Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosim zase jednou o kontrolu logu. Predem moc dekuji.

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Hejdys84
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 28 úno 2026 00:23

Prosim zase jednou o kontrolu logu. Predem moc dekuji.

#1 Příspěvek od Hejdys84 »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-04-2026
Ran by hejda (administrator) on HEJDYS (ASUSTeK COMPUTER INC. ASUS TUF Gaming A15 FA506NC_FA506NC) (27-04-2026 01:23:27)
Running from C:\Users\hejda\Desktop\FRST64.exe
Loaded Profiles: hejda
Platform: Microsoft Windows 11 Home Version 25H2 26200.8246 (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe
(0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe
(453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe
(ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\GlideX\adb.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOSD.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files (x86)\LightingService\LightingService.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\AacAmbientHal\AacAmbientLighting.exe
(C:\Program Files (x86)\LightingService\LightingService.exe ->) (ASUSTeK COMPUTER INC. -> TODO: <Company name>) C:\Program Files\ASUS\AacAmbientHal\AacAmbientKeyScanner.exe
(C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA Overlay.exe <5>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA App\ShadowPlay\nvsphelper64.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\amdow.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSSrcExt.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\cncmd.exe
(C:\Program Files\WindowsApps\Microsoft.YourPhone_1.26022.64.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.26022.64.0_x64__8wekyb3d8bbwe\YourPhoneAppProxy.exe
(C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\crashpad_handler.exe <2>
(DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimization.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusHotkey.exe
(DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimization.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimizationStartupTask.exe
(DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusSoftwareManager.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe
(DriverStore\FileRepository\u0404233.inf_amd64_397a6af4950eb5ee\B402913\atiesrxx.exe ->) (AMD Test Build -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0404233.inf_amd64_397a6af4950eb5ee\B402913\atieclxx.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <9>
(services.exe ->) (AMD Test Build -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0404233.inf_amd64_397a6af4950eb5ee\B402913\atiesrxx.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUS Inc.) C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) C:\Program Files\ASUS\GlideX\GlideXRemote\GlideXRemoteService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files\ASUS\GlideX\GlideXNear\GlideXNearService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\GlideX\GlideXService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\GlideX\GlideXServiceExt.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\ASUSACCI\ArmouryCrateControlInterface.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asusptpfilter.inf_amd64_1e467870260bcd2f\AsusPTPService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\AsusAppService\AsusAppService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimization.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusSoftwareManager.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSwitch\AsusSwitch.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemAnalysis\AsusSystemAnalysis.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WSL\wslservice.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_987f8cede005f427\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <4>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_98d8c76c5f0d1f70\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a5b5950537cd134e\RtkAudUService64.exe <2>
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> WhatsApp.Root) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2613.101.0_x64__cv1g1gvanyjgm\WhatsApp.Root.exe
(svchost.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\XboxGameBarSpotify.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <4>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS Hotplug Controller\AsHotplugCtrl.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.Edge.GameAssist_1.0.3590.0_x64__8wekyb3d8bbwe\EdgeGameAssist.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Copilot\Application\mscopilot_proxy.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2604.1001.9.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.248.3.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\spaceman.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AppActions.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a5b5950537cd134e\RtkAudUService64.exe [2021320 2024-05-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [SteelSeriesGG] => C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe [20251704 2026-03-12] (GN Hearing A/S -> SteelSeries A/S)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [4148120 2026-04-12] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32\...\Run: [ASUS Smart Display Control] => C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe [178840 2024-03-29] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [14608920 2026-04-07] (GOG sp. z o.o -> GOG.com)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1008336 2026-04-23] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [5767832 2026-03-13] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2589432 2026-03-31] (Wargaming Group Limited -> Wargaming.net)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [3792032 2026-01-27] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [electron.app.Pi Network] => C:\Users\hejda\AppData\Local\Programs\pi-network-desktop\Pi Network.exe [199201592 2025-10-22] (SocialChain Inc -> Socialchain Inc.)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [RiotClient] => D:\Riot Games\Riot Client\RiotClientServices.exe [75632248 2026-04-26] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [Docker Desktop] => C:\Program Files\Docker\Docker\Docker Desktop.exe [13082544 2026-04-07] (Docker Inc -> Docker Inc.)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [MicrosoftEdgeAutoLaunch_E478EAC7BFC67F03F478E5F2D7931491] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [5026664 2026-04-24] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\...\AppCompatFlags\Custom\H3Blade.exe: [{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb] -> HoMM III Compatibility Database
HKLM\Software\...\AppCompatFlags\InstalledSDB\{62a24b39-0106-4990-90ea-3a09e9dda7a6}: [DatabasePath] -> C:\Windows\AppPatch\CustomSDB\{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb [2025-08-22]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{49210152-871f-4ffa-961d-a172abcbc09d}] -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe [3101848 2026-03-18] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\147.0.7727.103\Installer\chrmstp.exe [7429272 2026-04-22] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{ECDEB23C-E72D-F54F-081D-D2180DBF1497}] -> reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {410B4D63-12D8-4350-8F4A-E34014E8BDB6} - System32\Tasks\ASUS Hotplug Controller => C:\Program Files\ASUS\ASUS Hotplug Controller\AsHotplugCtrl.exe [208016 2024-04-08] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {ADAE697B-9848-4B6B-B869-544F532FC612} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusHotkey.exe [365064 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {889704A5-599C-40C2-AA82-B937D2F95827} - System32\Tasks\ASUS Update Checker 2.0 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusUpdateChecker.exe [852488 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {92D0D783-9E50-4AC0-8238-534D411197DD} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [359784 2024-01-15] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {0F054585-BEFC-4EB3-B450-F416C7F164B9} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [1812328 2024-01-15] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {E1B4053E-90F4-4FD6-8B4F-41D7D547725F} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [139091304 2024-04-19] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
Task: {719E5C49-92AE-4012-AD17-40F53E10A2E1} - System32\Tasks\ASUSSmartDisplayControl => C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe [178840 2024-03-29] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {3F0AD4E5-9017-4943-AE79-009EA9898A62} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemAnalysis\AsusSystemAnalysis.exe [4454920 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {B8DE8D77-5DE2-466C-A8FA-28A7FC000615} - System32\Tasks\AsusSystemDiagnosis_DriverQuality => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [1305608 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
Task: {1B0CB987-EC8F-4C09-9F3D-4A2A44055940} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem148.0.7730.0{595F8B06-08D2-4865-8F7D-5532E378B367} => C:\Program Files (x86)\Google\GoogleUpdater\148.0.7730.0\updater.exe [8459416 2026-03-12] (Google LLC -> Google LLC)
Task: {EC46F1CC-B0D4-4E08-983E-F9EF11EE6B8E} - System32\Tasks\Microsoft\Office\Office Actions Server => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ActionsServer\ActionsServer.exe [16380208 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {F178A75F-38CE-474E-BAF4-31FB056BD2EC} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28546448 2026-04-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {3DF83F57-55C6-45E5-949B-0C7AE810905A} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\opushutil.exe [73568 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {EC5D4D0B-1E6E-44BA-8850-4882A1D806BD} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28546448 2026-04-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {141D6492-8AC7-4436-BF5B-EE8F2E183B83} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [426776 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {95199692-FBC4-4D24-ADF0-63C005D1275B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [426776 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {92D30FB8-0502-4C39-A8F8-3024CCAA1602} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [1366888 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {4577BF73-D404-4AC1-A9E9-2C0F57120115} - System32\Tasks\Microsoft\Office\Office Startup Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ActionsServer\ActionsServer.exe [16380208 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {FF284009-385D-496B-AEFD-2F825AFF3F1B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {185304CA-D111-48BD-8CCA-5FEEC948BC33} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {31E8EB23-CCE6-44C5-BFAA-90B57D01590D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {62D1D874-E07F-450A-B3DF-0738B60E5CAF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {13E1DF2D-2322-4B67-9D6A-2EBEE9915C81} - System32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA App.exe [3346544 2026-04-07] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{1e830ae0-24bc-4813-841d-0138cb78e197}: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\14355535F54403: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\14355535F577966696: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\14355535F577966696F55374: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\2445D263736493D453: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\2445D263736493D453: [DhcpDomain] home
Tcpip\..\Interfaces\{e5f549ba-a1c6-454b-bee3-41a99569e0fe}: [DhcpDomain] local

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2026-01-25] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2025-12-07] (Microsoft Corporation -> Microsoft Corporation)

Edge:
=======
Edge Profile: C:\Users\hejda\AppData\Local\Microsoft\Edge\User Data\Default [2026-04-26]
Edge Extension: (VPN for Chrome: NordVPN proxy protection) - C:\Users\hejda\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2026-04-16]
Edge Extension: (Google Docs Offline) - C:\Users\hejda\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-04-23]
Edge Extension: (Edge relevant text changes) - C:\Users\hejda\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2026-03-15]
Edge HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [fjoaledfpmneenckfbpdfhkmimnjocfa]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\hejda\AppData\Local\Google\Chrome\User Data\Default [2026-04-27]
CHR DownloadDir: D:\Download
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://www.seznam.cz/"
CHR DefaultSearchURL: Default -> hxxps://thecharitych.com/search?the=QUMyZGV3cwRUUHZ2AldWcHIEVFx1cAcYVHB0BlBUdD8DU1N0cgBQUHB1TiEkCCJ7NQojAFopLDR7Sx4IHgRADzQMFV4DHS4AcFYRBRB3MSAABmslNgACdwMsAhBiIDoDNHc%3D&q={searchTerms}&source=hj
CHR DefaultSearchKeyword: Default -> yahoo.com
CHR DefaultNewTabURL: Default -> hxxps://thecharitych.com/nt?the=QUMyZGV3cwRUUHZ2AldWcHIEVFx1cAcYVHB0BlBUdD8DU1N0cgBQUHB1TiEkCCJ7NQojAFopLDR7Sx4IHgRADzQMFV4DHS4AcFYRBRB3MSAABmslNgACdwMsAhBiIDoDNHc%3D&source=hj
CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas_sfp&command={searchTerms}
CHR Extension: (VPN for Chrome: NordVPN proxy protection) - C:\Users\hejda\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2026-04-17]
CHR Extension: (Google Docs Offline) - C:\Users\hejda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-04-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\hejda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2025-08-19]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fjoaledfpmneenckfbpdfhkmimnjocfa]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ArmouryCrateControlInterface; C:\Windows\System32\ASUSACCI\ArmouryCrateControlInterface.exe [213016 2026-03-02] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe [401880 2024-05-31] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 AsusAppService; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\AsusAppService\AsusAppService.exe [1162760 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSOptimization; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimization.exe [654344 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 AsusPTPService; C:\Windows\System32\DriverStore\FileRepository\asusptpfilter.inf_amd64_1e467870260bcd2f\AsusPTPService.exe [229840 2024-09-04] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 ASUSSoftwareManager; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusSoftwareManager.exe [1422344 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSwitch; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSwitch\AsusSwitch.exe [653832 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemAnalysis\AsusSystemAnalysis.exe [4454920 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [1305608 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [3386064 2026-03-21] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13345600 2026-04-20] (Microsoft Corporation -> Microsoft Corporation)
S3 com.docker.service; C:\Program Files\Docker\Docker\com.docker.service [39344 2026-04-07] (Docker Inc -> Docker Inc.)
R2 DtsApo4Service; C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe [442368 2023-12-17] (DTS, Inc. -> DTS Inc.)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [20372640 2026-01-27] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [985896 2026-03-15] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 GalaxyClientService; \\?\C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2443288 2026-04-07] (GOG sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7656984 2026-04-07] (GOG sp. z o.o -> GOG.com)
R2 GameSDK Service; C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe [397544 2022-05-31] (ASUSTeK COMPUTER INC. -> ASUS Inc.)
R2 GlideXNearService; C:\Program Files\ASUS\GlideX\GlideXNear\GlideXNearService.exe [1825712 2025-11-13] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 GlideXRemoteService; C:\Program Files\ASUS\GlideX\GlideXRemote\GlideXRemoteService.exe [486832 2025-11-12] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​)
R2 GlideXService; C:\Program Files\ASUS\GlideX\GlideXService.exe [2985904 2025-11-13] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 GlideXServiceExt; C:\Program Files\ASUS\GlideX\GlideXServiceExt.exe [303024 2025-11-13] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [4926312 2024-05-06] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [976368 2026-04-24] (McAfee, LLC -> McAfee, LLC)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpDefenderCoreService.exe [2088128 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 MicrosoftCopilotElevationService; C:\Program Files (x86)\Microsoft\Copilot\Application\147.0.3912.84\elevation_service.exe [3602240 2026-04-23] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_98d8c76c5f0d1f70\Display.NvContainer\NVDisplay.Container.exe [1702600 2026-04-14] (NVIDIA Corporation -> NVIDIA Corporation)
R2 ROG Live Service; C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe [2045400 2024-05-13] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 SteelSeriesGGUpdateServiceProxy; C:\Program Files\SteelSeries\GG\SteelSeriesGGUpdateServiceProxy.exe [1587712 2025-03-12] (GN Hearing A/S -> )
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [55767304 2026-04-12] (Riot Games, Inc. -> Riot Games, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\NisSrv.exe [4480592 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MsMpEng.exe [290744 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 Bonjour Service; C:\Program Files\Blizzard\Bonjour Service\mDNSResponder.exe (No File)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_987f8cede005f427\amdfendrmgr.sys [36040 2024-05-09] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amduw23g; C:\Windows\System32\DriverStore\FileRepository\u0404233.inf_amd64_397a6af4950eb5ee\B402913\amdkmdag.sys [106001688 2024-06-14] (AMD Test Build -> Advanced Micro Devices, Inc.)
R2 amd_dpfc; C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_98d8c76c5f0d1f70\amd_dpfc.sys [47816 2026-04-14] (NVIDIA Corporation -> Advanced Micro Devices)
R3 AsusPTPDrv; C:\Windows\System32\DriverStore\FileRepository\asusptpfilter.inf_amd64_1e467870260bcd2f\AsusPTPFilter.sys [199632 2024-09-04] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R3 AsusSAIO; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemAnalysis\AsusSAIO.sys [51256 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R1 ATKWMIACPIIO; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusWmiAcpi.sys [50912 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [110592 2025-08-19] (Microsoft Corporation) [File not signed]
R0 fse; C:\Windows\System32\drivers\fse.sys [226688 2025-12-10] (Microsoft Windows -> Microsoft Corporation)
R3 KslD; C:\Windows\System32\drivers\wd\KslD.sys [82352 2026-03-08] (Microsoft Windows -> Microsoft Corporation)
S2 l1vhlwf; C:\Windows\System32\drivers\l1vhlwf.sys [144872 2026-04-14] (Microsoft Windows -> Microsoft Corporation)
R3 nvpcf; C:\Windows\System32\drivers\nvpcf.sys [308456 2026-02-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 ovpn-dco; C:\Windows\System32\drivers\ovpn-dco.sys [101008 2026-01-07] (WDKTestCert lev,133391533294737317 -> OpenVPN, Inc)
R3 rt68cx21; C:\Windows\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_043a02d7d5d8270f\rt68cx21x64.sys [752496 2023-08-16] (Realtek Semiconductor Corp. -> Realtek)
S3 RtkBtFilter2; C:\Windows\System32\DriverStore\FileRepository\rtkbtfilter.inf_amd64_899e279b64ed2cb5\RtkBtFilter2.sys [209640 2025-07-04] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corporation)
R3 ssdevfactory; C:\Windows\System32\drivers\ssdevfactory.sys [43568 2025-12-01] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
R3 sshid; C:\Windows\System32\drivers\sshid.sys [55856 2026-03-06] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
R3 SteelSeries_Sonar_VAD; C:\Windows\System32\DriverStore\FileRepository\steelseries-sonar-vad.inf_amd64_d2a852794d8f7bf8\SteelSeries-Sonar-VAD.sys [95912 2025-10-31] (GN Hearing A/S -> Windows (R) Win 7 DDK provider)
R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [70158624 2026-04-11] (Riot Games, Inc. -> Riot Games, Inc.)
S3 vmbusproxy; C:\Windows\system32\drivers\vmbusproxy.sys [98304 2025-08-19] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [21888 2026-04-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [647560 2026-04-14] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [100744 2026-04-14] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\Windows\System32\drivers\wintun.sys [38176 2026-03-09] (WireGuard LLC -> WireGuard LLC)
S3 WireGuard; C:\Windows\System32\drivers\wireguard.sys [489368 2026-03-09] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
U3 aswBcc; no ImagePath
U3 Avast Business Console Client Antivirus Service; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2026-04-27 01:23 - 2026-04-27 01:23 - 000036309 _____ C:\Users\hejda\Desktop\FRST.txt
2026-04-27 01:23 - 2026-04-27 01:19 - 002447360 _____ (Farbar) C:\Users\hejda\Desktop\FRST64.exe
2026-04-24 11:58 - 2026-04-26 20:21 - 000000000 ____D C:\Windows\CbsTemp
2026-04-23 00:38 - 2026-04-23 00:38 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2026-04-17 13:40 - 2026-04-17 13:40 - 000000000 ____D C:\Windows\LastGood.Tmp
2026-04-17 13:37 - 2026-04-14 14:30 - 029136584 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 028057800 _____ C:\Windows\system32\nvidia-pcc.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 021713096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 008441032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 005925064 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 005674192 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 005516456 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 005011408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 004466888 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 002421264 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 002421264 _____ C:\Windows\system32\vulkaninfo.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 002328264 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001923088 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 001923088 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 001724104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001625616 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001625616 _____ C:\Windows\system32\vulkan-1.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001621200 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 001583304 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001434640 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001434640 _____ C:\Windows\SysWOW64\vulkan-1.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001385672 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001231560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001064648 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000853704 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 000820432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000675016 _____ (NVIDIA Corporation) C:\Windows\system32\nvofapi64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000509128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvofapi.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000478928 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000469712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 000374992 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2026-04-17 13:37 - 2026-04-13 22:30 - 000162186 _____ C:\Windows\system32\nvinfo.pb
2026-04-14 21:25 - 2026-04-14 21:28 - 000000000 ___HD C:\$WinREAgent
2026-04-14 21:24 - 2026-04-14 21:24 - 000036843 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2026-04-14 21:24 - 2026-04-14 21:24 - 000036843 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2026-04-14 21:24 - 2026-04-14 21:24 - 000004575 _____ C:\Windows\system32\ResPriUHMImageList
2026-04-14 21:24 - 2026-04-14 21:24 - 000004575 _____ C:\Windows\system32\ResPriLMImageList
2026-04-14 21:24 - 2026-04-14 21:24 - 000004575 _____ C:\Windows\system32\ResPriImageList
2026-04-14 21:24 - 2026-04-14 21:24 - 000004575 _____ C:\Windows\system32\ResPriHMImageList
2026-04-14 20:33 - 2026-04-14 20:33 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2026-04-12 00:00 - 2026-04-12 00:00 - 000000000 ____D C:\Program Files (x86)\Intel
2026-04-11 23:59 - 2026-04-11 23:59 - 000000000 ____D C:\Program Files\Intel
2026-04-08 13:35 - 2026-04-08 13:35 - 000000000 ____D C:\Windows\system32\Tasks\SoftLanding
2026-04-07 12:55 - 2026-04-07 12:55 - 000002108 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Docker Desktop.lnk
2026-04-07 12:55 - 2026-04-07 12:55 - 000002102 _____ C:\Users\hejda\Desktop\Docker Desktop.lnk
2026-03-29 14:19 - 2026-03-29 14:19 - 000000000 ____D C:\Users\hejda\AppData\Local\Spotify

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2026-04-27 01:23 - 2026-02-28 00:11 - 000000000 ____D C:\FRST
2026-04-27 01:15 - 2025-08-19 18:05 - 000000000 ____D C:\Program Files (x86)\Steam
2026-04-27 01:13 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2026-04-27 01:11 - 2025-08-19 16:10 - 000000000 ____D C:\Users\hejda\AppData\Local\Battle.net
2026-04-27 00:33 - 2024-04-01 08:24 - 000000000 ____D C:\Windows\INF
2026-04-27 00:21 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SystemTemp
2026-04-27 00:03 - 2025-08-19 14:38 - 000003752 _____ C:\Windows\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2026-04-26 22:51 - 2026-03-03 20:43 - 134222904 _____ C:\Windows\392667600.dat
2026-04-26 22:51 - 2026-03-03 20:43 - 000000001 _____ C:\Windows\vgkbootstatus.dat
2026-04-26 22:49 - 2025-08-19 15:33 - 000000000 ____D C:\Users\hejda\AppData\Local\D3DSCache
2026-04-26 22:48 - 2026-03-03 20:13 - 000000000 ____D C:\ProgramData\Riot Games
2026-04-26 22:47 - 2026-03-03 20:17 - 000000000 ____D C:\Program Files\Riot Vanguard
2026-04-26 22:47 - 2026-03-03 20:14 - 000000000 ____D C:\Users\hejda\AppData\Roaming\riot-client-ux
2026-04-26 22:47 - 2026-03-03 20:14 - 000000000 ____D C:\Users\hejda\AppData\Roaming\Riot Client
2026-04-26 18:28 - 2025-03-13 01:19 - 000791266 _____ C:\Windows\system32\PerfStringBackup.INI
2026-04-26 18:26 - 2025-12-14 18:57 - 000003822 _____ C:\Windows\system32\Tasks\AsusSystemDiagnosis_DriverQuality
2026-04-26 18:21 - 2026-03-01 19:45 - 000008614 _____ C:\Windows\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2026-04-26 18:21 - 2025-09-14 22:39 - 000000000 ____D C:\Users\hejda\AppData\Roaming\Pi Network
2026-04-26 18:21 - 2025-08-19 15:43 - 000000000 ____D C:\Users\hejda\AppData\Roaming\asus_framework
2026-04-26 18:21 - 2025-03-13 01:24 - 000000000 ____D C:\Windows\system32\ASUSACCI
2026-04-26 18:21 - 2025-03-13 01:13 - 000000000 ____D C:\ProgramData\NVIDIA
2026-04-26 18:21 - 2024-05-26 10:14 - 000012288 ___SH C:\DumpStack.log.tmp
2026-04-26 18:21 - 2024-05-26 10:14 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2026-04-26 18:21 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\AppReadiness
2026-04-26 18:20 - 2024-04-01 08:21 - 000786432 _____ C:\Windows\system32\config\BBI
2026-04-26 18:10 - 2025-08-19 15:33 - 000000000 ____D C:\Users\hejda\AppData\Local\Packages
2026-04-26 18:07 - 2024-04-01 08:26 - 000000000 ___HD C:\Program Files\WindowsApps
2026-04-26 17:50 - 2024-05-26 10:14 - 000000000 ____D C:\Windows\system32\SleepStudy
2026-04-26 16:34 - 2024-05-26 10:14 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2026-04-24 10:39 - 2025-11-02 03:08 - 000000000 ____D C:\ProgramData\Whesvc
2026-04-23 23:58 - 2025-08-19 16:10 - 000000000 ____D C:\Program Files (x86)\Battle.net
2026-04-23 00:39 - 2025-08-19 18:12 - 000000000 ____D C:\Users\hejda\AppData\Local\NVIDIA
2026-04-23 00:38 - 2024-05-26 10:17 - 000000000 ____D C:\Program Files\Microsoft Office
2026-04-23 00:28 - 2025-08-19 16:58 - 000002209 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2026-04-23 00:28 - 2025-08-19 16:58 - 000002168 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2026-04-20 20:44 - 2025-08-19 15:44 - 000003576 _____ C:\Windows\system32\Tasks\OneDrive Startup Task-S-1-5-21-1589204013-1864288644-3288743639-1001
2026-04-20 20:44 - 2025-08-19 15:43 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1589204013-1864288644-3288743639-1001
2026-04-20 20:44 - 2025-08-19 15:43 - 000003362 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1589204013-1864288644-3288743639-1001
2026-04-20 20:44 - 2025-08-19 15:43 - 000002385 _____ C:\Users\hejda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2026-04-20 15:24 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\LiveKernelReports
2026-04-17 13:36 - 2025-08-19 15:43 - 000000000 ____D C:\Users\hejda\AppData\Local\NVIDIA Corporation
2026-04-15 00:58 - 2025-03-13 01:19 - 000001623 _____ C:\Windows\system32\config\VSMIDK
2026-04-15 00:56 - 2026-03-13 23:32 - 000480856 _____ C:\Windows\system32\FNTCACHE.DAT
2026-04-15 00:55 - 2025-08-19 15:24 - 000000000 ____D C:\Windows\system32\ruxim
2026-04-15 00:55 - 2024-05-26 10:54 - 000000000 ____D C:\Windows\system32\Drivers\en-GB
2026-04-15 00:55 - 2024-05-26 10:54 - 000000000 ____D C:\Windows\en-GB
2026-04-15 00:55 - 2024-04-01 09:08 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ___SD C:\Windows\SysWOW64\F12
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ___SD C:\Windows\system32\F12
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\vi-VN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ur-PK
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ug-CN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\tt-RU
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\te-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ta-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\sq-AL
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\quz-PE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\qps-plocm
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\qps-ploc
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\pa-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\or-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\oobe
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\nn-NO
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ne-NP
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\mt-MT
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\mr-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ml-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\mk-MK
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\mi-NZ
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\lo-LA
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\lb-LU
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\kok-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\kn-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\km-KH
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\kk-KZ
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ka-GE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\is-IS
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\InstallShield
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\id-ID
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\hy-AM
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\hi-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\gu-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\gl-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\gd-GB
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ga-IE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\fil-PH
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\fa-IR
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\eu-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\Dism
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\cy-GB
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ca-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\bn-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\be-BY
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\as-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\am-ET
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\af-ZA
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SystemResources
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\WinMetadata
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\vi-VN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ur-PK
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ug-CN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\tt-RU
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\te-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ta-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\sq-AL
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ShellExperiences
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\setup
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\quz-PE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\qps-plocm
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\qps-ploc
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\pa-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\or-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\oobe
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\nn-NO
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ne-NP
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\mt-MT
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\mr-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ml-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\mk-MK
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\mi-NZ
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\migwiz
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\lv-LV
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\lt-LT
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\lo-LA
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\lb-LU
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\kok-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\kn-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\km-KH
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\kk-KZ
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ka-GE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\is-IS
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\id-ID
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\hy-AM
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\hi-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\HealthAttestationClient
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\gu-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\gl-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\gd-GB
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ga-IE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\fil-PH
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\fa-IR
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\eu-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\et-EE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\es-MX
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\Dism
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\cy-GB
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ca-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\bn-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\be-BY
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\as-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\appraiser
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\am-ET
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\af-ZA
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\ShellExperiences
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\ShellComponents
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\Provisioning
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\DiagTrack
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\BrowserCore
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\bcastdvr
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\System
2026-04-15 00:55 - 2024-04-01 08:21 - 000000000 ____D C:\Windows\servicing
2026-04-14 21:34 - 2024-04-01 08:26 - 000282624 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2026-04-14 21:34 - 2024-04-01 08:26 - 000235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2026-04-14 21:24 - 2024-05-26 10:16 - 003268096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2026-04-14 21:03 - 2025-08-19 21:11 - 000000000 ____D C:\Windows\system32\MRT
2026-04-14 21:01 - 2025-08-19 21:11 - 218249592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2026-04-14 20:49 - 2025-08-19 15:32 - 000000000 ____D C:\Users\hejda\AppData\Local\PlaceholderTileLogoFolder
2026-04-14 20:49 - 2025-03-13 01:10 - 000000000 ____D C:\ProgramData\Packages
2026-04-14 20:49 - 2024-05-26 10:14 - 000000000 ____D C:\Windows\system32\Drivers\wd
2026-04-14 20:46 - 2025-08-19 15:44 - 000000000 ____D C:\Users\hejda\AppData\Local\Comms
2026-04-12 02:57 - 2025-09-08 04:42 - 000001396 _____ C:\Users\Public\Desktop\NVIDIA App.lnk
2026-04-12 02:57 - 2025-09-08 04:35 - 000003834 _____ C:\Windows\system32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2026-04-12 02:57 - 2025-08-19 15:43 - 000000000 ___RD C:\Users\hejda\OneDrive
2026-04-12 02:57 - 2025-03-13 01:14 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2026-04-11 23:59 - 2025-03-13 01:15 - 000000000 ____D C:\ProgramData\Package Cache
2026-04-11 22:44 - 2025-10-13 21:36 - 000000434 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2026-04-11 14:27 - 2025-10-13 21:34 - 000000000 ____D C:\Users\hejda\AppData\Roaming\Docker Desktop
2026-04-11 12:51 - 2025-10-13 21:34 - 000000000 ____D C:\Users\hejda\AppData\Local\docker-secrets-engine
2026-04-11 12:51 - 2025-10-13 21:31 - 000000000 ____D C:\Users\hejda\.docker
2026-04-11 12:51 - 2025-10-13 21:29 - 000000000 ____D C:\Users\hejda\AppData\Roaming\Docker
2026-04-11 01:18 - 2024-05-26 10:14 - 000003610 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{0D77E3DA-EDAC-4B78-8B97-3078243A3EB0}
2026-04-11 01:18 - 2024-05-26 10:14 - 000003484 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{04F810C2-61C9-48F3-A74E-6C906168D8E8}
2026-04-09 23:05 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\SecurityHealth
2026-04-07 12:55 - 2026-03-03 22:07 - 000000000 ____D C:\Program Files\Docker
2026-04-07 12:55 - 2025-10-13 21:29 - 000000000 ____D C:\ProgramData\DockerDesktop
2026-04-07 12:54 - 2025-10-13 21:29 - 000000000 ____D C:\Users\hejda\AppData\Local\Docker
2026-04-07 12:47 - 2025-08-19 15:50 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2026-04-07 06:23 - 2025-09-08 04:35 - 001311344 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2026-04-07 06:23 - 2025-09-08 04:35 - 001116272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2026-04-07 06:23 - 2025-03-13 01:15 - 000296560 _____ C:\Windows\system32\FvSDK_x64.dll
2026-04-07 06:23 - 2025-03-13 01:15 - 000271472 _____ C:\Windows\SysWOW64\FvSDK_x86.dll
2026-04-07 06:00 - 2026-02-05 00:52 - 000161936 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap32v.dll
2026-04-07 06:00 - 2025-09-08 04:34 - 000185496 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2026-04-07 05:59 - 2025-09-08 04:35 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2026-04-05 22:13 - 2026-01-21 17:57 - 000004132 _____ C:\Windows\system32\Tasks\ASUS Update Checker 2.0
2026-04-05 22:13 - 2025-03-13 01:06 - 000003756 _____ C:\Windows\system32\Tasks\ASUS Optimization 36D18D69AFC3
2026-04-05 03:42 - 2025-08-19 15:51 - 000000000 ____D C:\Users\hejda\AppData\Local\CrashDumps
2026-03-29 00:50 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\microsoft shared

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-04-2026
Ran by hejda (administrator) on HEJDYS (ASUSTeK COMPUTER INC. ASUS TUF Gaming A15 FA506NC_FA506NC) (27-04-2026 01:23:27)
Running from C:\Users\hejda\Desktop\FRST64.exe
Loaded Profiles: hejda
Platform: Microsoft Windows 11 Home Version 25H2 26200.8246 (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe
(0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe
(453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe
(ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\GlideX\adb.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOSD.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files (x86)\LightingService\LightingService.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\AacAmbientHal\AacAmbientLighting.exe
(C:\Program Files (x86)\LightingService\LightingService.exe ->) (ASUSTeK COMPUTER INC. -> TODO: <Company name>) C:\Program Files\ASUS\AacAmbientHal\AacAmbientKeyScanner.exe
(C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA Overlay.exe <5>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA App\ShadowPlay\nvsphelper64.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\amdow.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSSrcExt.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\cncmd.exe
(C:\Program Files\WindowsApps\Microsoft.YourPhone_1.26022.64.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.26022.64.0_x64__8wekyb3d8bbwe\YourPhoneAppProxy.exe
(C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\crashpad_handler.exe <2>
(DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimization.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusHotkey.exe
(DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimization.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimizationStartupTask.exe
(DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusSoftwareManager.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe
(DriverStore\FileRepository\u0404233.inf_amd64_397a6af4950eb5ee\B402913\atiesrxx.exe ->) (AMD Test Build -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0404233.inf_amd64_397a6af4950eb5ee\B402913\atieclxx.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <9>
(services.exe ->) (AMD Test Build -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0404233.inf_amd64_397a6af4950eb5ee\B402913\atiesrxx.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUS Inc.) C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) C:\Program Files\ASUS\GlideX\GlideXRemote\GlideXRemoteService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files\ASUS\GlideX\GlideXNear\GlideXNearService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\GlideX\GlideXService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\GlideX\GlideXServiceExt.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\ASUSACCI\ArmouryCrateControlInterface.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asusptpfilter.inf_amd64_1e467870260bcd2f\AsusPTPService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\AsusAppService\AsusAppService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimization.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusSoftwareManager.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSwitch\AsusSwitch.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemAnalysis\AsusSystemAnalysis.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WSL\wslservice.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_987f8cede005f427\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <4>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_98d8c76c5f0d1f70\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a5b5950537cd134e\RtkAudUService64.exe <2>
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> WhatsApp.Root) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2613.101.0_x64__cv1g1gvanyjgm\WhatsApp.Root.exe
(svchost.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\XboxGameBarSpotify.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <4>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS Hotplug Controller\AsHotplugCtrl.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.Edge.GameAssist_1.0.3590.0_x64__8wekyb3d8bbwe\EdgeGameAssist.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Copilot\Application\mscopilot_proxy.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2604.1001.9.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.248.3.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\spaceman.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AppActions.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a5b5950537cd134e\RtkAudUService64.exe [2021320 2024-05-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [SteelSeriesGG] => C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe [20251704 2026-03-12] (GN Hearing A/S -> SteelSeries A/S)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [4148120 2026-04-12] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32\...\Run: [ASUS Smart Display Control] => C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe [178840 2024-03-29] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [14608920 2026-04-07] (GOG sp. z o.o -> GOG.com)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1008336 2026-04-23] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [5767832 2026-03-13] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2589432 2026-03-31] (Wargaming Group Limited -> Wargaming.net)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [3792032 2026-01-27] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [electron.app.Pi Network] => C:\Users\hejda\AppData\Local\Programs\pi-network-desktop\Pi Network.exe [199201592 2025-10-22] (SocialChain Inc -> Socialchain Inc.)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [RiotClient] => D:\Riot Games\Riot Client\RiotClientServices.exe [75632248 2026-04-26] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [Docker Desktop] => C:\Program Files\Docker\Docker\Docker Desktop.exe [13082544 2026-04-07] (Docker Inc -> Docker Inc.)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [MicrosoftEdgeAutoLaunch_E478EAC7BFC67F03F478E5F2D7931491] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [5026664 2026-04-24] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\...\AppCompatFlags\Custom\H3Blade.exe: [{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb] -> HoMM III Compatibility Database
HKLM\Software\...\AppCompatFlags\InstalledSDB\{62a24b39-0106-4990-90ea-3a09e9dda7a6}: [DatabasePath] -> C:\Windows\AppPatch\CustomSDB\{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb [2025-08-22]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{49210152-871f-4ffa-961d-a172abcbc09d}] -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe [3101848 2026-03-18] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\147.0.7727.103\Installer\chrmstp.exe [7429272 2026-04-22] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{ECDEB23C-E72D-F54F-081D-D2180DBF1497}] -> reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {410B4D63-12D8-4350-8F4A-E34014E8BDB6} - System32\Tasks\ASUS Hotplug Controller => C:\Program Files\ASUS\ASUS Hotplug Controller\AsHotplugCtrl.exe [208016 2024-04-08] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {ADAE697B-9848-4B6B-B869-544F532FC612} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusHotkey.exe [365064 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {889704A5-599C-40C2-AA82-B937D2F95827} - System32\Tasks\ASUS Update Checker 2.0 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusUpdateChecker.exe [852488 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {92D0D783-9E50-4AC0-8238-534D411197DD} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [359784 2024-01-15] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {0F054585-BEFC-4EB3-B450-F416C7F164B9} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [1812328 2024-01-15] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {E1B4053E-90F4-4FD6-8B4F-41D7D547725F} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [139091304 2024-04-19] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
Task: {719E5C49-92AE-4012-AD17-40F53E10A2E1} - System32\Tasks\ASUSSmartDisplayControl => C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe [178840 2024-03-29] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {3F0AD4E5-9017-4943-AE79-009EA9898A62} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemAnalysis\AsusSystemAnalysis.exe [4454920 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {B8DE8D77-5DE2-466C-A8FA-28A7FC000615} - System32\Tasks\AsusSystemDiagnosis_DriverQuality => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [1305608 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
Task: {1B0CB987-EC8F-4C09-9F3D-4A2A44055940} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem148.0.7730.0{595F8B06-08D2-4865-8F7D-5532E378B367} => C:\Program Files (x86)\Google\GoogleUpdater\148.0.7730.0\updater.exe [8459416 2026-03-12] (Google LLC -> Google LLC)
Task: {EC46F1CC-B0D4-4E08-983E-F9EF11EE6B8E} - System32\Tasks\Microsoft\Office\Office Actions Server => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ActionsServer\ActionsServer.exe [16380208 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {F178A75F-38CE-474E-BAF4-31FB056BD2EC} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28546448 2026-04-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {3DF83F57-55C6-45E5-949B-0C7AE810905A} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\opushutil.exe [73568 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {EC5D4D0B-1E6E-44BA-8850-4882A1D806BD} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28546448 2026-04-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {141D6492-8AC7-4436-BF5B-EE8F2E183B83} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [426776 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {95199692-FBC4-4D24-ADF0-63C005D1275B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [426776 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {92D30FB8-0502-4C39-A8F8-3024CCAA1602} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [1366888 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {4577BF73-D404-4AC1-A9E9-2C0F57120115} - System32\Tasks\Microsoft\Office\Office Startup Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ActionsServer\ActionsServer.exe [16380208 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {FF284009-385D-496B-AEFD-2F825AFF3F1B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {185304CA-D111-48BD-8CCA-5FEEC948BC33} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {31E8EB23-CCE6-44C5-BFAA-90B57D01590D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {62D1D874-E07F-450A-B3DF-0738B60E5CAF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {13E1DF2D-2322-4B67-9D6A-2EBEE9915C81} - System32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA App.exe [3346544 2026-04-07] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{1e830ae0-24bc-4813-841d-0138cb78e197}: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\14355535F54403: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\14355535F577966696: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\14355535F577966696F55374: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\2445D263736493D453: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\2445D263736493D453: [DhcpDomain] home
Tcpip\..\Interfaces\{e5f549ba-a1c6-454b-bee3-41a99569e0fe}: [DhcpDomain] local

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2026-01-25] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2025-12-07] (Microsoft Corporation -> Microsoft Corporation)

Edge:
=======
Edge Profile: C:\Users\hejda\AppData\Local\Microsoft\Edge\User Data\Default [2026-04-26]
Edge Extension: (VPN for Chrome: NordVPN proxy protection) - C:\Users\hejda\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2026-04-16]
Edge Extension: (Google Docs Offline) - C:\Users\hejda\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-04-23]
Edge Extension: (Edge relevant text changes) - C:\Users\hejda\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2026-03-15]
Edge HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [fjoaledfpmneenckfbpdfhkmimnjocfa]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\hejda\AppData\Local\Google\Chrome\User Data\Default [2026-04-27]
CHR DownloadDir: D:\Download
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://www.seznam.cz/"
CHR DefaultSearchURL: Default -> hxxps://thecharitych.com/search?the=QUMyZGV3cwRUUHZ2AldWcHIEVFx1cAcYVHB0BlBUdD8DU1N0cgBQUHB1TiEkCCJ7NQojAFopLDR7Sx4IHgRADzQMFV4DHS4AcFYRBRB3MSAABmslNgACdwMsAhBiIDoDNHc%3D&q={searchTerms}&source=hj
CHR DefaultSearchKeyword: Default -> yahoo.com
CHR DefaultNewTabURL: Default -> hxxps://thecharitych.com/nt?the=QUMyZGV3cwRUUHZ2AldWcHIEVFx1cAcYVHB0BlBUdD8DU1N0cgBQUHB1TiEkCCJ7NQojAFopLDR7Sx4IHgRADzQMFV4DHS4AcFYRBRB3MSAABmslNgACdwMsAhBiIDoDNHc%3D&source=hj
CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas_sfp&command={searchTerms}
CHR Extension: (VPN for Chrome: NordVPN proxy protection) - C:\Users\hejda\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2026-04-17]
CHR Extension: (Google Docs Offline) - C:\Users\hejda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-04-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\hejda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2025-08-19]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fjoaledfpmneenckfbpdfhkmimnjocfa]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ArmouryCrateControlInterface; C:\Windows\System32\ASUSACCI\ArmouryCrateControlInterface.exe [213016 2026-03-02] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe [401880 2024-05-31] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 AsusAppService; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\AsusAppService\AsusAppService.exe [1162760 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSOptimization; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimization.exe [654344 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 AsusPTPService; C:\Windows\System32\DriverStore\FileRepository\asusptpfilter.inf_amd64_1e467870260bcd2f\AsusPTPService.exe [229840 2024-09-04] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 ASUSSoftwareManager; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusSoftwareManager.exe [1422344 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSwitch; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSwitch\AsusSwitch.exe [653832 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemAnalysis\AsusSystemAnalysis.exe [4454920 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [1305608 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [3386064 2026-03-21] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13345600 2026-04-20] (Microsoft Corporation -> Microsoft Corporation)
S3 com.docker.service; C:\Program Files\Docker\Docker\com.docker.service [39344 2026-04-07] (Docker Inc -> Docker Inc.)
R2 DtsApo4Service; C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe [442368 2023-12-17] (DTS, Inc. -> DTS Inc.)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [20372640 2026-01-27] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [985896 2026-03-15] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 GalaxyClientService; \\?\C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2443288 2026-04-07] (GOG sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7656984 2026-04-07] (GOG sp. z o.o -> GOG.com)
R2 GameSDK Service; C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe [397544 2022-05-31] (ASUSTeK COMPUTER INC. -> ASUS Inc.)
R2 GlideXNearService; C:\Program Files\ASUS\GlideX\GlideXNear\GlideXNearService.exe [1825712 2025-11-13] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 GlideXRemoteService; C:\Program Files\ASUS\GlideX\GlideXRemote\GlideXRemoteService.exe [486832 2025-11-12] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​)
R2 GlideXService; C:\Program Files\ASUS\GlideX\GlideXService.exe [2985904 2025-11-13] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 GlideXServiceExt; C:\Program Files\ASUS\GlideX\GlideXServiceExt.exe [303024 2025-11-13] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [4926312 2024-05-06] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [976368 2026-04-24] (McAfee, LLC -> McAfee, LLC)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpDefenderCoreService.exe [2088128 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 MicrosoftCopilotElevationService; C:\Program Files (x86)\Microsoft\Copilot\Application\147.0.3912.84\elevation_service.exe [3602240 2026-04-23] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_98d8c76c5f0d1f70\Display.NvContainer\NVDisplay.Container.exe [1702600 2026-04-14] (NVIDIA Corporation -> NVIDIA Corporation)
R2 ROG Live Service; C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe [2045400 2024-05-13] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 SteelSeriesGGUpdateServiceProxy; C:\Program Files\SteelSeries\GG\SteelSeriesGGUpdateServiceProxy.exe [1587712 2025-03-12] (GN Hearing A/S -> )
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [55767304 2026-04-12] (Riot Games, Inc. -> Riot Games, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\NisSrv.exe [4480592 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MsMpEng.exe [290744 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 Bonjour Service; C:\Program Files\Blizzard\Bonjour Service\mDNSResponder.exe (No File)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_987f8cede005f427\amdfendrmgr.sys [36040 2024-05-09] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amduw23g; C:\Windows\System32\DriverStore\FileRepository\u0404233.inf_amd64_397a6af4950eb5ee\B402913\amdkmdag.sys [106001688 2024-06-14] (AMD Test Build -> Advanced Micro Devices, Inc.)
R2 amd_dpfc; C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_98d8c76c5f0d1f70\amd_dpfc.sys [47816 2026-04-14] (NVIDIA Corporation -> Advanced Micro Devices)
R3 AsusPTPDrv; C:\Windows\System32\DriverStore\FileRepository\asusptpfilter.inf_amd64_1e467870260bcd2f\AsusPTPFilter.sys [199632 2024-09-04] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R3 AsusSAIO; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemAnalysis\AsusSAIO.sys [51256 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R1 ATKWMIACPIIO; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusWmiAcpi.sys [50912 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [110592 2025-08-19] (Microsoft Corporation) [File not signed]
R0 fse; C:\Windows\System32\drivers\fse.sys [226688 2025-12-10] (Microsoft Windows -> Microsoft Corporation)
R3 KslD; C:\Windows\System32\drivers\wd\KslD.sys [82352 2026-03-08] (Microsoft Windows -> Microsoft Corporation)
S2 l1vhlwf; C:\Windows\System32\drivers\l1vhlwf.sys [144872 2026-04-14] (Microsoft Windows -> Microsoft Corporation)
R3 nvpcf; C:\Windows\System32\drivers\nvpcf.sys [308456 2026-02-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 ovpn-dco; C:\Windows\System32\drivers\ovpn-dco.sys [101008 2026-01-07] (WDKTestCert lev,133391533294737317 -> OpenVPN, Inc)
R3 rt68cx21; C:\Windows\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_043a02d7d5d8270f\rt68cx21x64.sys [752496 2023-08-16] (Realtek Semiconductor Corp. -> Realtek)
S3 RtkBtFilter2; C:\Windows\System32\DriverStore\FileRepository\rtkbtfilter.inf_amd64_899e279b64ed2cb5\RtkBtFilter2.sys [209640 2025-07-04] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corporation)
R3 ssdevfactory; C:\Windows\System32\drivers\ssdevfactory.sys [43568 2025-12-01] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
R3 sshid; C:\Windows\System32\drivers\sshid.sys [55856 2026-03-06] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
R3 SteelSeries_Sonar_VAD; C:\Windows\System32\DriverStore\FileRepository\steelseries-sonar-vad.inf_amd64_d2a852794d8f7bf8\SteelSeries-Sonar-VAD.sys [95912 2025-10-31] (GN Hearing A/S -> Windows (R) Win 7 DDK provider)
R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [70158624 2026-04-11] (Riot Games, Inc. -> Riot Games, Inc.)
S3 vmbusproxy; C:\Windows\system32\drivers\vmbusproxy.sys [98304 2025-08-19] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [21888 2026-04-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [647560 2026-04-14] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [100744 2026-04-14] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\Windows\System32\drivers\wintun.sys [38176 2026-03-09] (WireGuard LLC -> WireGuard LLC)
S3 WireGuard; C:\Windows\System32\drivers\wireguard.sys [489368 2026-03-09] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
U3 aswBcc; no ImagePath
U3 Avast Business Console Client Antivirus Service; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2026-04-27 01:23 - 2026-04-27 01:23 - 000036309 _____ C:\Users\hejda\Desktop\FRST.txt
2026-04-27 01:23 - 2026-04-27 01:19 - 002447360 _____ (Farbar) C:\Users\hejda\Desktop\FRST64.exe
2026-04-24 11:58 - 2026-04-26 20:21 - 000000000 ____D C:\Windows\CbsTemp
2026-04-23 00:38 - 2026-04-23 00:38 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2026-04-17 13:40 - 2026-04-17 13:40 - 000000000 ____D C:\Windows\LastGood.Tmp
2026-04-17 13:37 - 2026-04-14 14:30 - 029136584 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 028057800 _____ C:\Windows\system32\nvidia-pcc.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 021713096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 008441032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 005925064 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 005674192 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 005516456 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 005011408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 004466888 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 002421264 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 002421264 _____ C:\Windows\system32\vulkaninfo.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 002328264 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001923088 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 001923088 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 001724104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001625616 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001625616 _____ C:\Windows\system32\vulkan-1.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001621200 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 001583304 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001434640 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001434640 _____ C:\Windows\SysWOW64\vulkan-1.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001385672 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001231560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001064648 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000853704 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 000820432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000675016 _____ (NVIDIA Corporation) C:\Windows\system32\nvofapi64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000509128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvofapi.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000478928 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000469712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 000374992 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2026-04-17 13:37 - 2026-04-13 22:30 - 000162186 _____ C:\Windows\system32\nvinfo.pb
2026-04-14 21:25 - 2026-04-14 21:28 - 000000000 ___HD C:\$WinREAgent
2026-04-14 21:24 - 2026-04-14 21:24 - 000036843 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2026-04-14 21:24 - 2026-04-14 21:24 - 000036843 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2026-04-14 21:24 - 2026-04-14 21:24 - 000004575 _____ C:\Windows\system32\ResPriUHMImageList
2026-04-14 21:24 - 2026-04-14 21:24 - 000004575 _____ C:\Windows\system32\ResPriLMImageList
2026-04-14 21:24 - 2026-04-14 21:24 - 000004575 _____ C:\Windows\system32\ResPriImageList
2026-04-14 21:24 - 2026-04-14 21:24 - 000004575 _____ C:\Windows\system32\ResPriHMImageList
2026-04-14 20:33 - 2026-04-14 20:33 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2026-04-12 00:00 - 2026-04-12 00:00 - 000000000 ____D C:\Program Files (x86)\Intel
2026-04-11 23:59 - 2026-04-11 23:59 - 000000000 ____D C:\Program Files\Intel
2026-04-08 13:35 - 2026-04-08 13:35 - 000000000 ____D C:\Windows\system32\Tasks\SoftLanding
2026-04-07 12:55 - 2026-04-07 12:55 - 000002108 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Docker Desktop.lnk
2026-04-07 12:55 - 2026-04-07 12:55 - 000002102 _____ C:\Users\hejda\Desktop\Docker Desktop.lnk
2026-03-29 14:19 - 2026-03-29 14:19 - 000000000 ____D C:\Users\hejda\AppData\Local\Spotify

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2026-04-27 01:23 - 2026-02-28 00:11 - 000000000 ____D C:\FRST
2026-04-27 01:15 - 2025-08-19 18:05 - 000000000 ____D C:\Program Files (x86)\Steam
2026-04-27 01:13 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2026-04-27 01:11 - 2025-08-19 16:10 - 000000000 ____D C:\Users\hejda\AppData\Local\Battle.net
2026-04-27 00:33 - 2024-04-01 08:24 - 000000000 ____D C:\Windows\INF
2026-04-27 00:21 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SystemTemp
2026-04-27 00:03 - 2025-08-19 14:38 - 000003752 _____ C:\Windows\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2026-04-26 22:51 - 2026-03-03 20:43 - 134222904 _____ C:\Windows\392667600.dat
2026-04-26 22:51 - 2026-03-03 20:43 - 000000001 _____ C:\Windows\vgkbootstatus.dat
2026-04-26 22:49 - 2025-08-19 15:33 - 000000000 ____D C:\Users\hejda\AppData\Local\D3DSCache
2026-04-26 22:48 - 2026-03-03 20:13 - 000000000 ____D C:\ProgramData\Riot Games
2026-04-26 22:47 - 2026-03-03 20:17 - 000000000 ____D C:\Program Files\Riot Vanguard
2026-04-26 22:47 - 2026-03-03 20:14 - 000000000 ____D C:\Users\hejda\AppData\Roaming\riot-client-ux
2026-04-26 22:47 - 2026-03-03 20:14 - 000000000 ____D C:\Users\hejda\AppData\Roaming\Riot Client
2026-04-26 18:28 - 2025-03-13 01:19 - 000791266 _____ C:\Windows\system32\PerfStringBackup.INI
2026-04-26 18:26 - 2025-12-14 18:57 - 000003822 _____ C:\Windows\system32\Tasks\AsusSystemDiagnosis_DriverQuality
2026-04-26 18:21 - 2026-03-01 19:45 - 000008614 _____ C:\Windows\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2026-04-26 18:21 - 2025-09-14 22:39 - 000000000 ____D C:\Users\hejda\AppData\Roaming\Pi Network
2026-04-26 18:21 - 2025-08-19 15:43 - 000000000 ____D C:\Users\hejda\AppData\Roaming\asus_framework
2026-04-26 18:21 - 2025-03-13 01:24 - 000000000 ____D C:\Windows\system32\ASUSACCI
2026-04-26 18:21 - 2025-03-13 01:13 - 000000000 ____D C:\ProgramData\NVIDIA
2026-04-26 18:21 - 2024-05-26 10:14 - 000012288 ___SH C:\DumpStack.log.tmp
2026-04-26 18:21 - 2024-05-26 10:14 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2026-04-26 18:21 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\AppReadiness
2026-04-26 18:20 - 2024-04-01 08:21 - 000786432 _____ C:\Windows\system32\config\BBI
2026-04-26 18:10 - 2025-08-19 15:33 - 000000000 ____D C:\Users\hejda\AppData\Local\Packages
2026-04-26 18:07 - 2024-04-01 08:26 - 000000000 ___HD C:\Program Files\WindowsApps
2026-04-26 17:50 - 2024-05-26 10:14 - 000000000 ____D C:\Windows\system32\SleepStudy
2026-04-26 16:34 - 2024-05-26 10:14 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2026-04-24 10:39 - 2025-11-02 03:08 - 000000000 ____D C:\ProgramData\Whesvc
2026-04-23 23:58 - 2025-08-19 16:10 - 000000000 ____D C:\Program Files (x86)\Battle.net
2026-04-23 00:39 - 2025-08-19 18:12 - 000000000 ____D C:\Users\hejda\AppData\Local\NVIDIA
2026-04-23 00:38 - 2024-05-26 10:17 - 000000000 ____D C:\Program Files\Microsoft Office
2026-04-23 00:28 - 2025-08-19 16:58 - 000002209 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2026-04-23 00:28 - 2025-08-19 16:58 - 000002168 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2026-04-20 20:44 - 2025-08-19 15:44 - 000003576 _____ C:\Windows\system32\Tasks\OneDrive Startup Task-S-1-5-21-1589204013-1864288644-3288743639-1001
2026-04-20 20:44 - 2025-08-19 15:43 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1589204013-1864288644-3288743639-1001
2026-04-20 20:44 - 2025-08-19 15:43 - 000003362 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1589204013-1864288644-3288743639-1001
2026-04-20 20:44 - 2025-08-19 15:43 - 000002385 _____ C:\Users\hejda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2026-04-20 15:24 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\LiveKernelReports
2026-04-17 13:36 - 2025-08-19 15:43 - 000000000 ____D C:\Users\hejda\AppData\Local\NVIDIA Corporation
2026-04-15 00:58 - 2025-03-13 01:19 - 000001623 _____ C:\Windows\system32\config\VSMIDK
2026-04-15 00:56 - 2026-03-13 23:32 - 000480856 _____ C:\Windows\system32\FNTCACHE.DAT
2026-04-15 00:55 - 2025-08-19 15:24 - 000000000 ____D C:\Windows\system32\ruxim
2026-04-15 00:55 - 2024-05-26 10:54 - 000000000 ____D C:\Windows\system32\Drivers\en-GB
2026-04-15 00:55 - 2024-05-26 10:54 - 000000000 ____D C:\Windows\en-GB
2026-04-15 00:55 - 2024-04-01 09:08 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ___SD C:\Windows\SysWOW64\F12
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ___SD C:\Windows\system32\F12
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\vi-VN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ur-PK
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ug-CN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\tt-RU
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\te-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ta-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\sq-AL
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\quz-PE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\qps-plocm
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\qps-ploc
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\pa-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\or-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\oobe
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\nn-NO
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ne-NP
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\mt-MT
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\mr-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ml-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\mk-MK
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\mi-NZ
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\lo-LA
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\lb-LU
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\kok-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\kn-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\km-KH
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\kk-KZ
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ka-GE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\is-IS
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\InstallShield
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\id-ID
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\hy-AM
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\hi-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\gu-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\gl-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\gd-GB
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ga-IE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\fil-PH
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\fa-IR
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\eu-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\Dism
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\cy-GB
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ca-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\bn-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\be-BY
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\as-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\am-ET
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\af-ZA
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SystemResources
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\WinMetadata
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\vi-VN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ur-PK
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ug-CN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\tt-RU
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\te-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ta-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\sq-AL
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ShellExperiences
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\setup
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\quz-PE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\qps-plocm
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\qps-ploc
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\pa-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\or-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\oobe
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\nn-NO
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ne-NP
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\mt-MT
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\mr-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ml-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\mk-MK
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\mi-NZ
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\migwiz
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\lv-LV
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\lt-LT
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\lo-LA
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\lb-LU
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\kok-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\kn-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\km-KH
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\kk-KZ
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ka-GE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\is-IS
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\id-ID
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\hy-AM
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\hi-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\HealthAttestationClient
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\gu-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\gl-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\gd-GB
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ga-IE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\fil-PH
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\fa-IR
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\eu-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\et-EE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\es-MX
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\Dism
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\cy-GB
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ca-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\bn-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\be-BY
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\as-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\appraiser
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\am-ET
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\af-ZA
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\ShellExperiences
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\ShellComponents
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\Provisioning
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\DiagTrack
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\BrowserCore
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\bcastdvr
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\System
2026-04-15 00:55 - 2024-04-01 08:21 - 000000000 ____D C:\Windows\servicing
2026-04-14 21:34 - 2024-04-01 08:26 - 000282624 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2026-04-14 21:34 - 2024-04-01 08:26 - 000235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2026-04-14 21:24 - 2024-05-26 10:16 - 003268096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2026-04-14 21:03 - 2025-08-19 21:11 - 000000000 ____D C:\Windows\system32\MRT
2026-04-14 21:01 - 2025-08-19 21:11 - 218249592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2026-04-14 20:49 - 2025-08-19 15:32 - 000000000 ____D C:\Users\hejda\AppData\Local\PlaceholderTileLogoFolder
2026-04-14 20:49 - 2025-03-13 01:10 - 000000000 ____D C:\ProgramData\Packages
2026-04-14 20:49 - 2024-05-26 10:14 - 000000000 ____D C:\Windows\system32\Drivers\wd
2026-04-14 20:46 - 2025-08-19 15:44 - 000000000 ____D C:\Users\hejda\AppData\Local\Comms
2026-04-12 02:57 - 2025-09-08 04:42 - 000001396 _____ C:\Users\Public\Desktop\NVIDIA App.lnk
2026-04-12 02:57 - 2025-09-08 04:35 - 000003834 _____ C:\Windows\system32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2026-04-12 02:57 - 2025-08-19 15:43 - 000000000 ___RD C:\Users\hejda\OneDrive
2026-04-12 02:57 - 2025-03-13 01:14 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2026-04-11 23:59 - 2025-03-13 01:15 - 000000000 ____D C:\ProgramData\Package Cache
2026-04-11 22:44 - 2025-10-13 21:36 - 000000434 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2026-04-11 14:27 - 2025-10-13 21:34 - 000000000 ____D C:\Users\hejda\AppData\Roaming\Docker Desktop
2026-04-11 12:51 - 2025-10-13 21:34 - 000000000 ____D C:\Users\hejda\AppData\Local\docker-secrets-engine
2026-04-11 12:51 - 2025-10-13 21:31 - 000000000 ____D C:\Users\hejda\.docker
2026-04-11 12:51 - 2025-10-13 21:29 - 000000000 ____D C:\Users\hejda\AppData\Roaming\Docker
2026-04-11 01:18 - 2024-05-26 10:14 - 000003610 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{0D77E3DA-EDAC-4B78-8B97-3078243A3EB0}
2026-04-11 01:18 - 2024-05-26 10:14 - 000003484 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{04F810C2-61C9-48F3-A74E-6C906168D8E8}
2026-04-09 23:05 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\SecurityHealth
2026-04-07 12:55 - 2026-03-03 22:07 - 000000000 ____D C:\Program Files\Docker
2026-04-07 12:55 - 2025-10-13 21:29 - 000000000 ____D C:\ProgramData\DockerDesktop
2026-04-07 12:54 - 2025-10-13 21:29 - 000000000 ____D C:\Users\hejda\AppData\Local\Docker
2026-04-07 12:47 - 2025-08-19 15:50 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2026-04-07 06:23 - 2025-09-08 04:35 - 001311344 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2026-04-07 06:23 - 2025-09-08 04:35 - 001116272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2026-04-07 06:23 - 2025-03-13 01:15 - 000296560 _____ C:\Windows\system32\FvSDK_x64.dll
2026-04-07 06:23 - 2025-03-13 01:15 - 000271472 _____ C:\Windows\SysWOW64\FvSDK_x86.dll
2026-04-07 06:00 - 2026-02-05 00:52 - 000161936 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap32v.dll
2026-04-07 06:00 - 2025-09-08 04:34 - 000185496 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2026-04-07 05:59 - 2025-09-08 04:35 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2026-04-05 22:13 - 2026-01-21 17:57 - 000004132 _____ C:\Windows\system32\Tasks\ASUS Update Checker 2.0
2026-04-05 22:13 - 2025-03-13 01:06 - 000003756 _____ C:\Windows\system32\Tasks\ASUS Optimization 36D18D69AFC3
2026-04-05 03:42 - 2025-08-19 15:51 - 000000000 ____D C:\Users\hejda\AppData\Local\CrashDumps
2026-03-29 00:50 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\microsoft shared

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119892
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosim zase jednou o kontrolu logu. Predem moc dekuji.

#2 Příspěvek od Rudy »

Zdravím!.txt
Aby kontrola mohla být provedena kompletně, potřebuji vidět ještě lo Addition. Najdete ho na ploše v souboru addition txt. Děkuji.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Hejdys84
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 28 úno 2026 00:23

Re: Prosim zase jednou o kontrolu logu. Predem moc dekuji.

#3 Příspěvek od Hejdys84 »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-04-2026
Ran by hejda (administrator) on HEJDYS (ASUSTeK COMPUTER INC. ASUS TUF Gaming A15 FA506NC_FA506NC) (27-04-2026 01:23:27)
Running from C:\Users\hejda\Desktop\FRST64.exe
Loaded Profiles: hejda
Platform: Microsoft Windows 11 Home Version 25H2 26200.8246 (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe
(0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe
(453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe
(ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\GlideX\adb.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOSD.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files (x86)\LightingService\LightingService.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\AacAmbientHal\AacAmbientLighting.exe
(C:\Program Files (x86)\LightingService\LightingService.exe ->) (ASUSTeK COMPUTER INC. -> TODO: <Company name>) C:\Program Files\ASUS\AacAmbientHal\AacAmbientKeyScanner.exe
(C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA Overlay.exe <5>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA App\ShadowPlay\nvsphelper64.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\amdow.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSSrcExt.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\cncmd.exe
(C:\Program Files\WindowsApps\Microsoft.YourPhone_1.26022.64.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.26022.64.0_x64__8wekyb3d8bbwe\YourPhoneAppProxy.exe
(C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\crashpad_handler.exe <2>
(DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimization.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusHotkey.exe
(DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimization.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimizationStartupTask.exe
(DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusSoftwareManager.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe
(DriverStore\FileRepository\u0404233.inf_amd64_397a6af4950eb5ee\B402913\atiesrxx.exe ->) (AMD Test Build -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0404233.inf_amd64_397a6af4950eb5ee\B402913\atieclxx.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <9>
(services.exe ->) (AMD Test Build -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0404233.inf_amd64_397a6af4950eb5ee\B402913\atiesrxx.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUS Inc.) C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) C:\Program Files\ASUS\GlideX\GlideXRemote\GlideXRemoteService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files\ASUS\GlideX\GlideXNear\GlideXNearService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\GlideX\GlideXService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\GlideX\GlideXServiceExt.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\ASUSACCI\ArmouryCrateControlInterface.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asusptpfilter.inf_amd64_1e467870260bcd2f\AsusPTPService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\AsusAppService\AsusAppService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimization.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusSoftwareManager.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSwitch\AsusSwitch.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemAnalysis\AsusSystemAnalysis.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WSL\wslservice.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_987f8cede005f427\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <4>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_98d8c76c5f0d1f70\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a5b5950537cd134e\RtkAudUService64.exe <2>
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> WhatsApp.Root) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2613.101.0_x64__cv1g1gvanyjgm\WhatsApp.Root.exe
(svchost.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\XboxGameBarSpotify.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <4>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS Hotplug Controller\AsHotplugCtrl.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.Edge.GameAssist_1.0.3590.0_x64__8wekyb3d8bbwe\EdgeGameAssist.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Copilot\Application\mscopilot_proxy.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2604.1001.9.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.248.3.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\spaceman.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AppActions.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a5b5950537cd134e\RtkAudUService64.exe [2021320 2024-05-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [SteelSeriesGG] => C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe [20251704 2026-03-12] (GN Hearing A/S -> SteelSeries A/S)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [4148120 2026-04-12] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32\...\Run: [ASUS Smart Display Control] => C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe [178840 2024-03-29] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [14608920 2026-04-07] (GOG sp. z o.o -> GOG.com)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1008336 2026-04-23] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [5767832 2026-03-13] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2589432 2026-03-31] (Wargaming Group Limited -> Wargaming.net)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [3792032 2026-01-27] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [electron.app.Pi Network] => C:\Users\hejda\AppData\Local\Programs\pi-network-desktop\Pi Network.exe [199201592 2025-10-22] (SocialChain Inc -> Socialchain Inc.)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [RiotClient] => D:\Riot Games\Riot Client\RiotClientServices.exe [75632248 2026-04-26] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [Docker Desktop] => C:\Program Files\Docker\Docker\Docker Desktop.exe [13082544 2026-04-07] (Docker Inc -> Docker Inc.)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [MicrosoftEdgeAutoLaunch_E478EAC7BFC67F03F478E5F2D7931491] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [5026664 2026-04-24] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\...\AppCompatFlags\Custom\H3Blade.exe: [{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb] -> HoMM III Compatibility Database
HKLM\Software\...\AppCompatFlags\InstalledSDB\{62a24b39-0106-4990-90ea-3a09e9dda7a6}: [DatabasePath] -> C:\Windows\AppPatch\CustomSDB\{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb [2025-08-22]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{49210152-871f-4ffa-961d-a172abcbc09d}] -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe [3101848 2026-03-18] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\147.0.7727.103\Installer\chrmstp.exe [7429272 2026-04-22] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{ECDEB23C-E72D-F54F-081D-D2180DBF1497}] -> reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {410B4D63-12D8-4350-8F4A-E34014E8BDB6} - System32\Tasks\ASUS Hotplug Controller => C:\Program Files\ASUS\ASUS Hotplug Controller\AsHotplugCtrl.exe [208016 2024-04-08] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {ADAE697B-9848-4B6B-B869-544F532FC612} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusHotkey.exe [365064 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {889704A5-599C-40C2-AA82-B937D2F95827} - System32\Tasks\ASUS Update Checker 2.0 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusUpdateChecker.exe [852488 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {92D0D783-9E50-4AC0-8238-534D411197DD} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [359784 2024-01-15] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {0F054585-BEFC-4EB3-B450-F416C7F164B9} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [1812328 2024-01-15] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {E1B4053E-90F4-4FD6-8B4F-41D7D547725F} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [139091304 2024-04-19] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
Task: {719E5C49-92AE-4012-AD17-40F53E10A2E1} - System32\Tasks\ASUSSmartDisplayControl => C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe [178840 2024-03-29] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {3F0AD4E5-9017-4943-AE79-009EA9898A62} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemAnalysis\AsusSystemAnalysis.exe [4454920 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {B8DE8D77-5DE2-466C-A8FA-28A7FC000615} - System32\Tasks\AsusSystemDiagnosis_DriverQuality => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [1305608 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
Task: {1B0CB987-EC8F-4C09-9F3D-4A2A44055940} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem148.0.7730.0{595F8B06-08D2-4865-8F7D-5532E378B367} => C:\Program Files (x86)\Google\GoogleUpdater\148.0.7730.0\updater.exe [8459416 2026-03-12] (Google LLC -> Google LLC)
Task: {EC46F1CC-B0D4-4E08-983E-F9EF11EE6B8E} - System32\Tasks\Microsoft\Office\Office Actions Server => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ActionsServer\ActionsServer.exe [16380208 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {F178A75F-38CE-474E-BAF4-31FB056BD2EC} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28546448 2026-04-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {3DF83F57-55C6-45E5-949B-0C7AE810905A} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\opushutil.exe [73568 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {EC5D4D0B-1E6E-44BA-8850-4882A1D806BD} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28546448 2026-04-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {141D6492-8AC7-4436-BF5B-EE8F2E183B83} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [426776 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {95199692-FBC4-4D24-ADF0-63C005D1275B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [426776 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {92D30FB8-0502-4C39-A8F8-3024CCAA1602} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [1366888 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {4577BF73-D404-4AC1-A9E9-2C0F57120115} - System32\Tasks\Microsoft\Office\Office Startup Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ActionsServer\ActionsServer.exe [16380208 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {FF284009-385D-496B-AEFD-2F825AFF3F1B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {185304CA-D111-48BD-8CCA-5FEEC948BC33} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {31E8EB23-CCE6-44C5-BFAA-90B57D01590D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {62D1D874-E07F-450A-B3DF-0738B60E5CAF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {13E1DF2D-2322-4B67-9D6A-2EBEE9915C81} - System32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA App.exe [3346544 2026-04-07] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{1e830ae0-24bc-4813-841d-0138cb78e197}: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\14355535F54403: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\14355535F577966696: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\14355535F577966696F55374: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\2445D263736493D453: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\2445D263736493D453: [DhcpDomain] home
Tcpip\..\Interfaces\{e5f549ba-a1c6-454b-bee3-41a99569e0fe}: [DhcpDomain] local

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2026-01-25] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2025-12-07] (Microsoft Corporation -> Microsoft Corporation)

Edge:
=======
Edge Profile: C:\Users\hejda\AppData\Local\Microsoft\Edge\User Data\Default [2026-04-26]
Edge Extension: (VPN for Chrome: NordVPN proxy protection) - C:\Users\hejda\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2026-04-16]
Edge Extension: (Google Docs Offline) - C:\Users\hejda\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-04-23]
Edge Extension: (Edge relevant text changes) - C:\Users\hejda\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2026-03-15]
Edge HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [fjoaledfpmneenckfbpdfhkmimnjocfa]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\hejda\AppData\Local\Google\Chrome\User Data\Default [2026-04-27]
CHR DownloadDir: D:\Download
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://www.seznam.cz/"
CHR DefaultSearchURL: Default -> hxxps://thecharitych.com/search?the=QUMyZGV3cwRUUHZ2AldWcHIEVFx1cAcYVHB0BlBUdD8DU1N0cgBQUHB1TiEkCCJ7NQojAFopLDR7Sx4IHgRADzQMFV4DHS4AcFYRBRB3MSAABmslNgACdwMsAhBiIDoDNHc%3D&q={searchTerms}&source=hj
CHR DefaultSearchKeyword: Default -> yahoo.com
CHR DefaultNewTabURL: Default -> hxxps://thecharitych.com/nt?the=QUMyZGV3cwRUUHZ2AldWcHIEVFx1cAcYVHB0BlBUdD8DU1N0cgBQUHB1TiEkCCJ7NQojAFopLDR7Sx4IHgRADzQMFV4DHS4AcFYRBRB3MSAABmslNgACdwMsAhBiIDoDNHc%3D&source=hj
CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas_sfp&command={searchTerms}
CHR Extension: (VPN for Chrome: NordVPN proxy protection) - C:\Users\hejda\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2026-04-17]
CHR Extension: (Google Docs Offline) - C:\Users\hejda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-04-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\hejda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2025-08-19]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fjoaledfpmneenckfbpdfhkmimnjocfa]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ArmouryCrateControlInterface; C:\Windows\System32\ASUSACCI\ArmouryCrateControlInterface.exe [213016 2026-03-02] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe [401880 2024-05-31] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 AsusAppService; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\AsusAppService\AsusAppService.exe [1162760 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSOptimization; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimization.exe [654344 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 AsusPTPService; C:\Windows\System32\DriverStore\FileRepository\asusptpfilter.inf_amd64_1e467870260bcd2f\AsusPTPService.exe [229840 2024-09-04] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 ASUSSoftwareManager; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusSoftwareManager.exe [1422344 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSwitch; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSwitch\AsusSwitch.exe [653832 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemAnalysis\AsusSystemAnalysis.exe [4454920 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [1305608 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [3386064 2026-03-21] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13345600 2026-04-20] (Microsoft Corporation -> Microsoft Corporation)
S3 com.docker.service; C:\Program Files\Docker\Docker\com.docker.service [39344 2026-04-07] (Docker Inc -> Docker Inc.)
R2 DtsApo4Service; C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe [442368 2023-12-17] (DTS, Inc. -> DTS Inc.)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [20372640 2026-01-27] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [985896 2026-03-15] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 GalaxyClientService; \\?\C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2443288 2026-04-07] (GOG sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7656984 2026-04-07] (GOG sp. z o.o -> GOG.com)
R2 GameSDK Service; C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe [397544 2022-05-31] (ASUSTeK COMPUTER INC. -> ASUS Inc.)
R2 GlideXNearService; C:\Program Files\ASUS\GlideX\GlideXNear\GlideXNearService.exe [1825712 2025-11-13] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 GlideXRemoteService; C:\Program Files\ASUS\GlideX\GlideXRemote\GlideXRemoteService.exe [486832 2025-11-12] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​)
R2 GlideXService; C:\Program Files\ASUS\GlideX\GlideXService.exe [2985904 2025-11-13] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 GlideXServiceExt; C:\Program Files\ASUS\GlideX\GlideXServiceExt.exe [303024 2025-11-13] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [4926312 2024-05-06] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [976368 2026-04-24] (McAfee, LLC -> McAfee, LLC)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpDefenderCoreService.exe [2088128 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 MicrosoftCopilotElevationService; C:\Program Files (x86)\Microsoft\Copilot\Application\147.0.3912.84\elevation_service.exe [3602240 2026-04-23] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_98d8c76c5f0d1f70\Display.NvContainer\NVDisplay.Container.exe [1702600 2026-04-14] (NVIDIA Corporation -> NVIDIA Corporation)
R2 ROG Live Service; C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe [2045400 2024-05-13] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 SteelSeriesGGUpdateServiceProxy; C:\Program Files\SteelSeries\GG\SteelSeriesGGUpdateServiceProxy.exe [1587712 2025-03-12] (GN Hearing A/S -> )
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [55767304 2026-04-12] (Riot Games, Inc. -> Riot Games, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\NisSrv.exe [4480592 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MsMpEng.exe [290744 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 Bonjour Service; C:\Program Files\Blizzard\Bonjour Service\mDNSResponder.exe (No File)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_987f8cede005f427\amdfendrmgr.sys [36040 2024-05-09] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amduw23g; C:\Windows\System32\DriverStore\FileRepository\u0404233.inf_amd64_397a6af4950eb5ee\B402913\amdkmdag.sys [106001688 2024-06-14] (AMD Test Build -> Advanced Micro Devices, Inc.)
R2 amd_dpfc; C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_98d8c76c5f0d1f70\amd_dpfc.sys [47816 2026-04-14] (NVIDIA Corporation -> Advanced Micro Devices)
R3 AsusPTPDrv; C:\Windows\System32\DriverStore\FileRepository\asusptpfilter.inf_amd64_1e467870260bcd2f\AsusPTPFilter.sys [199632 2024-09-04] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R3 AsusSAIO; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemAnalysis\AsusSAIO.sys [51256 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R1 ATKWMIACPIIO; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusWmiAcpi.sys [50912 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [110592 2025-08-19] (Microsoft Corporation) [File not signed]
R0 fse; C:\Windows\System32\drivers\fse.sys [226688 2025-12-10] (Microsoft Windows -> Microsoft Corporation)
R3 KslD; C:\Windows\System32\drivers\wd\KslD.sys [82352 2026-03-08] (Microsoft Windows -> Microsoft Corporation)
S2 l1vhlwf; C:\Windows\System32\drivers\l1vhlwf.sys [144872 2026-04-14] (Microsoft Windows -> Microsoft Corporation)
R3 nvpcf; C:\Windows\System32\drivers\nvpcf.sys [308456 2026-02-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 ovpn-dco; C:\Windows\System32\drivers\ovpn-dco.sys [101008 2026-01-07] (WDKTestCert lev,133391533294737317 -> OpenVPN, Inc)
R3 rt68cx21; C:\Windows\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_043a02d7d5d8270f\rt68cx21x64.sys [752496 2023-08-16] (Realtek Semiconductor Corp. -> Realtek)
S3 RtkBtFilter2; C:\Windows\System32\DriverStore\FileRepository\rtkbtfilter.inf_amd64_899e279b64ed2cb5\RtkBtFilter2.sys [209640 2025-07-04] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corporation)
R3 ssdevfactory; C:\Windows\System32\drivers\ssdevfactory.sys [43568 2025-12-01] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
R3 sshid; C:\Windows\System32\drivers\sshid.sys [55856 2026-03-06] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
R3 SteelSeries_Sonar_VAD; C:\Windows\System32\DriverStore\FileRepository\steelseries-sonar-vad.inf_amd64_d2a852794d8f7bf8\SteelSeries-Sonar-VAD.sys [95912 2025-10-31] (GN Hearing A/S -> Windows (R) Win 7 DDK provider)
R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [70158624 2026-04-11] (Riot Games, Inc. -> Riot Games, Inc.)
S3 vmbusproxy; C:\Windows\system32\drivers\vmbusproxy.sys [98304 2025-08-19] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [21888 2026-04-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [647560 2026-04-14] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [100744 2026-04-14] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\Windows\System32\drivers\wintun.sys [38176 2026-03-09] (WireGuard LLC -> WireGuard LLC)
S3 WireGuard; C:\Windows\System32\drivers\wireguard.sys [489368 2026-03-09] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
U3 aswBcc; no ImagePath
U3 Avast Business Console Client Antivirus Service; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2026-04-27 01:23 - 2026-04-27 01:23 - 000036309 _____ C:\Users\hejda\Desktop\FRST.txt
2026-04-27 01:23 - 2026-04-27 01:19 - 002447360 _____ (Farbar) C:\Users\hejda\Desktop\FRST64.exe
2026-04-24 11:58 - 2026-04-26 20:21 - 000000000 ____D C:\Windows\CbsTemp
2026-04-23 00:38 - 2026-04-23 00:38 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2026-04-17 13:40 - 2026-04-17 13:40 - 000000000 ____D C:\Windows\LastGood.Tmp
2026-04-17 13:37 - 2026-04-14 14:30 - 029136584 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 028057800 _____ C:\Windows\system32\nvidia-pcc.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 021713096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 008441032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 005925064 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 005674192 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 005516456 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 005011408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 004466888 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 002421264 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 002421264 _____ C:\Windows\system32\vulkaninfo.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 002328264 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001923088 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 001923088 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 001724104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001625616 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001625616 _____ C:\Windows\system32\vulkan-1.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001621200 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 001583304 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001434640 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001434640 _____ C:\Windows\SysWOW64\vulkan-1.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001385672 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001231560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001064648 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000853704 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 000820432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000675016 _____ (NVIDIA Corporation) C:\Windows\system32\nvofapi64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000509128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvofapi.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000478928 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000469712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 000374992 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2026-04-17 13:37 - 2026-04-13 22:30 - 000162186 _____ C:\Windows\system32\nvinfo.pb
2026-04-14 21:25 - 2026-04-14 21:28 - 000000000 ___HD C:\$WinREAgent
2026-04-14 21:24 - 2026-04-14 21:24 - 000036843 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2026-04-14 21:24 - 2026-04-14 21:24 - 000036843 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2026-04-14 21:24 - 2026-04-14 21:24 - 000004575 _____ C:\Windows\system32\ResPriUHMImageList
2026-04-14 21:24 - 2026-04-14 21:24 - 000004575 _____ C:\Windows\system32\ResPriLMImageList
2026-04-14 21:24 - 2026-04-14 21:24 - 000004575 _____ C:\Windows\system32\ResPriImageList
2026-04-14 21:24 - 2026-04-14 21:24 - 000004575 _____ C:\Windows\system32\ResPriHMImageList
2026-04-14 20:33 - 2026-04-14 20:33 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2026-04-12 00:00 - 2026-04-12 00:00 - 000000000 ____D C:\Program Files (x86)\Intel
2026-04-11 23:59 - 2026-04-11 23:59 - 000000000 ____D C:\Program Files\Intel
2026-04-08 13:35 - 2026-04-08 13:35 - 000000000 ____D C:\Windows\system32\Tasks\SoftLanding
2026-04-07 12:55 - 2026-04-07 12:55 - 000002108 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Docker Desktop.lnk
2026-04-07 12:55 - 2026-04-07 12:55 - 000002102 _____ C:\Users\hejda\Desktop\Docker Desktop.lnk
2026-03-29 14:19 - 2026-03-29 14:19 - 000000000 ____D C:\Users\hejda\AppData\Local\Spotify

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2026-04-27 01:23 - 2026-02-28 00:11 - 000000000 ____D C:\FRST
2026-04-27 01:15 - 2025-08-19 18:05 - 000000000 ____D C:\Program Files (x86)\Steam
2026-04-27 01:13 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2026-04-27 01:11 - 2025-08-19 16:10 - 000000000 ____D C:\Users\hejda\AppData\Local\Battle.net
2026-04-27 00:33 - 2024-04-01 08:24 - 000000000 ____D C:\Windows\INF
2026-04-27 00:21 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SystemTemp
2026-04-27 00:03 - 2025-08-19 14:38 - 000003752 _____ C:\Windows\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2026-04-26 22:51 - 2026-03-03 20:43 - 134222904 _____ C:\Windows\392667600.dat
2026-04-26 22:51 - 2026-03-03 20:43 - 000000001 _____ C:\Windows\vgkbootstatus.dat
2026-04-26 22:49 - 2025-08-19 15:33 - 000000000 ____D C:\Users\hejda\AppData\Local\D3DSCache
2026-04-26 22:48 - 2026-03-03 20:13 - 000000000 ____D C:\ProgramData\Riot Games
2026-04-26 22:47 - 2026-03-03 20:17 - 000000000 ____D C:\Program Files\Riot Vanguard
2026-04-26 22:47 - 2026-03-03 20:14 - 000000000 ____D C:\Users\hejda\AppData\Roaming\riot-client-ux
2026-04-26 22:47 - 2026-03-03 20:14 - 000000000 ____D C:\Users\hejda\AppData\Roaming\Riot Client
2026-04-26 18:28 - 2025-03-13 01:19 - 000791266 _____ C:\Windows\system32\PerfStringBackup.INI
2026-04-26 18:26 - 2025-12-14 18:57 - 000003822 _____ C:\Windows\system32\Tasks\AsusSystemDiagnosis_DriverQuality
2026-04-26 18:21 - 2026-03-01 19:45 - 000008614 _____ C:\Windows\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2026-04-26 18:21 - 2025-09-14 22:39 - 000000000 ____D C:\Users\hejda\AppData\Roaming\Pi Network
2026-04-26 18:21 - 2025-08-19 15:43 - 000000000 ____D C:\Users\hejda\AppData\Roaming\asus_framework
2026-04-26 18:21 - 2025-03-13 01:24 - 000000000 ____D C:\Windows\system32\ASUSACCI
2026-04-26 18:21 - 2025-03-13 01:13 - 000000000 ____D C:\ProgramData\NVIDIA
2026-04-26 18:21 - 2024-05-26 10:14 - 000012288 ___SH C:\DumpStack.log.tmp
2026-04-26 18:21 - 2024-05-26 10:14 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2026-04-26 18:21 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\AppReadiness
2026-04-26 18:20 - 2024-04-01 08:21 - 000786432 _____ C:\Windows\system32\config\BBI
2026-04-26 18:10 - 2025-08-19 15:33 - 000000000 ____D C:\Users\hejda\AppData\Local\Packages
2026-04-26 18:07 - 2024-04-01 08:26 - 000000000 ___HD C:\Program Files\WindowsApps
2026-04-26 17:50 - 2024-05-26 10:14 - 000000000 ____D C:\Windows\system32\SleepStudy
2026-04-26 16:34 - 2024-05-26 10:14 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2026-04-24 10:39 - 2025-11-02 03:08 - 000000000 ____D C:\ProgramData\Whesvc
2026-04-23 23:58 - 2025-08-19 16:10 - 000000000 ____D C:\Program Files (x86)\Battle.net
2026-04-23 00:39 - 2025-08-19 18:12 - 000000000 ____D C:\Users\hejda\AppData\Local\NVIDIA
2026-04-23 00:38 - 2024-05-26 10:17 - 000000000 ____D C:\Program Files\Microsoft Office
2026-04-23 00:28 - 2025-08-19 16:58 - 000002209 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2026-04-23 00:28 - 2025-08-19 16:58 - 000002168 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2026-04-20 20:44 - 2025-08-19 15:44 - 000003576 _____ C:\Windows\system32\Tasks\OneDrive Startup Task-S-1-5-21-1589204013-1864288644-3288743639-1001
2026-04-20 20:44 - 2025-08-19 15:43 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1589204013-1864288644-3288743639-1001
2026-04-20 20:44 - 2025-08-19 15:43 - 000003362 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1589204013-1864288644-3288743639-1001
2026-04-20 20:44 - 2025-08-19 15:43 - 000002385 _____ C:\Users\hejda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2026-04-20 15:24 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\LiveKernelReports
2026-04-17 13:36 - 2025-08-19 15:43 - 000000000 ____D C:\Users\hejda\AppData\Local\NVIDIA Corporation
2026-04-15 00:58 - 2025-03-13 01:19 - 000001623 _____ C:\Windows\system32\config\VSMIDK
2026-04-15 00:56 - 2026-03-13 23:32 - 000480856 _____ C:\Windows\system32\FNTCACHE.DAT
2026-04-15 00:55 - 2025-08-19 15:24 - 000000000 ____D C:\Windows\system32\ruxim
2026-04-15 00:55 - 2024-05-26 10:54 - 000000000 ____D C:\Windows\system32\Drivers\en-GB
2026-04-15 00:55 - 2024-05-26 10:54 - 000000000 ____D C:\Windows\en-GB
2026-04-15 00:55 - 2024-04-01 09:08 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ___SD C:\Windows\SysWOW64\F12
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ___SD C:\Windows\system32\F12
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\vi-VN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ur-PK
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ug-CN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\tt-RU
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\te-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ta-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\sq-AL
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\quz-PE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\qps-plocm
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\qps-ploc
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\pa-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\or-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\oobe
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\nn-NO
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ne-NP
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\mt-MT
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\mr-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ml-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\mk-MK
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\mi-NZ
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\lo-LA
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\lb-LU
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\kok-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\kn-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\km-KH
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\kk-KZ
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ka-GE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\is-IS
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\InstallShield
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\id-ID
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\hy-AM
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\hi-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\gu-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\gl-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\gd-GB
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ga-IE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\fil-PH
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\fa-IR
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\eu-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\Dism
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\cy-GB
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ca-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\bn-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\be-BY
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\as-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\am-ET
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\af-ZA
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SystemResources
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\WinMetadata
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\vi-VN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ur-PK
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ug-CN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\tt-RU
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\te-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ta-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\sq-AL
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ShellExperiences
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\setup
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\quz-PE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\qps-plocm
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\qps-ploc
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\pa-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\or-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\oobe
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\nn-NO
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ne-NP
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\mt-MT
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\mr-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ml-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\mk-MK
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\mi-NZ
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\migwiz
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\lv-LV
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\lt-LT
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\lo-LA
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\lb-LU
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\kok-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\kn-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\km-KH
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\kk-KZ
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ka-GE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\is-IS
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\id-ID
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\hy-AM
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\hi-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\HealthAttestationClient
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\gu-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\gl-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\gd-GB
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ga-IE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\fil-PH
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\fa-IR
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\eu-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\et-EE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\es-MX
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\Dism
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\cy-GB
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ca-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\bn-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\be-BY
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\as-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\appraiser
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\am-ET
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\af-ZA
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\ShellExperiences
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\ShellComponents
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\Provisioning
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\DiagTrack
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\BrowserCore
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\bcastdvr
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\System
2026-04-15 00:55 - 2024-04-01 08:21 - 000000000 ____D C:\Windows\servicing
2026-04-14 21:34 - 2024-04-01 08:26 - 000282624 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2026-04-14 21:34 - 2024-04-01 08:26 - 000235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2026-04-14 21:24 - 2024-05-26 10:16 - 003268096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2026-04-14 21:03 - 2025-08-19 21:11 - 000000000 ____D C:\Windows\system32\MRT
2026-04-14 21:01 - 2025-08-19 21:11 - 218249592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2026-04-14 20:49 - 2025-08-19 15:32 - 000000000 ____D C:\Users\hejda\AppData\Local\PlaceholderTileLogoFolder
2026-04-14 20:49 - 2025-03-13 01:10 - 000000000 ____D C:\ProgramData\Packages
2026-04-14 20:49 - 2024-05-26 10:14 - 000000000 ____D C:\Windows\system32\Drivers\wd
2026-04-14 20:46 - 2025-08-19 15:44 - 000000000 ____D C:\Users\hejda\AppData\Local\Comms
2026-04-12 02:57 - 2025-09-08 04:42 - 000001396 _____ C:\Users\Public\Desktop\NVIDIA App.lnk
2026-04-12 02:57 - 2025-09-08 04:35 - 000003834 _____ C:\Windows\system32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2026-04-12 02:57 - 2025-08-19 15:43 - 000000000 ___RD C:\Users\hejda\OneDrive
2026-04-12 02:57 - 2025-03-13 01:14 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2026-04-11 23:59 - 2025-03-13 01:15 - 000000000 ____D C:\ProgramData\Package Cache
2026-04-11 22:44 - 2025-10-13 21:36 - 000000434 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2026-04-11 14:27 - 2025-10-13 21:34 - 000000000 ____D C:\Users\hejda\AppData\Roaming\Docker Desktop
2026-04-11 12:51 - 2025-10-13 21:34 - 000000000 ____D C:\Users\hejda\AppData\Local\docker-secrets-engine
2026-04-11 12:51 - 2025-10-13 21:31 - 000000000 ____D C:\Users\hejda\.docker
2026-04-11 12:51 - 2025-10-13 21:29 - 000000000 ____D C:\Users\hejda\AppData\Roaming\Docker
2026-04-11 01:18 - 2024-05-26 10:14 - 000003610 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{0D77E3DA-EDAC-4B78-8B97-3078243A3EB0}
2026-04-11 01:18 - 2024-05-26 10:14 - 000003484 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{04F810C2-61C9-48F3-A74E-6C906168D8E8}
2026-04-09 23:05 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\SecurityHealth
2026-04-07 12:55 - 2026-03-03 22:07 - 000000000 ____D C:\Program Files\Docker
2026-04-07 12:55 - 2025-10-13 21:29 - 000000000 ____D C:\ProgramData\DockerDesktop
2026-04-07 12:54 - 2025-10-13 21:29 - 000000000 ____D C:\Users\hejda\AppData\Local\Docker
2026-04-07 12:47 - 2025-08-19 15:50 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2026-04-07 06:23 - 2025-09-08 04:35 - 001311344 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2026-04-07 06:23 - 2025-09-08 04:35 - 001116272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2026-04-07 06:23 - 2025-03-13 01:15 - 000296560 _____ C:\Windows\system32\FvSDK_x64.dll
2026-04-07 06:23 - 2025-03-13 01:15 - 000271472 _____ C:\Windows\SysWOW64\FvSDK_x86.dll
2026-04-07 06:00 - 2026-02-05 00:52 - 000161936 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap32v.dll
2026-04-07 06:00 - 2025-09-08 04:34 - 000185496 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2026-04-07 05:59 - 2025-09-08 04:35 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2026-04-05 22:13 - 2026-01-21 17:57 - 000004132 _____ C:\Windows\system32\Tasks\ASUS Update Checker 2.0
2026-04-05 22:13 - 2025-03-13 01:06 - 000003756 _____ C:\Windows\system32\Tasks\ASUS Optimization 36D18D69AFC3
2026-04-05 03:42 - 2025-08-19 15:51 - 000000000 ____D C:\Users\hejda\AppData\Local\CrashDumps
2026-03-29 00:50 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\microsoft shared

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119892
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosim zase jednou o kontrolu logu. Predem moc dekuji.

#4 Příspěvek od Rudy »

Tak ještě jednou. Protože jste sem dal opět stejný log (FRST), zopakuji: Program FRST vytvoří 2 logy. 1. FRST (ten jste sem dal) a 2. Addition. Ten tu není a najdete ho v souboru addition.txt. Soubor otevřete a uděláte copy/paste tak, abyste přenesl text z toho sozuboru (addition.txt) sem do fóra. Pokud tu nebudu mít k dispozici oba logy, nelze nic řešit. Ještě jednou děkuji.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Hejdys84
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 28 úno 2026 00:23

Re: Prosim zase jednou o kontrolu logu. Predem moc dekuji.

#5 Příspěvek od Hejdys84 »

Dobry den. Zasilam obsah souboru addition.txt, ktery mam na plose hned vedle textoveho souboru FRST. Dekuji

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-04-2026
Ran by hejda (administrator) on HEJDYS (ASUSTeK COMPUTER INC. ASUS TUF Gaming A15 FA506NC_FA506NC) (27-04-2026 01:23:27)
Running from C:\Users\hejda\Desktop\FRST64.exe
Loaded Profiles: hejda
Platform: Microsoft Windows 11 Home Version 25H2 26200.8246 (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe
(0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe
(453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe
(ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\GlideX\adb.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOSD.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files (x86)\LightingService\LightingService.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\AacAmbientHal\AacAmbientLighting.exe
(C:\Program Files (x86)\LightingService\LightingService.exe ->) (ASUSTeK COMPUTER INC. -> TODO: <Company name>) C:\Program Files\ASUS\AacAmbientHal\AacAmbientKeyScanner.exe
(C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA Overlay.exe <5>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA App\ShadowPlay\nvsphelper64.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\amdow.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSSrcExt.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\cncmd.exe
(C:\Program Files\WindowsApps\Microsoft.YourPhone_1.26022.64.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.26022.64.0_x64__8wekyb3d8bbwe\YourPhoneAppProxy.exe
(C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\crashpad_handler.exe <2>
(DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimization.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusHotkey.exe
(DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimization.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimizationStartupTask.exe
(DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusSoftwareManager.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe
(DriverStore\FileRepository\u0404233.inf_amd64_397a6af4950eb5ee\B402913\atiesrxx.exe ->) (AMD Test Build -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0404233.inf_amd64_397a6af4950eb5ee\B402913\atieclxx.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <9>
(services.exe ->) (AMD Test Build -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0404233.inf_amd64_397a6af4950eb5ee\B402913\atiesrxx.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUS Inc.) C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) C:\Program Files\ASUS\GlideX\GlideXRemote\GlideXRemoteService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files\ASUS\GlideX\GlideXNear\GlideXNearService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\GlideX\GlideXService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\GlideX\GlideXServiceExt.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\ASUSACCI\ArmouryCrateControlInterface.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asusptpfilter.inf_amd64_1e467870260bcd2f\AsusPTPService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\AsusAppService\AsusAppService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimization.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusSoftwareManager.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSwitch\AsusSwitch.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemAnalysis\AsusSystemAnalysis.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WSL\wslservice.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_987f8cede005f427\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <4>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_98d8c76c5f0d1f70\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a5b5950537cd134e\RtkAudUService64.exe <2>
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> WhatsApp.Root) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2613.101.0_x64__cv1g1gvanyjgm\WhatsApp.Root.exe
(svchost.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\XboxGameBarSpotify.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <4>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS Hotplug Controller\AsHotplugCtrl.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.Edge.GameAssist_1.0.3590.0_x64__8wekyb3d8bbwe\EdgeGameAssist.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Copilot\Application\mscopilot_proxy.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2604.1001.9.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.248.3.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\spaceman.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AppActions.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a5b5950537cd134e\RtkAudUService64.exe [2021320 2024-05-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [SteelSeriesGG] => C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe [20251704 2026-03-12] (GN Hearing A/S -> SteelSeries A/S)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [4148120 2026-04-12] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32\...\Run: [ASUS Smart Display Control] => C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe [178840 2024-03-29] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [14608920 2026-04-07] (GOG sp. z o.o -> GOG.com)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1008336 2026-04-23] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [5767832 2026-03-13] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2589432 2026-03-31] (Wargaming Group Limited -> Wargaming.net)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [3792032 2026-01-27] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [electron.app.Pi Network] => C:\Users\hejda\AppData\Local\Programs\pi-network-desktop\Pi Network.exe [199201592 2025-10-22] (SocialChain Inc -> Socialchain Inc.)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [RiotClient] => D:\Riot Games\Riot Client\RiotClientServices.exe [75632248 2026-04-26] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [Docker Desktop] => C:\Program Files\Docker\Docker\Docker Desktop.exe [13082544 2026-04-07] (Docker Inc -> Docker Inc.)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [MicrosoftEdgeAutoLaunch_E478EAC7BFC67F03F478E5F2D7931491] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [5026664 2026-04-24] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\...\AppCompatFlags\Custom\H3Blade.exe: [{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb] -> HoMM III Compatibility Database
HKLM\Software\...\AppCompatFlags\InstalledSDB\{62a24b39-0106-4990-90ea-3a09e9dda7a6}: [DatabasePath] -> C:\Windows\AppPatch\CustomSDB\{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb [2025-08-22]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{49210152-871f-4ffa-961d-a172abcbc09d}] -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe [3101848 2026-03-18] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\147.0.7727.103\Installer\chrmstp.exe [7429272 2026-04-22] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{ECDEB23C-E72D-F54F-081D-D2180DBF1497}] -> reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {410B4D63-12D8-4350-8F4A-E34014E8BDB6} - System32\Tasks\ASUS Hotplug Controller => C:\Program Files\ASUS\ASUS Hotplug Controller\AsHotplugCtrl.exe [208016 2024-04-08] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {ADAE697B-9848-4B6B-B869-544F532FC612} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusHotkey.exe [365064 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {889704A5-599C-40C2-AA82-B937D2F95827} - System32\Tasks\ASUS Update Checker 2.0 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusUpdateChecker.exe [852488 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {92D0D783-9E50-4AC0-8238-534D411197DD} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [359784 2024-01-15] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {0F054585-BEFC-4EB3-B450-F416C7F164B9} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [1812328 2024-01-15] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {E1B4053E-90F4-4FD6-8B4F-41D7D547725F} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [139091304 2024-04-19] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
Task: {719E5C49-92AE-4012-AD17-40F53E10A2E1} - System32\Tasks\ASUSSmartDisplayControl => C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe [178840 2024-03-29] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {3F0AD4E5-9017-4943-AE79-009EA9898A62} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemAnalysis\AsusSystemAnalysis.exe [4454920 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {B8DE8D77-5DE2-466C-A8FA-28A7FC000615} - System32\Tasks\AsusSystemDiagnosis_DriverQuality => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [1305608 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
Task: {1B0CB987-EC8F-4C09-9F3D-4A2A44055940} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem148.0.7730.0{595F8B06-08D2-4865-8F7D-5532E378B367} => C:\Program Files (x86)\Google\GoogleUpdater\148.0.7730.0\updater.exe [8459416 2026-03-12] (Google LLC -> Google LLC)
Task: {EC46F1CC-B0D4-4E08-983E-F9EF11EE6B8E} - System32\Tasks\Microsoft\Office\Office Actions Server => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ActionsServer\ActionsServer.exe [16380208 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {F178A75F-38CE-474E-BAF4-31FB056BD2EC} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28546448 2026-04-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {3DF83F57-55C6-45E5-949B-0C7AE810905A} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\opushutil.exe [73568 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {EC5D4D0B-1E6E-44BA-8850-4882A1D806BD} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28546448 2026-04-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {141D6492-8AC7-4436-BF5B-EE8F2E183B83} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [426776 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {95199692-FBC4-4D24-ADF0-63C005D1275B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [426776 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {92D30FB8-0502-4C39-A8F8-3024CCAA1602} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [1366888 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {4577BF73-D404-4AC1-A9E9-2C0F57120115} - System32\Tasks\Microsoft\Office\Office Startup Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ActionsServer\ActionsServer.exe [16380208 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {FF284009-385D-496B-AEFD-2F825AFF3F1B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {185304CA-D111-48BD-8CCA-5FEEC948BC33} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {31E8EB23-CCE6-44C5-BFAA-90B57D01590D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {62D1D874-E07F-450A-B3DF-0738B60E5CAF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {13E1DF2D-2322-4B67-9D6A-2EBEE9915C81} - System32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA App.exe [3346544 2026-04-07] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{1e830ae0-24bc-4813-841d-0138cb78e197}: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\14355535F54403: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\14355535F577966696: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\14355535F577966696F55374: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\2445D263736493D453: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\2445D263736493D453: [DhcpDomain] home
Tcpip\..\Interfaces\{e5f549ba-a1c6-454b-bee3-41a99569e0fe}: [DhcpDomain] local

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2026-01-25] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2025-12-07] (Microsoft Corporation -> Microsoft Corporation)

Edge:
=======
Edge Profile: C:\Users\hejda\AppData\Local\Microsoft\Edge\User Data\Default [2026-04-26]
Edge Extension: (VPN for Chrome: NordVPN proxy protection) - C:\Users\hejda\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2026-04-16]
Edge Extension: (Google Docs Offline) - C:\Users\hejda\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-04-23]
Edge Extension: (Edge relevant text changes) - C:\Users\hejda\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2026-03-15]
Edge HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [fjoaledfpmneenckfbpdfhkmimnjocfa]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\hejda\AppData\Local\Google\Chrome\User Data\Default [2026-04-27]
CHR DownloadDir: D:\Download
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://www.seznam.cz/"
CHR DefaultSearchURL: Default -> hxxps://thecharitych.com/search?the=QUMyZGV3cwRUUHZ2AldWcHIEVFx1cAcYVHB0BlBUdD8DU1N0cgBQUHB1TiEkCCJ7NQojAFopLDR7Sx4IHgRADzQMFV4DHS4AcFYRBRB3MSAABmslNgACdwMsAhBiIDoDNHc%3D&q={searchTerms}&source=hj
CHR DefaultSearchKeyword: Default -> yahoo.com
CHR DefaultNewTabURL: Default -> hxxps://thecharitych.com/nt?the=QUMyZGV3cwRUUHZ2AldWcHIEVFx1cAcYVHB0BlBUdD8DU1N0cgBQUHB1TiEkCCJ7NQojAFopLDR7Sx4IHgRADzQMFV4DHS4AcFYRBRB3MSAABmslNgACdwMsAhBiIDoDNHc%3D&source=hj
CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas_sfp&command={searchTerms}
CHR Extension: (VPN for Chrome: NordVPN proxy protection) - C:\Users\hejda\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2026-04-17]
CHR Extension: (Google Docs Offline) - C:\Users\hejda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-04-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\hejda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2025-08-19]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fjoaledfpmneenckfbpdfhkmimnjocfa]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ArmouryCrateControlInterface; C:\Windows\System32\ASUSACCI\ArmouryCrateControlInterface.exe [213016 2026-03-02] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe [401880 2024-05-31] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 AsusAppService; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\AsusAppService\AsusAppService.exe [1162760 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSOptimization; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimization.exe [654344 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 AsusPTPService; C:\Windows\System32\DriverStore\FileRepository\asusptpfilter.inf_amd64_1e467870260bcd2f\AsusPTPService.exe [229840 2024-09-04] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 ASUSSoftwareManager; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusSoftwareManager.exe [1422344 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSwitch; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSwitch\AsusSwitch.exe [653832 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemAnalysis\AsusSystemAnalysis.exe [4454920 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [1305608 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [3386064 2026-03-21] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13345600 2026-04-20] (Microsoft Corporation -> Microsoft Corporation)
S3 com.docker.service; C:\Program Files\Docker\Docker\com.docker.service [39344 2026-04-07] (Docker Inc -> Docker Inc.)
R2 DtsApo4Service; C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe [442368 2023-12-17] (DTS, Inc. -> DTS Inc.)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [20372640 2026-01-27] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [985896 2026-03-15] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 GalaxyClientService; \\?\C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2443288 2026-04-07] (GOG sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7656984 2026-04-07] (GOG sp. z o.o -> GOG.com)
R2 GameSDK Service; C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe [397544 2022-05-31] (ASUSTeK COMPUTER INC. -> ASUS Inc.)
R2 GlideXNearService; C:\Program Files\ASUS\GlideX\GlideXNear\GlideXNearService.exe [1825712 2025-11-13] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 GlideXRemoteService; C:\Program Files\ASUS\GlideX\GlideXRemote\GlideXRemoteService.exe [486832 2025-11-12] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​)
R2 GlideXService; C:\Program Files\ASUS\GlideX\GlideXService.exe [2985904 2025-11-13] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 GlideXServiceExt; C:\Program Files\ASUS\GlideX\GlideXServiceExt.exe [303024 2025-11-13] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [4926312 2024-05-06] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [976368 2026-04-24] (McAfee, LLC -> McAfee, LLC)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpDefenderCoreService.exe [2088128 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 MicrosoftCopilotElevationService; C:\Program Files (x86)\Microsoft\Copilot\Application\147.0.3912.84\elevation_service.exe [3602240 2026-04-23] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_98d8c76c5f0d1f70\Display.NvContainer\NVDisplay.Container.exe [1702600 2026-04-14] (NVIDIA Corporation -> NVIDIA Corporation)
R2 ROG Live Service; C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe [2045400 2024-05-13] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 SteelSeriesGGUpdateServiceProxy; C:\Program Files\SteelSeries\GG\SteelSeriesGGUpdateServiceProxy.exe [1587712 2025-03-12] (GN Hearing A/S -> )
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [55767304 2026-04-12] (Riot Games, Inc. -> Riot Games, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\NisSrv.exe [4480592 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MsMpEng.exe [290744 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 Bonjour Service; C:\Program Files\Blizzard\Bonjour Service\mDNSResponder.exe (No File)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_987f8cede005f427\amdfendrmgr.sys [36040 2024-05-09] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amduw23g; C:\Windows\System32\DriverStore\FileRepository\u0404233.inf_amd64_397a6af4950eb5ee\B402913\amdkmdag.sys [106001688 2024-06-14] (AMD Test Build -> Advanced Micro Devices, Inc.)
R2 amd_dpfc; C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_98d8c76c5f0d1f70\amd_dpfc.sys [47816 2026-04-14] (NVIDIA Corporation -> Advanced Micro Devices)
R3 AsusPTPDrv; C:\Windows\System32\DriverStore\FileRepository\asusptpfilter.inf_amd64_1e467870260bcd2f\AsusPTPFilter.sys [199632 2024-09-04] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R3 AsusSAIO; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemAnalysis\AsusSAIO.sys [51256 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R1 ATKWMIACPIIO; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusWmiAcpi.sys [50912 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [110592 2025-08-19] (Microsoft Corporation) [File not signed]
R0 fse; C:\Windows\System32\drivers\fse.sys [226688 2025-12-10] (Microsoft Windows -> Microsoft Corporation)
R3 KslD; C:\Windows\System32\drivers\wd\KslD.sys [82352 2026-03-08] (Microsoft Windows -> Microsoft Corporation)
S2 l1vhlwf; C:\Windows\System32\drivers\l1vhlwf.sys [144872 2026-04-14] (Microsoft Windows -> Microsoft Corporation)
R3 nvpcf; C:\Windows\System32\drivers\nvpcf.sys [308456 2026-02-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 ovpn-dco; C:\Windows\System32\drivers\ovpn-dco.sys [101008 2026-01-07] (WDKTestCert lev,133391533294737317 -> OpenVPN, Inc)
R3 rt68cx21; C:\Windows\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_043a02d7d5d8270f\rt68cx21x64.sys [752496 2023-08-16] (Realtek Semiconductor Corp. -> Realtek)
S3 RtkBtFilter2; C:\Windows\System32\DriverStore\FileRepository\rtkbtfilter.inf_amd64_899e279b64ed2cb5\RtkBtFilter2.sys [209640 2025-07-04] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corporation)
R3 ssdevfactory; C:\Windows\System32\drivers\ssdevfactory.sys [43568 2025-12-01] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
R3 sshid; C:\Windows\System32\drivers\sshid.sys [55856 2026-03-06] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
R3 SteelSeries_Sonar_VAD; C:\Windows\System32\DriverStore\FileRepository\steelseries-sonar-vad.inf_amd64_d2a852794d8f7bf8\SteelSeries-Sonar-VAD.sys [95912 2025-10-31] (GN Hearing A/S -> Windows (R) Win 7 DDK provider)
R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [70158624 2026-04-11] (Riot Games, Inc. -> Riot Games, Inc.)
S3 vmbusproxy; C:\Windows\system32\drivers\vmbusproxy.sys [98304 2025-08-19] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [21888 2026-04-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [647560 2026-04-14] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [100744 2026-04-14] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\Windows\System32\drivers\wintun.sys [38176 2026-03-09] (WireGuard LLC -> WireGuard LLC)
S3 WireGuard; C:\Windows\System32\drivers\wireguard.sys [489368 2026-03-09] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
U3 aswBcc; no ImagePath
U3 Avast Business Console Client Antivirus Service; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2026-04-27 01:23 - 2026-04-27 01:23 - 000036309 _____ C:\Users\hejda\Desktop\FRST.txt
2026-04-27 01:23 - 2026-04-27 01:19 - 002447360 _____ (Farbar) C:\Users\hejda\Desktop\FRST64.exe
2026-04-24 11:58 - 2026-04-26 20:21 - 000000000 ____D C:\Windows\CbsTemp
2026-04-23 00:38 - 2026-04-23 00:38 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2026-04-17 13:40 - 2026-04-17 13:40 - 000000000 ____D C:\Windows\LastGood.Tmp
2026-04-17 13:37 - 2026-04-14 14:30 - 029136584 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 028057800 _____ C:\Windows\system32\nvidia-pcc.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 021713096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 008441032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 005925064 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 005674192 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 005516456 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 005011408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 004466888 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 002421264 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 002421264 _____ C:\Windows\system32\vulkaninfo.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 002328264 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001923088 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 001923088 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 001724104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001625616 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001625616 _____ C:\Windows\system32\vulkan-1.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001621200 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 001583304 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001434640 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001434640 _____ C:\Windows\SysWOW64\vulkan-1.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001385672 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001231560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001064648 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000853704 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 000820432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000675016 _____ (NVIDIA Corporation) C:\Windows\system32\nvofapi64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000509128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvofapi.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000478928 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000469712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 000374992 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2026-04-17 13:37 - 2026-04-13 22:30 - 000162186 _____ C:\Windows\system32\nvinfo.pb
2026-04-14 21:25 - 2026-04-14 21:28 - 000000000 ___HD C:\$WinREAgent
2026-04-14 21:24 - 2026-04-14 21:24 - 000036843 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2026-04-14 21:24 - 2026-04-14 21:24 - 000036843 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2026-04-14 21:24 - 2026-04-14 21:24 - 000004575 _____ C:\Windows\system32\ResPriUHMImageList
2026-04-14 21:24 - 2026-04-14 21:24 - 000004575 _____ C:\Windows\system32\ResPriLMImageList
2026-04-14 21:24 - 2026-04-14 21:24 - 000004575 _____ C:\Windows\system32\ResPriImageList
2026-04-14 21:24 - 2026-04-14 21:24 - 000004575 _____ C:\Windows\system32\ResPriHMImageList
2026-04-14 20:33 - 2026-04-14 20:33 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2026-04-12 00:00 - 2026-04-12 00:00 - 000000000 ____D C:\Program Files (x86)\Intel
2026-04-11 23:59 - 2026-04-11 23:59 - 000000000 ____D C:\Program Files\Intel
2026-04-08 13:35 - 2026-04-08 13:35 - 000000000 ____D C:\Windows\system32\Tasks\SoftLanding
2026-04-07 12:55 - 2026-04-07 12:55 - 000002108 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Docker Desktop.lnk
2026-04-07 12:55 - 2026-04-07 12:55 - 000002102 _____ C:\Users\hejda\Desktop\Docker Desktop.lnk
2026-03-29 14:19 - 2026-03-29 14:19 - 000000000 ____D C:\Users\hejda\AppData\Local\Spotify

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2026-04-27 01:23 - 2026-02-28 00:11 - 000000000 ____D C:\FRST
2026-04-27 01:15 - 2025-08-19 18:05 - 000000000 ____D C:\Program Files (x86)\Steam
2026-04-27 01:13 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2026-04-27 01:11 - 2025-08-19 16:10 - 000000000 ____D C:\Users\hejda\AppData\Local\Battle.net
2026-04-27 00:33 - 2024-04-01 08:24 - 000000000 ____D C:\Windows\INF
2026-04-27 00:21 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SystemTemp
2026-04-27 00:03 - 2025-08-19 14:38 - 000003752 _____ C:\Windows\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2026-04-26 22:51 - 2026-03-03 20:43 - 134222904 _____ C:\Windows\392667600.dat
2026-04-26 22:51 - 2026-03-03 20:43 - 000000001 _____ C:\Windows\vgkbootstatus.dat
2026-04-26 22:49 - 2025-08-19 15:33 - 000000000 ____D C:\Users\hejda\AppData\Local\D3DSCache
2026-04-26 22:48 - 2026-03-03 20:13 - 000000000 ____D C:\ProgramData\Riot Games
2026-04-26 22:47 - 2026-03-03 20:17 - 000000000 ____D C:\Program Files\Riot Vanguard
2026-04-26 22:47 - 2026-03-03 20:14 - 000000000 ____D C:\Users\hejda\AppData\Roaming\riot-client-ux
2026-04-26 22:47 - 2026-03-03 20:14 - 000000000 ____D C:\Users\hejda\AppData\Roaming\Riot Client
2026-04-26 18:28 - 2025-03-13 01:19 - 000791266 _____ C:\Windows\system32\PerfStringBackup.INI
2026-04-26 18:26 - 2025-12-14 18:57 - 000003822 _____ C:\Windows\system32\Tasks\AsusSystemDiagnosis_DriverQuality
2026-04-26 18:21 - 2026-03-01 19:45 - 000008614 _____ C:\Windows\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2026-04-26 18:21 - 2025-09-14 22:39 - 000000000 ____D C:\Users\hejda\AppData\Roaming\Pi Network
2026-04-26 18:21 - 2025-08-19 15:43 - 000000000 ____D C:\Users\hejda\AppData\Roaming\asus_framework
2026-04-26 18:21 - 2025-03-13 01:24 - 000000000 ____D C:\Windows\system32\ASUSACCI
2026-04-26 18:21 - 2025-03-13 01:13 - 000000000 ____D C:\ProgramData\NVIDIA
2026-04-26 18:21 - 2024-05-26 10:14 - 000012288 ___SH C:\DumpStack.log.tmp
2026-04-26 18:21 - 2024-05-26 10:14 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2026-04-26 18:21 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\AppReadiness
2026-04-26 18:20 - 2024-04-01 08:21 - 000786432 _____ C:\Windows\system32\config\BBI
2026-04-26 18:10 - 2025-08-19 15:33 - 000000000 ____D C:\Users\hejda\AppData\Local\Packages
2026-04-26 18:07 - 2024-04-01 08:26 - 000000000 ___HD C:\Program Files\WindowsApps
2026-04-26 17:50 - 2024-05-26 10:14 - 000000000 ____D C:\Windows\system32\SleepStudy
2026-04-26 16:34 - 2024-05-26 10:14 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2026-04-24 10:39 - 2025-11-02 03:08 - 000000000 ____D C:\ProgramData\Whesvc
2026-04-23 23:58 - 2025-08-19 16:10 - 000000000 ____D C:\Program Files (x86)\Battle.net
2026-04-23 00:39 - 2025-08-19 18:12 - 000000000 ____D C:\Users\hejda\AppData\Local\NVIDIA
2026-04-23 00:38 - 2024-05-26 10:17 - 000000000 ____D C:\Program Files\Microsoft Office
2026-04-23 00:28 - 2025-08-19 16:58 - 000002209 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2026-04-23 00:28 - 2025-08-19 16:58 - 000002168 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2026-04-20 20:44 - 2025-08-19 15:44 - 000003576 _____ C:\Windows\system32\Tasks\OneDrive Startup Task-S-1-5-21-1589204013-1864288644-3288743639-1001
2026-04-20 20:44 - 2025-08-19 15:43 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1589204013-1864288644-3288743639-1001
2026-04-20 20:44 - 2025-08-19 15:43 - 000003362 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1589204013-1864288644-3288743639-1001
2026-04-20 20:44 - 2025-08-19 15:43 - 000002385 _____ C:\Users\hejda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2026-04-20 15:24 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\LiveKernelReports
2026-04-17 13:36 - 2025-08-19 15:43 - 000000000 ____D C:\Users\hejda\AppData\Local\NVIDIA Corporation
2026-04-15 00:58 - 2025-03-13 01:19 - 000001623 _____ C:\Windows\system32\config\VSMIDK
2026-04-15 00:56 - 2026-03-13 23:32 - 000480856 _____ C:\Windows\system32\FNTCACHE.DAT
2026-04-15 00:55 - 2025-08-19 15:24 - 000000000 ____D C:\Windows\system32\ruxim
2026-04-15 00:55 - 2024-05-26 10:54 - 000000000 ____D C:\Windows\system32\Drivers\en-GB
2026-04-15 00:55 - 2024-05-26 10:54 - 000000000 ____D C:\Windows\en-GB
2026-04-15 00:55 - 2024-04-01 09:08 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ___SD C:\Windows\SysWOW64\F12
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ___SD C:\Windows\system32\F12
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\vi-VN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ur-PK
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ug-CN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\tt-RU
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\te-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ta-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\sq-AL
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\quz-PE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\qps-plocm
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\qps-ploc
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\pa-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\or-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\oobe
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\nn-NO
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ne-NP
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\mt-MT
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\mr-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ml-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\mk-MK
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\mi-NZ
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\lo-LA
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\lb-LU
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\kok-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\kn-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\km-KH
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\kk-KZ
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ka-GE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\is-IS
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\InstallShield
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\id-ID
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\hy-AM
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\hi-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\gu-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\gl-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\gd-GB
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ga-IE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\fil-PH
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\fa-IR
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\eu-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\Dism
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\cy-GB
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ca-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\bn-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\be-BY
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\as-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\am-ET
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\af-ZA
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SystemResources
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\WinMetadata
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\vi-VN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ur-PK
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ug-CN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\tt-RU
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\te-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ta-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\sq-AL
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ShellExperiences
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\setup
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\quz-PE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\qps-plocm
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\qps-ploc
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\pa-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\or-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\oobe
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\nn-NO
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ne-NP
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\mt-MT
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\mr-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ml-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\mk-MK
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\mi-NZ
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\migwiz
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\lv-LV
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\lt-LT
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\lo-LA
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\lb-LU
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\kok-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\kn-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\km-KH
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\kk-KZ
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ka-GE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\is-IS
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\id-ID
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\hy-AM
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\hi-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\HealthAttestationClient
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\gu-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\gl-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\gd-GB
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ga-IE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\fil-PH
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\fa-IR
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\eu-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\et-EE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\es-MX
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\Dism
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\cy-GB
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ca-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\bn-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\be-BY
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\as-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\appraiser
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\am-ET
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\af-ZA
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\ShellExperiences
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\ShellComponents
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\Provisioning
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\DiagTrack
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\BrowserCore
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\bcastdvr
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\System
2026-04-15 00:55 - 2024-04-01 08:21 - 000000000 ____D C:\Windows\servicing
2026-04-14 21:34 - 2024-04-01 08:26 - 000282624 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2026-04-14 21:34 - 2024-04-01 08:26 - 000235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2026-04-14 21:24 - 2024-05-26 10:16 - 003268096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2026-04-14 21:03 - 2025-08-19 21:11 - 000000000 ____D C:\Windows\system32\MRT
2026-04-14 21:01 - 2025-08-19 21:11 - 218249592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2026-04-14 20:49 - 2025-08-19 15:32 - 000000000 ____D C:\Users\hejda\AppData\Local\PlaceholderTileLogoFolder
2026-04-14 20:49 - 2025-03-13 01:10 - 000000000 ____D C:\ProgramData\Packages
2026-04-14 20:49 - 2024-05-26 10:14 - 000000000 ____D C:\Windows\system32\Drivers\wd
2026-04-14 20:46 - 2025-08-19 15:44 - 000000000 ____D C:\Users\hejda\AppData\Local\Comms
2026-04-12 02:57 - 2025-09-08 04:42 - 000001396 _____ C:\Users\Public\Desktop\NVIDIA App.lnk
2026-04-12 02:57 - 2025-09-08 04:35 - 000003834 _____ C:\Windows\system32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2026-04-12 02:57 - 2025-08-19 15:43 - 000000000 ___RD C:\Users\hejda\OneDrive
2026-04-12 02:57 - 2025-03-13 01:14 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2026-04-11 23:59 - 2025-03-13 01:15 - 000000000 ____D C:\ProgramData\Package Cache
2026-04-11 22:44 - 2025-10-13 21:36 - 000000434 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2026-04-11 14:27 - 2025-10-13 21:34 - 000000000 ____D C:\Users\hejda\AppData\Roaming\Docker Desktop
2026-04-11 12:51 - 2025-10-13 21:34 - 000000000 ____D C:\Users\hejda\AppData\Local\docker-secrets-engine
2026-04-11 12:51 - 2025-10-13 21:31 - 000000000 ____D C:\Users\hejda\.docker
2026-04-11 12:51 - 2025-10-13 21:29 - 000000000 ____D C:\Users\hejda\AppData\Roaming\Docker
2026-04-11 01:18 - 2024-05-26 10:14 - 000003610 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{0D77E3DA-EDAC-4B78-8B97-3078243A3EB0}
2026-04-11 01:18 - 2024-05-26 10:14 - 000003484 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{04F810C2-61C9-48F3-A74E-6C906168D8E8}
2026-04-09 23:05 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\SecurityHealth
2026-04-07 12:55 - 2026-03-03 22:07 - 000000000 ____D C:\Program Files\Docker
2026-04-07 12:55 - 2025-10-13 21:29 - 000000000 ____D C:\ProgramData\DockerDesktop
2026-04-07 12:54 - 2025-10-13 21:29 - 000000000 ____D C:\Users\hejda\AppData\Local\Docker
2026-04-07 12:47 - 2025-08-19 15:50 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2026-04-07 06:23 - 2025-09-08 04:35 - 001311344 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2026-04-07 06:23 - 2025-09-08 04:35 - 001116272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2026-04-07 06:23 - 2025-03-13 01:15 - 000296560 _____ C:\Windows\system32\FvSDK_x64.dll
2026-04-07 06:23 - 2025-03-13 01:15 - 000271472 _____ C:\Windows\SysWOW64\FvSDK_x86.dll
2026-04-07 06:00 - 2026-02-05 00:52 - 000161936 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap32v.dll
2026-04-07 06:00 - 2025-09-08 04:34 - 000185496 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2026-04-07 05:59 - 2025-09-08 04:35 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2026-04-05 22:13 - 2026-01-21 17:57 - 000004132 _____ C:\Windows\system32\Tasks\ASUS Update Checker 2.0
2026-04-05 22:13 - 2025-03-13 01:06 - 000003756 _____ C:\Windows\system32\Tasks\ASUS Optimization 36D18D69AFC3
2026-04-05 03:42 - 2025-08-19 15:51 - 000000000 ____D C:\Users\hejda\AppData\Local\CrashDumps
2026-03-29 00:50 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\microsoft shared

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119892
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosim zase jednou o kontrolu logu. Predem moc dekuji.

#6 Příspěvek od Rudy »

Nezasíláte. Tohle je opět FRST. Log adfdition má v úvodu asi toto:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-04-2026
Ran by Admin (21-04-2026 16:40:06)
Running from D:\Aviry
Microsoft Windows 10 Home Version 22H2 19045.6466 (X64) (2020-11-05 22:16:13)
Boot Mode: Normal
a na konci toto:
==================== End of Addition.txt =======================
Bez kontroly obou logů není kontrola PC možná.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Hejdys84
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 28 úno 2026 00:23

Re: Prosim zase jednou o kontrolu logu. Predem moc dekuji.

#7 Příspěvek od Hejdys84 »

Z nejakeho duvodu ma mam v obou textovych vystupech stejny obsah. Udelal jsem tedy scan znovu a pridavam addition.txt. Dekuji

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-04-2026
Ran by hejda (27-04-2026 01:21:07)
Running from D:\Download
Microsoft Windows 11 Home Version 25H2 26200.8246 (X64) (2025-03-13 00:47:24)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1589204013-1864288644-3288743639-500 - Administrators - Disabled)
DefaultAccount (S-1-5-21-1589204013-1864288644-3288743639-503 - Limited - Disabled)
Guest (S-1-5-21-1589204013-1864288644-3288743639-501 - Limited - Disabled)
hejda (S-1-5-21-1589204013-1864288644-3288743639-1001 - Administrators - Enabled) => C:\Users\hejda
WDAGUtilityAccount (S-1-5-21-1589204013-1864288644-3288743639-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ARMOURY CRATE Service (HKLM\...\{01378DC3-088F-4F55-AAFA-DC6A9CCA292A}) (Version: 5.9.3 - ASUS)
ASUS Aac_GmAcc HAL (HKLM\...\{998249B1-6913-447E-AA37-F445B8CA33D0}) (Version: 1.0.12.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Aac_GmAcc HAL (HKLM-x32\...\{c3219916-0c5a-483c-8b38-bdd71cf96365}) (Version: 1.0.12.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Aac_NBDT HAL (HKLM\...\{01D3B7AA-D078-4506-B460-60877FCDDBD6}) (Version: 2.5.40.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Aac_NBDT HAL (HKLM-x32\...\{0ca47681-d391-4e38-9ba6-08f1610a6fa7}) (Version: 2.5.40.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Ambient HAL (HKLM\...\{882FD779-4E7C-41FB-9608-37E1C446B688}) (Version: 5.4.0.0 - ASUSTeK COMPUTER INC.) Hidden
ASUS Ambient HAL (HKLM-x32\...\{59619f05-1630-4088-bdcb-20b479b719ed}) (Version: 5.4.0.0 - ASUSTeK COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.04.44 - ASUSTek COMPUTER INC.) Hidden
ASUS Framework Service (HKLM-x32\...\{339A6383-7862-46DA-8A9D-E84180EF9424}) (Version: 4.1.1.5 - ASUSTeK Computer Inc.)
ASUS Hotplug Controller (HKLM\...\{167A9DAC-ED7E-42CC-9A58-9E7A0C24B91F}) (Version: 3.0.0 - ASUS)
ASUS Keyboard HAL (HKLM\...\{AF92E89C-547B-4043-9298-0BAABD1F70EA}) (Version: 1.2.55.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Keyboard HAL (HKLM-x32\...\{6df9a8c3-1f55-4422-ac64-4cd95989a3cf}) (Version: 1.2.55.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Mouse HAL (HKLM\...\{B10F0624-60C6-4527-9CD8-C677A7B3A545}) (Version: 1.2.0.84 - ASUSTek COMPUTER INC.) Hidden
ASUS Mouse HAL (HKLM-x32\...\{7e046d7d-3f14-423f-b793-0cbc7def52ef}) (Version: 1.2.0.84 - ASUSTek COMPUTER INC.) Hidden
ASUS Smart Display Control (HKLM-x32\...\{8714A8D1-0F08-4681-9DF6-A8C4607A58B4}) (Version: 2.10.0 - ASUSTek COMPUTER INC.)
AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.44 - ASUSTek COMPUTER INC.)
AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.44 - ASUSTek COMPUTER INC.)
AURA Service (HKLM-x32\...\{56EEEF7D-0AE3-401A-898B-581719D005AE}) (Version: 3.07.47 - ASUSTeK Computer Inc.) Hidden
AURA Service (HKLM-x32\...\{89094680-522b-4a33-8ec5-c138926a56a5}) (Version: 3.07.47 - ASUSTeK Computer Inc.)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1995.6 - AVAST Software) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Copilot (HKLM-x32\...\Microsoft Copilot) (Version: 147.0.3912.84 - Microsoft Corporation)
Counter-strike 1.6 (HKLM-x32\...\Counter-strike 1.6) (Version: 1.6 - Valve (CSDOWNLOAD Original))
Desperados 3 (HKLM-x32\...\1914500649_is1) (Version: 1.7 - GOG.com)
Diablo II Resurrected (HKLM-x32\...\Diablo II Resurrected) (Version: - Blizzard Entertainment)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Diablo IV (HKLM-x32\...\Diablo IV) (Version: - Blizzard Entertainment)
Docker Desktop (HKLM\...\Docker Desktop) (Version: 4.67.0 - Docker Inc.)
Documentation Manager (HKLM\...\{43F79AB0-9ECF-4039-9855-6E930B41A500}) (Version: 24.30.1.1 - Intel Corporation) Hidden
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.631.0.6144 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{a5316e04-4f57-44b2-bc29-c4e58fa0fea1}) (Version: 13.631.0.6144 - Electronic Arts)
FINAL FANTASY VII (HKLM-x32\...\1698970154_is1) (Version: 2.0 GOG v1 - GOG.com)
GameSDK Service (HKLM-x32\...\{021d69c3-d686-4a94-8fb5-fd1ee782fb14}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.)
GameSDK Service (HKLM-x32\...\{7160DA8D-3F25-4F6E-ABC8-F693551D82FA}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.) Hidden
GlideX Service Installer (HKLM\...\{A06BDD76-D95C-4AC7-A0DA-73971F366D9B}) (Version: 3.8.7.0 - ASUSTeK COMPUTER INC.)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: 2.0.96.26 - GOG.com)
Google Chrome (HKLM\...\{D1F54613-46F2-3FE4-8D92-B6DD479EE4DB}) (Version: 147.0.7727.103 - Google LLC)
Heroes of Might and Magic 3 Complete (HKLM-x32\...\1207658787_is1) (Version: 4.0 (3.2) GOG 0.1 - GOG.com)
Heroes of Might and Magic® III: Horn of the Abyss (HKLM-x32\...\HotA + HD_is1) (Version: 1.7.3 - HotA Crew)
HoMM III Compatibility Database (HKLM\...\{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb) (Version: - )
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00001030-0240-1033-84C8-B8D95FA3C8C3}) (Version: 24.30.1.1 - Intel Corporation)
Intel® Software Installer (HKLM\...\{0C6E54F1-6FA0-407F-AB3F-D97A116078D3}) (Version: 24.30.1.1 - Intel Corporation) Hidden
Kraken Desktop (HKLM\...\{125AD0FF-9B9E-464A-9BEF-A9106DFB647C}) (Version: 1.13.2 - Payward Inc.)
Mafia II Definitive Edition (HKLM-x32\...\1449710114_is1) (Version: 1.0 - GOG.com)
Mafia: Definitive Edition (HKLM-x32\...\1993581340_is1) (Version: 1.0.3 GOG v2 - GOG.com)
Microsoft .NET Host - 6.0.16 (x64) (HKLM\...\{1D0AC7F1-2B34-44AF-91F6-88757D768DA7}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Host - 8.0.25 (x64) (HKLM\...\{55218133-14C8-4372-A748-614DE61D6AAA}) (Version: 64.100.48707 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.16 (x64) (HKLM\...\{B8537ACA-B210-4DF5-B928-E41CEB76723D}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.25 (x64) (HKLM\...\{D0E1D031-D6BB-43A5-BD42-175C0C4EE245}) (Version: 64.100.48707 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.16 (x64) (HKLM\...\{C71E93D2-B8B4-4858-B2A1-4C967DBC1C5F}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.16 (x64) (HKLM-x32\...\{2a8d0f2b-911b-4b58-8252-46b29e7a4590}) (Version: 6.0.16.32323 - Microsoft Corporation)
Microsoft .NET Runtime - 8.0.25 (x64) (HKLM\...\{99B0C384-9362-4D4E-8DAF-23CA44E306E8}) (Version: 64.100.48707 - Microsoft Corporation) Hidden
Microsoft 365 - en-gb (HKLM\...\O365HomePremRetail - en-gb) (Version: 16.0.19929.20090 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\{1C8DB81C-4E6C-3E43-9DBC-D812F72172AA}) (Version: 147.0.3912.86 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 147.0.3912.86 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\OneDriveSetup.exe) (Version: 26.055.0323.0004 - Microsoft Corporation)
Microsoft OneNote - en-gb (HKLM\...\OneNoteFreeRetail - en-gb) (Version: 16.0.19929.20090 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.44.35211 (HKLM-x32\...\{d8bbe9f9-7c5b-42c6-b715-9ee898a2e515}) (Version: 14.44.35211.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.44.35211 (HKLM-x32\...\{0b5169e3-39da-4313-808e-1f9c0407f3bf}) (Version: 14.44.35211.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.44.35211 (HKLM\...\{86AB2CC9-08BD-4643-B0F9-F82D006D72FF}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.44.35211 (HKLM\...\{43B0D101-A022-48F4-9D04-BA404CEB1D53}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.44.35211 (HKLM-x32\...\{C18FB403-1E88-43C8-AD8A-CED50F23DE8B}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.44.35211 (HKLM-x32\...\{922480B5-CAEB-4B1B-AAA4-9716EFDCE26B}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.25 (x64) (HKLM\...\{C5343D9A-9640-4351-90D2-F6CF157C208E}) (Version: 64.100.48707 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.25 (x64) (HKLM-x32\...\{64c75e04-ef03-4544-b153-24860eac8d23}) (Version: 8.0.25.35812 - Microsoft Corporation)
NVIDIA App 11.0.7.237 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NvApp) (Version: 11.0.7.237 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.7.12227.37421622 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.7.12227.37421622 - NVIDIA Corporation)
NVIDIA Graphics Driver 596.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 596.21 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.4.5.7 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.5.7 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.19929.20032 - Microsoft Corporation) Hidden
OneBrowser (HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\OneBrowser) (Version: 137.0.7151.69 - OneBrowser) <==== ATTENTION
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenVPN 2.5.5-I602 amd64 (HKLM\...\{ECDEB23C-E72D-F54F-081D-D2180DBF1497}) (Version: 2.5.028 - OpenVPN, Inc.)
Pi Network 0.5.4 (HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\375fce00-6280-59a8-8dfe-c557d5fd3e90) (Version: 0.5.4 - Socialchain Inc.)
Riot Client (HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Riot Game Riot_Client.) (Version: - Riot Games, Inc)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
ROG Live Service (HKLM\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 2.4.7.0 - ASUSTek COMPUTER INC.)
StarCraft (HKLM-x32\...\StarCraft) (Version: - Blizzard Entertainment)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries GG 106.1.0 (HKLM\...\SteelSeries GG) (Version: 106.1.0 - SteelSeries ApS)
TAP-Windows 9.24.2 (HKLM\...\TAP-Windows) (Version: 9.24.2 - OpenVPN Technologies, Inc.)
VALORANT (HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
Wand (HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Wand) (Version: 12.10.1 - WeMod)
Wargaming.net Game Center (HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Wargaming.net Game Center) (Version: 26.1.1.2050 - Wargaming.net)
WebAdvisor by McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.1109 - McAfee, LLC)
Windows Subsystem for Linux (HKLM\...\{8705254B-3AE0-4CFA-93D5-F71DCDE9ED2B}) (Version: 2.6.1.0 - Microsoft Corporation) Hidden
World of Tanks EU (HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\2314027414) (Version: - Wargaming.net)

Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m [2025-08-19] (Advanced Micro Devices Inc.) [Startup Task]
Armoury Crate -> C:\Program Files\ASUS\AacAmbientHal [2025-08-20] (Sparse Package)
Armoury Crate -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_6.4.12.0_x64__qmba6cd70vzyy [2026-04-05] (ASUSTeK COMPUTER INC.)
ASUS GlideX -> C:\Program Files\WindowsApps\B9ECED6F.Glidex_4.1.2.0_x64__qmba6cd70vzyy [2026-04-17] (ASUSTeK COMPUTER INC.)
ChatGPT -> C:\Program Files\WindowsApps\OpenAI.ChatGPT-Desktop_1.2026.43.0_x64__2p2nqsd0c76g0 [2026-02-13] (OpenAI) [Startup Task]
DTS Audio Processing -> C:\Program Files\WindowsApps\DTSInc.DTSAudioProcessing_1.10.19.0_x64__t5j2fzbtdg37r [2026-01-16] (DTS, Inc.)
Local AI Manager for Microsoft 365 -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\AI [2026-04-22] ()
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2025-08-19] (Microsoft Corp.)
Microsoft.Office.ActionsServer -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\ActionsServer [2026-04-22] ()
MobiDrive -> C:\Program Files\WindowsApps\MobiSystems.MobiDriveSync_4.2.63704.0_x64__bvgb55c3tfatp [2026-01-27] (MobiSystems) [Startup Task]
MobiOffice -> C:\Program Files\WindowsApps\MobiSystems.MobiOffice_11.40.15329.0_x64__bvgb55c3tfatp [2026-03-21] () [Startup Task]
MobiPDF - Edit, View, Fill, Sign & Convert PDFs -> C:\Program Files\WindowsApps\MobiSystems.MobiPdf_11.40.15329.0_x64__bvgb55c3tfatp [2026-03-21] () [Startup Task]
MyASUS -> C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_4.0.64.0_x64__qmba6cd70vzyy [2026-04-05] (ASUSTeK COMPUTER INC.) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.969.0_x64__56jybvy8sckqj [2025-11-06] (NVIDIA Corp.)
OfficePushNotificationsUtility -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16 [2026-04-22] ()
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.51.330.0_x64__dt26b99r8h8gj [2025-03-13] (Realtek Semiconductor Corp)
SpotifyAB.SpotifyMusic -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0 [2026-04-26] (Spotify AB) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2613.101.0_x64__cv1g1gvanyjgm [2026-04-14] (WhatsApp Inc.) [Startup Task]
WinAppRuntime.Main.1.4 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.4_4000.1082.2259.0_x64__8wekyb3d8bbwe [2025-03-13] (Microsoft Corp.)
WinAppRuntime.Main.1.8 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.8_8000.806.2252.0_x64__8wekyb3d8bbwe [2026-03-18] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_4000.1082.2259.0_x64__8wekyb3d8bbwe [2025-03-13] (Microsoft Corp.)
Windows App Runtime DDLM 4000.1082.2259.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.1082.2259.0-x6_4000.1082.2259.0_x64__8wekyb3d8bbwe [2025-03-13] (Microsoft Corporation)
Windows App Runtime DDLM 4000.1082.2259.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.1082.2259.0-x8_4000.1082.2259.0_x86__8wekyb3d8bbwe [2025-03-13] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1589204013-1864288644-3288743639-1001_Classes\CLSID\{4e6f7264-5650-4e00-0000-000000000000}\localserver32 -> "C:\Program Files\NordVPN\NordVPN.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-1589204013-1864288644-3288743639-1001_Classes\CLSID\{545E2FA6-A703-4B18-BCBA-6722371B26DA} -> [Galaxy S25 Ultra] => C:\Users\hejda\CrossDevice\Galaxy S25 Ultra [2025-08-22 10:03]
CustomCLSID: HKU\S-1-5-21-1589204013-1864288644-3288743639-1001_Classes\CLSID\{6CC580B0-9BA7-4BE5-B9AB-D438D11CFCED} -> [MobiDrive] => D:\Documents\MobiDrive [2026-02-04 14:54]
CustomCLSID: HKU\S-1-5-21-1589204013-1864288644-3288743639-1001_Classes\CLSID\{92a10339-c580-dfd8-94c3-030311ba18f4}\localserver32 -> C:\ProgramData\ASUS\AsusSurvey\AsusSurvey.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
CustomCLSID: HKU\S-1-5-21-1589204013-1864288644-3288743639-1001_Classes\CLSID\{DFF20505-B08F-455B-AD70-4FBD055088E0}\localserver32 -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe (Google LLC -> Google LLC)
ContextMenuHandlers5: [NvAppDesktopContext] -> {F2E8B4A1-9C7D-4F6E-B3A5-8D2C1F4E9B7A} => C:\Program Files\NVIDIA Corporation\NVIDIA App\NvCpl\nvui.dll [2026-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_98d8c76c5f0d1f70\nvshext.dll [2026-04-14] (NVIDIA Corporation -> NVIDIA Corporation)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [MidisrvTransferComplete] => 1
HKLM\...\Drivers32: [midi1] => C:\Windows\system32\wdmaud2.drv [143360 2026-04-14] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32-x32: [vidc.VP60] => C:\Windows\system32\vp6vfw.dll
HKLM\...\Drivers32-x32: [vidc.VP61] => C:\Windows\system32\vp6vfw.dll
HKLM\...\Drivers32: [midi1] => C:\Windows\SysWOW64\wdmaud2.drv [94720 2026-04-14] (Microsoft Windows -> Microsoft Corporation)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\hejda\Desktop\Counter-strike 1.6 Original.lnk -> D:\Games\Counter-strike 1.6 Original\Counter-Strike.bat ()

==================== Loaded Modules (Whitelisted) =============

2025-03-13 01:21 - 2024-04-17 15:03 - 000443392 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\ac_node_addon\build\Release\ac_node_addon.node
2025-03-13 01:21 - 2024-04-17 15:04 - 000175616 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\ffi-napi\build\Release\ffi_bindings.node
2025-03-13 01:21 - 2024-04-08 12:31 - 000159744 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\ref-napi\prebuilds\win32-ia32\electron.napi.node
2025-03-13 01:21 - 2024-04-08 12:31 - 000319488 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\sharp\build\Release\sharp-win32-ia32.node
2024-05-26 10:19 - 2024-05-26 10:19 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2024-05-26 10:19 - 2024-05-26 10:19 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
2026-04-12 02:57 - 2026-04-12 02:57 - 000000000 ____L (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\PlugIns\NVIDIA App\MessageBusRouter.dll] C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\plugins\NVIDIA Overlay\MessageBusRouter.dll
2025-09-08 04:35 - 2026-04-12 02:57 - 000000000 ____L (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA App\MessageBus\NvMessageBusBroadcast.dll] C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\NvMessageBusBroadcast.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{75416E63-5912-4DFA-AE8F-3EFACCAFFB14} => ""="NvmeDisk"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{75416E63-5912-4DFA-AE8F-3EFACCAFFB14} => ""="NvmeDisk"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2026-02-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2026-04-22] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2024-04-01 08:26 - 2026-04-07 12:55 - 000001054 _____ C:\Windows\system32\drivers\etc\hosts
10.55.10.143 host.docker.internal
10.55.10.143 gateway.docker.internal
127.0.0.1 kubernetes.docker.internal

2025-10-13 21:36 - 2026-04-11 22:44 - 000000434 _____ C:\Windows\system32\drivers\etc\hosts.ics
172.22.96.1 Hejdys.mshome.net # 2031 4 4 10 21 44 39 808

==================== Network ===========================

(Currently there is no automatic fix for this section.)

DNS Servers: 192.168.50.1
Windows Firewall is enabled.

Network Binding:
=============
Local Area Connection: TAP-Windows Adapter V9 -> tap0901.sys
Bluetooth Network Connection 2: Bluetooth Device (Personal Area Network) #2 -> bthpan.sys
OpenVPN Wintun: Wintun Userspace Tunnel -> wintun.sys
WiFi 2: Intel(R) Wi-Fi 6E AX210 160MHz -> Netwtw14.sys
Ethernet: Realtek PCIe GbE Family Controller -> rt68cx21x64.sys

vms_vsf: Hyper-V Virtual Switch Extension Filter
ms_l1vhlwf: Nested Network Virtualization
vms_vsp: Hyper-V Virtual Switch Extension Protocol

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\hejda\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\LocalCache\Microsoft\IrisService\9498457197586439781\134216912965864733.jpg
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 1) (TamperProtectionSource: 5)
HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0)


==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SteelSeriesGG"
HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\StartupApproved\Run: => "Docker Desktop"
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\StartupApproved\Run: => "Battle.net"
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\StartupApproved\Run: => "GogGalaxy"
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_E478EAC7BFC67F03F478E5F2D7931491"
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\StartupApproved\Run: => "Wargaming.net Game Center"
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\StartupApproved\Run: => "RiotClient"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{7877DDAC-A98B-49AB-BA8E-67B50AB8EBD4}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{6A321DC3-BB69-481F-9B81-0AF0916DA6A1}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [{07AB0667-96CA-4021-AF04-C56897D6E601}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [{BB3235B9-88B2-498A-8AA8-721D1320F775}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{96B33890-3165-466B-9D6F-D29FF38C5DAF}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{7CE20F88-112E-40EF-912F-426141421CDF}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTeK COMPUTER INC. -> )
FirewallRules: [{252745EB-817B-4FD8-A160-DA953FFCE44E}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTeK COMPUTER INC. -> )
FirewallRules: [{E6E3B5B4-CE96-4BCA-B567-822FE3EFBA45}] => (Allow) C:\Program Files\ASUS\AacAmbientHal\AacAmbientLighting.exe (ASUSTeK COMPUTER INC. -> )
FirewallRules: [{D0CC5565-E3C4-4518-9DF9-83F3FE2319BD}] => (Allow) C:\program files\asus\aacambienthal\aacambientlighting.exe (ASUSTeK COMPUTER INC. -> )
FirewallRules: [TCP Query User{20B400F7-1217-47BA-8716-1B8272C016C6}C:\program files (x86)\battle.net\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{E7009F3E-3EAA-43D1-B988-FE15608BCAD8}C:\program files (x86)\battle.net\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{030EA5D9-2AE5-420D-BA82-F063CBFA1BD8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{77574E1A-27EE-4799-BE6C-BD7ADB3013B4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{71DA0D74-CC72-4BE4-8A3D-8F8AE39D6822}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [UDP Query User{5FCD15FA-67C1-478D-AA50-8539D1986A58}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [TCP Query User{19CEEDC3-7FA4-4784-8118-6B0E17A74FD3}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [UDP Query User{AD4C37B9-CB6D-433D-AE43-D78D04D2ABA1}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [{EDB2B0D6-3D09-42DB-9380-187C1868CCAD}] => (Allow) D:\SteamLibrary\steamapps\common\OpenTTD\openttd.exe (OpenTTD Distribution Ltd -> OpenTTD Development Team)
FirewallRules: [{0089A2F8-7A0C-4BCD-8BBF-DF00DB669B94}] => (Allow) D:\SteamLibrary\steamapps\common\OpenTTD\openttd.exe (OpenTTD Distribution Ltd -> OpenTTD Development Team)
FirewallRules: [TCP Query User{85874381-EA21-4BA8-91F3-0F009D3CBC92}D:\games\diablo iv\diablo iv.exe] => (Allow) D:\games\diablo iv\diablo iv.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{BB9945C9-B898-42ED-AE7C-972D9D905551}D:\games\diablo iv\diablo iv.exe] => (Allow) D:\games\diablo iv\diablo iv.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{64B2869A-5786-45E9-A0C1-82C57AC83E31}] => (Allow) C:\Program Files\Blizzard\Bonjour Service\mDNSResponder.exe => No File
FirewallRules: [{3BAE1ABE-0418-4229-BDC7-50A1BE57CDAF}] => (Allow) C:\Program Files\Blizzard\Bonjour Service\mDNSResponder.exe => No File
FirewallRules: [TCP Query User{7610F4BD-C4AE-4A4F-91A9-7A3F86D62B88}D:\games\starcraft\x86_64\starcraft.exe] => (Allow) D:\games\starcraft\x86_64\starcraft.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{85E9337E-8FEA-40FF-8BFD-799790677E0F}D:\games\starcraft\x86_64\starcraft.exe] => (Allow) D:\games\starcraft\x86_64\starcraft.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{4607A939-F8BD-4702-832A-EF2931DD75A9}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{E10DEFA4-5835-4CE1-9D52-DEF6C7123182}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{406B75ED-88BE-4788-99E6-88685412B6B0}] => (Allow) D:\SteamLibrary\steamapps\common\MTGA\MTGA.exe () [File not signed]
FirewallRules: [{66ADFD22-9719-4E12-824A-68BBB3D7F5D4}] => (Allow) D:\SteamLibrary\steamapps\common\MTGA\MTGA.exe () [File not signed]
FirewallRules: [TCP Query User{B2989826-12C9-49E2-9E57-F997A16B9210}D:\games\diablo iii\x64\diablo iii64.exe] => (Allow) D:\games\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{3A4CC814-F9BD-43AC-9443-D764D5BADD91}D:\games\diablo iii\x64\diablo iii64.exe] => (Allow) D:\games\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{64AF8CB8-6A58-4865-AA17-4B1D8651CC21}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{EF3A10CD-78E8-4723-AB43-AB9B561CDD3A}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{5833E5FB-BD7E-41CC-873C-E0590FCE9B23}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{21F619D9-6989-4B7E-8A73-8F1C8D06AE10}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{A14EEE7C-D48F-4B0B-8C8F-FE1C2922DC63}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{A519E2A1-174A-4121-8571-A2FC30F16409}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{199D7C13-2E7B-41A2-AEF8-F2C1B59009A5}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{D56CD330-F46B-46AE-A158-324995891BFC}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{F26E121C-B051-48EE-9F17-9B3B2118CB78}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{D1B6B7CE-BA18-46D4-A6F1-5F4C33B6EED1}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{BEEB9905-0323-4B51-91AD-C14C549752D3}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{061B8C01-64FE-4C27-B495-DC9F713C33BF}] => (Allow) D:\SteamLibrary\steamapps\common\Rise of the Tomb Raider\ROTTR.exe (Square Enix LTD -> Eidos Inc.)
FirewallRules: [{DB5B45C7-ECBA-404A-9E01-48F3DA777ABC}] => (Allow) D:\SteamLibrary\steamapps\common\Rise of the Tomb Raider\ROTTR.exe (Square Enix LTD -> Eidos Inc.)
FirewallRules: [{3F55BA54-4CCF-4613-90B5-AEA5AE261A06}] => (Allow) D:\SteamLibrary\steamapps\common\Heroes of Might & Magic Olden Era Demo\HeroesOE.exe () [File not signed]
FirewallRules: [{7A1CE8AF-CA39-4097-A7A0-23204642DD01}] => (Allow) D:\SteamLibrary\steamapps\common\Heroes of Might & Magic Olden Era Demo\HeroesOE.exe () [File not signed]
FirewallRules: [TCP Query User{244A2A3A-7396-4877-9D1A-38EE5A91EB5E}C:\program files\docker\docker\resources\com.docker.backend.exe] => (Allow) C:\program files\docker\docker\resources\com.docker.backend.exe (Docker Inc -> Docker Inc.)
FirewallRules: [UDP Query User{6980A89D-029B-4936-AA9E-4E07D1DA3FE8}C:\program files\docker\docker\resources\com.docker.backend.exe] => (Allow) C:\program files\docker\docker\resources\com.docker.backend.exe (Docker Inc -> Docker Inc.)
FirewallRules: [TCP Query User{742A78B5-6C96-4EBE-8073-7B6B129502FE}D:\quake3.exe] => (Allow) D:\quake3.exe => No File
FirewallRules: [UDP Query User{1614ED3B-BD04-4527-8486-9F924425818B}D:\quake3.exe] => (Allow) D:\quake3.exe => No File
FirewallRules: [TCP Query User{A4E7D63F-BC9A-4A91-8340-F4B18D11DA02}D:\games\starcraft ii\versions\base95841\sc2_x64.exe] => (Allow) D:\games\starcraft ii\versions\base95841\sc2_x64.exe => No File
FirewallRules: [UDP Query User{0AEFC662-B3B2-40D0-A10C-95001FF13DFF}D:\games\starcraft ii\versions\base95841\sc2_x64.exe] => (Allow) D:\games\starcraft ii\versions\base95841\sc2_x64.exe => No File
FirewallRules: [{3659A531-DAA4-46EC-AECD-36C5181AA432}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{69D8A08C-9C59-4237-AE55-547D83AFE464}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{8A782C35-6DAA-486E-AB3E-56ABF296BD6A}] => (Allow) C:\Program Files\WindowsApps\OpenAI.ChatGPT-Desktop_1.2026.43.0_x64__2p2nqsd0c76g0\app\ChatGPT.exe (50BDFD77-8903-4850-9FFE-6E8522F64D5B -> OpenAI)
FirewallRules: [{F57CDAC7-CF04-45FE-B598-2B9950A544FA}] => (Allow) C:\Program Files\WindowsApps\OpenAI.ChatGPT-Desktop_1.2026.43.0_x64__2p2nqsd0c76g0\app\ChatGPT.exe (50BDFD77-8903-4850-9FFE-6E8522F64D5B -> OpenAI)
FirewallRules: [{3F488EAF-FB2E-411E-90B6-7C18A4BD182E}] => (Allow) C:\Program Files\WindowsApps\OpenAI.ChatGPT-Desktop_1.2026.43.0_x64__2p2nqsd0c76g0\app\ChatGPT.exe (50BDFD77-8903-4850-9FFE-6E8522F64D5B -> OpenAI)
FirewallRules: [{0B66B9B4-2A90-413D-87C1-601DE5ACAB05}] => (Allow) C:\Program Files\WindowsApps\OpenAI.ChatGPT-Desktop_1.2026.43.0_x64__2p2nqsd0c76g0\app\ChatGPT.exe (50BDFD77-8903-4850-9FFE-6E8522F64D5B -> OpenAI)
FirewallRules: [{AF3BD263-486A-419E-BB13-1D37353F4012}] => (Allow) D:\SteamLibrary\steamapps\common\Half-Life Restored\restored.exe () [File not signed]
FirewallRules: [{A0A9B1D4-1646-4E97-992F-35DED80663D8}] => (Allow) D:\SteamLibrary\steamapps\common\Half-Life Restored\restored.exe () [File not signed]
FirewallRules: [{9591B720-0DFB-4190-BDF1-488216E1A2DB}] => (Allow) C:\Program Files\Docker\Docker\Docker Desktop.exe (Docker Inc -> Docker Inc.)
FirewallRules: [{91DF0AC1-0F18-4CDD-A15C-7C6159BDCCBC}] => (Allow) LPort=9308
FirewallRules: [TCP Query User{03A3ABC2-C7E3-4566-8118-424A4C7558E4}D:\torguard\torguarddesktopqt.exe] => (Allow) D:\torguard\torguarddesktopqt.exe => No File
FirewallRules: [UDP Query User{0B9F62FD-7605-4786-9938-D51B7E0FF0D9}D:\torguard\torguarddesktopqt.exe] => (Allow) D:\torguard\torguarddesktopqt.exe => No File
FirewallRules: [{6a4bff3e-63f9-4647-afe8-0c527edd6663}] => (Allow) LPort=31402
FirewallRules: [{066c4521-382a-4cae-afce-8213ffa8156d}] => (Allow) LPort=31401
FirewallRules: [TCP Query User{9D04C00B-E1CA-4BA2-8635-AE90EABDFF64}D:\games\diablo iv\diablo iv.exe] => (Allow) D:\games\diablo iv\diablo iv.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{F1DEB0B6-D68F-4E2D-BA03-97322D9BE7A8}D:\games\diablo iv\diablo iv.exe] => (Allow) D:\games\diablo iv\diablo iv.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{C5D0C203-F7D4-4206-BD68-C380BAE551B7}] => (Allow) D:\SteamLibrary\steamapps\common\Apex Legends\start_protected_game.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{0C30D7BC-B57C-4731-8BAD-D1343774040F}] => (Allow) D:\SteamLibrary\steamapps\common\Apex Legends\start_protected_game.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [TCP Query User{125013CC-B08A-4B8C-8EB0-918829CE1F26}D:\games\counter-strike 1.6 original\hl.exe] => (Allow) D:\games\counter-strike 1.6 original\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{9607230B-B026-4FC4-B59A-8E387C861132}D:\games\counter-strike 1.6 original\hl.exe] => (Allow) D:\games\counter-strike 1.6 original\hl.exe (Valve) [File not signed]
FirewallRules: [{353B94DA-D6C9-4C20-ABDC-B08ACAE6E1BC}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\game\bin\win64\cs2.exe (Valve Corp. -> )
FirewallRules: [{E645E1EA-1F89-40C5-8083-C1EF6C26C011}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\game\bin\win64\cs2.exe (Valve Corp. -> )
FirewallRules: [TCP Query User{FAFA712A-56BF-4FDC-B7E0-E936F1B24889}D:\games\starcraft ii\versions\base95841\sc2_x64.exe] => (Allow) D:\games\starcraft ii\versions\base95841\sc2_x64.exe => No File
FirewallRules: [UDP Query User{00B31B47-B5A5-4539-94D1-810D70DF9FD2}D:\games\starcraft ii\versions\base95841\sc2_x64.exe] => (Allow) D:\games\starcraft ii\versions\base95841\sc2_x64.exe => No File
FirewallRules: [TCP Query User{B088FCF3-4DE7-483E-B57A-600B6190E9DB}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [UDP Query User{C78D7C77-AA48-4E58-85A1-59E76EC405C4}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [TCP Query User{B5FA2A08-1810-4730-B668-EE89541C8A88}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [UDP Query User{9AC8DB14-DBEA-4973-BFF4-8756CDAC87EF}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [{35F9E141-F2AA-4FFD-8E52-407F6113D803}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_4.0.64.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{3982C485-6614-412A-A5A4-F0E462D0B31A}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_4.0.64.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{11521BAD-E650-4590-AAFF-28B1EDD868D4}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_4.0.64.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{434D015B-5B18-43A2-BE58-C62898313614}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_4.0.64.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{A53A8A3E-8A53-44E2-9625-EA27F2F554F9}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{210C1C28-1763-4A59-9B8D-198F0F8ABA79}] => (Allow) C:\Program Files (x86)\Microsoft\Copilot\Application\mscopilot.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{060EE083-C3CE-4001-B393-4D2688C7CD36}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{CCD2F9C5-4DBE-41C7-861D-7E1D5107ADA7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{CC55D2D1-FC2C-4C67-8E1A-B66476564BBA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{0B4AA6F3-6180-4073-B9D7-3BF28E333DEF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BFECA844-E523-4028-99DE-D072CC0A11E8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2C39AD4B-A065-43ED-8E57-A10723D55332}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{826BEE53-BB1C-462D-8076-CB180026197D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6546160F-376D-480B-8FFC-9D55DBA5A299}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{607FEC38-90BA-48E9-BFE4-37A82BA3D31C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{0FE8AD14-B00D-4A3A-9246-F9D91A182310}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6F5909A1-2524-475D-9964-B93DE527ACFA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{86A7DE75-BDCB-453F-8880-99C4A513BF52}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F8F57527-F310-4D4A-A0DD-6B83807C2EBA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [TCP Query User{4BFBDD18-C6B7-4A69-A412-FD2A10293A53}D:\games\starcraft ii\versions\base96883\sc2_x64.exe] => (Allow) D:\games\starcraft ii\versions\base96883\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{7C4BA9DB-D90F-43E8-9163-130A2D842C23}D:\games\starcraft ii\versions\base96883\sc2_x64.exe] => (Allow) D:\games\starcraft ii\versions\base96883\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{6B8019B9-A59B-46CF-B5D2-161DE1415C56}] => (Allow) C:\Program Files\ASUS\GlideX\GlideXNear\GlideXNearService.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{88B80A95-47FD-4E44-B012-43437BDC9507}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSwitch\AsusSwitchNet.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{A2CDF4D0-441B-4660-B524-1EC4FDF72854}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSwitch\AsusSwitchNetMDNS.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{63BAF94E-ECC3-49E3-AF05-052DF8CBBD64}] => (Allow) C:\Program Files\ASUS\GlideX\GlideXRemote\GlideXRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​)
FirewallRules: [{2360406C-3BB8-4DBF-B854-65F24B63D35A}] => (Allow) C:\Program Files\ASUS\GlideX\GlideXService.exe (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
FirewallRules: [TCP Query User{A40F1891-FCF8-48AA-B467-5A88C2CFB86C}D:\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) D:\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{DA97C843-7533-4032-BB5B-7A43357E4CEB}D:\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) D:\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:447.58 GB) (Free:213.98 GB) (48%)

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (04/26/2026 10:50:23 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Faulting application name: vgm.exe, version: 0.0.0.0, time stamp: 0x00000000
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000409
Fault offset: 0x00007ff6396c7a16
Faulting process id: 0x7bc0
Faulting application start time: 0x1dcd5c6accef522
Faulting application path: C:\Program Files\Riot Vanguard\vgm.exe
Faulting module path: unknown
Report Id: bf7744da-8368-4c76-b6e8-e675877012e4
Faulting package full name:
Faulting package-relative application ID:

Error: (04/26/2026 10:50:21 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Faulting application name: vgm.exe, version: 0.0.0.0, time stamp: 0x00000000
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000409
Fault offset: 0x00007ff6396c7a16
Faulting process id: 0x7614
Faulting application start time: 0x1dcd5c6abeb909e
Faulting application path: C:\Program Files\Riot Vanguard\vgm.exe
Faulting module path: unknown
Report Id: 53e91024-bf5b-4cd1-abfd-e6257aaf6552
Faulting package full name:
Faulting package-relative application ID:

Error: (04/26/2026 10:50:21 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Faulting application name: vgm.exe, version: 0.0.0.0, time stamp: 0x00000000
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000409
Fault offset: 0x00007ff6396c7a16
Faulting process id: 0x81b4
Faulting application start time: 0x1dcd5c6ac3e19ec
Faulting application path: C:\Program Files\Riot Vanguard\vgm.exe
Faulting module path: unknown
Report Id: a5d67c14-0de2-425f-9c89-864a0023cbd1
Faulting package full name:
Faulting package-relative application ID:

Error: (04/26/2026 10:50:19 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Faulting application name: vgm.exe, version: 0.0.0.0, time stamp: 0x00000000
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000409
Fault offset: 0x00007ff6396c7a16
Faulting process id: 0x8444
Faulting application start time: 0x1dcd5c6ab873b8c
Faulting application path: C:\Program Files\Riot Vanguard\vgm.exe
Faulting module path: unknown
Report Id: 38df2343-94bd-46bc-8f4d-03d928096d70
Faulting package full name:
Faulting package-relative application ID:

Error: (04/26/2026 06:20:33 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Faulting application name: ROGLiveService.exe, version: 2.4.7.0, time stamp: 0x66417e04
Faulting module name: ROGLiveService.exe, version: 2.4.7.0, time stamp: 0x66417e04
Exception code: 0xc0000005
Fault offset: 0x00000000001896d8
Faulting process id: 0x1c24
Faulting application start time: 0x1dcd59f097bbf5d
Faulting application path: C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
Faulting module path: C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
Report Id: f2ea520d-cb8d-4d2d-93f5-bf60d34abf50
Faulting package full name:
Faulting package-relative application ID:

Error: (04/24/2026 12:49:22 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: The program XboxGameBarWidgets.exe version 2604.1001.9.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Error: (04/24/2026 12:49:20 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: The program XboxGameBarSpotify.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Error: (04/24/2026 12:49:20 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: The program EdgeGameAssist.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.


System errors:
=============
Error: (04/26/2026 10:50:20 PM) (Source: TPM) (EventID: 14) (User: NT AUTHORITY)
Description: The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer.

Error: (04/26/2026 10:50:20 PM) (Source: TPM) (EventID: 14) (User: NT AUTHORITY)
Description: The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer.

Error: (04/26/2026 10:50:20 PM) (Source: TPM) (EventID: 14) (User: NT AUTHORITY)
Description: The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer.

Error: (04/26/2026 10:50:20 PM) (Source: TPM) (EventID: 14) (User: NT AUTHORITY)
Description: The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer.

Error: (04/26/2026 10:50:20 PM) (Source: TPM) (EventID: 14) (User: NT AUTHORITY)
Description: The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer.

Error: (04/26/2026 10:50:20 PM) (Source: TPM) (EventID: 14) (User: NT AUTHORITY)
Description: The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer.

Error: (04/26/2026 06:26:06 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1801) (User: NT AUTHORITY)
Description: Updated Secure Boot certificates are available on this device but have not yet been applied to the firmware. Review the published guidance to complete the update and maintain full protection. This device signature information is included here.
DeviceAttributes: BaseBoardManufacturer:ASUSTeK COMPUTER INC.;FirmwareManufacturer:American Megatrends International, LLC.;FirmwareVersion:FA506NC.308;OEMModelBaseBoard:FA506NC;OEMManufacturerName:ASUSTeK COMPUTER INC.;OSArchitecture:amd64;
BucketId: 023969b791ef4626fa6a492cdad583ffebb403b91978a8abfaaf032a7f73a02b
BucketConfidenceLevel: Under Observation - More Data Needed
UpdateType:
For more information, please see https://go.microsoft.com/fwlink/?linkid=2301018.

Error: (04/26/2026 06:21:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Bonjour Service service failed to start due to the following error:
The system cannot find the file specified.


Windows Defender:
================
Date: 2026-04-26 16:49:02
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Stop Reason: Scheduled scan was skipped because the last successful scan was within the last 7 days

Date: 2026-04-23 23:31:33
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Stop Reason: Scheduled scan was skipped because the last successful scan was within the last 7 days

Date: 2026-04-23 03:29:30
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Stop Reason: Scheduled scan was skipped because the last successful scan was within the last 7 days

Date: 2026-04-23 00:27:49
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Stop Reason: Scheduled scan was skipped because the last successful scan was within the last 7 days

Date: 2026-04-20 22:45:02
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Stop Reason: Scheduled scan was skipped because the last successful scan was within the last 7 days

==================== Memory info ===========================

BIOS: American Megatrends International, LLC. FA506NC.308 01/08/2025
Motherboard: ASUSTeK COMPUTER INC. FA506NC
Processor: AMD Ryzen 5 7535HS with Radeon Graphics
Percentage of memory in use: 19%
Total physical RAM: 64840.25 MB
Available physical RAM: 51906.55 MB
Total Virtual: 68936.25 MB
Available Virtual: 52616.27 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:447.58 GB) (Free:213.97 GB) (Model: WD PC SN5000S SDEQNSJ-512G-1002) (Protected) NTFS
Drive d: (Samsung) (Fixed) (Total:3725.73 GB) (Free:3019.24 GB) (Model: Microsoft Storage Space Device) (Protected) NTFS

\\?\Volume{b4cad33f-6956-4e07-a765-6433638d4805}\ (RECOVERY) (Fixed) (Total:0.83 GB) (Free:0.06 GB) NTFS
\\?\Volume{1e75c4b2-5ccb-42b2-a04b-d7f061dbf8f4}\ (RESTORE) (Fixed) (Total:28 GB) (Free:9.31 GB) NTFS
\\?\Volume{b5b6a590-29f2-475b-ae4b-49915211f235}\ (MYASUS) (Fixed) (Total:0.25 GB) (Free:0.16 GB) FAT32
\\?\Volume{79ac1d17-d260-4c78-af89-fe3d612c135a}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.21 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 3726 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Size: 476.9 GB) (Disk ID: 53E7ED41)

Partition: GPT.

==========================================================
Disk: 2 (Protective MBR) (Size: 3725.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119892
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosim zase jednou o kontrolu logu. Predem moc dekuji.

#8 Příspěvek od Rudy »

Tak to vidím poprvé. Ať je to jak chce, otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
FirewallRules: [{64B2869A-5786-45E9-A0C1-82C57AC83E31}] => (Allow) C:\Program Files\Blizzard\Bonjour Service\mDNSResponder.exe => No File
FirewallRules: [{3BAE1ABE-0418-4229-BDC7-50A1BE57CDAF}] => (Allow) C:\Program Files\Blizzard\Bonjour Service\mDNSResponder.exe => No File
FirewallRules: [TCP Query User{742A78B5-6C96-4EBE-8073-7B6B129502FE}D:\quake3.exe] => (Allow) D:\quake3.exe => No File
FirewallRules: [UDP Query User{1614ED3B-BD04-4527-8486-9F924425818B}D:\quake3.exe] => (Allow) D:\quake3.exe => No File
FirewallRules: [TCP Query User{A4E7D63F-BC9A-4A91-8340-F4B18D11DA02}D:\games\starcraft ii\versions\base95841\sc2_x64.exe] => (Allow) D:\games\starcraft ii\versions\base95841\sc2_x64.exe => No File
FirewallRules: [UDP Query User{0AEFC662-B3B2-40D0-A10C-95001FF13DFF}D:\games\starcraft ii\versions\base95841\sc2_x64.exe] => (Allow) D:\games\starcraft ii\versions\base95841\sc2_x64.exe => No File
FirewallRules: [TCP Query User{03A3ABC2-C7E3-4566-8118-424A4C7558E4}D:\torguard\torguarddesktopqt.exe] => (Allow) D:\torguard\torguarddesktopqt.exe => No File
FirewallRules: [UDP Query User{0B9F62FD-7605-4786-9938-D51B7E0FF0D9}D:\torguard\torguarddesktopqt.exe] => (Allow) D:\torguard\torguarddesktopqt.exe => No File
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
U3 aswBcc; no ImagePath
U3 Avast Business Console Client Antivirus Service; no ImagePath
C:\Windows\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2

EmptyTemp:
Hosts:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Hejdys84
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 28 úno 2026 00:23

Re: Prosim zase jednou o kontrolu logu. Predem moc dekuji.

#9 Příspěvek od Hejdys84 »

Fix result of Farbar Recovery Scan Tool (x64) Version: 28-04-2026
Ran by hejda (04-05-2026 22:45:17) Run:2
Running from C:\Users\hejda\Desktop
Loaded Profiles: hejda
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
FirewallRules: [{64B2869A-5786-45E9-A0C1-82C57AC83E31}] => (Allow) C:\Program Files\Blizzard\Bonjour Service\mDNSResponder.exe => No File
FirewallRules: [{3BAE1ABE-0418-4229-BDC7-50A1BE57CDAF}] => (Allow) C:\Program Files\Blizzard\Bonjour Service\mDNSResponder.exe => No File
FirewallRules: [TCP Query User{742A78B5-6C96-4EBE-8073-7B6B129502FE}D:\quake3.exe] => (Allow) D:\quake3.exe => No File
FirewallRules: [UDP Query User{1614ED3B-BD04-4527-8486-9F924425818B}D:\quake3.exe] => (Allow) D:\quake3.exe => No File
FirewallRules: [TCP Query User{A4E7D63F-BC9A-4A91-8340-F4B18D11DA02}D:\games\starcraft ii\versions\base95841\sc2_x64.exe] => (Allow) D:\games\starcraft ii\versions\base95841\sc2_x64.exe => No File
FirewallRules: [UDP Query User{0AEFC662-B3B2-40D0-A10C-95001FF13DFF}D:\games\starcraft ii\versions\base95841\sc2_x64.exe] => (Allow) D:\games\starcraft ii\versions\base95841\sc2_x64.exe => No File
FirewallRules: [TCP Query User{03A3ABC2-C7E3-4566-8118-424A4C7558E4}D:\torguard\torguarddesktopqt.exe] => (Allow) D:\torguard\torguarddesktopqt.exe => No File
FirewallRules: [UDP Query User{0B9F62FD-7605-4786-9938-D51B7E0FF0D9}D:\torguard\torguarddesktopqt.exe] => (Allow) D:\torguard\torguarddesktopqt.exe => No File
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
U3 aswBcc; no ImagePath
U3 Avast Business Console Client Antivirus Service; no ImagePath
C:\Windows\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{64B2869A-5786-45E9-A0C1-82C57AC83E31}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3BAE1ABE-0418-4229-BDC7-50A1BE57CDAF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{742A78B5-6C96-4EBE-8073-7B6B129502FE}D:\quake3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1614ED3B-BD04-4527-8486-9F924425818B}D:\quake3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A4E7D63F-BC9A-4A91-8340-F4B18D11DA02}D:\games\starcraft ii\versions\base95841\sc2_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0AEFC662-B3B2-40D0-A10C-95001FF13DFF}D:\games\starcraft ii\versions\base95841\sc2_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{03A3ABC2-C7E3-4566-8118-424A4C7558E4}D:\torguard\torguarddesktopqt.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0B9F62FD-7605-4786-9938-D51B7E0FF0D9}D:\torguard\torguarddesktopqt.exe" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\System\CurrentControlSet\Services\aswBcc => removed successfully
aswBcc => service removed successfully
HKLM\System\CurrentControlSet\Services\Avast Business Console Client Antivirus Service => removed successfully
Avast Business Console Client Antivirus Service => service removed successfully
Could not move "C:\Windows\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2" => Scheduled to move on reboot.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 49802746 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 412254310 B
Windows/system/drivers => 227829929 B
Edge => 103510213 B
Chrome => 1022560927 B
Firefox => 0 B
Opera => 0 B

Local\Temp, Local\*.tmp, LocalLow\Temp, Roaming\Temp, Roaming\*.tmp , IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 14252 B
systemprofile32 => 0 B
LocalService => 52772 B
NetworkService => 42246 B
hejda => 917476846 B

RecycleBin => 2567157 B
EmptyTemp: => 2.5 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 04-05-2026 22:46:45)

C:\Windows\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2 => Could not move

==== End of Fixlog 22:46:45 ====
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“