14 21:24 - 2026-04-14 21:24 - 000004575 _____ C:\Windows\system32\ResPriHMImageList
2026-04-14 20:33 - 2026-04-14 20:33 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2026-04-12 00:00 - 2026-04-12 00:00 - 000000000 ____D C:\Program Files (x86)\Intel
2026-04-11 23:59 - 2026-04-11 23:59 - 000000000 ____D C:\Program Files\Intel
2026-04-08 13:35 - 2026-04-08 13:35 - 000000000 ____D C:\Windows\system32\Tasks\SoftLanding
2026-04-07 12:55 - 2026-04-07 12:55 - 000002108 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Docker Desktop.lnk
2026-04-07 12:55 - 2026-04-07 12:55 - 000002102 _____ C:\Users\hejda\Desktop\Docker Desktop.lnk
2026-03-29 14:19 - 2026-03-29 14:19 - 000000000 ____D C:\Users\hejda\AppData\Local\Spotify

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2026-04-27 01:23 - 2026-02-28 00:11 - 000000000 ____D C:\FRST
2026-04-27 01:15 - 2025-08-19 18:05 - 000000000 ____D C:\Program Files (x86)\Steam
2026-04-27 01:13 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2026-04-27 01:11 - 2025-08-19 16:10 - 000000000 ____D C:\Users\hejda\AppData\Local\Battle.net
2026-04-27 00:33 - 2024-04-01 08:24 - 000000000 ____D C:\Windows\INF
2026-04-27 00:21 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SystemTemp
2026-04-27 00:03 - 2025-08-19 14:38 - 000003752 _____ C:\Windows\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2026-04-26 22:51 - 2026-03-03 20:43 - 134222904 _____ C:\Windows\392667600.dat
2026-04-26 22:51 - 2026-03-03 20:43 - 000000001 _____ C:\Windows\vgkbootstatus.dat
2026-04-26 22:49 - 2025-08-19 15:33 - 000000000 ____D C:\Users\hejda\AppData\Local\D3DSCache
2026-04-26 22:48 - 2026-03-03 20:13 - 000000000 ____D C:\ProgramData\Riot Games
2026-04-26 22:47 - 2026-03-03 20:17 - 000000000 ____D C:\Program Files\Riot Vanguard
2026-04-26 22:47 - 2026-03-03 20:14 - 000000000 ____D C:\Users\hejda\AppData\Roaming\riot-client-ux
2026-04-26 22:47 - 2026-03-03 20:14 - 000000000 ____D C:\Users\hejda\AppData\Roaming\Riot Client
2026-04-26 18:28 - 2025-03-13 01:19 - 000791266 _____ C:\Windows\system32\PerfStringBackup.INI
2026-04-26 18:26 - 2025-12-14 18:57 - 000003822 _____ C:\Windows\system32\Tasks\AsusSystemDiagnosis_DriverQuality
2026-04-26 18:21 - 2026-03-01 19:45 - 000008614 _____ C:\Windows\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2026-04-26 18:21 - 2025-09-14 22:39 - 000000000 ____D C:\Users\hejda\AppData\Roaming\Pi Network
2026-04-26 18:21 - 2025-08-19 15:43 - 000000000 ____D C:\Users\hejda\AppData\Roaming\asus_framework
2026-04-26 18:21 - 2025-03-13 01:24 - 000000000 ____D C:\Windows\system32\ASUSACCI
2026-04-26 18:21 - 2025-03-13 01:13 - 000000000 ____D C:\ProgramData\NVIDIA
2026-04-26 18:21 - 2024-05-26 10:14 - 000012288 ___SH C:\DumpStack.log.tmp
2026-04-26 18:21 - 2024-05-26 10:14 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2026-04-26 18:21 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\AppReadiness
2026-04-26 18:20 - 2024-04-01 08:21 - 000786432 _____ C:\Windows\system32\config\BBI
2026-04-26 18:10 - 2025-08-19 15:33 - 000000000 ____D C:\Users\hejda\AppData\Local\Packages
2026-04-26 18:07 - 2024-04-01 08:26 - 000000000 ___HD C:\Program Files\WindowsApps
2026-04-26 17:50 - 2024-05-26 10:14 - 000000000 ____D C:\Windows\system32\SleepStudy
2026-04-26 16:34 - 2024-05-26 10:14 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2026-04-24 10:39 - 2025-11-02 03:08 - 000000000 ____D C:\ProgramData\Whesvc
2026-04-23 23:58 - 2025-08-19 16:10 - 000000000 ____D C:\Program Files (x86)\Battle.net
2026-04-23 00:39 - 2025-08-19 18:12 - 000000000 ____D C:\Users\hejda\AppData\Local\NVIDIA
2026-04-23 00:38 - 2024-05-26 10:17 - 000000000 ____D C:\Program Files\Microsoft Office
2026-04-23 00:28 - 2025-08-19 16:58 - 000002209 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2026-04-23 00:28 - 2025-08-19 16:58 - 000002168 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2026-04-20 20:44 - 2025-08-19 15:44 - 000003576 _____ C:\Windows\system32\Tasks\OneDrive Startup Task-S-1-5-21-1589204013-1864288644-3288743639-1001
2026-04-20 20:44 - 2025-08-19 15:43 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1589204013-1864288644-3288743639-1001
2026-04-20 20:44 - 2025-08-19 15:43 - 000003362 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1589204013-1864288644-3288743639-1001
2026-04-20 20:44 - 2025-08-19 15:43 - 000002385 _____ C:\Users\hejda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2026-04-20 15:24 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\LiveKernelReports
2026-04-17 13:36 - 2025-08-19 15:43 - 000000000 ____D C:\Users\hejda\AppData\Local\NVIDIA Corporation
2026-04-15 00:58 - 2025-03-13 01:19 - 000001623 _____ C:\Windows\system32\config\VSMIDK
2026-04-15 00:56 - 2026-03-13 23:32 - 000480856 _____ C:\Windows\system32\FNTCACHE.DAT
2026-04-15 00:55 - 2025-08-19 15:24 - 000000000 ____D C:\Windows\system32\ruxim
2026-04-15 00:55 - 2024-05-26 10:54 - 000000000 ____D C:\Windows\system32\Drivers\en-GB
2026-04-15 00:55 - 2024-05-26 10:54 - 000000000 ____D C:\Windows\en-GB
2026-04-15 00:55 - 2024-04-01 09:08 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ___SD C:\Windows\SysWOW64\F12
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ___SD C:\Windows\system32\F12
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\vi-VN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ur-PK
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ug-CN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\tt-RU
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\te-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ta-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\sq-AL
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\quz-PE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\qps-plocm
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\qps-ploc
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\pa-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\or-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\oobe
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\nn-NO
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ne-NP
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\mt-MT
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\mr-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ml-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\mk-MK
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\mi-NZ
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\lo-LA
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\lb-LU
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\kok-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\kn-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\km-KH
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\kk-KZ
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ka-GE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\is-IS
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\InstallShield
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\id-ID
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\hy-AM
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\hi-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\gu-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\gl-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\gd-GB
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ga-IE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\fil-PH
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\fa-IR
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\eu-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\Dism
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\cy-GB
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ca-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\bn-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\be-BY
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\as-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\am-ET
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\af-ZA
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SystemResources
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\WinMetadata
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\vi-VN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ur-PK
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ug-CN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\tt-RU
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\te-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ta-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\sq-AL
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ShellExperiences
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\setup
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\quz-PE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\qps-plocm
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\qps-ploc
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\pa-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\or-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\oobe
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\nn-NO
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ne-NP
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\mt-MT
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\mr-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ml-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\mk-MK
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\mi-NZ
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\migwiz
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\lv-LV
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\lt-LT
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\lo-LA
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\lb-LU
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\kok-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\kn-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\km-KH
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\kk-KZ
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ka-GE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\is-IS
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\id-ID
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\hy-AM
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\hi-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\HealthAttestationClient
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\gu-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\gl-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\gd-GB
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ga-IE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\fil-PH
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\fa-IR
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\eu-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\et-EE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\es-MX
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\Dism
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\cy-GB
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ca-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\bn-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\be-BY
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\as-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\appraiser
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\am-ET
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\af-ZA
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\ShellExperiences
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\ShellComponents
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\Provisioning
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\DiagTrack
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\BrowserCore
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\bcastdvr
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\System
2026-04-15 00:55 - 2024-04-01 08:21 - 000000000 ____D C:\Windows\servicing
2026-04-14 21:34 - 2024-04-01 08:26 - 000282624 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2026-04-14 21:34 - 2024-04-01 08:26 - 000235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2026-04-14 21:24 - 2024-05-26 10:16 - 003268096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2026-04-14 21:03 - 2025-08-19 21:11 - 000000000 ____D C:\Windows\system32\MRT
2026-04-14 21:01 - 2025-08-19 21:11 - 218249592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2026-04-14 20:49 - 2025-08-19 15:32 - 000000000 ____D C:\Users\hejda\AppData\Local\PlaceholderTileLogoFolder
2026-04-14 20:49 - 2025-03-13 01:10 - 000000000 ____D C:\ProgramData\Packages
2026-04-14 20:49 - 2024-05-26 10:14 - 000000000 ____D C:\Windows\system32\Drivers\wd
2026-04-14 20:46 - 2025-08-19 15:44 - 000000000 ____D C:\Users\hejda\AppData\Local\Comms
2026-04-12 02:57 - 2025-09-08 04:42 - 000001396 _____ C:\Users\Public\Desktop\NVIDIA App.lnk
2026-04-12 02:57 - 2025-09-08 04:35 - 000003834 _____ C:\Windows\system32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2026-04-12 02:57 - 2025-08-19 15:43 - 000000000 ___RD C:\Users\hejda\OneDrive
2026-04-12 02:57 - 2025-03-13 01:14 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2026-04-11 23:59 - 2025-03-13 01:15 - 000000000 ____D C:\ProgramData\Package Cache
2026-04-11 22:44 - 2025-10-13 21:36 - 000000434 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2026-04-11 14:27 - 2025-10-13 21:34 - 000000000 ____D C:\Users\hejda\AppData\Roaming\Docker Desktop
2026-04-11 12:51 - 2025-10-13 21:34 - 000000000 ____D C:\Users\hejda\AppData\Local\docker-secrets-engine
2026-04-11 12:51 - 2025-10-13 21:31 - 000000000 ____D C:\Users\hejda\.docker
2026-04-11 12:51 - 2025-10-13 21:29 - 000000000 ____D C:\Users\hejda\AppData\Roaming\Docker
2026-04-11 01:18 - 2024-05-26 10:14 - 000003610 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{0D77E3DA-EDAC-4B78-8B97-3078243A3EB0}
2026-04-11 01:18 - 2024-05-26 10:14 - 000003484 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{04F810C2-61C9-48F3-A74E-6C906168D8E8}
2026-04-09 23:05 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\SecurityHealth
2026-04-07 12:55 - 2026-03-03 22:07 - 000000000 ____D C:\Program Files\Docker
2026-04-07 12:55 - 2025-10-13 21:29 - 000000000 ____D C:\ProgramData\DockerDesktop
2026-04-07 12:54 - 2025-10-13 21:29 - 000000000 ____D C:\Users\hejda\AppData\Local\Docker
2026-04-07 12:47 - 2025-08-19 15:50 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2026-04-07 06:23 - 2025-09-08 04:35 - 001311344 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2026-04-07 06:23 - 2025-09-08 04:35 - 001116272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2026-04-07 06:23 - 2025-03-13 01:15 - 000296560 _____ C:\Windows\system32\FvSDK_x64.dll
2026-04-07 06:23 - 2025-03-13 01:15 - 000271472 _____ C:\Windows\SysWOW64\FvSDK_x86.dll
2026-04-07 06:00 - 2026-02-05 00:52 - 000161936 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap32v.dll
2026-04-07 06:00 - 2025-09-08 04:34 - 000185496 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2026-04-07 05:59 - 2025-09-08 04:35 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2026-04-05 22:13 - 2026-01-21 17:57 - 000004132 _____ C:\Windows\system32\Tasks\ASUS Update Checker 2.0
2026-04-05 22:13 - 2025-03-13 01:06 - 000003756 _____ C:\Windows\system32\Tasks\ASUS Optimization 36D18D69AFC3
2026-04-05 03:42 - 2025-08-19 15:51 - 000000000 ____D C:\Users\hejda\AppData\Local\CrashDumps
2026-03-29 00:50 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\microsoft shared

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119880
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosim zase jednou o kontrolu logu. Predem moc dekuji.

#4 Příspěvek od Rudy »

Tak ještě jednou. Protože jste sem dal opět stejný log (FRST), zopakuji: Program FRST vytvoří 2 logy. 1. FRST (ten jste sem dal) a 2. Addition. Ten tu není a najdete ho v souboru addition.txt. Soubor otevřete a uděláte copy/paste tak, abyste přenesl text z toho sozuboru (addition.txt) sem do fóra. Pokud tu nebudu mít k dispozici oba logy, nelze nic řešit. Ještě jednou děkuji.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“