Kontrola logu
Napsal: 24 říj 2025 19:51
Dobrý den,
prosím o kontrolu logu. Antivir zjistil škodlivé příkazové řádky a nemaže je.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-10-2025
Ran by PF (administrator) on DESKTOP-KGQ0GUC (ASUS System Product Name) (24-10-2025 20:46:55)
Running from C:\Users\PF\Downloads\FRST64.exe
Loaded Profiles: PF
Platform: Microsoft Windows 11 Pro Version 24H2 26100.6899 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe
(C:\Program Files (x86)\LightingService\LightingService.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\AacAmbientHal\AacAmbientLighting.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\Bitdefender Agent\ProductAgentService.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\27.1.1.14\DiscoverySrv.exe
(C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe
(C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\seccenter.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (S.C. BITDEFENDER S.R.L. -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\wsccommunicator.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(DriverStore\FileRepository\u0400644.inf_amd64_9691c8ee1bbfcbb7\B399690\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0400644.inf_amd64_9691c8ee1bbfcbb7\B399690\atieclxx.exe
(explorer.exe ->) (Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <14>
(explorer.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.ScreenSketch_11.2508.29.0_x64__8wekyb3d8bbwe\SnippingTool\SnippingTool.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <10>
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\PF\AppData\Local\Microsoft\OneDrive\25.184.0921.0004\OneDrive.Sync.Service.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoNotificationUx.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0400644.inf_amd64_9691c8ee1bbfcbb7\B399690\atiesrxx.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUS Inc.) C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.43\AsusFanControlService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.03.12\atkexComSvc.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\redline\bdredline.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\Safepay\bdservicehost.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe <3>
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9d15b9aa9e1c885b\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_2d0366e4f3ea0eab\RtkAudUService64.exe <2>
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x64.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Compputer Inc.) C:\Program Files\ASUS\AacMB\Aac3572MbHal_x86.exe <2>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <11>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\AacExtCard\extensionCardHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS_Aac_DRAM\Aac3572DramHal_x86.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.Edge.GameAssist_1.0.3590.0_x64__8wekyb3d8bbwe\EdgeGameAssist.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2510.1001.55.0_x64__8wekyb3d8bbwe\XboxGameBarWidgets.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2510.1001.55.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.151.0.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_7.325.10021.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_7.325.10021.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_2d0366e4f3ea0eab\RtkAudUService64.exe [1629080 2024-09-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe [1088288 2025-09-17] (Bitdefender SRL -> Bitdefender)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-4128302332-195506509-195615000-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4699288 2025-10-03] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-4128302332-195506509-195615000-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45741280 2025-07-18] (Gen Digital Inc. -> Gen Digital Inc.)
HKU\S-1-5-21-4128302332-195506509-195615000-1001\...\Run: [Discord] => C:\Users\PF\AppData\Local\Discord\Update.exe [1516408 2025-03-24] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-4128302332-195506509-195615000-1001\...\Run: [MicrosoftEdgeAutoLaunch_A0CD5F1BA373F03936A23064FB273571] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4265032 2025-10-20] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4128302332-195506509-195615000-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [29011792 2025-08-08] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKLM\...\Print\Monitors\HP E111 Status Monitor: C:\WINDOWS\system32\hpinkstsE111LM.dll [393352 2017-04-14] (Hewlett Packard -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{49210152-871f-4ffa-961d-a172abcbc09d}] -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe [2025-10-20] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\141.0.7390.108\Installer\chrmstp.exe [2025-10-18] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {A982059A-23EA-438B-8B35-E1AF72E7BFDF} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [398176 2024-10-30] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {83C6086D-0BAF-45AE-8084-67CD3B716C6F} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [1779544 2024-10-30] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {CBDEDDF0-37F4-4514-8302-A50AF150E83B} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1db003a215a1f47 => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [249192 2024-09-06] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {57C1EDDD-FFEE-4BBE-811E-DF3360E7FCC3} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [249192 2024-09-06] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {BEC8A36D-84BF-47CC-B81B-4939753FDEAD} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [152109928 2024-08-13] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {EF4F0FB0-2BB5-447B-B69A-F409169A0072} - System32\Tasks\ASUS\NoiseCancelingEngine => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe [1261928 2024-04-09] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {AE2DAFAF-A1A2-4781-8B4C-1EF8015EA871} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (No File)
Task: {F252F138-C517-4574-8AB5-C40B31060CD6} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\27.1.1.14\WatchDog.exe [1168792 2025-06-04] (Bitdefender SRL -> Bitdefender) -> C:\Program Files\Bitdefender Agent\27.1.1.14\repair
Task: {9247B0F5-05C3-4933-91FA-3337A2456AB7} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [3480504 2025-07-18] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {29C88F84-B167-418C-8C8C-A1E4A8DE1499} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [6140640 2025-07-18] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "4ca89b58-38cb-4996-aff2-2424f292af4b" --version "6.38.0.11537" --silent
Task: {4365F1BE-A23F-43EF-ABC2-771EEB48C175} - System32\Tasks\CCleanerSkipUAC - PF => C:\Program Files\CCleaner\CCleaner.exe [39575776 2025-07-18] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {17DCEBD5-8C8C-42E2-9216-BE80F0EEB994} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [31056 2025-08-08] (Garmin International, Inc. -> )
Task: {9BA43F69-2149-46E7-9B72-7CA15FDE0AAF} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem142.0.7416.0{80E59E05-AD5A-4717-9904-FF55D99A0921} => C:\Program Files (x86)\Google\GoogleUpdater\142.0.7416.0\updater.exe [6863512 2025-09-15] (Google LLC -> Google LLC)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {27CE9D59-9D48-4D29-99BC-64657AEBA494} - System32\Tasks\Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask => {8702A841-D5CA-47C3-812D-9CEDC304C200}
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {ED75C8B0-0E09-4005-9929-FD16115A9E0D} - System32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA App.exe [3323936 2025-08-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0ACBE0E6-0F9D-4CEC-A040-ECECC8F4284C} - System32\Tasks\OneDrive Startup Task-S-1-5-21-4128302332-195506509-195615000-1001 => C:\Users\PF\AppData\Local\Microsoft\OneDrive\25.184.0921.0004\OneDriveLauncher.exe [725880 2025-10-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {A2FF0B8B-C782-4A91-AD95-3C0176156139} - System32\Tasks\Opera scheduled assistant Autoupdate 1733851398 => C:\Users\PF\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe -> --scheduledtask --productiscomponent --bypasslauncher --installdir="C:\Users\PF\AppData\Local\Programs\Opera\assistant" --producttype=assistant $(Arg0)
Task: {F55514BD-254E-4EEE-8229-56D891B70C0B} - System32\Tasks\Opera scheduled Autoupdate 1733851398 => C:\Users\PF\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe --scheduledtask --bypasslauncher $(Arg0) (No File)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{70c52ebf-0f0e-4719-9910-626912d7b779}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{70c52ebf-0f0e-4719-9910-626912d7b779}: [DhcpDomain] home
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\PF\AppData\Local\Microsoft\Edge\User Data\Default [2025-10-24]
Edge Extension: (Dokumenty Google offline) - C:\Users\PF\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-09-26]
Edge Extension: (Adblock Plus - free ad blocker) - C:\Users\PF\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2025-10-22]
Edge Extension: (Edge relevant text changes) - C:\Users\PF\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-09-06]
Chrome:
=======
CHR Profile: C:\Users\PF\AppData\Local\Google\Chrome\User Data\Default [2025-10-24]
CHR Extension: (Dokumenty Google offline) - C:\Users\PF\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-10-24]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\PF\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2025-10-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PF\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2025-03-16]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe [404440 2025-02-22] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.03.12\atkexComSvc.exe [908648 2024-11-12] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [249192 2024-09-06] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [503144 2024-09-25] (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.43\AsusFanControlService.exe [1854312 2024-11-12] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [249192 2024-09-06] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 AsusUpdateCheck; C:\WINDOWS\System32\AsusUpdateCheck.exe [845256 2025-10-24] (ASUSTeK Computer Inc. -> )
R2 BDAppSrv; C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe [851704 2025-09-17] (Bitdefender SRL -> Bitdefender)
R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [852216 2025-09-17] (Bitdefender SRL -> Bitdefender)
R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [852216 2025-09-17] (Bitdefender SRL -> Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2966184 2023-07-20] (Bitdefender SRL -> Bitdefender)
R2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [2577184 2023-07-20] (Bitdefender SRL -> Bitdefender)
R2 BDSafepaySrv; C:\Program Files\Bitdefender\Bitdefender Security App\Safepay\bdservicehost.exe [852216 2025-09-17] (Bitdefender SRL -> Bitdefender)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [18663720 2024-09-07] (BattlEye Innovations e.K. -> )
R3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1080544 2025-07-18] (Gen Digital Inc. -> Gen Digital Inc.)
R2 DtsApo4Service; C:\WINDOWS\System32\DTS\PC\APO4x\DtsApo4Service.exe [243432 2024-09-06] (DTS, Inc. -> DTS Inc.)
R2 GameSDK Service; C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe [397544 2022-05-31] (ASUSTeK COMPUTER INC. -> ASUS Inc.)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [4955496 2024-08-08] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9608720 2025-09-04] (Malwarebytes Inc -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-03-29] (Malwarebytes Inc. -> Malwarebytes)
S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpDefenderCoreService.exe [1431160 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9d15b9aa9e1c885b\Display.NvContainer\NVDisplay.Container.exe [1275016 2025-03-15] (NVIDIA Corporation -> NVIDIA Corporation)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [764808 2025-06-04] (Bitdefender SRL -> Bitdefender)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [7682024 2025-01-19] (Rockstar Games, Inc. -> Rockstar Games)
R2 ROG Live Service; C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe [2125352 2024-11-22] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [803064 2025-10-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [291288 2025-09-17] (Bitdefender SRL -> Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [852216 2025-09-17] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\NisSrv.exe [3199656 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MsMpEng.exe [133704 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [56504 2024-02-27] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [27920 2024-03-26] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
R3 amduw23g; C:\WINDOWS\System32\DriverStore\FileRepository\u0400644.inf_amd64_9691c8ee1bbfcbb7\B399690\amdkmdag.sys [100084632 2024-02-27] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R1 Asusgio3; C:\Windows\system32\drivers\AsIO3.sys [58936 2024-09-24] (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.)
R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [8502336 2025-08-18] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender S.R.L. Bucharest, ROMANIA)
R3 AtcExt; C:\WINDOWS\System32\drivers\AtcExt.sys [27192 2025-08-13] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 BdDci4; C:\WINDOWS\system32\DRIVERS\bddci4.sys [1371176 2025-09-17] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [24568 2023-05-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
S3 bdprivmon; C:\WINDOWS\system32\DRIVERS\bdprivmon.sys [49200 2025-09-17] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender SRL)
S3 bduefiscan; C:\WINDOWS\system32\DRIVERS\bduefiscan.sys [53808 2025-08-13] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [573440 2025-02-14] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [204800 2025-02-14] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [110592 2025-02-14] (Microsoft Corporation) [File not signed]
R3 cpuz158; C:\WINDOWS\temp\cpuz158\cpuz158_x64.sys [44592 2025-10-24] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
R1 CTIAIO; C:\Windows\system32\drivers\CtiAIo64.sys [34920 2024-09-06] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
R1 Gemma; C:\WINDOWS\System32\DRIVERS\gemma.sys [1793112 2025-08-13] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender S.R.L. Bucharest, ROMANIA)
S3 Ignisv2; C:\WINDOWS\system32\DRIVERS\ignisv2.sys [849968 2025-09-17] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [54888 2024-09-07] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [234072 2025-10-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [22120 2025-03-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [244800 2025-10-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [19672 2023-12-10] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 rt25cx21; C:\WINDOWS\System32\DriverStore\FileRepository\rt25cx21x64.inf_amd64_8e61b4ea25373168\rt25cx21x64.sys [887776 2024-10-21] (Realtek Semiconductor Corp. -> Realtek)
R2 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [630312 2025-08-13] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R0 vlflt; C:\WINDOWS\System32\DRIVERS\vlflt.sys [1445960 2025-07-07] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [22080 2024-09-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [602392 2024-09-17] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2024-09-17] (Microsoft Windows -> Microsoft Corporation)
S3 usbscan; \SystemRoot\System32\DriverStore\FileRepository\sti.inf_amd64_971c769b103df369\usbscan.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-10-24 20:46 - 2025-10-24 20:47 - 000028047 _____ C:\Users\PF\Downloads\FRST.txt
2025-10-24 20:46 - 2025-10-24 20:46 - 002443264 _____ (Farbar) C:\Users\PF\Downloads\FRST64.exe
2025-10-24 20:37 - 2025-10-24 20:38 - 000000000 ____D C:\Users\PF\AppData\LocalLow\IGDump
2025-10-23 19:11 - 2025-10-23 21:18 - 2700247067 _____ C:\Users\PF\Downloads\Yellowstone S02E05 HD CZ dabing.mkv
2025-10-18 20:34 - 2025-10-24 20:35 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-10-18 12:47 - 2025-10-18 12:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleUserPEH
2025-10-15 20:31 - 2025-10-15 20:31 - 003392169 _____ C:\Users\PF\Downloads\promods-def-v276 (1).scs
2025-10-15 17:40 - 2025-10-15 17:40 - 000035125 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-10-15 17:40 - 2025-10-15 17:40 - 000035125 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-10-14 19:16 - 2025-10-14 19:17 - 2726015168 _____ C:\Users\PF\Downloads\Yellowstone+S02E04+CZdab.mkv
2025-10-12 20:31 - 2025-10-12 20:31 - 109187637 _____ C:\Users\PF\Downloads\fhm4_17-18_logos.rar
2025-10-12 20:22 - 2025-10-12 20:22 - 000000223 _____ C:\Users\PF\Desktop\Franchise Hockey Manager 11.url
2025-10-12 20:21 - 2025-10-12 20:21 - 784144248 _____ C:\Users\PF\Downloads\Yellowstone+S02E03+-+Pach+zoufalství+(2019)+western+czdab.mkv
2025-10-11 13:32 - 2025-10-11 13:32 - 000000000 ____D C:\Users\PF\Downloads\promods-tgs-v141.7z
2025-10-11 10:55 - 2025-10-11 13:08 - 2789472069 _____ C:\Users\PF\Downloads\Yellowstone S02E02 CZ Dab.mkv
2025-10-09 17:55 - 2025-10-09 17:55 - 236385500 _____ C:\Users\PF\Downloads\promods-tgs-v141.7z.003
2025-10-09 17:45 - 2025-10-09 17:45 - 262144000 _____ C:\Users\PF\Downloads\promods-tgs-v141.7z.002
2025-10-09 17:25 - 2025-10-09 17:36 - 262144000 _____ C:\Users\PF\Downloads\promods-tgs-v141.7z.001
2025-10-09 17:07 - 2025-10-09 17:07 - 266339955 _____ C:\Users\PF\Downloads\promods-tcp-v156.7z
2025-10-09 16:59 - 2025-10-09 17:00 - 197232432 _____ C:\Users\PF\Downloads\promods-me-v276.7z
2025-10-09 16:50 - 2025-10-09 16:50 - 002340445 _____ C:\Users\PF\Downloads\promods-cap-v156.7z
2025-10-07 17:44 - 2025-10-07 17:44 - 000000000 ____D C:\Users\PF\AppData\Roaming\Pro Cycling Manager 2017
2025-10-07 17:32 - 2025-10-07 17:32 - 005273389 _____ C:\Users\PF\Documents\ProCyclist_1.cdb
2025-10-07 17:21 - 2025-10-07 17:21 - 005272969 _____ C:\Users\PF\Documents\ProCyclist_2.cdb
2025-10-07 16:38 - 2025-10-07 17:26 - 000000000 ____D C:\Users\PF\AppData\Local\Deployment
2025-10-05 13:31 - 2025-10-05 13:31 - 003392169 _____ C:\Users\PF\Downloads\promods-def-v276.scs
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-10-24 20:47 - 2024-11-12 22:39 - 000000000 ____D C:\FRST
2025-10-24 20:45 - 2025-03-29 14:50 - 000000000 ____D C:\Users\PF\AppData\Local\Malwarebytes
2025-10-24 20:45 - 2024-09-07 13:17 - 000000000 ____D C:\Program Files (x86)\Steam
2025-10-24 20:43 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-10-24 20:40 - 2025-08-17 09:47 - 000000000 ____D C:\Users\PF\AppData\Roaming\utorrent
2025-10-24 20:40 - 2025-02-26 18:42 - 000000000 ____D C:\WINDOWS\Minidump
2025-10-24 20:40 - 2025-02-14 17:34 - 000000000 ___DC C:\WINDOWS\Panther
2025-10-24 20:40 - 2024-12-10 19:30 - 000000000 ____D C:\Users\PF\AppData\Local\CrashDumps
2025-10-24 20:40 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2025-10-24 20:39 - 2025-02-14 20:03 - 000003382 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2025-10-24 20:39 - 2024-09-07 14:27 - 000000670 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2025-10-24 20:39 - 2024-09-07 14:27 - 000000000 ____D C:\Program Files\CCleaner
2025-10-24 20:38 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-10-24 20:35 - 2025-02-14 20:02 - 000050808 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-10-24 20:35 - 2024-09-06 12:37 - 000000000 ____D C:\Users\PF\AppData\Roaming\asus_framework
2025-10-24 20:34 - 2025-02-14 20:03 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-10-24 20:34 - 2024-09-06 16:41 - 000901328 _____ () C:\WINDOWS\system32\wpbbin.exe
2025-10-24 20:34 - 2024-09-06 16:41 - 000845256 _____ C:\WINDOWS\system32\AsusUpdateCheck.exe
2025-10-24 20:34 - 2024-09-06 16:41 - 000012288 ___SH C:\DumpStack.log.tmp
2025-10-24 20:34 - 2024-09-06 10:52 - 000000000 ____D C:\ProgramData\NVIDIA
2025-10-24 20:34 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-10-24 20:34 - 2024-04-01 09:21 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2025-10-24 17:14 - 2025-04-27 13:26 - 000000000 ____D C:\Users\PF\AppData\Roaming\vlc
2025-10-24 11:24 - 2024-09-06 10:52 - 000000000 ____D C:\Program Files\ASUS
2025-10-24 10:22 - 2024-04-01 09:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-10-23 20:18 - 2024-09-06 16:43 - 000000000 ____D C:\Users\PF\AppData\Local\D3DSCache
2025-10-22 17:26 - 2024-09-06 16:41 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-10-22 17:26 - 2024-09-06 16:41 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2025-10-22 17:24 - 2024-04-01 09:21 - 000065536 _____ C:\WINDOWS\system32\config\ELAM
2025-10-20 19:37 - 2025-02-18 17:03 - 000003558 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-4128302332-195506509-195615000-1001
2025-10-20 19:37 - 2025-02-14 20:03 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4128302332-195506509-195615000-1001
2025-10-20 19:37 - 2025-02-14 20:03 - 000003370 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4128302332-195506509-195615000-1001
2025-10-20 19:37 - 2024-09-06 16:45 - 000002370 _____ C:\Users\PF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-10-18 20:32 - 2025-02-14 20:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-10-18 17:37 - 2025-03-16 12:12 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-10-18 17:37 - 2025-03-16 12:12 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2025-10-15 20:50 - 2025-02-14 20:00 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2025-10-15 20:50 - 2024-04-01 09:24 - 000000000 ____D C:\WINDOWS\INF
2025-10-15 20:48 - 2025-02-14 20:00 - 000324192 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-10-15 20:48 - 2024-04-01 18:31 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2025-10-15 20:48 - 2024-04-01 18:30 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\UUS
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\setup
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\migwiz
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\Provisioning
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\BrowserCore
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-10-15 20:48 - 2024-04-01 09:21 - 000000000 ____D C:\WINDOWS\servicing
2025-10-15 20:47 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\USOPrivate
2025-10-15 20:30 - 2024-09-17 19:35 - 000000000 ____D C:\Users\PF\Documents\Euro Truck Simulator 2
2025-10-15 20:06 - 2024-09-06 11:05 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-10-15 20:05 - 2024-09-06 11:05 - 214534944 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-10-15 17:40 - 2025-02-14 20:03 - 003276800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-10-13 20:39 - 2024-09-30 18:49 - 000000000 ____D C:\Users\PF\AppData\Roaming\Pro Cycling Manager 2023
2025-10-12 20:22 - 2024-09-07 13:38 - 000000000 ____D C:\Users\PF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2025-10-12 20:20 - 2025-02-14 20:03 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-10-12 20:20 - 2025-02-14 20:03 - 000003514 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-10-12 11:17 - 2025-02-14 18:05 - 000000000 ____D C:\Users\PF
2025-10-11 14:48 - 2024-09-07 16:56 - 000000000 ____D C:\Users\PF\Documents\American Truck Simulator
2025-10-10 21:32 - 2024-09-26 19:21 - 000000000 ____D C:\Users\PF\AppData\Roaming\WeMod
2025-10-05 19:37 - 2025-03-29 14:50 - 000244800 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2025-10-03 20:54 - 2024-09-26 19:21 - 000002184 _____ C:\Users\PF\Desktop\WeMod.lnk
2025-10-03 20:54 - 2024-09-26 19:21 - 000000000 ____D C:\Users\PF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WeMod
2025-10-03 20:54 - 2024-09-26 19:21 - 000000000 ____D C:\Users\PF\AppData\Local\WeMod
2025-10-03 20:54 - 2024-09-26 19:21 - 000000000 ____D C:\Users\PF\AppData\Local\SquirrelTemp
2025-10-02 16:58 - 2025-02-22 09:12 - 000000000 ____D C:\EHM soupiska
2025-10-01 17:00 - 2024-09-26 16:32 - 000000000 ____D C:\Users\PF\AppData\Roaming\XnViewMP
2025-09-28 19:33 - 2025-04-01 15:31 - 000003834 _____ C:\WINDOWS\system32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2025-09-28 19:33 - 2025-04-01 15:31 - 000001430 _____ C:\Users\Public\Desktop\NVIDIA App.lnk
2025-09-28 19:33 - 2024-09-12 20:22 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2025-09-28 19:33 - 2024-09-06 12:30 - 000000000 ____D C:\Users\PF\AppData\Local\NVIDIA Corporation
2025-09-28 15:40 - 2024-11-05 19:03 - 000000000 ____D C:\Users\PF\AppData\Roaming\discord
2025-09-28 14:57 - 2025-03-31 20:00 - 000000000 ____D C:\Users\PF\AppData\Local\Discord
2025-09-28 14:56 - 2024-11-05 19:03 - 000002228 _____ C:\Users\PF\Desktop\Discord.lnk
2025-09-27 09:02 - 2024-11-05 19:16 - 000000000 ____D C:\Games
2025-09-27 09:02 - 2024-11-05 19:15 - 000000000 ____D C:\Users\PF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net
2025-09-26 16:42 - 2025-02-14 20:03 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
==================== Files in the root of some directories ========
2023-12-14 20:14 - 2023-12-14 20:14 - 000000272 _____ () C:\ProgramData\fontcacheev1.dat
2025-05-20 18:10 - 2025-05-20 18:10 - 000001536 _____ () C:\Users\PF\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-10-2025
Ran by PF (24-10-2025 20:48:07)
Running from C:\Users\PF\Downloads
Microsoft Windows 11 Pro Version 24H2 26100.6899 (X64) (2025-02-15 06:56:46)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-4128302332-195506509-195615000-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4128302332-195506509-195615000-503 - Limited - Disabled)
Guest (S-1-5-21-4128302332-195506509-195615000-501 - Limited - Disabled)
PF (S-1-5-21-4128302332-195506509-195615000-1001 - Administrator - Enabled) => C:\Users\PF
WDAGUtilityAccount (S-1-5-21-4128302332-195506509-195615000-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Bitdefender Antivirus (Enabled - Up to date) {0F59B032-EA77-E3A8-2382-74A4346E5522}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Photoshop 2023 (HKLM-x32\...\PHSP_24_2) (Version: 24.2.0.315 - Adobe Inc.)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.133 - Advanced Micro Devices, Inc.) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 6.06.11.2153 - Advanced Micro Devices, Inc.)
AMD PPM Provisioning File Driver (HKLM-x32\...\{3665A5DE-D07C-46D7-9207-713E8E9FEF32}) (Version: 8.0.0.32 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.28.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.44 - Advanced Micro Devices, Inc.) Hidden
AMD_Chipset_Drivers (HKLM-x32\...\{f738e81d-6f36-4eae-83b9-c4a2d7d7a868}) (Version: 6.06.11.2153 - Advanced Micro Devices, Inc.) Hidden
AniMe Matrix MB EN (HKLM\...\{399B6DA7-B609-426E-95F8-B9A83FB7D06E}) (Version: 1.0.1 - ASUS)
ANT Drivers Installer x64 (HKLM\...\{69444F98-CC1E-4795-8F8A-60BE6AF51F0F}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
ARMOURY CRATE Lite Service (HKLM\...\{EF3944FF-2501-4568-B15C-5701E726719E}) (Version: 5.9.14 - ASUS)
ASUS AIOFan HAL (HKLM\...\{EAE80DED-1A39-41C5-9F60-87CC947F6454}) (Version: 1.3.3.1 - ASUSTek COMPUTER INC.) Hidden
ASUS AIOFan HAL (HKLM-x32\...\{aaf11245-1248-47ad-9203-e7573aa8e596}) (Version: 1.3.3.1 - ASUSTek COMPUTER INC.) Hidden
ASUS Ambient HAL (HKLM\...\{49D5558A-B837-4930-AB87-8855AEF52283}) (Version: 3.4.0.0 - ASUSTeK COMPUTER INC.) Hidden
ASUS Ambient HAL (HKLM-x32\...\{8d854dcd-ab31-4eb2-af67-e1f77a71c262}) (Version: 3.4.0.0 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM\...\{237E1CAC-1708-4940-AC34-DF15C079AB70}) (Version: 1.1.0.20 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\...\{49c4358d-054e-4cf1-9ec1-dca3487f304a}) (Version: 1.1.0.20 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM\...\{359B9A9D-A289-4962-BCE2-13EBFD50D532}) (Version: 1.5.0.1 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM-x32\...\{2d085e57-a3d6-425f-a8d9-493bfb3649c4}) (Version: 1.5.0.1 - ASUSTeK COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.04.46 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA VGA Component (HKLM\...\{71BB96A6-EAC4-45AE-A17D-D3ED43FF1D14}) (Version: 0.0.7.0 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA VGA Component (HKLM-x32\...\{20fc0fa3-6bf2-47fd-8cc7-09088f59b129}) (Version: 0.0.7.0 - ASUSTek COMPUTER INC. ) Hidden
ASUS Framework Service (HKLM-x32\...\{339A6383-7862-46DA-8A9D-E84180EF9424}) (Version: 4.2.0.4 - ASUSTeK Computer Inc.)
ASUS Motherboard (HKLM-x32\...\{93795eb8-bd86-4d4d-ab27-ff80f9467b37}) (Version: 4.02.32 - ASUSTek Computer Inc.)
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.141 - ASUSTeK Computer Inc.) Hidden
AURA DRAM Component (HKLM\...\{B6B3BA9B-2FA3-4B3A-9C3A-0945B89E725C}) (Version: 1.1.27 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{9983b059-3dd9-449a-80e6-bcb45c840bdf}) (Version: 1.1.27 - ASUS) Hidden
AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.44 - ASUSTek COMPUTER INC.)
AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.44 - ASUSTek COMPUTER INC.)
AURA Service (HKLM-x32\...\{56EEEF7D-0AE3-401A-898B-581719D005AE}) (Version: 3.07.54 - ASUSTeK Computer Inc.) Hidden
AURA Service (HKLM-x32\...\{5a78a7d3-44e9-4462-8796-3746f1c62cb8}) (Version: 3.07.54 - ASUSTeK Computer Inc.)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 27.1.1.14 - Bitdefender)
Bitdefender Antivirus Free (HKLM\...\Bitdefender) (Version: 27.0.41.194 - Bitdefender)
CCleaner (HKLM\...\CCleaner) (Version: 6.38 - Piriform)
Discord (HKU\S-1-5-21-4128302332-195506509-195615000-1001\...\Discord) (Version: 1.0.9187 - Discord Inc.)
ENE RGB HAL (HKLM\...\{E050E98C-5524-4AFB-9E53-97700BEF2C02}) (Version: 1.1.52.0 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{46a2a5f2-1607-498b-b6a3-194f88547c16}) (Version: 1.1.52.0 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.13.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{0d380ad9-daa5-4680-ada2-dc3ed9207e16}) (Version: 1.0.13.0 - ENE TECHNOLOGY INC.) Hidden
Epic Games Launcher Prerequisites (x64) (HKLM\...\{E81CA011-E9A8-42B8-A4C0-11F66BE56D6C}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
GameSDK Service (HKLM-x32\...\{021d69c3-d686-4a94-8fb5-fd1ee782fb14}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.)
GameSDK Service (HKLM-x32\...\{7160DA8D-3F25-4F6E-ABC8-F693551D82FA}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.) Hidden
Garmin Express (HKLM-x32\...\{12CACC17-D22C-4653-8311-2124C9941D24}) (Version: 7.26.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{a4c38753-e8fc-4f0a-bdfe-91860a26bcf9}) (Version: 7.26.0.0 - Garmin Ltd or its subsidiaries)
GIMP 2.10.38-1 (HKLM\...\GIMP-2_is1) (Version: 2.10.38 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 141.0.7390.108 - Google LLC)
Kingston AURA DRAM Component (HKLM\...\{965CDF5F-901C-476F-B3A8-7396701B1129}) (Version: 1.1.36 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{afab10dc-c1d5-45c1-ad91-fe33af8ac488}) (Version: 1.1.36 - KINGSTON COMPONENTS INC.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{60e762c3-a30e-4a24-ac32-35fc9aa84805}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 5.4.1.215 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.4.1.215 - Malwarebytes)
MediaMonkey 5 (HKLM-x32\...\MediaMonkey 5_is1) (Version: 5 - Ventis Media Inc.)
Microsoft .NET Host - 6.0.16 (x64) (HKLM\...\{1D0AC7F1-2B34-44AF-91F6-88757D768DA7}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Host - 8.0.12 (x64) (HKLM\...\{C4C6E39D-48AE-426C-960C-46ED3447DDEB}) (Version: 64.48.26165 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.16 (x64) (HKLM\...\{B8537ACA-B210-4DF5-B928-E41CEB76723D}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.12 (x64) (HKLM\...\{C9C872D5-3CA9-4E0E-AF90-1B85325F9243}) (Version: 64.48.26165 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.16 (x64) (HKLM\...\{C71E93D2-B8B4-4858-B2A1-4C967DBC1C5F}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.16 (x64) (HKLM-x32\...\{2a8d0f2b-911b-4b58-8252-46b29e7a4590}) (Version: 6.0.16.32323 - Microsoft Corporation)
Microsoft .NET Runtime - 8.0.12 (x64) (HKLM\...\{1E606649-7E56-452F-8AC4-495C70D1E341}) (Version: 64.48.26165 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 141.0.3537.92 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 141.0.3537.92 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-4128302332-195506509-195615000-1001\...\OneDriveSetup.exe) (Version: 25.184.0921.0004 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.24.25702 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.44.35211 (HKLM-x32\...\{d8bbe9f9-7c5b-42c6-b715-9ee898a2e515}) (Version: 14.44.35211.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.44.35211 (HKLM-x32\...\{0b5169e3-39da-4313-808e-1f9c0407f3bf}) (Version: 14.44.35211.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.44.35211 (HKLM\...\{86AB2CC9-08BD-4643-B0F9-F82D006D72FF}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.44.35211 (HKLM\...\{43B0D101-A022-48F4-9D04-BA404CEB1D53}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.44.35211 (HKLM-x32\...\{C18FB403-1E88-43C8-AD8A-CED50F23DE8B}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.44.35211 (HKLM-x32\...\{922480B5-CAEB-4B1B-AAA4-9716EFDCE26B}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.12 (x64) (HKLM\...\{71CD19D6-C448-4B5D-9A38-018741753290}) (Version: 64.48.26178 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.12 (x64) (HKLM-x32\...\{aafaa0cc-b975-4ffa-ba33-8690e64683c4}) (Version: 8.0.12.34404 - Microsoft Corporation)
NVIDIA App 11.0.5.245 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NvApp) (Version: 11.0.5.245 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.5.11504.36206172 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.5.11504.36206172 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.4.3.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.3.2 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 572.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 572.83 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
Paradox Launcher v2 (HKLM\...\{037127A0-71F6-4225-8051-C864AC4B66EF}) (Version: 2.4.0 - Paradox Interactive) Hidden
Paradox Launcher v2 (HKU\S-1-5-21-4128302332-195506509-195615000-1001\...\{08b7d3d2-192e-4a0a-a849-23bc8881dfb7}) (Version: 1.0.0.0 - Paradox Interactive)
Paradox Launcher v2 (HKU\S-1-5-21-4128302332-195506509-195615000-1001\...\{fbc6fc79-66e8-4119-8274-8b19b2b06859}) (Version: 1.0.0.0 - Paradox Interactive)
Patriot Viper DRAM RGB (HKLM\...\{1F9C282E-CCB4-4D8E-A5CB-7B74DFCD8C95}) (Version: 1.0.9.8 - Patriot Memory) Hidden
Patriot Viper DRAM RGB (HKLM-x32\...\{55993b50-5bec-47c8-8b2b-1aecad927e48}) (Version: 1.0.9.8 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.1.0.3 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{6e0eff60-c502-43bb-8f56-360ca07e73d9}) (Version: 1.1.0.3 - Patriot Memory) Hidden
PCM Fast Editor (HKU\S-1-5-21-4128302332-195506509-195615000-1001\...\b4e96ac10814a05a) (Version: 3.6.0.0 - PCM Fast Editor)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 3.0.1.0 - Advanced Micro Devices, Inc.) Hidden
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9448.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 11.19.0704.2024 - Realtek)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.100.2288_S01_RC6 - Rockstar Games)
Rockstar Games SDK (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.4.0.18 - Rockstar Games)
ROG FAN XPERT 4 (HKLM-x32\...\{2dfe216d-3481-4684-ad4d-2566bd7cfe4f}) (Version: 4.02.04 - ASUSTek Computer Inc.)
ROG Live Service (HKLM\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 2.4.26.0 - ASUSTek COMPUTER INC.)
ROGFontInstaller (HKLM\...\{605108C1-153E-43D8-8A67-7CE326B00ECA}) (Version: 1.0.0 - ASUS)
Sid Meiers Civilization VI (HKLM-x32\...\Sid Meiers Civilization VI_is1) (Version: 0.0.0 - DODI-Repacks)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 11.03 - Ghisler Software GmbH)
Universal Holtek RGB DRAM (HKLM\...\{826388E4-E31F-4514-948B-3BB954FB3EAF}) (Version: 1.0.0.7 - PD) Hidden
Universal Holtek RGB DRAM (HKLM-x32\...\{9a732423-e2f4-47d0-87ab-ef745c7dba69}) (Version: 1.0.0.7 - PD) Hidden
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
VGA (HKLM-x32\...\{0f87ebb7-aabb-43e5-9c5d-28744f517468}) (Version: 3.01.05 - ASUSTek Computer Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.21 - VideoLAN)
Wargaming.net Game Center (HKU\S-1-5-21-4128302332-195506509-195615000-1001\...\Wargaming.net Game Center) (Version: 25.4.0.7 - Wargaming.net)
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{e42c5874-37b0-4977-9e8d-70bf006e1f76}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
WeMod (HKU\S-1-5-21-4128302332-195506509-195615000-1001\...\WeMod) (Version: 11.6.0 - WeMod)
WinRAR 7.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.01.0 - win.rar GmbH)
XnView MP (x64) (HKLM\...\XnView MP (x64)_is1) (Version: 1.8.0.0 - Pierre-e Gougelet)
Packages:
=========
@{MicrosoftWindows.55182690.Taskbar_1000.26100.3775.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.55182690.Taskbar/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-06-13] ()
Armoury Crate -> C:\Program Files\ASUS\AacAmbientHal [2024-09-06] (Sparse Package)
Armoury Crate -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_6.3.4.0_x64__qmba6cd70vzyy [2025-09-13] (ASUSTeK COMPUTER INC.)
Balíček prostředí funkcí systému Windows -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.58683691.InpApp_cw5n1h2txyewy [2025-10-15] (Microsoft Windows)
Bitdefender CL Contextual Menu -> C:\Program Files\Bitdefender\Bitdefender Security App [2025-10-24] (Bitdefender)
DTS Audio Processing -> C:\Program Files\WindowsApps\DTSInc.DTSAudioProcessing_1.10.15.0_x64__t5j2fzbtdg37r [2024-09-06] (DTS, Inc.)
Malwarebytes Anti-Malware -> C:\Program Files\Malwarebytes\Anti-Malware [2025-10-18] ()
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.968.0_x64__56jybvy8sckqj [2025-06-11] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.40.287.0_x64__dt26b99r8h8gj [2025-01-12] (Realtek Semiconductor Corp)
WinRAR -> C:\Program Files\WinRAR [2024-09-26] (win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4128302332-195506509-195615000-1001_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> C:\Users\PF\AppData\Local\Microsoft\OneDrive\25.184.0921.0004\OneDrive.Sync.Service.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4128302332-195506509-195615000-1001_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> C:\Users\PF\AppData\Local\Microsoft\OneDrive\25.184.0921.0004\OneDrive.Sync.Service.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4128302332-195506509-195615000-1001_Classes\CLSID\{DFF20505-B08F-455B-AD70-4FBD055088E0}\localserver32 -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-4128302332-195506509-195615000-1001_Classes\CLSID\{e8f730f9-11df-438b-8df9-9fc76d2ca62d}\InprocServer32 -> C:\WINDOWS\system32\dfshim.dll (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-01-11] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-01-11] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-01-11] (Adobe Inc. -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-01-11] (Adobe Inc. -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-10-18] (Malwarebytes Inc -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9d15b9aa9e1c885b\nvshext.dll [2025-03-15] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-01-11] (Adobe Inc. -> )
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-10-18] (Malwarebytes Inc -> Malwarebytes)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [MidisrvTransferComplete] => 0
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2024-09-06 10:54 - 2024-07-03 16:49 - 000346112 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\@img\sharp-win32-ia32\lib\sharp-win32-ia32.node
2024-09-06 10:54 - 2024-08-13 15:58 - 000449536 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\ac_node_addon\build\Release\ac_node_addon.node
2025-04-01 15:31 - 2025-09-28 19:33 - 000000000 ___JL (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA App\MessageBus\NvMessageBusBroadcast.dll] C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\NvMessageBusBroadcast.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\WINDOWS\system32\Drivers\IOMap64.sys-old:BDU [1]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4128302332-195506509-195615000-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2022-05-07 07:24 - 2022-05-07 07:22 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Network ===========================
(Currently there is no automatic fix for this section.)
DNS Servers: 192.168.1.1
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: Realtek Gaming 2.5GbE Family Controller -> rt25cx21x64.sys
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4128302332-195506509-195615000-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\PF\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\LocalCache\Microsoft\IrisService\6249864642006272456\134057928911189025.jpg
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 1) (TamperProtectionSource: 5)
HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKU\S-1-5-21-4128302332-195506509-195615000-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4128302332-195506509-195615000-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-4128302332-195506509-195615000-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-4128302332-195506509-195615000-1001\...\StartupApproved\Run: => "GarminExpress"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{D6C36929-F6FE-4252-87D1-DC3A5115D97C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KingdomComeDeliverance2\Bin\Win64MasterMasterSteamPGO\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{984C40A3-75D6-43A7-ABBC-BB27827AAE5E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KingdomComeDeliverance2\Bin\Win64MasterMasterSteamPGO\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [UDP Query User{E3C17DF8-6069-4230-B13F-0A1E763FD21F}C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{A632772F-EDDF-4C3C-858C-749CA7AA4D78}C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{D6FD6E02-54E3-478A-88C2-D1309317A41C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{25887152-856E-4EF8-8E79-66C17895A311}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{57EB2D09-5971-482C-A75F-D4C792E81F39}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [{1979123E-73FB-422E-9F6A-AA041872C45D}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [{3E8E29E5-6BF4-4126-B22C-257B5AFC380B}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{2E1F4C58-6882-4B5F-A1F2-1234700D37F5}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{7373F272-6585-470E-B716-D4D66EBD9A33}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{87A85880-791D-4BF4-8516-AEF910AB4FA0}] => (Allow) C:\Users\PF\AppData\Local\Programs\Opera\opera.exe => No File
FirewallRules: [{0635BD4C-B5AB-48F5-BF1C-9DB5D0371D4C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Manor Lords\ManorLords.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{D63D66F8-E131-4062-8EE0-A3786EBFCA0B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Manor Lords\ManorLords.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{71D96FD8-CB2C-435A-BE13-EEFC9E453EF0}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24295.401.3195.9406_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7A1B2571-B421-415A-954E-F0B792F0FB53}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24295.401.3195.9406_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{65E3AF2E-D79F-4763-A3C1-21283DA39061}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [TCP Query User{980249A4-00E1-4382-A3D2-5A20CDF625E5}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [UDP Query User{82D5AFBA-9C57-44CE-B22F-C454BB5D09B8}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [TCP Query User{D90BB98D-CF6B-42BC-B97F-05B3E1826EC2}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [UDP Query User{CDDDA608-5EDB-4220-AA7B-62621774671F}C:\program files (x86)\mediamonkey 5\mediamonkeyengine.exe] => (Allow) C:\program files (x86)\mediamonkey 5\mediamonkeyengine.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [TCP Query User{FDB85482-3AF6-49E1-BBAB-6DD5B2E69774}C:\program files (x86)\mediamonkey 5\mediamonkeyengine.exe] => (Allow) C:\program files (x86)\mediamonkey 5\mediamonkeyengine.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [{67B70CD6-CF5B-426F-824F-A1DB479D8B97}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pro Cycling Manager 2023\PCM64.exe (Cyanide SAS -> Cyanide)
FirewallRules: [{031134FE-A485-4CF5-8DA9-6F0E28CE290C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pro Cycling Manager 2023\PCM64.exe (Cyanide SAS -> Cyanide)
FirewallRules: [{2F62165E-6E64-4EAE-8749-1972D05C1456}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Medieval Dynasty\Medieval_Dynasty.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{2E710ACC-7D45-4FE4-8C57-AADD9F34DE9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Medieval Dynasty\Medieval_Dynasty.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{504C5E70-6E32-48FC-948A-5D66355953BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Panzer Corps 2\Launcher.exe (Slitherine Software UK Ltd. -> Slitherine Ltd.)
FirewallRules: [{D85B7E60-5437-4359-84ED-5B72E1AC6BD2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Panzer Corps 2\Launcher.exe (Slitherine Software UK Ltd. -> Slitherine Ltd.)
FirewallRules: [{45EA564F-0DA0-487B-B4D3-5441E59E8A48}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings III\launcher\dowser.exe => No File
FirewallRules: [{B1451EE0-39B2-4632-9910-1825DFDFB24A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings III\launcher\dowser.exe => No File
FirewallRules: [{5CC3E867-12F5-429B-B330-49DF70DDC263}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Eastside Hockey Manager\ehm.exe (Sports Interactive) [File not signed]
FirewallRules: [{AA65E7D4-14EA-4B51-8C27-E367C4C9E6A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Eastside Hockey Manager\ehm.exe (Sports Interactive) [File not signed]
FirewallRules: [{8A16D8DB-D1BD-4796-BA68-63CCD972825C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{4CBA6787-97AA-4F8A-88BA-952FFA88B545}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{2BAFB6C1-6E19-4A05-881D-384BA9942971}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{14C17243-D203-48F2-854F-D0DD48A78A2E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{11EE5557-9081-41DB-A5CB-23489462EEF5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{C38C8582-3677-4065-8E88-3E1575C4FF4E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{4DE163A8-DD86-4E0B-AAB1-E60FA0044BCE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SovietRepublic\SETUPAPPLICATION SOVIET.exe (3DIVISION) [File not signed]
FirewallRules: [{DD8F66DF-52CF-42F2-968F-3D87A907D5C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SovietRepublic\SETUPAPPLICATION SOVIET.exe (3DIVISION) [File not signed]
FirewallRules: [{5DDF0042-3BD7-4132-8DAC-7B8DA641F7B9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{5A60B0A1-F1F7-453E-BF1B-8892DF04A0DD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{C91FCBCB-B0A4-4D06-B7CF-86425C79DFB2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{50367795-FC51-42F5-94CC-2CDF3249C474}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B1A76D68-6BE5-4FE4-AF61-C0C0AA9E3EF8}] => (Allow) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe (Bitdefender SRL -> Bitdefender)
FirewallRules: [{D758CF11-C373-4CAC-B584-BCA849FBBBEE}] => (Allow) C:\Users\PF\AppData\Local\Packages\B9ECED6F.ArmouryCrate_qmba6cd70vzyy\LocalState\GridUpdateFile\ASUSGCDriverUpdateClient.exe (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
FirewallRules: [{EA991BF6-88A3-4AB8-8A40-233B8BC6BECE}] => (Allow) C:\program files\asus\aacambienthal\aacambientlighting.exe (ASUSTeK COMPUTER INC. -> )
FirewallRules: [{A504A328-C504-4703-A478-4C21312922BB}] => (Allow) C:\Program Files\ASUS\AacAmbientHal\AacAmbientLighting.exe (ASUSTeK COMPUTER INC. -> )
FirewallRules: [TCP Query User{53384861-CD30-4DB7-BCE8-FE1FCF92B7FD}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{7F44CEFA-9551-4D75-83B9-7A976EB18313}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{1C8E7410-BA09-4FAC-BFF1-62A76176936E}C:\users\pf\appdata\local\wemod\app-10.16.0\wemod.exe] => (Block) C:\users\pf\appdata\local\wemod\app-10.16.0\wemod.exe => No File
FirewallRules: [UDP Query User{8B8EB390-3E45-4042-A96A-F2E6B6A1B739}C:\users\pf\appdata\local\wemod\app-10.16.0\wemod.exe] => (Block) C:\users\pf\appdata\local\wemod\app-10.16.0\wemod.exe => No File
FirewallRules: [TCP Query User{F1C86033-95EA-4CF5-8086-A42877815B66}C:\program files (x86)\steam\steamapps\common\medieval dynasty\medieval_dynasty\binaries\win64\medieval_dynasty-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\medieval dynasty\medieval_dynasty\binaries\win64\medieval_dynasty-win64-shipping.exe (Render Cube, Toplitz Productions) [File not signed]
FirewallRules: [UDP Query User{D0EDC899-FD22-4A8D-944A-1FF03936408D}C:\program files (x86)\steam\steamapps\common\medieval dynasty\medieval_dynasty\binaries\win64\medieval_dynasty-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\medieval dynasty\medieval_dynasty\binaries\win64\medieval_dynasty-win64-shipping.exe (Render Cube, Toplitz Productions) [File not signed]
FirewallRules: [{55B5F319-97E4-41B6-80F7-B5614A3668BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sengoku Dynasty\SengokuDynasty.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{315A2CD0-05E0-4A06-8EE1-3E609F32B2BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sengoku Dynasty\SengokuDynasty.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{D9FB20ED-E6F1-4D4E-8826-0F36B195F847}C:\program files (x86)\steam\steamapps\common\sengoku dynasty\sengokudynasty\binaries\win64\sengokudynasty-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\sengoku dynasty\sengokudynasty\binaries\win64\sengokudynasty-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{90B7D90F-5D2B-41D6-A3FE-AFB43C8ABEBE}C:\program files (x86)\steam\steamapps\common\sengoku dynasty\sengokudynasty\binaries\win64\sengokudynasty-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\sengoku dynasty\sengokudynasty\binaries\win64\sengokudynasty-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{5FAF7DBC-B815-44B1-B86B-D825F2484C4D}C:\program files\epic games\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe] => (Allow) C:\program files\epic games\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe => No File
FirewallRules: [UDP Query User{E8355F29-34A6-49B8-A65C-71D57256E6B1}C:\program files\epic games\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe] => (Allow) C:\program files\epic games\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe => No File
FirewallRules: [TCP Query User{903C969E-C71A-4B4E-9D73-4D1E44500E1E}C:\users\pf\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\pf\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [UDP Query User{D480083E-69E8-4B41-BB27-D0D48BFADD1E}C:\users\pf\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\pf\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [TCP Query User{2C50C7C8-4DBA-4FBC-B38E-BFA81D366788}C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\launchpad\launchpad.exe] => (Allow) C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\launchpad\launchpad.exe => No File
FirewallRules: [UDP Query User{158E490A-B4BA-491C-90D3-36531CE4CC51}C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\launchpad\launchpad.exe] => (Allow) C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\launchpad\launchpad.exe => No File
FirewallRules: [TCP Query User{D9133B11-F28A-43DF-BDB9-01B4D1D30D19}C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe] => (Allow) C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe => No File
FirewallRules: [UDP Query User{68FEDBA4-8179-40CC-80B0-E44B88963A6E}C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe] => (Allow) C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe => No File
FirewallRules: [TCP Query User{933EF013-B127-4CEF-BB55-D6BE97B8C3B9}C:\games\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe] => (Allow) C:\games\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe => No File
FirewallRules: [UDP Query User{576E0718-3876-460E-A990-248C71AD49B5}C:\games\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe] => (Allow) C:\games\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe => No File
FirewallRules: [TCP Query User{FA9A8370-F1E2-47F4-97FA-28E57CB2D378}C:\program files (x86)\dodi-repacks\sid meiers civilization vi\base\binaries\win64steam\civilizationvi.exe] => (Allow) C:\program files (x86)\dodi-repacks\sid meiers civilization vi\base\binaries\win64steam\civilizationvi.exe (Firaxis Games) [File not signed]
FirewallRules: [UDP Query User{2116A10C-56BD-4847-A9A3-F521110E83E1}C:\program files (x86)\dodi-repacks\sid meiers civilization vi\base\binaries\win64steam\civilizationvi.exe] => (Allow) C:\program files (x86)\dodi-repacks\sid meiers civilization vi\base\binaries\win64steam\civilizationvi.exe (Firaxis Games) [File not signed]
FirewallRules: [TCP Query User{F57A0A10-F406-467D-83F9-75E59DA11637}C:\users\pf\appdata\local\wemod\app-11.6.0\wemod.exe] => (Block) C:\users\pf\appdata\local\wemod\app-11.6.0\wemod.exe (WeMod LLC -> WeMod)
FirewallRules: [UDP Query User{C1DAD7DF-A6A6-4685-BA56-AC3ADA606D0F}C:\users\pf\appdata\local\wemod\app-11.6.0\wemod.exe] => (Block) C:\users\pf\appdata\local\wemod\app-11.6.0\wemod.exe (WeMod LLC -> WeMod)
FirewallRules: [{775A3C8E-BB46-4F34-BB06-2078B1AB2E9C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Franchise Hockey Manager 11\fhm11.exe (Out of the Park Developments GmbH -> Out of the Park Developments)
FirewallRules: [{7E256304-8929-487E-B0C3-C443AFD5966D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Franchise Hockey Manager 11\fhm11.exe (Out of the Park Developments GmbH -> Out of the Park Developments)
FirewallRules: [{1421A975-47C7-4333-991F-2083FBAA936F}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
18-10-2025 19:25:52 Windows Update
21-10-2025 19:53:15 Windows Update
21-10-2025 19:53:15 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (10/24/2025 08:35:24 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).
Error: (10/24/2025 08:34:18 PM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-KGQ0GUC)
Description: Název chybující aplikace: ArmourySocketServer.exe, verze: 0.1.20.18, časové razítko: 0x6721a440
Název chybujícího modulu: ArmourySocketServer.exe, verze: 0.1.20.18, časové razítko: 0x6721a440
Kód výjimky: 0xc0000409
Posun chyby: 0x00000000001201d1
ID chybujícího procesu: 0x2854
Čas spuštění chybující aplikace: 0x1dc44bf4274e44f
Cesta k chybující aplikaci: C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
ID sestavy: a73ee7cd-915c-4717-abce-959eb4ced154
Celý název chybujícího balíčku:
ID chybující aplikace relativní vzhledem k balíčku:
Error: (10/23/2025 09:18:29 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..
Error: (10/23/2025 09:18:29 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]
Error: (10/23/2025 09:18:29 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..
Error: (10/23/2025 09:18:29 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]
Error: (10/23/2025 10:58:23 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..
Error: (10/23/2025 10:58:23 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]
System errors:
=============
Error: (10/24/2025 08:34:21 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-KGQ0GUC)
Description: Server Microsoft.AAD.BrokerPlugin_1000.19580.1000.2_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider se v daném časovém limitu neregistroval u služby DCOM.
Error: (10/24/2025 08:34:20 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-KGQ0GUC)
Description: Server Microsoft.AAD.BrokerPlugin_1000.19580.1000.2_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider se v daném časovém limitu neregistroval u služby DCOM.
Error: (10/23/2025 09:02:48 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80246007): Aktualizace pro Windows Security platform – KB5007651 (verze 10.0.29429.1000).
Error: (10/22/2025 07:55:30 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9MSSGKG348SP-MicrosoftWindows.Client.WebExperience.
Error: (10/21/2025 09:07:29 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80246007): Aktualizace pro Windows Security platform – KB5007651 (verze 10.0.29429.1000).
Error: (10/21/2025 07:53:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.
Error: (10/19/2025 01:00:53 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-KGQ0GUC)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.
Error: (10/19/2025 01:00:53 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-KGQ0GUC)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.
CodeIntegrity:
===============
Date: 2025-10-24 20:37:28
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdamsi\dlls_267059357120000000\antimalware_provider64.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 1811 10/07/2023
Motherboard: ASUSTeK COMPUTER INC. TUF GAMING B650M-E
Processor: AMD Ryzen 5 7600 6-Core Processor
Percentage of memory in use: 29%
Total physical RAM: 31962.62 MB
Available physical RAM: 22531.76 MB
Total Virtual: 36570.62 MB
Available Virtual: 20695.99 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.7 GB) (Free:281.85 GB) (Model: Lexar SSD NM710 1TB) NTFS
\\?\Volume{8e9a52dd-c2b3-4862-921b-c6575b6bb6fc}\ () (Fixed) (Total:0.7 GB) (Free:0.08 GB) NTFS
\\?\Volume{ba5fbc33-b5dd-4468-b9fb-349269ef43b8}\ (Bitdefender Virtual Disk) (Fixed) (Total:0.03 GB) (Free:0.02 GB) NTFS
\\?\Volume{66ea86f7-c1d4-448b-add0-88414f6b20cc}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 32 MB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
Děkuji
prosím o kontrolu logu. Antivir zjistil škodlivé příkazové řádky a nemaže je.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-10-2025
Ran by PF (administrator) on DESKTOP-KGQ0GUC (ASUS System Product Name) (24-10-2025 20:46:55)
Running from C:\Users\PF\Downloads\FRST64.exe
Loaded Profiles: PF
Platform: Microsoft Windows 11 Pro Version 24H2 26100.6899 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe
(C:\Program Files (x86)\LightingService\LightingService.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\AacAmbientHal\AacAmbientLighting.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\Bitdefender Agent\ProductAgentService.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\27.1.1.14\DiscoverySrv.exe
(C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe
(C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\seccenter.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (S.C. BITDEFENDER S.R.L. -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\wsccommunicator.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(DriverStore\FileRepository\u0400644.inf_amd64_9691c8ee1bbfcbb7\B399690\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0400644.inf_amd64_9691c8ee1bbfcbb7\B399690\atieclxx.exe
(explorer.exe ->) (Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <14>
(explorer.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.ScreenSketch_11.2508.29.0_x64__8wekyb3d8bbwe\SnippingTool\SnippingTool.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <10>
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\PF\AppData\Local\Microsoft\OneDrive\25.184.0921.0004\OneDrive.Sync.Service.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoNotificationUx.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0400644.inf_amd64_9691c8ee1bbfcbb7\B399690\atiesrxx.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUS Inc.) C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.43\AsusFanControlService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.03.12\atkexComSvc.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\redline\bdredline.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\Safepay\bdservicehost.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe <3>
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9d15b9aa9e1c885b\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_2d0366e4f3ea0eab\RtkAudUService64.exe <2>
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x64.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Compputer Inc.) C:\Program Files\ASUS\AacMB\Aac3572MbHal_x86.exe <2>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <11>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\AacExtCard\extensionCardHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS_Aac_DRAM\Aac3572DramHal_x86.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.Edge.GameAssist_1.0.3590.0_x64__8wekyb3d8bbwe\EdgeGameAssist.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2510.1001.55.0_x64__8wekyb3d8bbwe\XboxGameBarWidgets.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2510.1001.55.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.151.0.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_7.325.10021.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_7.325.10021.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_2d0366e4f3ea0eab\RtkAudUService64.exe [1629080 2024-09-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe [1088288 2025-09-17] (Bitdefender SRL -> Bitdefender)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-4128302332-195506509-195615000-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4699288 2025-10-03] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-4128302332-195506509-195615000-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45741280 2025-07-18] (Gen Digital Inc. -> Gen Digital Inc.)
HKU\S-1-5-21-4128302332-195506509-195615000-1001\...\Run: [Discord] => C:\Users\PF\AppData\Local\Discord\Update.exe [1516408 2025-03-24] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-4128302332-195506509-195615000-1001\...\Run: [MicrosoftEdgeAutoLaunch_A0CD5F1BA373F03936A23064FB273571] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4265032 2025-10-20] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4128302332-195506509-195615000-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [29011792 2025-08-08] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKLM\...\Print\Monitors\HP E111 Status Monitor: C:\WINDOWS\system32\hpinkstsE111LM.dll [393352 2017-04-14] (Hewlett Packard -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{49210152-871f-4ffa-961d-a172abcbc09d}] -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe [2025-10-20] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\141.0.7390.108\Installer\chrmstp.exe [2025-10-18] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {A982059A-23EA-438B-8B35-E1AF72E7BFDF} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [398176 2024-10-30] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {83C6086D-0BAF-45AE-8084-67CD3B716C6F} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [1779544 2024-10-30] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {CBDEDDF0-37F4-4514-8302-A50AF150E83B} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1db003a215a1f47 => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [249192 2024-09-06] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {57C1EDDD-FFEE-4BBE-811E-DF3360E7FCC3} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [249192 2024-09-06] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {BEC8A36D-84BF-47CC-B81B-4939753FDEAD} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [152109928 2024-08-13] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {EF4F0FB0-2BB5-447B-B69A-F409169A0072} - System32\Tasks\ASUS\NoiseCancelingEngine => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe [1261928 2024-04-09] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {AE2DAFAF-A1A2-4781-8B4C-1EF8015EA871} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (No File)
Task: {F252F138-C517-4574-8AB5-C40B31060CD6} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\27.1.1.14\WatchDog.exe [1168792 2025-06-04] (Bitdefender SRL -> Bitdefender) -> C:\Program Files\Bitdefender Agent\27.1.1.14\repair
Task: {9247B0F5-05C3-4933-91FA-3337A2456AB7} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [3480504 2025-07-18] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {29C88F84-B167-418C-8C8C-A1E4A8DE1499} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [6140640 2025-07-18] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "4ca89b58-38cb-4996-aff2-2424f292af4b" --version "6.38.0.11537" --silent
Task: {4365F1BE-A23F-43EF-ABC2-771EEB48C175} - System32\Tasks\CCleanerSkipUAC - PF => C:\Program Files\CCleaner\CCleaner.exe [39575776 2025-07-18] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {17DCEBD5-8C8C-42E2-9216-BE80F0EEB994} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [31056 2025-08-08] (Garmin International, Inc. -> )
Task: {9BA43F69-2149-46E7-9B72-7CA15FDE0AAF} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem142.0.7416.0{80E59E05-AD5A-4717-9904-FF55D99A0921} => C:\Program Files (x86)\Google\GoogleUpdater\142.0.7416.0\updater.exe [6863512 2025-09-15] (Google LLC -> Google LLC)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {27CE9D59-9D48-4D29-99BC-64657AEBA494} - System32\Tasks\Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask => {8702A841-D5CA-47C3-812D-9CEDC304C200}
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {ED75C8B0-0E09-4005-9929-FD16115A9E0D} - System32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA App.exe [3323936 2025-08-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0ACBE0E6-0F9D-4CEC-A040-ECECC8F4284C} - System32\Tasks\OneDrive Startup Task-S-1-5-21-4128302332-195506509-195615000-1001 => C:\Users\PF\AppData\Local\Microsoft\OneDrive\25.184.0921.0004\OneDriveLauncher.exe [725880 2025-10-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {A2FF0B8B-C782-4A91-AD95-3C0176156139} - System32\Tasks\Opera scheduled assistant Autoupdate 1733851398 => C:\Users\PF\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe -> --scheduledtask --productiscomponent --bypasslauncher --installdir="C:\Users\PF\AppData\Local\Programs\Opera\assistant" --producttype=assistant $(Arg0)
Task: {F55514BD-254E-4EEE-8229-56D891B70C0B} - System32\Tasks\Opera scheduled Autoupdate 1733851398 => C:\Users\PF\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe --scheduledtask --bypasslauncher $(Arg0) (No File)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{70c52ebf-0f0e-4719-9910-626912d7b779}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{70c52ebf-0f0e-4719-9910-626912d7b779}: [DhcpDomain] home
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\PF\AppData\Local\Microsoft\Edge\User Data\Default [2025-10-24]
Edge Extension: (Dokumenty Google offline) - C:\Users\PF\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-09-26]
Edge Extension: (Adblock Plus - free ad blocker) - C:\Users\PF\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2025-10-22]
Edge Extension: (Edge relevant text changes) - C:\Users\PF\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-09-06]
Chrome:
=======
CHR Profile: C:\Users\PF\AppData\Local\Google\Chrome\User Data\Default [2025-10-24]
CHR Extension: (Dokumenty Google offline) - C:\Users\PF\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-10-24]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\PF\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2025-10-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PF\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2025-03-16]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe [404440 2025-02-22] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.03.12\atkexComSvc.exe [908648 2024-11-12] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [249192 2024-09-06] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [503144 2024-09-25] (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.43\AsusFanControlService.exe [1854312 2024-11-12] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [249192 2024-09-06] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 AsusUpdateCheck; C:\WINDOWS\System32\AsusUpdateCheck.exe [845256 2025-10-24] (ASUSTeK Computer Inc. -> )
R2 BDAppSrv; C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe [851704 2025-09-17] (Bitdefender SRL -> Bitdefender)
R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [852216 2025-09-17] (Bitdefender SRL -> Bitdefender)
R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [852216 2025-09-17] (Bitdefender SRL -> Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2966184 2023-07-20] (Bitdefender SRL -> Bitdefender)
R2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [2577184 2023-07-20] (Bitdefender SRL -> Bitdefender)
R2 BDSafepaySrv; C:\Program Files\Bitdefender\Bitdefender Security App\Safepay\bdservicehost.exe [852216 2025-09-17] (Bitdefender SRL -> Bitdefender)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [18663720 2024-09-07] (BattlEye Innovations e.K. -> )
R3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1080544 2025-07-18] (Gen Digital Inc. -> Gen Digital Inc.)
R2 DtsApo4Service; C:\WINDOWS\System32\DTS\PC\APO4x\DtsApo4Service.exe [243432 2024-09-06] (DTS, Inc. -> DTS Inc.)
R2 GameSDK Service; C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe [397544 2022-05-31] (ASUSTeK COMPUTER INC. -> ASUS Inc.)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [4955496 2024-08-08] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9608720 2025-09-04] (Malwarebytes Inc -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-03-29] (Malwarebytes Inc. -> Malwarebytes)
S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpDefenderCoreService.exe [1431160 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9d15b9aa9e1c885b\Display.NvContainer\NVDisplay.Container.exe [1275016 2025-03-15] (NVIDIA Corporation -> NVIDIA Corporation)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [764808 2025-06-04] (Bitdefender SRL -> Bitdefender)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [7682024 2025-01-19] (Rockstar Games, Inc. -> Rockstar Games)
R2 ROG Live Service; C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe [2125352 2024-11-22] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [803064 2025-10-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [291288 2025-09-17] (Bitdefender SRL -> Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [852216 2025-09-17] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\NisSrv.exe [3199656 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MsMpEng.exe [133704 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [56504 2024-02-27] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [27920 2024-03-26] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
R3 amduw23g; C:\WINDOWS\System32\DriverStore\FileRepository\u0400644.inf_amd64_9691c8ee1bbfcbb7\B399690\amdkmdag.sys [100084632 2024-02-27] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R1 Asusgio3; C:\Windows\system32\drivers\AsIO3.sys [58936 2024-09-24] (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.)
R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [8502336 2025-08-18] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender S.R.L. Bucharest, ROMANIA)
R3 AtcExt; C:\WINDOWS\System32\drivers\AtcExt.sys [27192 2025-08-13] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 BdDci4; C:\WINDOWS\system32\DRIVERS\bddci4.sys [1371176 2025-09-17] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [24568 2023-05-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
S3 bdprivmon; C:\WINDOWS\system32\DRIVERS\bdprivmon.sys [49200 2025-09-17] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender SRL)
S3 bduefiscan; C:\WINDOWS\system32\DRIVERS\bduefiscan.sys [53808 2025-08-13] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [573440 2025-02-14] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [204800 2025-02-14] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [110592 2025-02-14] (Microsoft Corporation) [File not signed]
R3 cpuz158; C:\WINDOWS\temp\cpuz158\cpuz158_x64.sys [44592 2025-10-24] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
R1 CTIAIO; C:\Windows\system32\drivers\CtiAIo64.sys [34920 2024-09-06] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
R1 Gemma; C:\WINDOWS\System32\DRIVERS\gemma.sys [1793112 2025-08-13] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender S.R.L. Bucharest, ROMANIA)
S3 Ignisv2; C:\WINDOWS\system32\DRIVERS\ignisv2.sys [849968 2025-09-17] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [54888 2024-09-07] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [234072 2025-10-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [22120 2025-03-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [244800 2025-10-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [19672 2023-12-10] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 rt25cx21; C:\WINDOWS\System32\DriverStore\FileRepository\rt25cx21x64.inf_amd64_8e61b4ea25373168\rt25cx21x64.sys [887776 2024-10-21] (Realtek Semiconductor Corp. -> Realtek)
R2 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [630312 2025-08-13] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R0 vlflt; C:\WINDOWS\System32\DRIVERS\vlflt.sys [1445960 2025-07-07] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [22080 2024-09-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [602392 2024-09-17] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2024-09-17] (Microsoft Windows -> Microsoft Corporation)
S3 usbscan; \SystemRoot\System32\DriverStore\FileRepository\sti.inf_amd64_971c769b103df369\usbscan.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-10-24 20:46 - 2025-10-24 20:47 - 000028047 _____ C:\Users\PF\Downloads\FRST.txt
2025-10-24 20:46 - 2025-10-24 20:46 - 002443264 _____ (Farbar) C:\Users\PF\Downloads\FRST64.exe
2025-10-24 20:37 - 2025-10-24 20:38 - 000000000 ____D C:\Users\PF\AppData\LocalLow\IGDump
2025-10-23 19:11 - 2025-10-23 21:18 - 2700247067 _____ C:\Users\PF\Downloads\Yellowstone S02E05 HD CZ dabing.mkv
2025-10-18 20:34 - 2025-10-24 20:35 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-10-18 12:47 - 2025-10-18 12:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleUserPEH
2025-10-15 20:31 - 2025-10-15 20:31 - 003392169 _____ C:\Users\PF\Downloads\promods-def-v276 (1).scs
2025-10-15 17:40 - 2025-10-15 17:40 - 000035125 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-10-15 17:40 - 2025-10-15 17:40 - 000035125 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-10-14 19:16 - 2025-10-14 19:17 - 2726015168 _____ C:\Users\PF\Downloads\Yellowstone+S02E04+CZdab.mkv
2025-10-12 20:31 - 2025-10-12 20:31 - 109187637 _____ C:\Users\PF\Downloads\fhm4_17-18_logos.rar
2025-10-12 20:22 - 2025-10-12 20:22 - 000000223 _____ C:\Users\PF\Desktop\Franchise Hockey Manager 11.url
2025-10-12 20:21 - 2025-10-12 20:21 - 784144248 _____ C:\Users\PF\Downloads\Yellowstone+S02E03+-+Pach+zoufalství+(2019)+western+czdab.mkv
2025-10-11 13:32 - 2025-10-11 13:32 - 000000000 ____D C:\Users\PF\Downloads\promods-tgs-v141.7z
2025-10-11 10:55 - 2025-10-11 13:08 - 2789472069 _____ C:\Users\PF\Downloads\Yellowstone S02E02 CZ Dab.mkv
2025-10-09 17:55 - 2025-10-09 17:55 - 236385500 _____ C:\Users\PF\Downloads\promods-tgs-v141.7z.003
2025-10-09 17:45 - 2025-10-09 17:45 - 262144000 _____ C:\Users\PF\Downloads\promods-tgs-v141.7z.002
2025-10-09 17:25 - 2025-10-09 17:36 - 262144000 _____ C:\Users\PF\Downloads\promods-tgs-v141.7z.001
2025-10-09 17:07 - 2025-10-09 17:07 - 266339955 _____ C:\Users\PF\Downloads\promods-tcp-v156.7z
2025-10-09 16:59 - 2025-10-09 17:00 - 197232432 _____ C:\Users\PF\Downloads\promods-me-v276.7z
2025-10-09 16:50 - 2025-10-09 16:50 - 002340445 _____ C:\Users\PF\Downloads\promods-cap-v156.7z
2025-10-07 17:44 - 2025-10-07 17:44 - 000000000 ____D C:\Users\PF\AppData\Roaming\Pro Cycling Manager 2017
2025-10-07 17:32 - 2025-10-07 17:32 - 005273389 _____ C:\Users\PF\Documents\ProCyclist_1.cdb
2025-10-07 17:21 - 2025-10-07 17:21 - 005272969 _____ C:\Users\PF\Documents\ProCyclist_2.cdb
2025-10-07 16:38 - 2025-10-07 17:26 - 000000000 ____D C:\Users\PF\AppData\Local\Deployment
2025-10-05 13:31 - 2025-10-05 13:31 - 003392169 _____ C:\Users\PF\Downloads\promods-def-v276.scs
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-10-24 20:47 - 2024-11-12 22:39 - 000000000 ____D C:\FRST
2025-10-24 20:45 - 2025-03-29 14:50 - 000000000 ____D C:\Users\PF\AppData\Local\Malwarebytes
2025-10-24 20:45 - 2024-09-07 13:17 - 000000000 ____D C:\Program Files (x86)\Steam
2025-10-24 20:43 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-10-24 20:40 - 2025-08-17 09:47 - 000000000 ____D C:\Users\PF\AppData\Roaming\utorrent
2025-10-24 20:40 - 2025-02-26 18:42 - 000000000 ____D C:\WINDOWS\Minidump
2025-10-24 20:40 - 2025-02-14 17:34 - 000000000 ___DC C:\WINDOWS\Panther
2025-10-24 20:40 - 2024-12-10 19:30 - 000000000 ____D C:\Users\PF\AppData\Local\CrashDumps
2025-10-24 20:40 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2025-10-24 20:39 - 2025-02-14 20:03 - 000003382 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2025-10-24 20:39 - 2024-09-07 14:27 - 000000670 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2025-10-24 20:39 - 2024-09-07 14:27 - 000000000 ____D C:\Program Files\CCleaner
2025-10-24 20:38 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-10-24 20:35 - 2025-02-14 20:02 - 000050808 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-10-24 20:35 - 2024-09-06 12:37 - 000000000 ____D C:\Users\PF\AppData\Roaming\asus_framework
2025-10-24 20:34 - 2025-02-14 20:03 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-10-24 20:34 - 2024-09-06 16:41 - 000901328 _____ () C:\WINDOWS\system32\wpbbin.exe
2025-10-24 20:34 - 2024-09-06 16:41 - 000845256 _____ C:\WINDOWS\system32\AsusUpdateCheck.exe
2025-10-24 20:34 - 2024-09-06 16:41 - 000012288 ___SH C:\DumpStack.log.tmp
2025-10-24 20:34 - 2024-09-06 10:52 - 000000000 ____D C:\ProgramData\NVIDIA
2025-10-24 20:34 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-10-24 20:34 - 2024-04-01 09:21 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2025-10-24 17:14 - 2025-04-27 13:26 - 000000000 ____D C:\Users\PF\AppData\Roaming\vlc
2025-10-24 11:24 - 2024-09-06 10:52 - 000000000 ____D C:\Program Files\ASUS
2025-10-24 10:22 - 2024-04-01 09:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-10-23 20:18 - 2024-09-06 16:43 - 000000000 ____D C:\Users\PF\AppData\Local\D3DSCache
2025-10-22 17:26 - 2024-09-06 16:41 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-10-22 17:26 - 2024-09-06 16:41 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2025-10-22 17:24 - 2024-04-01 09:21 - 000065536 _____ C:\WINDOWS\system32\config\ELAM
2025-10-20 19:37 - 2025-02-18 17:03 - 000003558 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-4128302332-195506509-195615000-1001
2025-10-20 19:37 - 2025-02-14 20:03 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4128302332-195506509-195615000-1001
2025-10-20 19:37 - 2025-02-14 20:03 - 000003370 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4128302332-195506509-195615000-1001
2025-10-20 19:37 - 2024-09-06 16:45 - 000002370 _____ C:\Users\PF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-10-18 20:32 - 2025-02-14 20:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-10-18 17:37 - 2025-03-16 12:12 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-10-18 17:37 - 2025-03-16 12:12 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2025-10-15 20:50 - 2025-02-14 20:00 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2025-10-15 20:50 - 2024-04-01 09:24 - 000000000 ____D C:\WINDOWS\INF
2025-10-15 20:48 - 2025-02-14 20:00 - 000324192 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-10-15 20:48 - 2024-04-01 18:31 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2025-10-15 20:48 - 2024-04-01 18:30 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\UUS
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\setup
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\migwiz
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\Provisioning
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\BrowserCore
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-10-15 20:48 - 2024-04-01 09:21 - 000000000 ____D C:\WINDOWS\servicing
2025-10-15 20:47 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\USOPrivate
2025-10-15 20:30 - 2024-09-17 19:35 - 000000000 ____D C:\Users\PF\Documents\Euro Truck Simulator 2
2025-10-15 20:06 - 2024-09-06 11:05 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-10-15 20:05 - 2024-09-06 11:05 - 214534944 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-10-15 17:40 - 2025-02-14 20:03 - 003276800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-10-13 20:39 - 2024-09-30 18:49 - 000000000 ____D C:\Users\PF\AppData\Roaming\Pro Cycling Manager 2023
2025-10-12 20:22 - 2024-09-07 13:38 - 000000000 ____D C:\Users\PF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2025-10-12 20:20 - 2025-02-14 20:03 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-10-12 20:20 - 2025-02-14 20:03 - 000003514 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-10-12 11:17 - 2025-02-14 18:05 - 000000000 ____D C:\Users\PF
2025-10-11 14:48 - 2024-09-07 16:56 - 000000000 ____D C:\Users\PF\Documents\American Truck Simulator
2025-10-10 21:32 - 2024-09-26 19:21 - 000000000 ____D C:\Users\PF\AppData\Roaming\WeMod
2025-10-05 19:37 - 2025-03-29 14:50 - 000244800 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2025-10-03 20:54 - 2024-09-26 19:21 - 000002184 _____ C:\Users\PF\Desktop\WeMod.lnk
2025-10-03 20:54 - 2024-09-26 19:21 - 000000000 ____D C:\Users\PF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WeMod
2025-10-03 20:54 - 2024-09-26 19:21 - 000000000 ____D C:\Users\PF\AppData\Local\WeMod
2025-10-03 20:54 - 2024-09-26 19:21 - 000000000 ____D C:\Users\PF\AppData\Local\SquirrelTemp
2025-10-02 16:58 - 2025-02-22 09:12 - 000000000 ____D C:\EHM soupiska
2025-10-01 17:00 - 2024-09-26 16:32 - 000000000 ____D C:\Users\PF\AppData\Roaming\XnViewMP
2025-09-28 19:33 - 2025-04-01 15:31 - 000003834 _____ C:\WINDOWS\system32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2025-09-28 19:33 - 2025-04-01 15:31 - 000001430 _____ C:\Users\Public\Desktop\NVIDIA App.lnk
2025-09-28 19:33 - 2024-09-12 20:22 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2025-09-28 19:33 - 2024-09-06 12:30 - 000000000 ____D C:\Users\PF\AppData\Local\NVIDIA Corporation
2025-09-28 15:40 - 2024-11-05 19:03 - 000000000 ____D C:\Users\PF\AppData\Roaming\discord
2025-09-28 14:57 - 2025-03-31 20:00 - 000000000 ____D C:\Users\PF\AppData\Local\Discord
2025-09-28 14:56 - 2024-11-05 19:03 - 000002228 _____ C:\Users\PF\Desktop\Discord.lnk
2025-09-27 09:02 - 2024-11-05 19:16 - 000000000 ____D C:\Games
2025-09-27 09:02 - 2024-11-05 19:15 - 000000000 ____D C:\Users\PF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net
2025-09-26 16:42 - 2025-02-14 20:03 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
==================== Files in the root of some directories ========
2023-12-14 20:14 - 2023-12-14 20:14 - 000000272 _____ () C:\ProgramData\fontcacheev1.dat
2025-05-20 18:10 - 2025-05-20 18:10 - 000001536 _____ () C:\Users\PF\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-10-2025
Ran by PF (24-10-2025 20:48:07)
Running from C:\Users\PF\Downloads
Microsoft Windows 11 Pro Version 24H2 26100.6899 (X64) (2025-02-15 06:56:46)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-4128302332-195506509-195615000-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4128302332-195506509-195615000-503 - Limited - Disabled)
Guest (S-1-5-21-4128302332-195506509-195615000-501 - Limited - Disabled)
PF (S-1-5-21-4128302332-195506509-195615000-1001 - Administrator - Enabled) => C:\Users\PF
WDAGUtilityAccount (S-1-5-21-4128302332-195506509-195615000-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Bitdefender Antivirus (Enabled - Up to date) {0F59B032-EA77-E3A8-2382-74A4346E5522}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Photoshop 2023 (HKLM-x32\...\PHSP_24_2) (Version: 24.2.0.315 - Adobe Inc.)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.133 - Advanced Micro Devices, Inc.) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 6.06.11.2153 - Advanced Micro Devices, Inc.)
AMD PPM Provisioning File Driver (HKLM-x32\...\{3665A5DE-D07C-46D7-9207-713E8E9FEF32}) (Version: 8.0.0.32 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.28.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.44 - Advanced Micro Devices, Inc.) Hidden
AMD_Chipset_Drivers (HKLM-x32\...\{f738e81d-6f36-4eae-83b9-c4a2d7d7a868}) (Version: 6.06.11.2153 - Advanced Micro Devices, Inc.) Hidden
AniMe Matrix MB EN (HKLM\...\{399B6DA7-B609-426E-95F8-B9A83FB7D06E}) (Version: 1.0.1 - ASUS)
ANT Drivers Installer x64 (HKLM\...\{69444F98-CC1E-4795-8F8A-60BE6AF51F0F}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
ARMOURY CRATE Lite Service (HKLM\...\{EF3944FF-2501-4568-B15C-5701E726719E}) (Version: 5.9.14 - ASUS)
ASUS AIOFan HAL (HKLM\...\{EAE80DED-1A39-41C5-9F60-87CC947F6454}) (Version: 1.3.3.1 - ASUSTek COMPUTER INC.) Hidden
ASUS AIOFan HAL (HKLM-x32\...\{aaf11245-1248-47ad-9203-e7573aa8e596}) (Version: 1.3.3.1 - ASUSTek COMPUTER INC.) Hidden
ASUS Ambient HAL (HKLM\...\{49D5558A-B837-4930-AB87-8855AEF52283}) (Version: 3.4.0.0 - ASUSTeK COMPUTER INC.) Hidden
ASUS Ambient HAL (HKLM-x32\...\{8d854dcd-ab31-4eb2-af67-e1f77a71c262}) (Version: 3.4.0.0 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM\...\{237E1CAC-1708-4940-AC34-DF15C079AB70}) (Version: 1.1.0.20 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\...\{49c4358d-054e-4cf1-9ec1-dca3487f304a}) (Version: 1.1.0.20 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM\...\{359B9A9D-A289-4962-BCE2-13EBFD50D532}) (Version: 1.5.0.1 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM-x32\...\{2d085e57-a3d6-425f-a8d9-493bfb3649c4}) (Version: 1.5.0.1 - ASUSTeK COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.04.46 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA VGA Component (HKLM\...\{71BB96A6-EAC4-45AE-A17D-D3ED43FF1D14}) (Version: 0.0.7.0 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA VGA Component (HKLM-x32\...\{20fc0fa3-6bf2-47fd-8cc7-09088f59b129}) (Version: 0.0.7.0 - ASUSTek COMPUTER INC. ) Hidden
ASUS Framework Service (HKLM-x32\...\{339A6383-7862-46DA-8A9D-E84180EF9424}) (Version: 4.2.0.4 - ASUSTeK Computer Inc.)
ASUS Motherboard (HKLM-x32\...\{93795eb8-bd86-4d4d-ab27-ff80f9467b37}) (Version: 4.02.32 - ASUSTek Computer Inc.)
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.141 - ASUSTeK Computer Inc.) Hidden
AURA DRAM Component (HKLM\...\{B6B3BA9B-2FA3-4B3A-9C3A-0945B89E725C}) (Version: 1.1.27 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{9983b059-3dd9-449a-80e6-bcb45c840bdf}) (Version: 1.1.27 - ASUS) Hidden
AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.44 - ASUSTek COMPUTER INC.)
AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.44 - ASUSTek COMPUTER INC.)
AURA Service (HKLM-x32\...\{56EEEF7D-0AE3-401A-898B-581719D005AE}) (Version: 3.07.54 - ASUSTeK Computer Inc.) Hidden
AURA Service (HKLM-x32\...\{5a78a7d3-44e9-4462-8796-3746f1c62cb8}) (Version: 3.07.54 - ASUSTeK Computer Inc.)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 27.1.1.14 - Bitdefender)
Bitdefender Antivirus Free (HKLM\...\Bitdefender) (Version: 27.0.41.194 - Bitdefender)
CCleaner (HKLM\...\CCleaner) (Version: 6.38 - Piriform)
Discord (HKU\S-1-5-21-4128302332-195506509-195615000-1001\...\Discord) (Version: 1.0.9187 - Discord Inc.)
ENE RGB HAL (HKLM\...\{E050E98C-5524-4AFB-9E53-97700BEF2C02}) (Version: 1.1.52.0 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{46a2a5f2-1607-498b-b6a3-194f88547c16}) (Version: 1.1.52.0 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.13.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{0d380ad9-daa5-4680-ada2-dc3ed9207e16}) (Version: 1.0.13.0 - ENE TECHNOLOGY INC.) Hidden
Epic Games Launcher Prerequisites (x64) (HKLM\...\{E81CA011-E9A8-42B8-A4C0-11F66BE56D6C}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
GameSDK Service (HKLM-x32\...\{021d69c3-d686-4a94-8fb5-fd1ee782fb14}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.)
GameSDK Service (HKLM-x32\...\{7160DA8D-3F25-4F6E-ABC8-F693551D82FA}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.) Hidden
Garmin Express (HKLM-x32\...\{12CACC17-D22C-4653-8311-2124C9941D24}) (Version: 7.26.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{a4c38753-e8fc-4f0a-bdfe-91860a26bcf9}) (Version: 7.26.0.0 - Garmin Ltd or its subsidiaries)
GIMP 2.10.38-1 (HKLM\...\GIMP-2_is1) (Version: 2.10.38 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 141.0.7390.108 - Google LLC)
Kingston AURA DRAM Component (HKLM\...\{965CDF5F-901C-476F-B3A8-7396701B1129}) (Version: 1.1.36 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{afab10dc-c1d5-45c1-ad91-fe33af8ac488}) (Version: 1.1.36 - KINGSTON COMPONENTS INC.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{60e762c3-a30e-4a24-ac32-35fc9aa84805}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 5.4.1.215 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.4.1.215 - Malwarebytes)
MediaMonkey 5 (HKLM-x32\...\MediaMonkey 5_is1) (Version: 5 - Ventis Media Inc.)
Microsoft .NET Host - 6.0.16 (x64) (HKLM\...\{1D0AC7F1-2B34-44AF-91F6-88757D768DA7}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Host - 8.0.12 (x64) (HKLM\...\{C4C6E39D-48AE-426C-960C-46ED3447DDEB}) (Version: 64.48.26165 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.16 (x64) (HKLM\...\{B8537ACA-B210-4DF5-B928-E41CEB76723D}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.12 (x64) (HKLM\...\{C9C872D5-3CA9-4E0E-AF90-1B85325F9243}) (Version: 64.48.26165 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.16 (x64) (HKLM\...\{C71E93D2-B8B4-4858-B2A1-4C967DBC1C5F}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.16 (x64) (HKLM-x32\...\{2a8d0f2b-911b-4b58-8252-46b29e7a4590}) (Version: 6.0.16.32323 - Microsoft Corporation)
Microsoft .NET Runtime - 8.0.12 (x64) (HKLM\...\{1E606649-7E56-452F-8AC4-495C70D1E341}) (Version: 64.48.26165 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 141.0.3537.92 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 141.0.3537.92 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-4128302332-195506509-195615000-1001\...\OneDriveSetup.exe) (Version: 25.184.0921.0004 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.24.25702 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.44.35211 (HKLM-x32\...\{d8bbe9f9-7c5b-42c6-b715-9ee898a2e515}) (Version: 14.44.35211.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.44.35211 (HKLM-x32\...\{0b5169e3-39da-4313-808e-1f9c0407f3bf}) (Version: 14.44.35211.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.44.35211 (HKLM\...\{86AB2CC9-08BD-4643-B0F9-F82D006D72FF}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.44.35211 (HKLM\...\{43B0D101-A022-48F4-9D04-BA404CEB1D53}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.44.35211 (HKLM-x32\...\{C18FB403-1E88-43C8-AD8A-CED50F23DE8B}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.44.35211 (HKLM-x32\...\{922480B5-CAEB-4B1B-AAA4-9716EFDCE26B}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.12 (x64) (HKLM\...\{71CD19D6-C448-4B5D-9A38-018741753290}) (Version: 64.48.26178 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.12 (x64) (HKLM-x32\...\{aafaa0cc-b975-4ffa-ba33-8690e64683c4}) (Version: 8.0.12.34404 - Microsoft Corporation)
NVIDIA App 11.0.5.245 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NvApp) (Version: 11.0.5.245 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.5.11504.36206172 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.5.11504.36206172 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.4.3.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.3.2 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 572.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 572.83 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
Paradox Launcher v2 (HKLM\...\{037127A0-71F6-4225-8051-C864AC4B66EF}) (Version: 2.4.0 - Paradox Interactive) Hidden
Paradox Launcher v2 (HKU\S-1-5-21-4128302332-195506509-195615000-1001\...\{08b7d3d2-192e-4a0a-a849-23bc8881dfb7}) (Version: 1.0.0.0 - Paradox Interactive)
Paradox Launcher v2 (HKU\S-1-5-21-4128302332-195506509-195615000-1001\...\{fbc6fc79-66e8-4119-8274-8b19b2b06859}) (Version: 1.0.0.0 - Paradox Interactive)
Patriot Viper DRAM RGB (HKLM\...\{1F9C282E-CCB4-4D8E-A5CB-7B74DFCD8C95}) (Version: 1.0.9.8 - Patriot Memory) Hidden
Patriot Viper DRAM RGB (HKLM-x32\...\{55993b50-5bec-47c8-8b2b-1aecad927e48}) (Version: 1.0.9.8 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.1.0.3 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{6e0eff60-c502-43bb-8f56-360ca07e73d9}) (Version: 1.1.0.3 - Patriot Memory) Hidden
PCM Fast Editor (HKU\S-1-5-21-4128302332-195506509-195615000-1001\...\b4e96ac10814a05a) (Version: 3.6.0.0 - PCM Fast Editor)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 3.0.1.0 - Advanced Micro Devices, Inc.) Hidden
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9448.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 11.19.0704.2024 - Realtek)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.100.2288_S01_RC6 - Rockstar Games)
Rockstar Games SDK (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.4.0.18 - Rockstar Games)
ROG FAN XPERT 4 (HKLM-x32\...\{2dfe216d-3481-4684-ad4d-2566bd7cfe4f}) (Version: 4.02.04 - ASUSTek Computer Inc.)
ROG Live Service (HKLM\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 2.4.26.0 - ASUSTek COMPUTER INC.)
ROGFontInstaller (HKLM\...\{605108C1-153E-43D8-8A67-7CE326B00ECA}) (Version: 1.0.0 - ASUS)
Sid Meiers Civilization VI (HKLM-x32\...\Sid Meiers Civilization VI_is1) (Version: 0.0.0 - DODI-Repacks)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 11.03 - Ghisler Software GmbH)
Universal Holtek RGB DRAM (HKLM\...\{826388E4-E31F-4514-948B-3BB954FB3EAF}) (Version: 1.0.0.7 - PD) Hidden
Universal Holtek RGB DRAM (HKLM-x32\...\{9a732423-e2f4-47d0-87ab-ef745c7dba69}) (Version: 1.0.0.7 - PD) Hidden
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
VGA (HKLM-x32\...\{0f87ebb7-aabb-43e5-9c5d-28744f517468}) (Version: 3.01.05 - ASUSTek Computer Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.21 - VideoLAN)
Wargaming.net Game Center (HKU\S-1-5-21-4128302332-195506509-195615000-1001\...\Wargaming.net Game Center) (Version: 25.4.0.7 - Wargaming.net)
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{e42c5874-37b0-4977-9e8d-70bf006e1f76}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
WeMod (HKU\S-1-5-21-4128302332-195506509-195615000-1001\...\WeMod) (Version: 11.6.0 - WeMod)
WinRAR 7.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.01.0 - win.rar GmbH)
XnView MP (x64) (HKLM\...\XnView MP (x64)_is1) (Version: 1.8.0.0 - Pierre-e Gougelet)
Packages:
=========
@{MicrosoftWindows.55182690.Taskbar_1000.26100.3775.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.55182690.Taskbar/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-06-13] ()
Armoury Crate -> C:\Program Files\ASUS\AacAmbientHal [2024-09-06] (Sparse Package)
Armoury Crate -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_6.3.4.0_x64__qmba6cd70vzyy [2025-09-13] (ASUSTeK COMPUTER INC.)
Balíček prostředí funkcí systému Windows -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.58683691.InpApp_cw5n1h2txyewy [2025-10-15] (Microsoft Windows)
Bitdefender CL Contextual Menu -> C:\Program Files\Bitdefender\Bitdefender Security App [2025-10-24] (Bitdefender)
DTS Audio Processing -> C:\Program Files\WindowsApps\DTSInc.DTSAudioProcessing_1.10.15.0_x64__t5j2fzbtdg37r [2024-09-06] (DTS, Inc.)
Malwarebytes Anti-Malware -> C:\Program Files\Malwarebytes\Anti-Malware [2025-10-18] ()
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.968.0_x64__56jybvy8sckqj [2025-06-11] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.40.287.0_x64__dt26b99r8h8gj [2025-01-12] (Realtek Semiconductor Corp)
WinRAR -> C:\Program Files\WinRAR [2024-09-26] (win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4128302332-195506509-195615000-1001_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> C:\Users\PF\AppData\Local\Microsoft\OneDrive\25.184.0921.0004\OneDrive.Sync.Service.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4128302332-195506509-195615000-1001_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> C:\Users\PF\AppData\Local\Microsoft\OneDrive\25.184.0921.0004\OneDrive.Sync.Service.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4128302332-195506509-195615000-1001_Classes\CLSID\{DFF20505-B08F-455B-AD70-4FBD055088E0}\localserver32 -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-4128302332-195506509-195615000-1001_Classes\CLSID\{e8f730f9-11df-438b-8df9-9fc76d2ca62d}\InprocServer32 -> C:\WINDOWS\system32\dfshim.dll (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-01-11] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-01-11] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-01-11] (Adobe Inc. -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-01-11] (Adobe Inc. -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-10-18] (Malwarebytes Inc -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9d15b9aa9e1c885b\nvshext.dll [2025-03-15] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-01-11] (Adobe Inc. -> )
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-10-18] (Malwarebytes Inc -> Malwarebytes)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [MidisrvTransferComplete] => 0
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2024-09-06 10:54 - 2024-07-03 16:49 - 000346112 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\@img\sharp-win32-ia32\lib\sharp-win32-ia32.node
2024-09-06 10:54 - 2024-08-13 15:58 - 000449536 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\ac_node_addon\build\Release\ac_node_addon.node
2025-04-01 15:31 - 2025-09-28 19:33 - 000000000 ___JL (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA App\MessageBus\NvMessageBusBroadcast.dll] C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\NvMessageBusBroadcast.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\WINDOWS\system32\Drivers\IOMap64.sys-old:BDU [1]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4128302332-195506509-195615000-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2022-05-07 07:24 - 2022-05-07 07:22 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Network ===========================
(Currently there is no automatic fix for this section.)
DNS Servers: 192.168.1.1
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: Realtek Gaming 2.5GbE Family Controller -> rt25cx21x64.sys
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4128302332-195506509-195615000-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\PF\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\LocalCache\Microsoft\IrisService\6249864642006272456\134057928911189025.jpg
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 1) (TamperProtectionSource: 5)
HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKU\S-1-5-21-4128302332-195506509-195615000-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4128302332-195506509-195615000-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-4128302332-195506509-195615000-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-4128302332-195506509-195615000-1001\...\StartupApproved\Run: => "GarminExpress"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{D6C36929-F6FE-4252-87D1-DC3A5115D97C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KingdomComeDeliverance2\Bin\Win64MasterMasterSteamPGO\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{984C40A3-75D6-43A7-ABBC-BB27827AAE5E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KingdomComeDeliverance2\Bin\Win64MasterMasterSteamPGO\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [UDP Query User{E3C17DF8-6069-4230-B13F-0A1E763FD21F}C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{A632772F-EDDF-4C3C-858C-749CA7AA4D78}C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{D6FD6E02-54E3-478A-88C2-D1309317A41C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{25887152-856E-4EF8-8E79-66C17895A311}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{57EB2D09-5971-482C-A75F-D4C792E81F39}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [{1979123E-73FB-422E-9F6A-AA041872C45D}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [{3E8E29E5-6BF4-4126-B22C-257B5AFC380B}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{2E1F4C58-6882-4B5F-A1F2-1234700D37F5}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{7373F272-6585-470E-B716-D4D66EBD9A33}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{87A85880-791D-4BF4-8516-AEF910AB4FA0}] => (Allow) C:\Users\PF\AppData\Local\Programs\Opera\opera.exe => No File
FirewallRules: [{0635BD4C-B5AB-48F5-BF1C-9DB5D0371D4C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Manor Lords\ManorLords.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{D63D66F8-E131-4062-8EE0-A3786EBFCA0B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Manor Lords\ManorLords.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{71D96FD8-CB2C-435A-BE13-EEFC9E453EF0}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24295.401.3195.9406_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7A1B2571-B421-415A-954E-F0B792F0FB53}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24295.401.3195.9406_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{65E3AF2E-D79F-4763-A3C1-21283DA39061}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [TCP Query User{980249A4-00E1-4382-A3D2-5A20CDF625E5}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [UDP Query User{82D5AFBA-9C57-44CE-B22F-C454BB5D09B8}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [TCP Query User{D90BB98D-CF6B-42BC-B97F-05B3E1826EC2}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [UDP Query User{CDDDA608-5EDB-4220-AA7B-62621774671F}C:\program files (x86)\mediamonkey 5\mediamonkeyengine.exe] => (Allow) C:\program files (x86)\mediamonkey 5\mediamonkeyengine.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [TCP Query User{FDB85482-3AF6-49E1-BBAB-6DD5B2E69774}C:\program files (x86)\mediamonkey 5\mediamonkeyengine.exe] => (Allow) C:\program files (x86)\mediamonkey 5\mediamonkeyengine.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [{67B70CD6-CF5B-426F-824F-A1DB479D8B97}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pro Cycling Manager 2023\PCM64.exe (Cyanide SAS -> Cyanide)
FirewallRules: [{031134FE-A485-4CF5-8DA9-6F0E28CE290C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pro Cycling Manager 2023\PCM64.exe (Cyanide SAS -> Cyanide)
FirewallRules: [{2F62165E-6E64-4EAE-8749-1972D05C1456}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Medieval Dynasty\Medieval_Dynasty.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{2E710ACC-7D45-4FE4-8C57-AADD9F34DE9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Medieval Dynasty\Medieval_Dynasty.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{504C5E70-6E32-48FC-948A-5D66355953BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Panzer Corps 2\Launcher.exe (Slitherine Software UK Ltd. -> Slitherine Ltd.)
FirewallRules: [{D85B7E60-5437-4359-84ED-5B72E1AC6BD2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Panzer Corps 2\Launcher.exe (Slitherine Software UK Ltd. -> Slitherine Ltd.)
FirewallRules: [{45EA564F-0DA0-487B-B4D3-5441E59E8A48}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings III\launcher\dowser.exe => No File
FirewallRules: [{B1451EE0-39B2-4632-9910-1825DFDFB24A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings III\launcher\dowser.exe => No File
FirewallRules: [{5CC3E867-12F5-429B-B330-49DF70DDC263}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Eastside Hockey Manager\ehm.exe (Sports Interactive) [File not signed]
FirewallRules: [{AA65E7D4-14EA-4B51-8C27-E367C4C9E6A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Eastside Hockey Manager\ehm.exe (Sports Interactive) [File not signed]
FirewallRules: [{8A16D8DB-D1BD-4796-BA68-63CCD972825C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{4CBA6787-97AA-4F8A-88BA-952FFA88B545}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{2BAFB6C1-6E19-4A05-881D-384BA9942971}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{14C17243-D203-48F2-854F-D0DD48A78A2E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{11EE5557-9081-41DB-A5CB-23489462EEF5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{C38C8582-3677-4065-8E88-3E1575C4FF4E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{4DE163A8-DD86-4E0B-AAB1-E60FA0044BCE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SovietRepublic\SETUPAPPLICATION SOVIET.exe (3DIVISION) [File not signed]
FirewallRules: [{DD8F66DF-52CF-42F2-968F-3D87A907D5C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SovietRepublic\SETUPAPPLICATION SOVIET.exe (3DIVISION) [File not signed]
FirewallRules: [{5DDF0042-3BD7-4132-8DAC-7B8DA641F7B9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{5A60B0A1-F1F7-453E-BF1B-8892DF04A0DD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{C91FCBCB-B0A4-4D06-B7CF-86425C79DFB2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{50367795-FC51-42F5-94CC-2CDF3249C474}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B1A76D68-6BE5-4FE4-AF61-C0C0AA9E3EF8}] => (Allow) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe (Bitdefender SRL -> Bitdefender)
FirewallRules: [{D758CF11-C373-4CAC-B584-BCA849FBBBEE}] => (Allow) C:\Users\PF\AppData\Local\Packages\B9ECED6F.ArmouryCrate_qmba6cd70vzyy\LocalState\GridUpdateFile\ASUSGCDriverUpdateClient.exe (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
FirewallRules: [{EA991BF6-88A3-4AB8-8A40-233B8BC6BECE}] => (Allow) C:\program files\asus\aacambienthal\aacambientlighting.exe (ASUSTeK COMPUTER INC. -> )
FirewallRules: [{A504A328-C504-4703-A478-4C21312922BB}] => (Allow) C:\Program Files\ASUS\AacAmbientHal\AacAmbientLighting.exe (ASUSTeK COMPUTER INC. -> )
FirewallRules: [TCP Query User{53384861-CD30-4DB7-BCE8-FE1FCF92B7FD}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{7F44CEFA-9551-4D75-83B9-7A976EB18313}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{1C8E7410-BA09-4FAC-BFF1-62A76176936E}C:\users\pf\appdata\local\wemod\app-10.16.0\wemod.exe] => (Block) C:\users\pf\appdata\local\wemod\app-10.16.0\wemod.exe => No File
FirewallRules: [UDP Query User{8B8EB390-3E45-4042-A96A-F2E6B6A1B739}C:\users\pf\appdata\local\wemod\app-10.16.0\wemod.exe] => (Block) C:\users\pf\appdata\local\wemod\app-10.16.0\wemod.exe => No File
FirewallRules: [TCP Query User{F1C86033-95EA-4CF5-8086-A42877815B66}C:\program files (x86)\steam\steamapps\common\medieval dynasty\medieval_dynasty\binaries\win64\medieval_dynasty-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\medieval dynasty\medieval_dynasty\binaries\win64\medieval_dynasty-win64-shipping.exe (Render Cube, Toplitz Productions) [File not signed]
FirewallRules: [UDP Query User{D0EDC899-FD22-4A8D-944A-1FF03936408D}C:\program files (x86)\steam\steamapps\common\medieval dynasty\medieval_dynasty\binaries\win64\medieval_dynasty-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\medieval dynasty\medieval_dynasty\binaries\win64\medieval_dynasty-win64-shipping.exe (Render Cube, Toplitz Productions) [File not signed]
FirewallRules: [{55B5F319-97E4-41B6-80F7-B5614A3668BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sengoku Dynasty\SengokuDynasty.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{315A2CD0-05E0-4A06-8EE1-3E609F32B2BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sengoku Dynasty\SengokuDynasty.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{D9FB20ED-E6F1-4D4E-8826-0F36B195F847}C:\program files (x86)\steam\steamapps\common\sengoku dynasty\sengokudynasty\binaries\win64\sengokudynasty-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\sengoku dynasty\sengokudynasty\binaries\win64\sengokudynasty-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{90B7D90F-5D2B-41D6-A3FE-AFB43C8ABEBE}C:\program files (x86)\steam\steamapps\common\sengoku dynasty\sengokudynasty\binaries\win64\sengokudynasty-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\sengoku dynasty\sengokudynasty\binaries\win64\sengokudynasty-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{5FAF7DBC-B815-44B1-B86B-D825F2484C4D}C:\program files\epic games\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe] => (Allow) C:\program files\epic games\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe => No File
FirewallRules: [UDP Query User{E8355F29-34A6-49B8-A65C-71D57256E6B1}C:\program files\epic games\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe] => (Allow) C:\program files\epic games\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe => No File
FirewallRules: [TCP Query User{903C969E-C71A-4B4E-9D73-4D1E44500E1E}C:\users\pf\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\pf\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [UDP Query User{D480083E-69E8-4B41-BB27-D0D48BFADD1E}C:\users\pf\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\pf\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [TCP Query User{2C50C7C8-4DBA-4FBC-B38E-BFA81D366788}C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\launchpad\launchpad.exe] => (Allow) C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\launchpad\launchpad.exe => No File
FirewallRules: [UDP Query User{158E490A-B4BA-491C-90D3-36531CE4CC51}C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\launchpad\launchpad.exe] => (Allow) C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\launchpad\launchpad.exe => No File
FirewallRules: [TCP Query User{D9133B11-F28A-43DF-BDB9-01B4D1D30D19}C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe] => (Allow) C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe => No File
FirewallRules: [UDP Query User{68FEDBA4-8179-40CC-80B0-E44B88963A6E}C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe] => (Allow) C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe => No File
FirewallRules: [TCP Query User{933EF013-B127-4CEF-BB55-D6BE97B8C3B9}C:\games\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe] => (Allow) C:\games\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe => No File
FirewallRules: [UDP Query User{576E0718-3876-460E-A990-248C71AD49B5}C:\games\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe] => (Allow) C:\games\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe => No File
FirewallRules: [TCP Query User{FA9A8370-F1E2-47F4-97FA-28E57CB2D378}C:\program files (x86)\dodi-repacks\sid meiers civilization vi\base\binaries\win64steam\civilizationvi.exe] => (Allow) C:\program files (x86)\dodi-repacks\sid meiers civilization vi\base\binaries\win64steam\civilizationvi.exe (Firaxis Games) [File not signed]
FirewallRules: [UDP Query User{2116A10C-56BD-4847-A9A3-F521110E83E1}C:\program files (x86)\dodi-repacks\sid meiers civilization vi\base\binaries\win64steam\civilizationvi.exe] => (Allow) C:\program files (x86)\dodi-repacks\sid meiers civilization vi\base\binaries\win64steam\civilizationvi.exe (Firaxis Games) [File not signed]
FirewallRules: [TCP Query User{F57A0A10-F406-467D-83F9-75E59DA11637}C:\users\pf\appdata\local\wemod\app-11.6.0\wemod.exe] => (Block) C:\users\pf\appdata\local\wemod\app-11.6.0\wemod.exe (WeMod LLC -> WeMod)
FirewallRules: [UDP Query User{C1DAD7DF-A6A6-4685-BA56-AC3ADA606D0F}C:\users\pf\appdata\local\wemod\app-11.6.0\wemod.exe] => (Block) C:\users\pf\appdata\local\wemod\app-11.6.0\wemod.exe (WeMod LLC -> WeMod)
FirewallRules: [{775A3C8E-BB46-4F34-BB06-2078B1AB2E9C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Franchise Hockey Manager 11\fhm11.exe (Out of the Park Developments GmbH -> Out of the Park Developments)
FirewallRules: [{7E256304-8929-487E-B0C3-C443AFD5966D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Franchise Hockey Manager 11\fhm11.exe (Out of the Park Developments GmbH -> Out of the Park Developments)
FirewallRules: [{1421A975-47C7-4333-991F-2083FBAA936F}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
18-10-2025 19:25:52 Windows Update
21-10-2025 19:53:15 Windows Update
21-10-2025 19:53:15 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (10/24/2025 08:35:24 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).
Error: (10/24/2025 08:34:18 PM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-KGQ0GUC)
Description: Název chybující aplikace: ArmourySocketServer.exe, verze: 0.1.20.18, časové razítko: 0x6721a440
Název chybujícího modulu: ArmourySocketServer.exe, verze: 0.1.20.18, časové razítko: 0x6721a440
Kód výjimky: 0xc0000409
Posun chyby: 0x00000000001201d1
ID chybujícího procesu: 0x2854
Čas spuštění chybující aplikace: 0x1dc44bf4274e44f
Cesta k chybující aplikaci: C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
ID sestavy: a73ee7cd-915c-4717-abce-959eb4ced154
Celý název chybujícího balíčku:
ID chybující aplikace relativní vzhledem k balíčku:
Error: (10/23/2025 09:18:29 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..
Error: (10/23/2025 09:18:29 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]
Error: (10/23/2025 09:18:29 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..
Error: (10/23/2025 09:18:29 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]
Error: (10/23/2025 10:58:23 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..
Error: (10/23/2025 10:58:23 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]
System errors:
=============
Error: (10/24/2025 08:34:21 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-KGQ0GUC)
Description: Server Microsoft.AAD.BrokerPlugin_1000.19580.1000.2_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider se v daném časovém limitu neregistroval u služby DCOM.
Error: (10/24/2025 08:34:20 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-KGQ0GUC)
Description: Server Microsoft.AAD.BrokerPlugin_1000.19580.1000.2_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider se v daném časovém limitu neregistroval u služby DCOM.
Error: (10/23/2025 09:02:48 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80246007): Aktualizace pro Windows Security platform – KB5007651 (verze 10.0.29429.1000).
Error: (10/22/2025 07:55:30 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9MSSGKG348SP-MicrosoftWindows.Client.WebExperience.
Error: (10/21/2025 09:07:29 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80246007): Aktualizace pro Windows Security platform – KB5007651 (verze 10.0.29429.1000).
Error: (10/21/2025 07:53:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.
Error: (10/19/2025 01:00:53 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-KGQ0GUC)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.
Error: (10/19/2025 01:00:53 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-KGQ0GUC)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.
CodeIntegrity:
===============
Date: 2025-10-24 20:37:28
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdamsi\dlls_267059357120000000\antimalware_provider64.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 1811 10/07/2023
Motherboard: ASUSTeK COMPUTER INC. TUF GAMING B650M-E
Processor: AMD Ryzen 5 7600 6-Core Processor
Percentage of memory in use: 29%
Total physical RAM: 31962.62 MB
Available physical RAM: 22531.76 MB
Total Virtual: 36570.62 MB
Available Virtual: 20695.99 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.7 GB) (Free:281.85 GB) (Model: Lexar SSD NM710 1TB) NTFS
\\?\Volume{8e9a52dd-c2b3-4862-921b-c6575b6bb6fc}\ () (Fixed) (Total:0.7 GB) (Free:0.08 GB) NTFS
\\?\Volume{ba5fbc33-b5dd-4468-b9fb-349269ef43b8}\ (Bitdefender Virtual Disk) (Fixed) (Total:0.03 GB) (Free:0.02 GB) NTFS
\\?\Volume{66ea86f7-c1d4-448b-add0-88414f6b20cc}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 32 MB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
Děkuji