VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosim zase jednou o kontrolu logu. Predem moc dekuji.

https://forum.viry.cz:443/viewtopic.php?t=160686

Stránka 1 z 1

Prosim zase jednou o kontrolu logu. Predem moc dekuji.

Napsal: 27 dub 2026 01:27
od Hejdys84
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-04-2026
Ran by hejda (administrator) on HEJDYS (ASUSTeK COMPUTER INC. ASUS TUF Gaming A15 FA506NC_FA506NC) (27-04-2026 01:23:27)
Running from C:\Users\hejda\Desktop\FRST64.exe
Loaded Profiles: hejda
Platform: Microsoft Windows 11 Home Version 25H2 26200.8246 (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe
(0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe
(453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe
(ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\GlideX\adb.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOSD.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files (x86)\LightingService\LightingService.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\AacAmbientHal\AacAmbientLighting.exe
(C:\Program Files (x86)\LightingService\LightingService.exe ->) (ASUSTeK COMPUTER INC. -> TODO: <Company name>) C:\Program Files\ASUS\AacAmbientHal\AacAmbientKeyScanner.exe
(C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA Overlay.exe <5>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA App\ShadowPlay\nvsphelper64.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\amdow.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSSrcExt.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\cncmd.exe
(C:\Program Files\WindowsApps\Microsoft.YourPhone_1.26022.64.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.26022.64.0_x64__8wekyb3d8bbwe\YourPhoneAppProxy.exe
(C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\crashpad_handler.exe <2>
(DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimization.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusHotkey.exe
(DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimization.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimizationStartupTask.exe
(DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusSoftwareManager.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe
(DriverStore\FileRepository\u0404233.inf_amd64_397a6af4950eb5ee\B402913\atiesrxx.exe ->) (AMD Test Build -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0404233.inf_amd64_397a6af4950eb5ee\B402913\atieclxx.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <9>
(services.exe ->) (AMD Test Build -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0404233.inf_amd64_397a6af4950eb5ee\B402913\atiesrxx.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUS Inc.) C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) C:\Program Files\ASUS\GlideX\GlideXRemote\GlideXRemoteService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files\ASUS\GlideX\GlideXNear\GlideXNearService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\GlideX\GlideXService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\GlideX\GlideXServiceExt.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\ASUSACCI\ArmouryCrateControlInterface.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asusptpfilter.inf_amd64_1e467870260bcd2f\AsusPTPService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\AsusAppService\AsusAppService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimization.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusSoftwareManager.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSwitch\AsusSwitch.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemAnalysis\AsusSystemAnalysis.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WSL\wslservice.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_987f8cede005f427\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <4>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_98d8c76c5f0d1f70\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a5b5950537cd134e\RtkAudUService64.exe <2>
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> WhatsApp.Root) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2613.101.0_x64__cv1g1gvanyjgm\WhatsApp.Root.exe
(svchost.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\XboxGameBarSpotify.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <4>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS Hotplug Controller\AsHotplugCtrl.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.Edge.GameAssist_1.0.3590.0_x64__8wekyb3d8bbwe\EdgeGameAssist.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Copilot\Application\mscopilot_proxy.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2604.1001.9.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.248.3.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\spaceman.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AppActions.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a5b5950537cd134e\RtkAudUService64.exe [2021320 2024-05-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [SteelSeriesGG] => C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe [20251704 2026-03-12] (GN Hearing A/S -> SteelSeries A/S)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [4148120 2026-04-12] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32\...\Run: [ASUS Smart Display Control] => C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe [178840 2024-03-29] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [14608920 2026-04-07] (GOG sp. z o.o -> GOG.com)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1008336 2026-04-23] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [5767832 2026-03-13] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2589432 2026-03-31] (Wargaming Group Limited -> Wargaming.net)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [3792032 2026-01-27] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [electron.app.Pi Network] => C:\Users\hejda\AppData\Local\Programs\pi-network-desktop\Pi Network.exe [199201592 2025-10-22] (SocialChain Inc -> Socialchain Inc.)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [RiotClient] => D:\Riot Games\Riot Client\RiotClientServices.exe [75632248 2026-04-26] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [Docker Desktop] => C:\Program Files\Docker\Docker\Docker Desktop.exe [13082544 2026-04-07] (Docker Inc -> Docker Inc.)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [MicrosoftEdgeAutoLaunch_E478EAC7BFC67F03F478E5F2D7931491] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [5026664 2026-04-24] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\...\AppCompatFlags\Custom\H3Blade.exe: [{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb] -> HoMM III Compatibility Database
HKLM\Software\...\AppCompatFlags\InstalledSDB\{62a24b39-0106-4990-90ea-3a09e9dda7a6}: [DatabasePath] -> C:\Windows\AppPatch\CustomSDB\{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb [2025-08-22]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{49210152-871f-4ffa-961d-a172abcbc09d}] -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe [3101848 2026-03-18] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\147.0.7727.103\Installer\chrmstp.exe [7429272 2026-04-22] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{ECDEB23C-E72D-F54F-081D-D2180DBF1497}] -> reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {410B4D63-12D8-4350-8F4A-E34014E8BDB6} - System32\Tasks\ASUS Hotplug Controller => C:\Program Files\ASUS\ASUS Hotplug Controller\AsHotplugCtrl.exe [208016 2024-04-08] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {ADAE697B-9848-4B6B-B869-544F532FC612} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusHotkey.exe [365064 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {889704A5-599C-40C2-AA82-B937D2F95827} - System32\Tasks\ASUS Update Checker 2.0 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusUpdateChecker.exe [852488 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {92D0D783-9E50-4AC0-8238-534D411197DD} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [359784 2024-01-15] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {0F054585-BEFC-4EB3-B450-F416C7F164B9} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [1812328 2024-01-15] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {E1B4053E-90F4-4FD6-8B4F-41D7D547725F} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [139091304 2024-04-19] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
Task: {719E5C49-92AE-4012-AD17-40F53E10A2E1} - System32\Tasks\ASUSSmartDisplayControl => C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe [178840 2024-03-29] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {3F0AD4E5-9017-4943-AE79-009EA9898A62} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemAnalysis\AsusSystemAnalysis.exe [4454920 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {B8DE8D77-5DE2-466C-A8FA-28A7FC000615} - System32\Tasks\AsusSystemDiagnosis_DriverQuality => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [1305608 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
Task: {1B0CB987-EC8F-4C09-9F3D-4A2A44055940} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem148.0.7730.0{595F8B06-08D2-4865-8F7D-5532E378B367} => C:\Program Files (x86)\Google\GoogleUpdater\148.0.7730.0\updater.exe [8459416 2026-03-12] (Google LLC -> Google LLC)
Task: {EC46F1CC-B0D4-4E08-983E-F9EF11EE6B8E} - System32\Tasks\Microsoft\Office\Office Actions Server => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ActionsServer\ActionsServer.exe [16380208 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {F178A75F-38CE-474E-BAF4-31FB056BD2EC} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28546448 2026-04-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {3DF83F57-55C6-45E5-949B-0C7AE810905A} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\opushutil.exe [73568 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {EC5D4D0B-1E6E-44BA-8850-4882A1D806BD} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28546448 2026-04-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {141D6492-8AC7-4436-BF5B-EE8F2E183B83} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [426776 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {95199692-FBC4-4D24-ADF0-63C005D1275B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [426776 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {92D30FB8-0502-4C39-A8F8-3024CCAA1602} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [1366888 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {4577BF73-D404-4AC1-A9E9-2C0F57120115} - System32\Tasks\Microsoft\Office\Office Startup Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ActionsServer\ActionsServer.exe [16380208 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {FF284009-385D-496B-AEFD-2F825AFF3F1B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {185304CA-D111-48BD-8CCA-5FEEC948BC33} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {31E8EB23-CCE6-44C5-BFAA-90B57D01590D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {62D1D874-E07F-450A-B3DF-0738B60E5CAF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {13E1DF2D-2322-4B67-9D6A-2EBEE9915C81} - System32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA App.exe [3346544 2026-04-07] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{1e830ae0-24bc-4813-841d-0138cb78e197}: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\14355535F54403: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\14355535F577966696: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\14355535F577966696F55374: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\2445D263736493D453: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\2445D263736493D453: [DhcpDomain] home
Tcpip\..\Interfaces\{e5f549ba-a1c6-454b-bee3-41a99569e0fe}: [DhcpDomain] local

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2026-01-25] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2025-12-07] (Microsoft Corporation -> Microsoft Corporation)

Edge:
=======
Edge Profile: C:\Users\hejda\AppData\Local\Microsoft\Edge\User Data\Default [2026-04-26]
Edge Extension: (VPN for Chrome: NordVPN proxy protection) - C:\Users\hejda\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2026-04-16]
Edge Extension: (Google Docs Offline) - C:\Users\hejda\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-04-23]
Edge Extension: (Edge relevant text changes) - C:\Users\hejda\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2026-03-15]
Edge HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [fjoaledfpmneenckfbpdfhkmimnjocfa]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\hejda\AppData\Local\Google\Chrome\User Data\Default [2026-04-27]
CHR DownloadDir: D:\Download
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://www.seznam.cz/"
CHR DefaultSearchURL: Default -> hxxps://thecharitych.com/search?the=QUMyZGV3cwRUUHZ2AldWcHIEVFx1cAcYVHB0BlBUdD8DU1N0cgBQUHB1TiEkCCJ7NQojAFopLDR7Sx4IHgRADzQMFV4DHS4AcFYRBRB3MSAABmslNgACdwMsAhBiIDoDNHc%3D&q={searchTerms}&source=hj
CHR DefaultSearchKeyword: Default -> yahoo.com
CHR DefaultNewTabURL: Default -> hxxps://thecharitych.com/nt?the=QUMyZGV3cwRUUHZ2AldWcHIEVFx1cAcYVHB0BlBUdD8DU1N0cgBQUHB1TiEkCCJ7NQojAFopLDR7Sx4IHgRADzQMFV4DHS4AcFYRBRB3MSAABmslNgACdwMsAhBiIDoDNHc%3D&source=hj
CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas_sfp&command={searchTerms}
CHR Extension: (VPN for Chrome: NordVPN proxy protection) - C:\Users\hejda\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2026-04-17]
CHR Extension: (Google Docs Offline) - C:\Users\hejda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-04-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\hejda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2025-08-19]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fjoaledfpmneenckfbpdfhkmimnjocfa]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ArmouryCrateControlInterface; C:\Windows\System32\ASUSACCI\ArmouryCrateControlInterface.exe [213016 2026-03-02] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe [401880 2024-05-31] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 AsusAppService; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\AsusAppService\AsusAppService.exe [1162760 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSOptimization; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimization.exe [654344 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 AsusPTPService; C:\Windows\System32\DriverStore\FileRepository\asusptpfilter.inf_amd64_1e467870260bcd2f\AsusPTPService.exe [229840 2024-09-04] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 ASUSSoftwareManager; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusSoftwareManager.exe [1422344 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSwitch; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSwitch\AsusSwitch.exe [653832 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemAnalysis\AsusSystemAnalysis.exe [4454920 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [1305608 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [3386064 2026-03-21] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13345600 2026-04-20] (Microsoft Corporation -> Microsoft Corporation)
S3 com.docker.service; C:\Program Files\Docker\Docker\com.docker.service [39344 2026-04-07] (Docker Inc -> Docker Inc.)
R2 DtsApo4Service; C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe [442368 2023-12-17] (DTS, Inc. -> DTS Inc.)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [20372640 2026-01-27] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [985896 2026-03-15] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 GalaxyClientService; \\?\C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2443288 2026-04-07] (GOG sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7656984 2026-04-07] (GOG sp. z o.o -> GOG.com)
R2 GameSDK Service; C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe [397544 2022-05-31] (ASUSTeK COMPUTER INC. -> ASUS Inc.)
R2 GlideXNearService; C:\Program Files\ASUS\GlideX\GlideXNear\GlideXNearService.exe [1825712 2025-11-13] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 GlideXRemoteService; C:\Program Files\ASUS\GlideX\GlideXRemote\GlideXRemoteService.exe [486832 2025-11-12] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​)
R2 GlideXService; C:\Program Files\ASUS\GlideX\GlideXService.exe [2985904 2025-11-13] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 GlideXServiceExt; C:\Program Files\ASUS\GlideX\GlideXServiceExt.exe [303024 2025-11-13] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [4926312 2024-05-06] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [976368 2026-04-24] (McAfee, LLC -> McAfee, LLC)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpDefenderCoreService.exe [2088128 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 MicrosoftCopilotElevationService; C:\Program Files (x86)\Microsoft\Copilot\Application\147.0.3912.84\elevation_service.exe [3602240 2026-04-23] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_98d8c76c5f0d1f70\Display.NvContainer\NVDisplay.Container.exe [1702600 2026-04-14] (NVIDIA Corporation -> NVIDIA Corporation)
R2 ROG Live Service; C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe [2045400 2024-05-13] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 SteelSeriesGGUpdateServiceProxy; C:\Program Files\SteelSeries\GG\SteelSeriesGGUpdateServiceProxy.exe [1587712 2025-03-12] (GN Hearing A/S -> )
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [55767304 2026-04-12] (Riot Games, Inc. -> Riot Games, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\NisSrv.exe [4480592 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MsMpEng.exe [290744 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 Bonjour Service; C:\Program Files\Blizzard\Bonjour Service\mDNSResponder.exe (No File)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_987f8cede005f427\amdfendrmgr.sys [36040 2024-05-09] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amduw23g; C:\Windows\System32\DriverStore\FileRepository\u0404233.inf_amd64_397a6af4950eb5ee\B402913\amdkmdag.sys [106001688 2024-06-14] (AMD Test Build -> Advanced Micro Devices, Inc.)
R2 amd_dpfc; C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_98d8c76c5f0d1f70\amd_dpfc.sys [47816 2026-04-14] (NVIDIA Corporation -> Advanced Micro Devices)
R3 AsusPTPDrv; C:\Windows\System32\DriverStore\FileRepository\asusptpfilter.inf_amd64_1e467870260bcd2f\AsusPTPFilter.sys [199632 2024-09-04] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R3 AsusSAIO; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemAnalysis\AsusSAIO.sys [51256 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R1 ATKWMIACPIIO; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusWmiAcpi.sys [50912 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [110592 2025-08-19] (Microsoft Corporation) [File not signed]
R0 fse; C:\Windows\System32\drivers\fse.sys [226688 2025-12-10] (Microsoft Windows -> Microsoft Corporation)
R3 KslD; C:\Windows\System32\drivers\wd\KslD.sys [82352 2026-03-08] (Microsoft Windows -> Microsoft Corporation)
S2 l1vhlwf; C:\Windows\System32\drivers\l1vhlwf.sys [144872 2026-04-14] (Microsoft Windows -> Microsoft Corporation)
R3 nvpcf; C:\Windows\System32\drivers\nvpcf.sys [308456 2026-02-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 ovpn-dco; C:\Windows\System32\drivers\ovpn-dco.sys [101008 2026-01-07] (WDKTestCert lev,133391533294737317 -> OpenVPN, Inc)
R3 rt68cx21; C:\Windows\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_043a02d7d5d8270f\rt68cx21x64.sys [752496 2023-08-16] (Realtek Semiconductor Corp. -> Realtek)
S3 RtkBtFilter2; C:\Windows\System32\DriverStore\FileRepository\rtkbtfilter.inf_amd64_899e279b64ed2cb5\RtkBtFilter2.sys [209640 2025-07-04] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corporation)
R3 ssdevfactory; C:\Windows\System32\drivers\ssdevfactory.sys [43568 2025-12-01] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
R3 sshid; C:\Windows\System32\drivers\sshid.sys [55856 2026-03-06] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
R3 SteelSeries_Sonar_VAD; C:\Windows\System32\DriverStore\FileRepository\steelseries-sonar-vad.inf_amd64_d2a852794d8f7bf8\SteelSeries-Sonar-VAD.sys [95912 2025-10-31] (GN Hearing A/S -> Windows (R) Win 7 DDK provider)
R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [70158624 2026-04-11] (Riot Games, Inc. -> Riot Games, Inc.)
S3 vmbusproxy; C:\Windows\system32\drivers\vmbusproxy.sys [98304 2025-08-19] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [21888 2026-04-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [647560 2026-04-14] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [100744 2026-04-14] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\Windows\System32\drivers\wintun.sys [38176 2026-03-09] (WireGuard LLC -> WireGuard LLC)
S3 WireGuard; C:\Windows\System32\drivers\wireguard.sys [489368 2026-03-09] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
U3 aswBcc; no ImagePath
U3 Avast Business Console Client Antivirus Service; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2026-04-27 01:23 - 2026-04-27 01:23 - 000036309 _____ C:\Users\hejda\Desktop\FRST.txt
2026-04-27 01:23 - 2026-04-27 01:19 - 002447360 _____ (Farbar) C:\Users\hejda\Desktop\FRST64.exe
2026-04-24 11:58 - 2026-04-26 20:21 - 000000000 ____D C:\Windows\CbsTemp
2026-04-23 00:38 - 2026-04-23 00:38 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2026-04-17 13:40 - 2026-04-17 13:40 - 000000000 ____D C:\Windows\LastGood.Tmp
2026-04-17 13:37 - 2026-04-14 14:30 - 029136584 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 028057800 _____ C:\Windows\system32\nvidia-pcc.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 021713096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 008441032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 005925064 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 005674192 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 005516456 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 005011408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 004466888 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 002421264 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 002421264 _____ C:\Windows\system32\vulkaninfo.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 002328264 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001923088 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 001923088 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 001724104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001625616 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001625616 _____ C:\Windows\system32\vulkan-1.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001621200 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 001583304 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001434640 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001434640 _____ C:\Windows\SysWOW64\vulkan-1.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001385672 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001231560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001064648 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000853704 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 000820432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000675016 _____ (NVIDIA Corporation) C:\Windows\system32\nvofapi64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000509128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvofapi.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000478928 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000469712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 000374992 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2026-04-17 13:37 - 2026-04-13 22:30 - 000162186 _____ C:\Windows\system32\nvinfo.pb
2026-04-14 21:25 - 2026-04-14 21:28 - 000000000 ___HD C:\$WinREAgent
2026-04-14 21:24 - 2026-04-14 21:24 - 000036843 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2026-04-14 21:24 - 2026-04-14 21:24 - 000036843 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2026-04-14 21:24 - 2026-04-14 21:24 - 000004575 _____ C:\Windows\system32\ResPriUHMImageList
2026-04-14 21:24 - 2026-04-14 21:24 - 000004575 _____ C:\Windows\system32\ResPriLMImageList
2026-04-14 21:24 - 2026-04-14 21:24 - 000004575 _____ C:\Windows\system32\ResPriImageList
2026-04-14 21:24 - 2026-04-14 21:24 - 000004575 _____ C:\Windows\system32\ResPriHMImageList
2026-04-14 20:33 - 2026-04-14 20:33 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2026-04-12 00:00 - 2026-04-12 00:00 - 000000000 ____D C:\Program Files (x86)\Intel
2026-04-11 23:59 - 2026-04-11 23:59 - 000000000 ____D C:\Program Files\Intel
2026-04-08 13:35 - 2026-04-08 13:35 - 000000000 ____D C:\Windows\system32\Tasks\SoftLanding
2026-04-07 12:55 - 2026-04-07 12:55 - 000002108 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Docker Desktop.lnk
2026-04-07 12:55 - 2026-04-07 12:55 - 000002102 _____ C:\Users\hejda\Desktop\Docker Desktop.lnk
2026-03-29 14:19 - 2026-03-29 14:19 - 000000000 ____D C:\Users\hejda\AppData\Local\Spotify

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2026-04-27 01:23 - 2026-02-28 00:11 - 000000000 ____D C:\FRST
2026-04-27 01:15 - 2025-08-19 18:05 - 000000000 ____D C:\Program Files (x86)\Steam
2026-04-27 01:13 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2026-04-27 01:11 - 2025-08-19 16:10 - 000000000 ____D C:\Users\hejda\AppData\Local\Battle.net
2026-04-27 00:33 - 2024-04-01 08:24 - 000000000 ____D C:\Windows\INF
2026-04-27 00:21 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SystemTemp
2026-04-27 00:03 - 2025-08-19 14:38 - 000003752 _____ C:\Windows\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2026-04-26 22:51 - 2026-03-03 20:43 - 134222904 _____ C:\Windows\392667600.dat
2026-04-26 22:51 - 2026-03-03 20:43 - 000000001 _____ C:\Windows\vgkbootstatus.dat
2026-04-26 22:49 - 2025-08-19 15:33 - 000000000 ____D C:\Users\hejda\AppData\Local\D3DSCache
2026-04-26 22:48 - 2026-03-03 20:13 - 000000000 ____D C:\ProgramData\Riot Games
2026-04-26 22:47 - 2026-03-03 20:17 - 000000000 ____D C:\Program Files\Riot Vanguard
2026-04-26 22:47 - 2026-03-03 20:14 - 000000000 ____D C:\Users\hejda\AppData\Roaming\riot-client-ux
2026-04-26 22:47 - 2026-03-03 20:14 - 000000000 ____D C:\Users\hejda\AppData\Roaming\Riot Client
2026-04-26 18:28 - 2025-03-13 01:19 - 000791266 _____ C:\Windows\system32\PerfStringBackup.INI
2026-04-26 18:26 - 2025-12-14 18:57 - 000003822 _____ C:\Windows\system32\Tasks\AsusSystemDiagnosis_DriverQuality
2026-04-26 18:21 - 2026-03-01 19:45 - 000008614 _____ C:\Windows\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2026-04-26 18:21 - 2025-09-14 22:39 - 000000000 ____D C:\Users\hejda\AppData\Roaming\Pi Network
2026-04-26 18:21 - 2025-08-19 15:43 - 000000000 ____D C:\Users\hejda\AppData\Roaming\asus_framework
2026-04-26 18:21 - 2025-03-13 01:24 - 000000000 ____D C:\Windows\system32\ASUSACCI
2026-04-26 18:21 - 2025-03-13 01:13 - 000000000 ____D C:\ProgramData\NVIDIA
2026-04-26 18:21 - 2024-05-26 10:14 - 000012288 ___SH C:\DumpStack.log.tmp
2026-04-26 18:21 - 2024-05-26 10:14 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2026-04-26 18:21 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\AppReadiness
2026-04-26 18:20 - 2024-04-01 08:21 - 000786432 _____ C:\Windows\system32\config\BBI
2026-04-26 18:10 - 2025-08-19 15:33 - 000000000 ____D C:\Users\hejda\AppData\Local\Packages
2026-04-26 18:07 - 2024-04-01 08:26 - 000000000 ___HD C:\Program Files\WindowsApps
2026-04-26 17:50 - 2024-05-26 10:14 - 000000000 ____D C:\Windows\system32\SleepStudy
2026-04-26 16:34 - 2024-05-26 10:14 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2026-04-24 10:39 - 2025-11-02 03:08 - 000000000 ____D C:\ProgramData\Whesvc
2026-04-23 23:58 - 2025-08-19 16:10 - 000000000 ____D C:\Program Files (x86)\Battle.net
2026-04-23 00:39 - 2025-08-19 18:12 - 000000000 ____D C:\Users\hejda\AppData\Local\NVIDIA
2026-04-23 00:38 - 2024-05-26 10:17 - 000000000 ____D C:\Program Files\Microsoft Office
2026-04-23 00:28 - 2025-08-19 16:58 - 000002209 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2026-04-23 00:28 - 2025-08-19 16:58 - 000002168 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2026-04-20 20:44 - 2025-08-19 15:44 - 000003576 _____ C:\Windows\system32\Tasks\OneDrive Startup Task-S-1-5-21-1589204013-1864288644-3288743639-1001
2026-04-20 20:44 - 2025-08-19 15:43 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1589204013-1864288644-3288743639-1001
2026-04-20 20:44 - 2025-08-19 15:43 - 000003362 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1589204013-1864288644-3288743639-1001
2026-04-20 20:44 - 2025-08-19 15:43 - 000002385 _____ C:\Users\hejda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2026-04-20 15:24 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\LiveKernelReports
2026-04-17 13:36 - 2025-08-19 15:43 - 000000000 ____D C:\Users\hejda\AppData\Local\NVIDIA Corporation
2026-04-15 00:58 - 2025-03-13 01:19 - 000001623 _____ C:\Windows\system32\config\VSMIDK
2026-04-15 00:56 - 2026-03-13 23:32 - 000480856 _____ C:\Windows\system32\FNTCACHE.DAT
2026-04-15 00:55 - 2025-08-19 15:24 - 000000000 ____D C:\Windows\system32\ruxim
2026-04-15 00:55 - 2024-05-26 10:54 - 000000000 ____D C:\Windows\system32\Drivers\en-GB
2026-04-15 00:55 - 2024-05-26 10:54 - 000000000 ____D C:\Windows\en-GB
2026-04-15 00:55 - 2024-04-01 09:08 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ___SD C:\Windows\SysWOW64\F12
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ___SD C:\Windows\system32\F12
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\vi-VN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ur-PK
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ug-CN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\tt-RU
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\te-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ta-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\sq-AL
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\quz-PE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\qps-plocm
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\qps-ploc
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\pa-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\or-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\oobe
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\nn-NO
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ne-NP
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\mt-MT
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\mr-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ml-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\mk-MK
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\mi-NZ
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\lo-LA
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\lb-LU
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\kok-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\kn-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\km-KH
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\kk-KZ
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ka-GE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\is-IS
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\InstallShield
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\id-ID
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\hy-AM
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\hi-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\gu-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\gl-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\gd-GB
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ga-IE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\fil-PH
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\fa-IR
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\eu-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\Dism
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\cy-GB
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ca-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\bn-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\be-BY
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\as-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\am-ET
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\af-ZA
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SystemResources
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\WinMetadata
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\vi-VN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ur-PK
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ug-CN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\tt-RU
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\te-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ta-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\sq-AL
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ShellExperiences
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\setup
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\quz-PE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\qps-plocm
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\qps-ploc
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\pa-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\or-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\oobe
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\nn-NO
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ne-NP
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\mt-MT
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\mr-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ml-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\mk-MK
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\mi-NZ
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\migwiz
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\lv-LV
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\lt-LT
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\lo-LA
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\lb-LU
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\kok-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\kn-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\km-KH
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\kk-KZ
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ka-GE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\is-IS
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\id-ID
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\hy-AM
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\hi-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\HealthAttestationClient
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\gu-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\gl-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\gd-GB
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ga-IE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\fil-PH
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\fa-IR
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\eu-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\et-EE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\es-MX
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\Dism
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\cy-GB
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ca-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\bn-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\be-BY
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\as-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\appraiser
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\am-ET
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\af-ZA
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\ShellExperiences
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\ShellComponents
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\Provisioning
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\DiagTrack
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\BrowserCore
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\bcastdvr
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\System
2026-04-15 00:55 - 2024-04-01 08:21 - 000000000 ____D C:\Windows\servicing
2026-04-14 21:34 - 2024-04-01 08:26 - 000282624 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2026-04-14 21:34 - 2024-04-01 08:26 - 000235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2026-04-14 21:24 - 2024-05-26 10:16 - 003268096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2026-04-14 21:03 - 2025-08-19 21:11 - 000000000 ____D C:\Windows\system32\MRT
2026-04-14 21:01 - 2025-08-19 21:11 - 218249592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2026-04-14 20:49 - 2025-08-19 15:32 - 000000000 ____D C:\Users\hejda\AppData\Local\PlaceholderTileLogoFolder
2026-04-14 20:49 - 2025-03-13 01:10 - 000000000 ____D C:\ProgramData\Packages
2026-04-14 20:49 - 2024-05-26 10:14 - 000000000 ____D C:\Windows\system32\Drivers\wd
2026-04-14 20:46 - 2025-08-19 15:44 - 000000000 ____D C:\Users\hejda\AppData\Local\Comms
2026-04-12 02:57 - 2025-09-08 04:42 - 000001396 _____ C:\Users\Public\Desktop\NVIDIA App.lnk
2026-04-12 02:57 - 2025-09-08 04:35 - 000003834 _____ C:\Windows\system32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2026-04-12 02:57 - 2025-08-19 15:43 - 000000000 ___RD C:\Users\hejda\OneDrive
2026-04-12 02:57 - 2025-03-13 01:14 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2026-04-11 23:59 - 2025-03-13 01:15 - 000000000 ____D C:\ProgramData\Package Cache
2026-04-11 22:44 - 2025-10-13 21:36 - 000000434 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2026-04-11 14:27 - 2025-10-13 21:34 - 000000000 ____D C:\Users\hejda\AppData\Roaming\Docker Desktop
2026-04-11 12:51 - 2025-10-13 21:34 - 000000000 ____D C:\Users\hejda\AppData\Local\docker-secrets-engine
2026-04-11 12:51 - 2025-10-13 21:31 - 000000000 ____D C:\Users\hejda\.docker
2026-04-11 12:51 - 2025-10-13 21:29 - 000000000 ____D C:\Users\hejda\AppData\Roaming\Docker
2026-04-11 01:18 - 2024-05-26 10:14 - 000003610 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{0D77E3DA-EDAC-4B78-8B97-3078243A3EB0}
2026-04-11 01:18 - 2024-05-26 10:14 - 000003484 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{04F810C2-61C9-48F3-A74E-6C906168D8E8}
2026-04-09 23:05 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\SecurityHealth
2026-04-07 12:55 - 2026-03-03 22:07 - 000000000 ____D C:\Program Files\Docker
2026-04-07 12:55 - 2025-10-13 21:29 - 000000000 ____D C:\ProgramData\DockerDesktop
2026-04-07 12:54 - 2025-10-13 21:29 - 000000000 ____D C:\Users\hejda\AppData\Local\Docker
2026-04-07 12:47 - 2025-08-19 15:50 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2026-04-07 06:23 - 2025-09-08 04:35 - 001311344 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2026-04-07 06:23 - 2025-09-08 04:35 - 001116272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2026-04-07 06:23 - 2025-03-13 01:15 - 000296560 _____ C:\Windows\system32\FvSDK_x64.dll
2026-04-07 06:23 - 2025-03-13 01:15 - 000271472 _____ C:\Windows\SysWOW64\FvSDK_x86.dll
2026-04-07 06:00 - 2026-02-05 00:52 - 000161936 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap32v.dll
2026-04-07 06:00 - 2025-09-08 04:34 - 000185496 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2026-04-07 05:59 - 2025-09-08 04:35 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2026-04-05 22:13 - 2026-01-21 17:57 - 000004132 _____ C:\Windows\system32\Tasks\ASUS Update Checker 2.0
2026-04-05 22:13 - 2025-03-13 01:06 - 000003756 _____ C:\Windows\system32\Tasks\ASUS Optimization 36D18D69AFC3
2026-04-05 03:42 - 2025-08-19 15:51 - 000000000 ____D C:\Users\hejda\AppData\Local\CrashDumps
2026-03-29 00:50 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\microsoft shared

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-04-2026
Ran by hejda (administrator) on HEJDYS (ASUSTeK COMPUTER INC. ASUS TUF Gaming A15 FA506NC_FA506NC) (27-04-2026 01:23:27)
Running from C:\Users\hejda\Desktop\FRST64.exe
Loaded Profiles: hejda
Platform: Microsoft Windows 11 Home Version 25H2 26200.8246 (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe
(0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe
(453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe
(ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\GlideX\adb.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOSD.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files (x86)\LightingService\LightingService.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\AacAmbientHal\AacAmbientLighting.exe
(C:\Program Files (x86)\LightingService\LightingService.exe ->) (ASUSTeK COMPUTER INC. -> TODO: <Company name>) C:\Program Files\ASUS\AacAmbientHal\AacAmbientKeyScanner.exe
(C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA Overlay.exe <5>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA App\ShadowPlay\nvsphelper64.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\amdow.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSSrcExt.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\cncmd.exe
(C:\Program Files\WindowsApps\Microsoft.YourPhone_1.26022.64.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.26022.64.0_x64__8wekyb3d8bbwe\YourPhoneAppProxy.exe
(C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\crashpad_handler.exe <2>
(DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimization.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusHotkey.exe
(DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimization.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimizationStartupTask.exe
(DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusSoftwareManager.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe
(DriverStore\FileRepository\u0404233.inf_amd64_397a6af4950eb5ee\B402913\atiesrxx.exe ->) (AMD Test Build -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0404233.inf_amd64_397a6af4950eb5ee\B402913\atieclxx.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <9>
(services.exe ->) (AMD Test Build -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0404233.inf_amd64_397a6af4950eb5ee\B402913\atiesrxx.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUS Inc.) C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) C:\Program Files\ASUS\GlideX\GlideXRemote\GlideXRemoteService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files\ASUS\GlideX\GlideXNear\GlideXNearService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\GlideX\GlideXService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\GlideX\GlideXServiceExt.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\ASUSACCI\ArmouryCrateControlInterface.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asusptpfilter.inf_amd64_1e467870260bcd2f\AsusPTPService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\AsusAppService\AsusAppService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimization.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusSoftwareManager.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSwitch\AsusSwitch.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemAnalysis\AsusSystemAnalysis.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WSL\wslservice.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_987f8cede005f427\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <4>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_98d8c76c5f0d1f70\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a5b5950537cd134e\RtkAudUService64.exe <2>
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> WhatsApp.Root) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2613.101.0_x64__cv1g1gvanyjgm\WhatsApp.Root.exe
(svchost.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\XboxGameBarSpotify.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <4>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS Hotplug Controller\AsHotplugCtrl.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.Edge.GameAssist_1.0.3590.0_x64__8wekyb3d8bbwe\EdgeGameAssist.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Copilot\Application\mscopilot_proxy.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2604.1001.9.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.248.3.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\spaceman.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AppActions.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a5b5950537cd134e\RtkAudUService64.exe [2021320 2024-05-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [SteelSeriesGG] => C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe [20251704 2026-03-12] (GN Hearing A/S -> SteelSeries A/S)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [4148120 2026-04-12] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32\...\Run: [ASUS Smart Display Control] => C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe [178840 2024-03-29] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [14608920 2026-04-07] (GOG sp. z o.o -> GOG.com)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1008336 2026-04-23] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [5767832 2026-03-13] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2589432 2026-03-31] (Wargaming Group Limited -> Wargaming.net)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [3792032 2026-01-27] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [electron.app.Pi Network] => C:\Users\hejda\AppData\Local\Programs\pi-network-desktop\Pi Network.exe [199201592 2025-10-22] (SocialChain Inc -> Socialchain Inc.)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [RiotClient] => D:\Riot Games\Riot Client\RiotClientServices.exe [75632248 2026-04-26] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [Docker Desktop] => C:\Program Files\Docker\Docker\Docker Desktop.exe [13082544 2026-04-07] (Docker Inc -> Docker Inc.)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [MicrosoftEdgeAutoLaunch_E478EAC7BFC67F03F478E5F2D7931491] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [5026664 2026-04-24] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\...\AppCompatFlags\Custom\H3Blade.exe: [{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb] -> HoMM III Compatibility Database
HKLM\Software\...\AppCompatFlags\InstalledSDB\{62a24b39-0106-4990-90ea-3a09e9dda7a6}: [DatabasePath] -> C:\Windows\AppPatch\CustomSDB\{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb [2025-08-22]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{49210152-871f-4ffa-961d-a172abcbc09d}] -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe [3101848 2026-03-18] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\147.0.7727.103\Installer\chrmstp.exe [7429272 2026-04-22] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{ECDEB23C-E72D-F54F-081D-D2180DBF1497}] -> reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {410B4D63-12D8-4350-8F4A-E34014E8BDB6} - System32\Tasks\ASUS Hotplug Controller => C:\Program Files\ASUS\ASUS Hotplug Controller\AsHotplugCtrl.exe [208016 2024-04-08] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {ADAE697B-9848-4B6B-B869-544F532FC612} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusHotkey.exe [365064 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {889704A5-599C-40C2-AA82-B937D2F95827} - System32\Tasks\ASUS Update Checker 2.0 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusUpdateChecker.exe [852488 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {92D0D783-9E50-4AC0-8238-534D411197DD} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [359784 2024-01-15] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {0F054585-BEFC-4EB3-B450-F416C7F164B9} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [1812328 2024-01-15] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {E1B4053E-90F4-4FD6-8B4F-41D7D547725F} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [139091304 2024-04-19] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
Task: {719E5C49-92AE-4012-AD17-40F53E10A2E1} - System32\Tasks\ASUSSmartDisplayControl => C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe [178840 2024-03-29] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {3F0AD4E5-9017-4943-AE79-009EA9898A62} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemAnalysis\AsusSystemAnalysis.exe [4454920 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {B8DE8D77-5DE2-466C-A8FA-28A7FC000615} - System32\Tasks\AsusSystemDiagnosis_DriverQuality => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [1305608 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
Task: {1B0CB987-EC8F-4C09-9F3D-4A2A44055940} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem148.0.7730.0{595F8B06-08D2-4865-8F7D-5532E378B367} => C:\Program Files (x86)\Google\GoogleUpdater\148.0.7730.0\updater.exe [8459416 2026-03-12] (Google LLC -> Google LLC)
Task: {EC46F1CC-B0D4-4E08-983E-F9EF11EE6B8E} - System32\Tasks\Microsoft\Office\Office Actions Server => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ActionsServer\ActionsServer.exe [16380208 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {F178A75F-38CE-474E-BAF4-31FB056BD2EC} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28546448 2026-04-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {3DF83F57-55C6-45E5-949B-0C7AE810905A} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\opushutil.exe [73568 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {EC5D4D0B-1E6E-44BA-8850-4882A1D806BD} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28546448 2026-04-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {141D6492-8AC7-4436-BF5B-EE8F2E183B83} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [426776 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {95199692-FBC4-4D24-ADF0-63C005D1275B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [426776 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {92D30FB8-0502-4C39-A8F8-3024CCAA1602} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [1366888 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {4577BF73-D404-4AC1-A9E9-2C0F57120115} - System32\Tasks\Microsoft\Office\Office Startup Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ActionsServer\ActionsServer.exe [16380208 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {FF284009-385D-496B-AEFD-2F825AFF3F1B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {185304CA-D111-48BD-8CCA-5FEEC948BC33} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {31E8EB23-CCE6-44C5-BFAA-90B57D01590D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {62D1D874-E07F-450A-B3DF-0738B60E5CAF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {13E1DF2D-2322-4B67-9D6A-2EBEE9915C81} - System32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA App.exe [3346544 2026-04-07] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{1e830ae0-24bc-4813-841d-0138cb78e197}: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\14355535F54403: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\14355535F577966696: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\14355535F577966696F55374: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\2445D263736493D453: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\2445D263736493D453: [DhcpDomain] home
Tcpip\..\Interfaces\{e5f549ba-a1c6-454b-bee3-41a99569e0fe}: [DhcpDomain] local

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2026-01-25] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2025-12-07] (Microsoft Corporation -> Microsoft Corporation)

Edge:
=======
Edge Profile: C:\Users\hejda\AppData\Local\Microsoft\Edge\User Data\Default [2026-04-26]
Edge Extension: (VPN for Chrome: NordVPN proxy protection) - C:\Users\hejda\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2026-04-16]
Edge Extension: (Google Docs Offline) - C:\Users\hejda\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-04-23]
Edge Extension: (Edge relevant text changes) - C:\Users\hejda\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2026-03-15]
Edge HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [fjoaledfpmneenckfbpdfhkmimnjocfa]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\hejda\AppData\Local\Google\Chrome\User Data\Default [2026-04-27]
CHR DownloadDir: D:\Download
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://www.seznam.cz/"
CHR DefaultSearchURL: Default -> hxxps://thecharitych.com/search?the=QUMyZGV3cwRUUHZ2AldWcHIEVFx1cAcYVHB0BlBUdD8DU1N0cgBQUHB1TiEkCCJ7NQojAFopLDR7Sx4IHgRADzQMFV4DHS4AcFYRBRB3MSAABmslNgACdwMsAhBiIDoDNHc%3D&q={searchTerms}&source=hj
CHR DefaultSearchKeyword: Default -> yahoo.com
CHR DefaultNewTabURL: Default -> hxxps://thecharitych.com/nt?the=QUMyZGV3cwRUUHZ2AldWcHIEVFx1cAcYVHB0BlBUdD8DU1N0cgBQUHB1TiEkCCJ7NQojAFopLDR7Sx4IHgRADzQMFV4DHS4AcFYRBRB3MSAABmslNgACdwMsAhBiIDoDNHc%3D&source=hj
CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas_sfp&command={searchTerms}
CHR Extension: (VPN for Chrome: NordVPN proxy protection) - C:\Users\hejda\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2026-04-17]
CHR Extension: (Google Docs Offline) - C:\Users\hejda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-04-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\hejda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2025-08-19]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fjoaledfpmneenckfbpdfhkmimnjocfa]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ArmouryCrateControlInterface; C:\Windows\System32\ASUSACCI\ArmouryCrateControlInterface.exe [213016 2026-03-02] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe [401880 2024-05-31] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 AsusAppService; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\AsusAppService\AsusAppService.exe [1162760 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSOptimization; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimization.exe [654344 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 AsusPTPService; C:\Windows\System32\DriverStore\FileRepository\asusptpfilter.inf_amd64_1e467870260bcd2f\AsusPTPService.exe [229840 2024-09-04] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 ASUSSoftwareManager; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusSoftwareManager.exe [1422344 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSwitch; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSwitch\AsusSwitch.exe [653832 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemAnalysis\AsusSystemAnalysis.exe [4454920 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [1305608 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [3386064 2026-03-21] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13345600 2026-04-20] (Microsoft Corporation -> Microsoft Corporation)
S3 com.docker.service; C:\Program Files\Docker\Docker\com.docker.service [39344 2026-04-07] (Docker Inc -> Docker Inc.)
R2 DtsApo4Service; C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe [442368 2023-12-17] (DTS, Inc. -> DTS Inc.)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [20372640 2026-01-27] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [985896 2026-03-15] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 GalaxyClientService; \\?\C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2443288 2026-04-07] (GOG sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7656984 2026-04-07] (GOG sp. z o.o -> GOG.com)
R2 GameSDK Service; C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe [397544 2022-05-31] (ASUSTeK COMPUTER INC. -> ASUS Inc.)
R2 GlideXNearService; C:\Program Files\ASUS\GlideX\GlideXNear\GlideXNearService.exe [1825712 2025-11-13] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 GlideXRemoteService; C:\Program Files\ASUS\GlideX\GlideXRemote\GlideXRemoteService.exe [486832 2025-11-12] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​)
R2 GlideXService; C:\Program Files\ASUS\GlideX\GlideXService.exe [2985904 2025-11-13] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 GlideXServiceExt; C:\Program Files\ASUS\GlideX\GlideXServiceExt.exe [303024 2025-11-13] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [4926312 2024-05-06] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [976368 2026-04-24] (McAfee, LLC -> McAfee, LLC)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpDefenderCoreService.exe [2088128 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 MicrosoftCopilotElevationService; C:\Program Files (x86)\Microsoft\Copilot\Application\147.0.3912.84\elevation_service.exe [3602240 2026-04-23] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_98d8c76c5f0d1f70\Display.NvContainer\NVDisplay.Container.exe [1702600 2026-04-14] (NVIDIA Corporation -> NVIDIA Corporation)
R2 ROG Live Service; C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe [2045400 2024-05-13] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 SteelSeriesGGUpdateServiceProxy; C:\Program Files\SteelSeries\GG\SteelSeriesGGUpdateServiceProxy.exe [1587712 2025-03-12] (GN Hearing A/S -> )
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [55767304 2026-04-12] (Riot Games, Inc. -> Riot Games, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\NisSrv.exe [4480592 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MsMpEng.exe [290744 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 Bonjour Service; C:\Program Files\Blizzard\Bonjour Service\mDNSResponder.exe (No File)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_987f8cede005f427\amdfendrmgr.sys [36040 2024-05-09] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amduw23g; C:\Windows\System32\DriverStore\FileRepository\u0404233.inf_amd64_397a6af4950eb5ee\B402913\amdkmdag.sys [106001688 2024-06-14] (AMD Test Build -> Advanced Micro Devices, Inc.)
R2 amd_dpfc; C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_98d8c76c5f0d1f70\amd_dpfc.sys [47816 2026-04-14] (NVIDIA Corporation -> Advanced Micro Devices)
R3 AsusPTPDrv; C:\Windows\System32\DriverStore\FileRepository\asusptpfilter.inf_amd64_1e467870260bcd2f\AsusPTPFilter.sys [199632 2024-09-04] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R3 AsusSAIO; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemAnalysis\AsusSAIO.sys [51256 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R1 ATKWMIACPIIO; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusWmiAcpi.sys [50912 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [110592 2025-08-19] (Microsoft Corporation) [File not signed]
R0 fse; C:\Windows\System32\drivers\fse.sys [226688 2025-12-10] (Microsoft Windows -> Microsoft Corporation)
R3 KslD; C:\Windows\System32\drivers\wd\KslD.sys [82352 2026-03-08] (Microsoft Windows -> Microsoft Corporation)
S2 l1vhlwf; C:\Windows\System32\drivers\l1vhlwf.sys [144872 2026-04-14] (Microsoft Windows -> Microsoft Corporation)
R3 nvpcf; C:\Windows\System32\drivers\nvpcf.sys [308456 2026-02-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 ovpn-dco; C:\Windows\System32\drivers\ovpn-dco.sys [101008 2026-01-07] (WDKTestCert lev,133391533294737317 -> OpenVPN, Inc)
R3 rt68cx21; C:\Windows\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_043a02d7d5d8270f\rt68cx21x64.sys [752496 2023-08-16] (Realtek Semiconductor Corp. -> Realtek)
S3 RtkBtFilter2; C:\Windows\System32\DriverStore\FileRepository\rtkbtfilter.inf_amd64_899e279b64ed2cb5\RtkBtFilter2.sys [209640 2025-07-04] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corporation)
R3 ssdevfactory; C:\Windows\System32\drivers\ssdevfactory.sys [43568 2025-12-01] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
R3 sshid; C:\Windows\System32\drivers\sshid.sys [55856 2026-03-06] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
R3 SteelSeries_Sonar_VAD; C:\Windows\System32\DriverStore\FileRepository\steelseries-sonar-vad.inf_amd64_d2a852794d8f7bf8\SteelSeries-Sonar-VAD.sys [95912 2025-10-31] (GN Hearing A/S -> Windows (R) Win 7 DDK provider)
R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [70158624 2026-04-11] (Riot Games, Inc. -> Riot Games, Inc.)
S3 vmbusproxy; C:\Windows\system32\drivers\vmbusproxy.sys [98304 2025-08-19] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [21888 2026-04-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [647560 2026-04-14] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [100744 2026-04-14] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\Windows\System32\drivers\wintun.sys [38176 2026-03-09] (WireGuard LLC -> WireGuard LLC)
S3 WireGuard; C:\Windows\System32\drivers\wireguard.sys [489368 2026-03-09] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
U3 aswBcc; no ImagePath
U3 Avast Business Console Client Antivirus Service; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2026-04-27 01:23 - 2026-04-27 01:23 - 000036309 _____ C:\Users\hejda\Desktop\FRST.txt
2026-04-27 01:23 - 2026-04-27 01:19 - 002447360 _____ (Farbar) C:\Users\hejda\Desktop\FRST64.exe
2026-04-24 11:58 - 2026-04-26 20:21 - 000000000 ____D C:\Windows\CbsTemp
2026-04-23 00:38 - 2026-04-23 00:38 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2026-04-17 13:40 - 2026-04-17 13:40 - 000000000 ____D C:\Windows\LastGood.Tmp
2026-04-17 13:37 - 2026-04-14 14:30 - 029136584 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 028057800 _____ C:\Windows\system32\nvidia-pcc.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 021713096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 008441032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 005925064 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 005674192 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 005516456 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 005011408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 004466888 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 002421264 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 002421264 _____ C:\Windows\system32\vulkaninfo.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 002328264 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001923088 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 001923088 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 001724104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001625616 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001625616 _____ C:\Windows\system32\vulkan-1.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001621200 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 001583304 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001434640 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001434640 _____ C:\Windows\SysWOW64\vulkan-1.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001385672 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001231560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001064648 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000853704 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 000820432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000675016 _____ (NVIDIA Corporation) C:\Windows\system32\nvofapi64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000509128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvofapi.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000478928 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000469712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 000374992 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2026-04-17 13:37 - 2026-04-13 22:30 - 000162186 _____ C:\Windows\system32\nvinfo.pb
2026-04-14 21:25 - 2026-04-14 21:28 - 000000000 ___HD C:\$WinREAgent
2026-04-14 21:24 - 2026-04-14 21:24 - 000036843 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2026-04-14 21:24 - 2026-04-14 21:24 - 000036843 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2026-04-14 21:24 - 2026-04-14 21:24 - 000004575 _____ C:\Windows\system32\ResPriUHMImageList
2026-04-14 21:24 - 2026-04-14 21:24 - 000004575 _____ C:\Windows\system32\ResPriLMImageList
2026-04-14 21:24 - 2026-04-14 21:24 - 000004575 _____ C:\Windows\system32\ResPriImageList
2026-04-14 21:24 - 2026-04-14 21:24 - 000004575 _____ C:\Windows\system32\ResPriHMImageList
2026-04-14 20:33 - 2026-04-14 20:33 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2026-04-12 00:00 - 2026-04-12 00:00 - 000000000 ____D C:\Program Files (x86)\Intel
2026-04-11 23:59 - 2026-04-11 23:59 - 000000000 ____D C:\Program Files\Intel
2026-04-08 13:35 - 2026-04-08 13:35 - 000000000 ____D C:\Windows\system32\Tasks\SoftLanding
2026-04-07 12:55 - 2026-04-07 12:55 - 000002108 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Docker Desktop.lnk
2026-04-07 12:55 - 2026-04-07 12:55 - 000002102 _____ C:\Users\hejda\Desktop\Docker Desktop.lnk
2026-03-29 14:19 - 2026-03-29 14:19 - 000000000 ____D C:\Users\hejda\AppData\Local\Spotify

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2026-04-27 01:23 - 2026-02-28 00:11 - 000000000 ____D C:\FRST
2026-04-27 01:15 - 2025-08-19 18:05 - 000000000 ____D C:\Program Files (x86)\Steam
2026-04-27 01:13 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2026-04-27 01:11 - 2025-08-19 16:10 - 000000000 ____D C:\Users\hejda\AppData\Local\Battle.net
2026-04-27 00:33 - 2024-04-01 08:24 - 000000000 ____D C:\Windows\INF
2026-04-27 00:21 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SystemTemp
2026-04-27 00:03 - 2025-08-19 14:38 - 000003752 _____ C:\Windows\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2026-04-26 22:51 - 2026-03-03 20:43 - 134222904 _____ C:\Windows\392667600.dat
2026-04-26 22:51 - 2026-03-03 20:43 - 000000001 _____ C:\Windows\vgkbootstatus.dat
2026-04-26 22:49 - 2025-08-19 15:33 - 000000000 ____D C:\Users\hejda\AppData\Local\D3DSCache
2026-04-26 22:48 - 2026-03-03 20:13 - 000000000 ____D C:\ProgramData\Riot Games
2026-04-26 22:47 - 2026-03-03 20:17 - 000000000 ____D C:\Program Files\Riot Vanguard
2026-04-26 22:47 - 2026-03-03 20:14 - 000000000 ____D C:\Users\hejda\AppData\Roaming\riot-client-ux
2026-04-26 22:47 - 2026-03-03 20:14 - 000000000 ____D C:\Users\hejda\AppData\Roaming\Riot Client
2026-04-26 18:28 - 2025-03-13 01:19 - 000791266 _____ C:\Windows\system32\PerfStringBackup.INI
2026-04-26 18:26 - 2025-12-14 18:57 - 000003822 _____ C:\Windows\system32\Tasks\AsusSystemDiagnosis_DriverQuality
2026-04-26 18:21 - 2026-03-01 19:45 - 000008614 _____ C:\Windows\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2026-04-26 18:21 - 2025-09-14 22:39 - 000000000 ____D C:\Users\hejda\AppData\Roaming\Pi Network
2026-04-26 18:21 - 2025-08-19 15:43 - 000000000 ____D C:\Users\hejda\AppData\Roaming\asus_framework
2026-04-26 18:21 - 2025-03-13 01:24 - 000000000 ____D C:\Windows\system32\ASUSACCI
2026-04-26 18:21 - 2025-03-13 01:13 - 000000000 ____D C:\ProgramData\NVIDIA
2026-04-26 18:21 - 2024-05-26 10:14 - 000012288 ___SH C:\DumpStack.log.tmp
2026-04-26 18:21 - 2024-05-26 10:14 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2026-04-26 18:21 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\AppReadiness
2026-04-26 18:20 - 2024-04-01 08:21 - 000786432 _____ C:\Windows\system32\config\BBI
2026-04-26 18:10 - 2025-08-19 15:33 - 000000000 ____D C:\Users\hejda\AppData\Local\Packages
2026-04-26 18:07 - 2024-04-01 08:26 - 000000000 ___HD C:\Program Files\WindowsApps
2026-04-26 17:50 - 2024-05-26 10:14 - 000000000 ____D C:\Windows\system32\SleepStudy
2026-04-26 16:34 - 2024-05-26 10:14 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2026-04-24 10:39 - 2025-11-02 03:08 - 000000000 ____D C:\ProgramData\Whesvc
2026-04-23 23:58 - 2025-08-19 16:10 - 000000000 ____D C:\Program Files (x86)\Battle.net
2026-04-23 00:39 - 2025-08-19 18:12 - 000000000 ____D C:\Users\hejda\AppData\Local\NVIDIA
2026-04-23 00:38 - 2024-05-26 10:17 - 000000000 ____D C:\Program Files\Microsoft Office
2026-04-23 00:28 - 2025-08-19 16:58 - 000002209 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2026-04-23 00:28 - 2025-08-19 16:58 - 000002168 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2026-04-20 20:44 - 2025-08-19 15:44 - 000003576 _____ C:\Windows\system32\Tasks\OneDrive Startup Task-S-1-5-21-1589204013-1864288644-3288743639-1001
2026-04-20 20:44 - 2025-08-19 15:43 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1589204013-1864288644-3288743639-1001
2026-04-20 20:44 - 2025-08-19 15:43 - 000003362 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1589204013-1864288644-3288743639-1001
2026-04-20 20:44 - 2025-08-19 15:43 - 000002385 _____ C:\Users\hejda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2026-04-20 15:24 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\LiveKernelReports
2026-04-17 13:36 - 2025-08-19 15:43 - 000000000 ____D C:\Users\hejda\AppData\Local\NVIDIA Corporation
2026-04-15 00:58 - 2025-03-13 01:19 - 000001623 _____ C:\Windows\system32\config\VSMIDK
2026-04-15 00:56 - 2026-03-13 23:32 - 000480856 _____ C:\Windows\system32\FNTCACHE.DAT
2026-04-15 00:55 - 2025-08-19 15:24 - 000000000 ____D C:\Windows\system32\ruxim
2026-04-15 00:55 - 2024-05-26 10:54 - 000000000 ____D C:\Windows\system32\Drivers\en-GB
2026-04-15 00:55 - 2024-05-26 10:54 - 000000000 ____D C:\Windows\en-GB
2026-04-15 00:55 - 2024-04-01 09:08 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ___SD C:\Windows\SysWOW64\F12
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ___SD C:\Windows\system32\F12
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\vi-VN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ur-PK
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ug-CN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\tt-RU
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\te-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ta-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\sq-AL
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\quz-PE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\qps-plocm
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\qps-ploc
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\pa-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\or-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\oobe
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\nn-NO
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ne-NP
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\mt-MT
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\mr-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ml-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\mk-MK
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\mi-NZ
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\lo-LA
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\lb-LU
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\kok-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\kn-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\km-KH
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\kk-KZ
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ka-GE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\is-IS
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\InstallShield
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\id-ID
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\hy-AM
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\hi-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\gu-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\gl-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\gd-GB
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ga-IE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\fil-PH
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\fa-IR
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\eu-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\Dism
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\cy-GB
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ca-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\bn-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\be-BY
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\as-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\am-ET
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\af-ZA
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SystemResources
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\WinMetadata
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\vi-VN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ur-PK
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ug-CN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\tt-RU
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\te-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ta-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\sq-AL
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ShellExperiences
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\setup
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\quz-PE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\qps-plocm
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\qps-ploc
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\pa-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\or-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\oobe
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\nn-NO
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ne-NP
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\mt-MT
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\mr-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ml-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\mk-MK
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\mi-NZ
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\migwiz
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\lv-LV
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\lt-LT
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\lo-LA
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\lb-LU
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\kok-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\kn-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\km-KH
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\kk-KZ
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ka-GE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\is-IS
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\id-ID
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\hy-AM
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\hi-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\HealthAttestationClient
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\gu-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\gl-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\gd-GB
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ga-IE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\fil-PH
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\fa-IR
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\eu-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\et-EE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\es-MX
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\Dism
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\cy-GB
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ca-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\bn-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\be-BY
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\as-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\appraiser
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\am-ET
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\af-ZA
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\ShellExperiences
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\ShellComponents
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\Provisioning
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\DiagTrack
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\BrowserCore
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\bcastdvr
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\System
2026-04-15 00:55 - 2024-04-01 08:21 - 000000000 ____D C:\Windows\servicing
2026-04-14 21:34 - 2024-04-01 08:26 - 000282624 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2026-04-14 21:34 - 2024-04-01 08:26 - 000235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2026-04-14 21:24 - 2024-05-26 10:16 - 003268096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2026-04-14 21:03 - 2025-08-19 21:11 - 000000000 ____D C:\Windows\system32\MRT
2026-04-14 21:01 - 2025-08-19 21:11 - 218249592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2026-04-14 20:49 - 2025-08-19 15:32 - 000000000 ____D C:\Users\hejda\AppData\Local\PlaceholderTileLogoFolder
2026-04-14 20:49 - 2025-03-13 01:10 - 000000000 ____D C:\ProgramData\Packages
2026-04-14 20:49 - 2024-05-26 10:14 - 000000000 ____D C:\Windows\system32\Drivers\wd
2026-04-14 20:46 - 2025-08-19 15:44 - 000000000 ____D C:\Users\hejda\AppData\Local\Comms
2026-04-12 02:57 - 2025-09-08 04:42 - 000001396 _____ C:\Users\Public\Desktop\NVIDIA App.lnk
2026-04-12 02:57 - 2025-09-08 04:35 - 000003834 _____ C:\Windows\system32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2026-04-12 02:57 - 2025-08-19 15:43 - 000000000 ___RD C:\Users\hejda\OneDrive
2026-04-12 02:57 - 2025-03-13 01:14 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2026-04-11 23:59 - 2025-03-13 01:15 - 000000000 ____D C:\ProgramData\Package Cache
2026-04-11 22:44 - 2025-10-13 21:36 - 000000434 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2026-04-11 14:27 - 2025-10-13 21:34 - 000000000 ____D C:\Users\hejda\AppData\Roaming\Docker Desktop
2026-04-11 12:51 - 2025-10-13 21:34 - 000000000 ____D C:\Users\hejda\AppData\Local\docker-secrets-engine
2026-04-11 12:51 - 2025-10-13 21:31 - 000000000 ____D C:\Users\hejda\.docker
2026-04-11 12:51 - 2025-10-13 21:29 - 000000000 ____D C:\Users\hejda\AppData\Roaming\Docker
2026-04-11 01:18 - 2024-05-26 10:14 - 000003610 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{0D77E3DA-EDAC-4B78-8B97-3078243A3EB0}
2026-04-11 01:18 - 2024-05-26 10:14 - 000003484 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{04F810C2-61C9-48F3-A74E-6C906168D8E8}
2026-04-09 23:05 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\SecurityHealth
2026-04-07 12:55 - 2026-03-03 22:07 - 000000000 ____D C:\Program Files\Docker
2026-04-07 12:55 - 2025-10-13 21:29 - 000000000 ____D C:\ProgramData\DockerDesktop
2026-04-07 12:54 - 2025-10-13 21:29 - 000000000 ____D C:\Users\hejda\AppData\Local\Docker
2026-04-07 12:47 - 2025-08-19 15:50 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2026-04-07 06:23 - 2025-09-08 04:35 - 001311344 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2026-04-07 06:23 - 2025-09-08 04:35 - 001116272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2026-04-07 06:23 - 2025-03-13 01:15 - 000296560 _____ C:\Windows\system32\FvSDK_x64.dll
2026-04-07 06:23 - 2025-03-13 01:15 - 000271472 _____ C:\Windows\SysWOW64\FvSDK_x86.dll
2026-04-07 06:00 - 2026-02-05 00:52 - 000161936 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap32v.dll
2026-04-07 06:00 - 2025-09-08 04:34 - 000185496 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2026-04-07 05:59 - 2025-09-08 04:35 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2026-04-05 22:13 - 2026-01-21 17:57 - 000004132 _____ C:\Windows\system32\Tasks\ASUS Update Checker 2.0
2026-04-05 22:13 - 2025-03-13 01:06 - 000003756 _____ C:\Windows\system32\Tasks\ASUS Optimization 36D18D69AFC3
2026-04-05 03:42 - 2025-08-19 15:51 - 000000000 ____D C:\Users\hejda\AppData\Local\CrashDumps
2026-03-29 00:50 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\microsoft shared

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Re: Prosim zase jednou o kontrolu logu. Predem moc dekuji.

Napsal: 27 dub 2026 07:43
od Rudy
Zdravím!.txt
Aby kontrola mohla být provedena kompletně, potřebuji vidět ještě lo Addition. Najdete ho na ploše v souboru addition txt. Děkuji.

Re: Prosim zase jednou o kontrolu logu. Predem moc dekuji.

Napsal: 29 dub 2026 00:38
od Hejdys84
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-04-2026
Ran by hejda (administrator) on HEJDYS (ASUSTeK COMPUTER INC. ASUS TUF Gaming A15 FA506NC_FA506NC) (27-04-2026 01:23:27)
Running from C:\Users\hejda\Desktop\FRST64.exe
Loaded Profiles: hejda
Platform: Microsoft Windows 11 Home Version 25H2 26200.8246 (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe
(0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe
(453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe
(ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\GlideX\adb.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOSD.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files (x86)\LightingService\LightingService.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\AacAmbientHal\AacAmbientLighting.exe
(C:\Program Files (x86)\LightingService\LightingService.exe ->) (ASUSTeK COMPUTER INC. -> TODO: <Company name>) C:\Program Files\ASUS\AacAmbientHal\AacAmbientKeyScanner.exe
(C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA Overlay.exe <5>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA App\ShadowPlay\nvsphelper64.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\amdow.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSSrcExt.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10035.0_x64__0a9344xs7nr4m\radeonsoftware\cncmd.exe
(C:\Program Files\WindowsApps\Microsoft.YourPhone_1.26022.64.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.26022.64.0_x64__8wekyb3d8bbwe\YourPhoneAppProxy.exe
(C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\crashpad_handler.exe <2>
(DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimization.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusHotkey.exe
(DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimization.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimizationStartupTask.exe
(DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusSoftwareManager.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe
(DriverStore\FileRepository\u0404233.inf_amd64_397a6af4950eb5ee\B402913\atiesrxx.exe ->) (AMD Test Build -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0404233.inf_amd64_397a6af4950eb5ee\B402913\atieclxx.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <9>
(services.exe ->) (AMD Test Build -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0404233.inf_amd64_397a6af4950eb5ee\B402913\atiesrxx.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUS Inc.) C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) C:\Program Files\ASUS\GlideX\GlideXRemote\GlideXRemoteService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files\ASUS\GlideX\GlideXNear\GlideXNearService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\GlideX\GlideXService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\GlideX\GlideXServiceExt.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\ASUSACCI\ArmouryCrateControlInterface.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asusptpfilter.inf_amd64_1e467870260bcd2f\AsusPTPService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\AsusAppService\AsusAppService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimization.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusSoftwareManager.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSwitch\AsusSwitch.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemAnalysis\AsusSystemAnalysis.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WSL\wslservice.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_987f8cede005f427\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <4>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_98d8c76c5f0d1f70\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a5b5950537cd134e\RtkAudUService64.exe <2>
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> WhatsApp.Root) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2613.101.0_x64__cv1g1gvanyjgm\WhatsApp.Root.exe
(svchost.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.288.483.0_x64__zpdnekdrzrea0\XboxGameBarSpotify.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <4>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS Hotplug Controller\AsHotplugCtrl.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.Edge.GameAssist_1.0.3590.0_x64__8wekyb3d8bbwe\EdgeGameAssist.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Copilot\Application\mscopilot_proxy.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2604.1001.9.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.248.3.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\spaceman.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AppActions.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a5b5950537cd134e\RtkAudUService64.exe [2021320 2024-05-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [SteelSeriesGG] => C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe [20251704 2026-03-12] (GN Hearing A/S -> SteelSeries A/S)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [4148120 2026-04-12] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32\...\Run: [ASUS Smart Display Control] => C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe [178840 2024-03-29] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [14608920 2026-04-07] (GOG sp. z o.o -> GOG.com)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1008336 2026-04-23] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [5767832 2026-03-13] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2589432 2026-03-31] (Wargaming Group Limited -> Wargaming.net)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [3792032 2026-01-27] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [electron.app.Pi Network] => C:\Users\hejda\AppData\Local\Programs\pi-network-desktop\Pi Network.exe [199201592 2025-10-22] (SocialChain Inc -> Socialchain Inc.)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [RiotClient] => D:\Riot Games\Riot Client\RiotClientServices.exe [75632248 2026-04-26] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [Docker Desktop] => C:\Program Files\Docker\Docker\Docker Desktop.exe [13082544 2026-04-07] (Docker Inc -> Docker Inc.)
HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\...\Run: [MicrosoftEdgeAutoLaunch_E478EAC7BFC67F03F478E5F2D7931491] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [5026664 2026-04-24] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\...\AppCompatFlags\Custom\H3Blade.exe: [{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb] -> HoMM III Compatibility Database
HKLM\Software\...\AppCompatFlags\InstalledSDB\{62a24b39-0106-4990-90ea-3a09e9dda7a6}: [DatabasePath] -> C:\Windows\AppPatch\CustomSDB\{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb [2025-08-22]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{49210152-871f-4ffa-961d-a172abcbc09d}] -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe [3101848 2026-03-18] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\147.0.7727.103\Installer\chrmstp.exe [7429272 2026-04-22] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{ECDEB23C-E72D-F54F-081D-D2180DBF1497}] -> reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {410B4D63-12D8-4350-8F4A-E34014E8BDB6} - System32\Tasks\ASUS Hotplug Controller => C:\Program Files\ASUS\ASUS Hotplug Controller\AsHotplugCtrl.exe [208016 2024-04-08] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {ADAE697B-9848-4B6B-B869-544F532FC612} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusHotkey.exe [365064 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {889704A5-599C-40C2-AA82-B937D2F95827} - System32\Tasks\ASUS Update Checker 2.0 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusUpdateChecker.exe [852488 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {92D0D783-9E50-4AC0-8238-534D411197DD} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [359784 2024-01-15] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {0F054585-BEFC-4EB3-B450-F416C7F164B9} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [1812328 2024-01-15] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {E1B4053E-90F4-4FD6-8B4F-41D7D547725F} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [139091304 2024-04-19] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
Task: {719E5C49-92AE-4012-AD17-40F53E10A2E1} - System32\Tasks\ASUSSmartDisplayControl => C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe [178840 2024-03-29] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {3F0AD4E5-9017-4943-AE79-009EA9898A62} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemAnalysis\AsusSystemAnalysis.exe [4454920 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {B8DE8D77-5DE2-466C-A8FA-28A7FC000615} - System32\Tasks\AsusSystemDiagnosis_DriverQuality => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [1305608 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
Task: {1B0CB987-EC8F-4C09-9F3D-4A2A44055940} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem148.0.7730.0{595F8B06-08D2-4865-8F7D-5532E378B367} => C:\Program Files (x86)\Google\GoogleUpdater\148.0.7730.0\updater.exe [8459416 2026-03-12] (Google LLC -> Google LLC)
Task: {EC46F1CC-B0D4-4E08-983E-F9EF11EE6B8E} - System32\Tasks\Microsoft\Office\Office Actions Server => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ActionsServer\ActionsServer.exe [16380208 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {F178A75F-38CE-474E-BAF4-31FB056BD2EC} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28546448 2026-04-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {3DF83F57-55C6-45E5-949B-0C7AE810905A} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\opushutil.exe [73568 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {EC5D4D0B-1E6E-44BA-8850-4882A1D806BD} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28546448 2026-04-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {141D6492-8AC7-4436-BF5B-EE8F2E183B83} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [426776 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {95199692-FBC4-4D24-ADF0-63C005D1275B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [426776 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {92D30FB8-0502-4C39-A8F8-3024CCAA1602} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [1366888 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {4577BF73-D404-4AC1-A9E9-2C0F57120115} - System32\Tasks\Microsoft\Office\Office Startup Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ActionsServer\ActionsServer.exe [16380208 2026-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {FF284009-385D-496B-AEFD-2F825AFF3F1B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {185304CA-D111-48BD-8CCA-5FEEC948BC33} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {31E8EB23-CCE6-44C5-BFAA-90B57D01590D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {62D1D874-E07F-450A-B3DF-0738B60E5CAF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {13E1DF2D-2322-4B67-9D6A-2EBEE9915C81} - System32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA App.exe [3346544 2026-04-07] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{1e830ae0-24bc-4813-841d-0138cb78e197}: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\14355535F54403: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\14355535F577966696: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\14355535F577966696F55374: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\2445D263736493D453: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{55be3cf7-18cf-43bf-a96c-8c6476de1074}\2445D263736493D453: [DhcpDomain] home
Tcpip\..\Interfaces\{e5f549ba-a1c6-454b-bee3-41a99569e0fe}: [DhcpDomain] local

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2026-01-25] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2025-12-07] (Microsoft Corporation -> Microsoft Corporation)

Edge:
=======
Edge Profile: C:\Users\hejda\AppData\Local\Microsoft\Edge\User Data\Default [2026-04-26]
Edge Extension: (VPN for Chrome: NordVPN proxy protection) - C:\Users\hejda\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2026-04-16]
Edge Extension: (Google Docs Offline) - C:\Users\hejda\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-04-23]
Edge Extension: (Edge relevant text changes) - C:\Users\hejda\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2026-03-15]
Edge HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [fjoaledfpmneenckfbpdfhkmimnjocfa]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\hejda\AppData\Local\Google\Chrome\User Data\Default [2026-04-27]
CHR DownloadDir: D:\Download
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://www.seznam.cz/"
CHR DefaultSearchURL: Default -> hxxps://thecharitych.com/search?the=QUMyZGV3cwRUUHZ2AldWcHIEVFx1cAcYVHB0BlBUdD8DU1N0cgBQUHB1TiEkCCJ7NQojAFopLDR7Sx4IHgRADzQMFV4DHS4AcFYRBRB3MSAABmslNgACdwMsAhBiIDoDNHc%3D&q={searchTerms}&source=hj
CHR DefaultSearchKeyword: Default -> yahoo.com
CHR DefaultNewTabURL: Default -> hxxps://thecharitych.com/nt?the=QUMyZGV3cwRUUHZ2AldWcHIEVFx1cAcYVHB0BlBUdD8DU1N0cgBQUHB1TiEkCCJ7NQojAFopLDR7Sx4IHgRADzQMFV4DHS4AcFYRBRB3MSAABmslNgACdwMsAhBiIDoDNHc%3D&source=hj
CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas_sfp&command={searchTerms}
CHR Extension: (VPN for Chrome: NordVPN proxy protection) - C:\Users\hejda\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2026-04-17]
CHR Extension: (Google Docs Offline) - C:\Users\hejda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-04-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\hejda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2025-08-19]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-1589204013-1864288644-3288743639-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fjoaledfpmneenckfbpdfhkmimnjocfa]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ArmouryCrateControlInterface; C:\Windows\System32\ASUSACCI\ArmouryCrateControlInterface.exe [213016 2026-03-02] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe [401880 2024-05-31] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 AsusAppService; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\AsusAppService\AsusAppService.exe [1162760 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSOptimization; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusOptimization.exe [654344 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 AsusPTPService; C:\Windows\System32\DriverStore\FileRepository\asusptpfilter.inf_amd64_1e467870260bcd2f\AsusPTPService.exe [229840 2024-09-04] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 ASUSSoftwareManager; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSoftwareManager\AsusSoftwareManager.exe [1422344 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSwitch; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSwitch\AsusSwitch.exe [653832 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemAnalysis\AsusSystemAnalysis.exe [4454920 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [1305608 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [3386064 2026-03-21] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13345600 2026-04-20] (Microsoft Corporation -> Microsoft Corporation)
S3 com.docker.service; C:\Program Files\Docker\Docker\com.docker.service [39344 2026-04-07] (Docker Inc -> Docker Inc.)
R2 DtsApo4Service; C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe [442368 2023-12-17] (DTS, Inc. -> DTS Inc.)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [20372640 2026-01-27] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [985896 2026-03-15] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 GalaxyClientService; \\?\C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2443288 2026-04-07] (GOG sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7656984 2026-04-07] (GOG sp. z o.o -> GOG.com)
R2 GameSDK Service; C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe [397544 2022-05-31] (ASUSTeK COMPUTER INC. -> ASUS Inc.)
R2 GlideXNearService; C:\Program Files\ASUS\GlideX\GlideXNear\GlideXNearService.exe [1825712 2025-11-13] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 GlideXRemoteService; C:\Program Files\ASUS\GlideX\GlideXRemote\GlideXRemoteService.exe [486832 2025-11-12] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​)
R2 GlideXService; C:\Program Files\ASUS\GlideX\GlideXService.exe [2985904 2025-11-13] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 GlideXServiceExt; C:\Program Files\ASUS\GlideX\GlideXServiceExt.exe [303024 2025-11-13] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [4926312 2024-05-06] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [976368 2026-04-24] (McAfee, LLC -> McAfee, LLC)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpDefenderCoreService.exe [2088128 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 MicrosoftCopilotElevationService; C:\Program Files (x86)\Microsoft\Copilot\Application\147.0.3912.84\elevation_service.exe [3602240 2026-04-23] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_98d8c76c5f0d1f70\Display.NvContainer\NVDisplay.Container.exe [1702600 2026-04-14] (NVIDIA Corporation -> NVIDIA Corporation)
R2 ROG Live Service; C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe [2045400 2024-05-13] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 SteelSeriesGGUpdateServiceProxy; C:\Program Files\SteelSeries\GG\SteelSeriesGGUpdateServiceProxy.exe [1587712 2025-03-12] (GN Hearing A/S -> )
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [55767304 2026-04-12] (Riot Games, Inc. -> Riot Games, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\NisSrv.exe [4480592 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MsMpEng.exe [290744 2026-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 Bonjour Service; C:\Program Files\Blizzard\Bonjour Service\mDNSResponder.exe (No File)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_987f8cede005f427\amdfendrmgr.sys [36040 2024-05-09] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amduw23g; C:\Windows\System32\DriverStore\FileRepository\u0404233.inf_amd64_397a6af4950eb5ee\B402913\amdkmdag.sys [106001688 2024-06-14] (AMD Test Build -> Advanced Micro Devices, Inc.)
R2 amd_dpfc; C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_98d8c76c5f0d1f70\amd_dpfc.sys [47816 2026-04-14] (NVIDIA Corporation -> Advanced Micro Devices)
R3 AsusPTPDrv; C:\Windows\System32\DriverStore\FileRepository\asusptpfilter.inf_amd64_1e467870260bcd2f\AsusPTPFilter.sys [199632 2024-09-04] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R3 AsusSAIO; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSSystemAnalysis\AsusSAIO.sys [51256 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R1 ATKWMIACPIIO; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_ebcc5101f0564a1b\ASUSOptimization\AsusWmiAcpi.sys [50912 2026-03-30] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [110592 2025-08-19] (Microsoft Corporation) [File not signed]
R0 fse; C:\Windows\System32\drivers\fse.sys [226688 2025-12-10] (Microsoft Windows -> Microsoft Corporation)
R3 KslD; C:\Windows\System32\drivers\wd\KslD.sys [82352 2026-03-08] (Microsoft Windows -> Microsoft Corporation)
S2 l1vhlwf; C:\Windows\System32\drivers\l1vhlwf.sys [144872 2026-04-14] (Microsoft Windows -> Microsoft Corporation)
R3 nvpcf; C:\Windows\System32\drivers\nvpcf.sys [308456 2026-02-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 ovpn-dco; C:\Windows\System32\drivers\ovpn-dco.sys [101008 2026-01-07] (WDKTestCert lev,133391533294737317 -> OpenVPN, Inc)
R3 rt68cx21; C:\Windows\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_043a02d7d5d8270f\rt68cx21x64.sys [752496 2023-08-16] (Realtek Semiconductor Corp. -> Realtek)
S3 RtkBtFilter2; C:\Windows\System32\DriverStore\FileRepository\rtkbtfilter.inf_amd64_899e279b64ed2cb5\RtkBtFilter2.sys [209640 2025-07-04] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corporation)
R3 ssdevfactory; C:\Windows\System32\drivers\ssdevfactory.sys [43568 2025-12-01] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
R3 sshid; C:\Windows\System32\drivers\sshid.sys [55856 2026-03-06] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
R3 SteelSeries_Sonar_VAD; C:\Windows\System32\DriverStore\FileRepository\steelseries-sonar-vad.inf_amd64_d2a852794d8f7bf8\SteelSeries-Sonar-VAD.sys [95912 2025-10-31] (GN Hearing A/S -> Windows (R) Win 7 DDK provider)
R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [70158624 2026-04-11] (Riot Games, Inc. -> Riot Games, Inc.)
S3 vmbusproxy; C:\Windows\system32\drivers\vmbusproxy.sys [98304 2025-08-19] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [21888 2026-04-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [647560 2026-04-14] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [100744 2026-04-14] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\Windows\System32\drivers\wintun.sys [38176 2026-03-09] (WireGuard LLC -> WireGuard LLC)
S3 WireGuard; C:\Windows\System32\drivers\wireguard.sys [489368 2026-03-09] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
U3 aswBcc; no ImagePath
U3 Avast Business Console Client Antivirus Service; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2026-04-27 01:23 - 2026-04-27 01:23 - 000036309 _____ C:\Users\hejda\Desktop\FRST.txt
2026-04-27 01:23 - 2026-04-27 01:19 - 002447360 _____ (Farbar) C:\Users\hejda\Desktop\FRST64.exe
2026-04-24 11:58 - 2026-04-26 20:21 - 000000000 ____D C:\Windows\CbsTemp
2026-04-23 00:38 - 2026-04-23 00:38 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2026-04-17 13:40 - 2026-04-17 13:40 - 000000000 ____D C:\Windows\LastGood.Tmp
2026-04-17 13:37 - 2026-04-14 14:30 - 029136584 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 028057800 _____ C:\Windows\system32\nvidia-pcc.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 021713096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 008441032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 005925064 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 005674192 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 005516456 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 005011408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 004466888 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 002421264 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 002421264 _____ C:\Windows\system32\vulkaninfo.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 002328264 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001923088 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 001923088 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 001724104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001625616 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001625616 _____ C:\Windows\system32\vulkan-1.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001621200 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 001583304 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001434640 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001434640 _____ C:\Windows\SysWOW64\vulkan-1.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001385672 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001231560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 001064648 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000853704 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 000820432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000675016 _____ (NVIDIA Corporation) C:\Windows\system32\nvofapi64.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000509128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvofapi.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000478928 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2026-04-17 13:37 - 2026-04-14 14:30 - 000469712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2026-04-17 13:37 - 2026-04-14 14:30 - 000374992 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2026-04-17 13:37 - 2026-04-13 22:30 - 000162186 _____ C:\Windows\system32\nvinfo.pb
2026-04-14 21:25 - 2026-04-14 21:28 - 000000000 ___HD C:\$WinREAgent
2026-04-14 21:24 - 2026-04-14 21:24 - 000036843 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2026-04-14 21:24 - 2026-04-14 21:24 - 000036843 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2026-04-14 21:24 - 2026-04-14 21:24 - 000004575 _____ C:\Windows\system32\ResPriUHMImageList
2026-04-14 21:24 - 2026-04-14 21:24 - 000004575 _____ C:\Windows\system32\ResPriLMImageList
2026-04-14 21:24 - 2026-04-14 21:24 - 000004575 _____ C:\Windows\system32\ResPriImageList
2026-04-14 21:24 - 2026-04-14 21:24 - 000004575 _____ C:\Windows\system32\ResPriHMImageList
2026-04-14 20:33 - 2026-04-14 20:33 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2026-04-12 00:00 - 2026-04-12 00:00 - 000000000 ____D C:\Program Files (x86)\Intel
2026-04-11 23:59 - 2026-04-11 23:59 - 000000000 ____D C:\Program Files\Intel
2026-04-08 13:35 - 2026-04-08 13:35 - 000000000 ____D C:\Windows\system32\Tasks\SoftLanding
2026-04-07 12:55 - 2026-04-07 12:55 - 000002108 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Docker Desktop.lnk
2026-04-07 12:55 - 2026-04-07 12:55 - 000002102 _____ C:\Users\hejda\Desktop\Docker Desktop.lnk
2026-03-29 14:19 - 2026-03-29 14:19 - 000000000 ____D C:\Users\hejda\AppData\Local\Spotify

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2026-04-27 01:23 - 2026-02-28 00:11 - 000000000 ____D C:\FRST
2026-04-27 01:15 - 2025-08-19 18:05 - 000000000 ____D C:\Program Files (x86)\Steam
2026-04-27 01:13 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2026-04-27 01:11 - 2025-08-19 16:10 - 000000000 ____D C:\Users\hejda\AppData\Local\Battle.net
2026-04-27 00:33 - 2024-04-01 08:24 - 000000000 ____D C:\Windows\INF
2026-04-27 00:21 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SystemTemp
2026-04-27 00:03 - 2025-08-19 14:38 - 000003752 _____ C:\Windows\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2026-04-26 22:51 - 2026-03-03 20:43 - 134222904 _____ C:\Windows\392667600.dat
2026-04-26 22:51 - 2026-03-03 20:43 - 000000001 _____ C:\Windows\vgkbootstatus.dat
2026-04-26 22:49 - 2025-08-19 15:33 - 000000000 ____D C:\Users\hejda\AppData\Local\D3DSCache
2026-04-26 22:48 - 2026-03-03 20:13 - 000000000 ____D C:\ProgramData\Riot Games
2026-04-26 22:47 - 2026-03-03 20:17 - 000000000 ____D C:\Program Files\Riot Vanguard
2026-04-26 22:47 - 2026-03-03 20:14 - 000000000 ____D C:\Users\hejda\AppData\Roaming\riot-client-ux
2026-04-26 22:47 - 2026-03-03 20:14 - 000000000 ____D C:\Users\hejda\AppData\Roaming\Riot Client
2026-04-26 18:28 - 2025-03-13 01:19 - 000791266 _____ C:\Windows\system32\PerfStringBackup.INI
2026-04-26 18:26 - 2025-12-14 18:57 - 000003822 _____ C:\Windows\system32\Tasks\AsusSystemDiagnosis_DriverQuality
2026-04-26 18:21 - 2026-03-01 19:45 - 000008614 _____ C:\Windows\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2026-04-26 18:21 - 2025-09-14 22:39 - 000000000 ____D C:\Users\hejda\AppData\Roaming\Pi Network
2026-04-26 18:21 - 2025-08-19 15:43 - 000000000 ____D C:\Users\hejda\AppData\Roaming\asus_framework
2026-04-26 18:21 - 2025-03-13 01:24 - 000000000 ____D C:\Windows\system32\ASUSACCI
2026-04-26 18:21 - 2025-03-13 01:13 - 000000000 ____D C:\ProgramData\NVIDIA
2026-04-26 18:21 - 2024-05-26 10:14 - 000012288 ___SH C:\DumpStack.log.tmp
2026-04-26 18:21 - 2024-05-26 10:14 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2026-04-26 18:21 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\AppReadiness
2026-04-26 18:20 - 2024-04-01 08:21 - 000786432 _____ C:\Windows\system32\config\BBI
2026-04-26 18:10 - 2025-08-19 15:33 - 000000000 ____D C:\Users\hejda\AppData\Local\Packages
2026-04-26 18:07 - 2024-04-01 08:26 - 000000000 ___HD C:\Program Files\WindowsApps
2026-04-26 17:50 - 2024-05-26 10:14 - 000000000 ____D C:\Windows\system32\SleepStudy
2026-04-26 16:34 - 2024-05-26 10:14 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2026-04-24 10:39 - 2025-11-02 03:08 - 000000000 ____D C:\ProgramData\Whesvc
2026-04-23 23:58 - 2025-08-19 16:10 - 000000000 ____D C:\Program Files (x86)\Battle.net
2026-04-23 00:39 - 2025-08-19 18:12 - 000000000 ____D C:\Users\hejda\AppData\Local\NVIDIA
2026-04-23 00:38 - 2024-05-26 10:17 - 000000000 ____D C:\Program Files\Microsoft Office
2026-04-23 00:28 - 2025-08-19 16:58 - 000002209 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2026-04-23 00:28 - 2025-08-19 16:58 - 000002168 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2026-04-20 20:44 - 2025-08-19 15:44 - 000003576 _____ C:\Windows\system32\Tasks\OneDrive Startup Task-S-1-5-21-1589204013-1864288644-3288743639-1001
2026-04-20 20:44 - 2025-08-19 15:43 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1589204013-1864288644-3288743639-1001
2026-04-20 20:44 - 2025-08-19 15:43 - 000003362 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1589204013-1864288644-3288743639-1001
2026-04-20 20:44 - 2025-08-19 15:43 - 000002385 _____ C:\Users\hejda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2026-04-20 15:24 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\LiveKernelReports
2026-04-17 13:36 - 2025-08-19 15:43 - 000000000 ____D C:\Users\hejda\AppData\Local\NVIDIA Corporation
2026-04-15 00:58 - 2025-03-13 01:19 - 000001623 _____ C:\Windows\system32\config\VSMIDK
2026-04-15 00:56 - 2026-03-13 23:32 - 000480856 _____ C:\Windows\system32\FNTCACHE.DAT
2026-04-15 00:55 - 2025-08-19 15:24 - 000000000 ____D C:\Windows\system32\ruxim
2026-04-15 00:55 - 2024-05-26 10:54 - 000000000 ____D C:\Windows\system32\Drivers\en-GB
2026-04-15 00:55 - 2024-05-26 10:54 - 000000000 ____D C:\Windows\en-GB
2026-04-15 00:55 - 2024-04-01 09:08 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ___SD C:\Windows\SysWOW64\F12
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ___SD C:\Windows\system32\F12
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\vi-VN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ur-PK
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ug-CN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\tt-RU
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\te-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ta-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\sq-AL
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\quz-PE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\qps-plocm
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\qps-ploc
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\pa-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\or-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\oobe
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\nn-NO
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ne-NP
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\mt-MT
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\mr-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ml-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\mk-MK
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\mi-NZ
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\lo-LA
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\lb-LU
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\kok-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\kn-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\km-KH
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\kk-KZ
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ka-GE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\is-IS
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\InstallShield
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\id-ID
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\hy-AM
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\hi-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\gu-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\gl-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\gd-GB
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ga-IE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\fil-PH
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\fa-IR
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\eu-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\Dism
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\cy-GB
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\ca-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\bn-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\be-BY
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\as-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\am-ET
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\af-ZA
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SystemResources
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\WinMetadata
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\vi-VN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ur-PK
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ug-CN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\tt-RU
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\te-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ta-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\sq-AL
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ShellExperiences
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\setup
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\quz-PE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\qps-plocm
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\qps-ploc
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\pa-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\or-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\oobe
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\nn-NO
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ne-NP
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\mt-MT
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\mr-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ml-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\mk-MK
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\mi-NZ
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\migwiz
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\lv-LV
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\lt-LT
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\lo-LA
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\lb-LU
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\kok-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\kn-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\km-KH
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\kk-KZ
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ka-GE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\is-IS
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\id-ID
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\hy-AM
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\hi-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\HealthAttestationClient
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\gu-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\gl-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\gd-GB
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ga-IE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\fil-PH
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\fa-IR
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\eu-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\et-EE
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\es-MX
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\Dism
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\cy-GB
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ca-ES
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\bn-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\be-BY
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\as-IN
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\appraiser
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\am-ET
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\af-ZA
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\ShellExperiences
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\ShellComponents
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\Provisioning
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\DiagTrack
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\BrowserCore
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\bcastdvr
2026-04-15 00:55 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\System
2026-04-15 00:55 - 2024-04-01 08:21 - 000000000 ____D C:\Windows\servicing
2026-04-14 21:34 - 2024-04-01 08:26 - 000282624 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2026-04-14 21:34 - 2024-04-01 08:26 - 000235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2026-04-14 21:24 - 2024-05-26 10:16 - 003268096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2026-04-14 21:03 - 2025-08-19 21:11 - 000000000 ____D C:\Windows\system32\MRT
2026-04-14 21:01 - 2025-08-19 21:11 - 218249592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2026-04-14 20:49 - 2025-08-19 15:32 - 000000000 ____D C:\Users\hejda\AppData\Local\PlaceholderTileLogoFolder
2026-04-14 20:49 - 2025-03-13 01:10 - 000000000 ____D C:\ProgramData\Packages
2026-04-14 20:49 - 2024-05-26 10:14 - 000000000 ____D C:\Windows\system32\Drivers\wd
2026-04-14 20:46 - 2025-08-19 15:44 - 000000000 ____D C:\Users\hejda\AppData\Local\Comms
2026-04-12 02:57 - 2025-09-08 04:42 - 000001396 _____ C:\Users\Public\Desktop\NVIDIA App.lnk
2026-04-12 02:57 - 2025-09-08 04:35 - 000003834 _____ C:\Windows\system32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2026-04-12 02:57 - 2025-08-19 15:43 - 000000000 ___RD C:\Users\hejda\OneDrive
2026-04-12 02:57 - 2025-03-13 01:14 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2026-04-11 23:59 - 2025-03-13 01:15 - 000000000 ____D C:\ProgramData\Package Cache
2026-04-11 22:44 - 2025-10-13 21:36 - 000000434 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2026-04-11 14:27 - 2025-10-13 21:34 - 000000000 ____D C:\Users\hejda\AppData\Roaming\Docker Desktop
2026-04-11 12:51 - 2025-10-13 21:34 - 000000000 ____D C:\Users\hejda\AppData\Local\docker-secrets-engine
2026-04-11 12:51 - 2025-10-13 21:31 - 000000000 ____D C:\Users\hejda\.docker
2026-04-11 12:51 - 2025-10-13 21:29 - 000000000 ____D C:\Users\hejda\AppData\Roaming\Docker
2026-04-11 01:18 - 2024-05-26 10:14 - 000003610 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{0D77E3DA-EDAC-4B78-8B97-3078243A3EB0}
2026-04-11 01:18 - 2024-05-26 10:14 - 000003484 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{04F810C2-61C9-48F3-A74E-6C906168D8E8}
2026-04-09 23:05 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\SecurityHealth
2026-04-07 12:55 - 2026-03-03 22:07 - 000000000 ____D C:\Program Files\Docker
2026-04-07 12:55 - 2025-10-13 21:29 - 000000000 ____D C:\ProgramData\DockerDesktop
2026-04-07 12:54 - 2025-10-13 21:29 - 000000000 ____D C:\Users\hejda\AppData\Local\Docker
2026-04-07 12:47 - 2025-08-19 15:50 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2026-04-07 06:23 - 2025-09-08 04:35 - 001311344 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2026-04-07 06:23 - 2025-09-08 04:35 - 001116272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2026-04-07 06:23 - 2025-03-13 01:15 - 000296560 _____ C:\Windows\system32\FvSDK_x64.dll
2026-04-07 06:23 - 2025-03-13 01:15 - 000271472 _____ C:\Windows\SysWOW64\FvSDK_x86.dll
2026-04-07 06:00 - 2026-02-05 00:52 - 000161936 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap32v.dll
2026-04-07 06:00 - 2025-09-08 04:34 - 000185496 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2026-04-07 05:59 - 2025-09-08 04:35 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2026-04-05 22:13 - 2026-01-21 17:57 - 000004132 _____ C:\Windows\system32\Tasks\ASUS Update Checker 2.0
2026-04-05 22:13 - 2025-03-13 01:06 - 000003756 _____ C:\Windows\system32\Tasks\ASUS Optimization 36D18D69AFC3
2026-04-05 03:42 - 2025-08-19 15:51 - 000000000 ____D C:\Users\hejda\AppData\Local\CrashDumps
2026-03-29 00:50 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\microsoft shared

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Re: Prosim zase jednou o kontrolu logu. Predem moc dekuji.

Napsal: 29 dub 2026 07:48
od Rudy
Tak ještě jednou. Protože jste sem dal opět stejný log (FRST), zopakuji: Program FRST vytvoří 2 logy. 1. FRST (ten jste sem dal) a 2. Addition. Ten tu není a najdete ho v souboru addition.txt. Soubor otevřete a uděláte copy/paste tak, abyste přenesl text z toho sozuboru (addition.txt) sem do fóra. Pokud tu nebudu mít k dispozici oba logy, nelze nic řešit. Ještě jednou děkuji.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz