Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-07-2025
Ran by Marxwil (administrator) on MARXWIL (LENOVO 82JQ) (03-07-2025 18:01:43)
Running from C:\Users\xmaxi\Downloads\FRST64.exe
Loaded Profiles: Marxwil
Platform: Microsoft Windows 11 Home Version 24H2 26100.4484 (X64) Language: Czech (Czechia) -> English (United States)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> Gen Digital Inc.) C:\Users\xmaxi\AppData\Local\Avast Software\Browser\Application\AvastBrowser.exe <67>
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.9166\Agent.exe
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files (x86)\Jabra\Direct6\jabra-direct.exe ->) (GN Audio A/S -> GN Audio A/S) C:\Program Files (x86)\Jabra\Direct6\SoftphoneIntegrations.exe
(C:\Program Files (x86)\Lenovo\System Update\UACSdk.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\System Update\Tvsukernel.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8>
(C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_appbroker.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\PostgreSQL\17\bin\pg_ctl.exe ->) (PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\17\bin\postgres.exe <7>
(C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.152.0_x64__nzyj5cx40ttqa\iCloud\iCloudHome.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.152.0_x64__nzyj5cx40ttqa\iCloud\iCloudCKKS.exe
(C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.22.11141.0_x64__8wekyb3d8bbwe\WindowsTerminal.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.22.11141.0_x64__8wekyb3d8bbwe\OpenConsole.exe
(C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.22.11141.0_x64__8wekyb3d8bbwe\WindowsTerminal.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
(C:\Users\xmaxi\Documents\Games\Riot Games\Riot Client\RiotClientServices.exe ->) () [File not signed] C:\Users\xmaxi\Documents\Games\Riot Games\Riot Client\RiotClientCrashHandler.exe
(cmd.exe ->) (Lenovo (Beijing) Limited -> Lenovo Group Limited) C:\Users\xmaxi\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
(DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_fa50a878363b0cec\LenovoUtilityService.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_fa50a878363b0cec\FnHotkeyCapsLKNumLK.exe
(DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_fa50a878363b0cec\LenovoUtilityService.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_fa50a878363b0cec\FnHotkeyUtility.exe
(explorer.exe ->) (A FOUR TECH CO., LTD. -> ) C:\Program Files (x86)\Bloody7\Bloody7\Bloody7.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Users\xmaxi\Documents\Games\BattleNet\Battle.net\Battle.net.exe <5>
(explorer.exe ->) (CRON INC. -> Notion Labs, Inc.) C:\Users\xmaxi\AppData\Local\Programs\cron-web\Notion Calendar.exe <4>
(explorer.exe ->) (GN Audio A/S -> GN Audio A/S) C:\Program Files (x86)\Jabra\Direct6\jabra-direct.exe <4>
(explorer.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_11.2504.62.0_x64__8wekyb3d8bbwe\Notepad\Notepad.exe
(explorer.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.22.11141.0_x64__8wekyb3d8bbwe\WindowsTerminal.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Users\xmaxi\Documents\Games\Riot Games\Riot Client\RiotClientServices.exe
(explorer.exe ->) (Signal Messenger, LLC -> Signal Messenger, LLC) C:\Users\xmaxi\AppData\Local\Programs\signal-desktop\Signal.exe <5>
(explorer.exe ->) (Skutta Software GmbH -> ) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\CCleaner\CCleaner64.exe
(Grammarly, Inc. -> Grammarly) C:\Users\xmaxi\AppData\Local\Grammarly\DesktopIntegrations\Grammarly.Desktop.exe
(Lenovo -> ) C:\Program Files (x86)\Lenovo\System Update\egather\IA.exe
(Lenovo -> ) C:\Program Files (x86)\Lenovo\System Update\UACSdk.exe
(Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MSTeams_25153.1010.3727.5483_x64__8wekyb3d8bbwe\ms-teams.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.431.352.0.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\wuaucltcore.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Users\xmaxi\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Proton AG -> ProtonVPN) C:\Program Files\Proton\VPN\v4.2.0\ProtonVPN.Client.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_fa50a878363b0cec\LenovoUtilityService.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Windows\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_cdf3ca3c77d5f267\logi_lamparray_service.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WSL\wslservice.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_3aa6688a380906ed\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\17\bin\pg_ctl.exe
(services.exe ->) (Proton AG -> ProtonVPN) C:\Program Files\Proton\VPN\v4.2.0\ProtonVPNService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5d66730f577c60c7\RtkAudUService64.exe <2>
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(sihost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.152.0_x64__nzyj5cx40ttqa\iCloud\ApplePhotoStreams.exe
(sihost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.152.0_x64__nzyj5cx40ttqa\iCloud\iCloudDrive.exe
(sihost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.152.0_x64__nzyj5cx40ttqa\iCloud\iCloudHome.exe
(sihost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.152.0_x64__nzyj5cx40ttqa\iCloud\iCloudPhotos.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.25061.25.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(Slack Technologies, LLC -> Slack Technologies Inc.) C:\Users\xmaxi\AppData\Local\slack\app-4.44.65\slack.exe <7>
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2526.2.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.152.0_x64__nzyj5cx40ttqa\iCloud\APSDaemon.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple, Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.152.0_x64__nzyj5cx40ttqa\iCloud\secd.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.51.3.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\xmaxi\AppData\Local\Microsoft\OneDrive\25.110.0608.0001\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_525.15301.20.0_x64__cw5n1h2txyewy\WidgetBoard.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.26100.4484_none_a528ed6b774a60b8\TiWorker.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5d66730f577c60c7\RtkAudUService64.exe [3495840 2022-06-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [SteelSeriesGG] => C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe [16856912 2025-03-11] (SteelSeries ApS -> SteelSeries ApS)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [4131496 2024-12-16] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [369488 2025-01-13] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [748624 2023-06-14] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2571359450-2151739589-3148544484-1001\...\Run: [Avast Browser] => C:\Users\xmaxi\AppData\Local\AVAST Software\Browser\Update\1.8.1579.3\AvastBrowserUpdateCore.exe [507752 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-2571359450-2151739589-3148544484-1001\...\Run: [AvastBrowserAutoLaunch_A64B1CB23946ED73722AE382088B63BA] => C:\Users\xmaxi\AppData\Local\Avast Software\Browser\Application\AvastBrowser.exe [3497312 2025-06-22] (Avast Software s.r.o. -> Gen Digital Inc.)
HKU\S-1-5-21-2571359450-2151739589-3148544484-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45724528 2025-06-23] (Gen Digital Inc. -> Gen Digital Inc.)
HKU\S-1-5-21-2571359450-2151739589-3148544484-1001\...\Run: [Discord] => C:\Users\xmaxi\AppData\Local\Discord\Update.exe [1522176 2022-06-08] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2571359450-2151739589-3148544484-1001\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody7\Bloody7\Bloody7.exe [20979728 2022-08-05] (A FOUR TECH CO., LTD. -> )
HKU\S-1-5-21-2571359450-2151739589-3148544484-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4698720 2025-05-19] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2571359450-2151739589-3148544484-1001\...\Run: [WallpaperEngine] => C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe [3647928 2025-03-02] (Skutta Software GmbH -> )
HKU\S-1-5-21-2571359450-2151739589-3148544484-1001\...\Run: [RiotClient] => C:\Users\xmaxi\Documents\Games\Riot Games\Riot Client\RiotClientServices.exe [74829512 2025-06-27] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-2571359450-2151739589-3148544484-1001\...\Run: [Battle.net] => C:\Users\xmaxi\Documents\Games\BattleNet\Battle.net\Battle.net.exe [981648 2025-06-26] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-2571359450-2151739589-3148544484-1001\...\Run: [com.messenger] => "C:\Users\xmaxi\AppData\Local\Programs\Messenger\Messenger.exe" messenger://openAtLogin (No File)
HKU\S-1-5-21-2571359450-2151739589-3148544484-1001\...\Run: [org.whispersystems.signal-desktop] => C:\Users\xmaxi\AppData\Local\Programs\signal-desktop\Signal.exe [202137968 2025-06-25] (Signal Messenger, LLC -> Signal Messenger, LLC)
HKU\S-1-5-21-2571359450-2151739589-3148544484-1001\...\Run: [com.cron.electron] => C:\Users\xmaxi\AppData\Local\Programs\cron-web\Notion Calendar.exe [176987864 2024-04-25] (CRON INC. -> Notion Labs, Inc.)
HKU\S-1-5-21-2571359450-2151739589-3148544484-1001\...\Run: [Jabra Direct] => C:\Program Files (x86)\Jabra\Direct6\jabra-direct.exe [136268544 2024-06-07] (GN Audio A/S -> GN Audio A/S)
HKU\S-1-5-21-2571359450-2151739589-3148544484-1001\...\Run: [Docker Desktop] => C:\Program Files\Docker\Docker\Docker Desktop.exe [4097392 2025-01-27] (Docker Inc -> Docker Inc.)
HKU\S-1-5-21-2571359450-2151739589-3148544484-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [41959832 2025-06-06] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2571359450-2151739589-3148544484-1001\...\Run: [com.squirrel.slack.slack] => C:\Users\xmaxi\AppData\Local\slack\slack.exe [307504 2025-06-11] (Slack Technologies, LLC -> Slack Technologies Inc.)
HKU\S-1-5-21-2571359450-2151739589-3148544484-1001\...\Run: [Grammarly] => C:\Users\xmaxi\AppData\Local\Grammarly\DesktopIntegrations\Grammarly.Desktop.exe [275032 2025-07-02] (Grammarly, Inc. -> Grammarly)
HKU\S-1-5-21-2571359450-2151739589-3148544484-1001\...\Command Processor: C:\Users\xmaxi\miniconda3\condabin\conda_hook.bat [649 2024-03-26] () [File not signed] <==== ATTENTION
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [203936 2024-10-01] (Adobe Inc. -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\138.0.7204.49\Installer\chrmstp.exe [2025-06-27] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> 
Startup: C:\Users\xmaxi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2025-05-27]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1C8B6C90-BCB2-4FBF-9437-90AB1066AF39} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2025-03-21] (Adobe Inc. -> Adobe Inc.)
Task: {DB320DFD-38E9-4207-BDF1-EF57406A26AB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [617096 2022-02-25] (Apple Inc. -> Apple Inc.)
Task: {EF4C053B-8447-4B08-AD4C-99DA3CB731C5} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) S-1-5-21-2571359450-2151739589-3148544484-1001 => C:\Users\xmaxi\AppData\Local\AVAST Software\Browser\Application\AvastBrowser.exe [3497312 2025-06-22] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {25E057F1-4A0D-4AE8-972C-A1BA4F97290F} - System32\Tasks\AvastBrowserProtectS-1-5-21-2571359450-2151739589-3148544484-1001 => C:\Users\xmaxi\AppData\Local\Avast Software\Browser\Application\AvastBrowserProtect.exe [1750664 2022-09-06] (Avast Software s.r.o. -> Avast Software)
Task: {38A74F22-CCB7-4534-8F95-26EE33943800} - System32\Tasks\AvastUpdateTaskUserS-1-5-21-2571359450-2151739589-3148544484-1001Core => C:\Users\xmaxi\AppData\Local\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-13] (Avast Software s.r.o. -> AVAST Software) <==== ATTENTION
Task: {577A5486-A973-473C-9F9B-1B5593582868} - System32\Tasks\AvastUpdateTaskUserS-1-5-21-2571359450-2151739589-3148544484-1001UA => C:\Users\xmaxi\AppData\Local\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-13] (Avast Software s.r.o. -> AVAST Software) <==== ATTENTION
Task: {4DD63E07-B93E-42BE-A657-3D2B92B58847} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [3480504 2025-06-23] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {DEF00180-10C3-4626-974B-3CC6E4CAB245} - System32\Tasks\CCleanerClean => C:\Program Files\CCleaner\CCleaner.exe [39562464 2025-06-23] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {0E457D48-649D-4B95-BDE1-76BDB3E9A063} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [6140640 2025-06-23] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "a588e844-96b9-4bd9-914b-36c89ef83773" --version "6.37.0.11523" --silent
Task: {1C3949F1-3E7A-4F59-8E18-11EDB6F401A9} - System32\Tasks\CCleanerSkipUAC - Marxwil => C:\Program Files\CCleaner\CCleaner.exe [39562464 2025-06-23] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {ED1410BB-BC8D-40BC-9BA9-FC11F5DC6F8B} - System32\Tasks\CCleanerSkipUAC - xmaxi => C:\Program Files\CCleaner\CCleaner.exe [39562464 2025-06-23] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {909CC34C-46FD-431F-B239-F799432A8DE1} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem138.0.7194.0{1F503F2B-10F0-4C9A-84B3-4F5CBFBC6C4E} => C:\Program Files (x86)\Google\GoogleUpdater\138.0.7194.0\updater.exe [7080032 2025-05-22] (Google LLC -> Google LLC)
Task: {AFB5E9C4-5A77-47E9-AA5E-98E32495D0BB} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [79312 2025-05-05] (HP Inc. -> HP Inc.)
Task: {0FC9FF00-0F87-4081-A86D-BC56D247969E} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [79312 2025-05-05] (HP Inc. -> HP Inc.)
Task: {632E39C4-92F8-4547-A91A-49E8B03E52F3} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-2571359450-2151739589-3148544484-1001 => C:\Users\xmaxi\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [91416 2025-04-29] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {72255531-31C7-46A5-96A8-F2C62F361AE1} - System32\Tasks\Meta\Messenger-SL-Helper-S-1-5-21-2571359450-2151739589-3148544484-1001 => C:\Users\xmaxi\AppData\Local\Programs\Messenger\MessengerHelper.exe [2192632 2024-09-17] (Facebook, Inc. -> Meta Platforms, Inc.)
Task: {455A6617-F66F-4470-988D-6B94B74F610C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28952664 2025-06-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {3211F6D7-9156-466F-A290-BA6B72533202} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\opushutil.exe [69128 2025-07-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {345BE438-7B22-4C4C-A514-50CF32116AA1} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28952664 2025-06-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {4D3B7E6F-1DF4-4100-BF4F-5F263F367CFD} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [310752 2025-07-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {2854995F-69A0-4D70-83F3-E4066A0C2CC3} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [310752 2025-07-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {58AC2EE5-69EF-4243-85EB-DA413922ED8A} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [225992 2025-06-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {413D6077-F75C-4830-A16C-E95A68599739} - System32\Tasks\Microsoft\Office\Office Startup Boost => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [310752 2025-07-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {EBCCAE97-9EB1-4C4E-88F9-766736B45B4B} - System32\Tasks\Microsoft\Office\Office Startup Boost Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [310752 2025-07-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {8AA67B6E-8CEB-42F1-8094-25FF23DA66CF} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [253880 2023-08-09] (Microsoft Corporation -> Microsoft)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe  (No File)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe  (No File)
Task: {A3BC81D2-6825-46F5-A8B3-AF1A2D5BA39A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe  LogonUpdateResults (No File)
Task: {2BA5F8FD-E3EA-421C-8ABD-61DFEA1DB641} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe  /RunOnAC ReadyToReboot (No File)
Task: {120E4C48-A35E-45BB-B1D1-53123F76F2DE} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe  /RunOnBattery ReadyToReboot (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe  (No File)
Task: {A697FEA6-957F-4566-B4BD-C76B1CA3D420} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpCmdRun.exe [1757568 2025-06-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A16DB4C3-FC5D-424E-8860-EFAAB32F8A3F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpCmdRun.exe [1757568 2025-06-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2D931A02-5BB3-4BC0-8712-CD2E52B93B7F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpCmdRun.exe [1757568 2025-06-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {086E4BA7-7005-4329-8F62-2E131D011153} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpCmdRun.exe [1757568 2025-06-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D9B49E64-85D2-444C-9F37-E8FAAAD14864} - System32\Tasks\Microsoft\Windows\WindowsAI\Settings\InitialConfiguration => {2886e5fb-4f01-4a89-9a0e-5d6a9c8048ac} C:\WINDOWS\system32\SettingsConfigTask.dll [200704 2025-06-26] (Microsoft Windows -> Microsoft Corporation)
Task: {A852A5C5-0856-41A5-AB8E-FB1BEF28B503} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34880 2025-05-17] (Mozilla Corporation -> Mozilla Foundation)
Task: {E7AF9149-EB60-4B98-91A0-273734C1316F} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1277480 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {5FFE3808-DAB4-4F56-A94B-FBA3F5D286C3} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3347496 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {837CAAE1-DC84-4DC7-9F60-00EB46A792F7} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646696 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {7C5D0FCE-698A-4E22-AE6A-6A327640974A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5E5FB205-F786-4E77-8A40-271E19D38344} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6CCA09D0-16A4-4322-8688-5E6003A9A69D} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {10980DC7-18AC-4DA6-B886-D5BF2272E6B8} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {430610DE-3276-479C-9E4C-46B99773DC02} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7B623C03-EBE4-4A12-AB97-951A9210A5CF} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8FA79CA3-01D3-41F4-B59A-E52478E338F9} - System32\Tasks\OneDrive Startup Task-S-1-5-21-2571359450-2151739589-3148544484-1001 => C:\Users\xmaxi\AppData\Local\Microsoft\OneDrive\25.110.0608.0001\OneDriveLauncher.exe [685352 2025-07-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {BF65D6D8-4D50-4FCF-B16C-4435A1FF4CE0} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1904536 2024-07-15] (Lenovo -> )
Task: {339190E8-86C1-4464-B7EA-559CADB072AE} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1904536 2024-07-15] (Lenovo -> )
Task: {959597D4-7423-4F86-8070-1B4D5452E561} - System32\Tasks\Zoner.Updater.S-1-5-21-2571359450-2151739589-3148544484-1001 => C:\ProgramData\Zoner\Zoner.Installer.Core\updater.exe [1592128 2025-06-30] (ZONER a.s. -> ZONER a.s.)
Task: {A6F1D2EE-DB55-472D-A97C-4DAABE94E871} - System32\Tasks\ZoomUpdateTaskUser-S-1-5-21-2571359450-2151739589-3148544484-1001 => C:\Users\xmaxi\AppData\Roaming\Zoom\bin\Zoom.exe [441144 2025-05-27] (Zoom Video Communications, Inc. -> Zoom Communications, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerClean.job => C:\Program Files\CCleaner\CCleaner.exe
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4ce48486-8d76-4603-8777-f48aa9426ff7}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4ce48486-8d76-4603-8777-f48aa9426ff7}: [DhcpDomain] home
Tcpip\..\Interfaces\{4ce48486-8d76-4603-8777-f48aa9426ff7}\051627B65627: [DhcpNameServer] 192.168.200.1
Tcpip\..\Interfaces\{4ce48486-8d76-4603-8777-f48aa9426ff7}\75946494044424: [DhcpNameServer] 185.109.152.243 185.109.152.244
Tcpip\..\Interfaces\{4ce48486-8d76-4603-8777-f48aa9426ff7}\D454544502D45402040235451425245534B435: [DhcpNameServer] 10.128.128.128
Tcpip\..\Interfaces\{4ce48486-8d76-4603-8777-f48aa9426ff7}\E4164796F6E616C6027596D26496: [DhcpNameServer] 8.8.8.8 1.1.1.1
Tcpip\..\Interfaces\{f9bc4b27-e8ae-4fa4-809f-0c2fede07578}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{f9bc4b27-e8ae-4fa4-809f-0c2fede07578}: [DhcpNameServer] 10.0.1.138
Tcpip\..\Interfaces\{fb080a42-e4dd-4dfa-a751-46e3940a5976}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{fe30b4c6-6820-4fdd-97b5-dfba5054cd65}: [DhcpNameServer] 172.20.10.1

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\xmaxi\AppData\Local\Microsoft\Edge\User Data\Default [2025-07-02]
Edge Extension: (Avast Online Security & Privacy) - C:\Users\xmaxi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdgpikaaheckgdijjmepmdjjkbceakif [2025-03-20]
Edge Extension: (Google Docs Offline) - C:\Users\xmaxi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-06-26]
Edge Extension: (Bitwarden Password Manager) - C:\Users\xmaxi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jbkfoedolllekgbhcbcoahefnbanhhlh [2025-06-29]
Edge Extension: (Edge relevant text changes) - C:\Users\xmaxi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-26]

FireFox:
========
FF DefaultProfile: bqj2dfr5.default
FF ProfilePath: C:\Users\xmaxi\AppData\Roaming\Mozilla\Firefox\Profiles\bqj2dfr5.default [2025-05-22]
FF ProfilePath: C:\Users\xmaxi\AppData\Roaming\Mozilla\Firefox\Profiles\glvvjkjh.default-release [2025-07-03]
FF Extension: (Language: Čeština (Czech)) - C:\Users\xmaxi\AppData\Roaming\Mozilla\Firefox\Profiles\glvvjkjh.default-release\Extensions\langpack-cs@firefox.mozilla.org.xpi [2025-05-22]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-02-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @java.com/DTPlugin,version=11.381.2 -> C:\Program Files\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-06-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.381.2 -> C:\Program Files\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-06-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2025-06-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-06-06] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2025-06-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-2571359450-2151739589-3148544484-1001: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Users\xmaxi\AppData\Local\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2022-12-13] (Avast Software s.r.o. -> AVAST Software)
FF Plugin HKU\S-1-5-21-2571359450-2151739589-3148544484-1001: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Users\xmaxi\AppData\Local\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2022-12-13] (Avast Software s.r.o. -> AVAST Software)

Chrome: 
=======
CHR Profile: C:\Users\xmaxi\AppData\Local\Google\Chrome\User Data\Default [2025-05-12]
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Extension: (Blue Nebula - Full HD - Axlg) - C:\Users\xmaxi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpbfcgopniakghhkjcnnmpfdemapblij [2024-07-14]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\xmaxi\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-01-30]
CHR Extension: (Google Docs Offline) - C:\Users\xmaxi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-05-12]
CHR Extension: (AdBlock — block ads across the web) - C:\Users\xmaxi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2025-01-29]
CHR Extension: (Avast Online Security & Privacy) - C:\Users\xmaxi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2024-07-14]
CHR Extension: (Grammarly: AI Writing and Grammar Checker App) - C:\Users\xmaxi\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2025-01-31]
CHR Extension: (Chrome Web Store Payments) - C:\Users\xmaxi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-07-14]
CHR HKU\S-1-5-21-2571359450-2151739589-3148544484-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2025-03-21] (Adobe Inc. -> Adobe Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [103776 2024-08-27] (Apple Inc. -> Apple Inc.)
S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [3383952 2025-06-18] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1080544 2025-06-23] (Gen Digital Inc. -> Gen Digital Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13725240 2025-06-20] (Microsoft Corporation -> Microsoft Corporation)
S3 com.docker.service; C:\Program Files\Docker\Docker\com.docker.service [38256 2025-01-27] (Docker Inc -> Docker Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [243664 2025-05-05] (HP Inc. -> HP Inc.)
R2 LenovoFnAndFunctionKeys; C:\WINDOWS\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_fa50a878363b0cec\LenovoUtilityService.exe [182272 2025-02-20] (Lenovo -> Lenovo)
R2 logi_lamparray_service; C:\WINDOWS\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_cdf3ca3c77d5f267\logi_lamparray_service.exe [9903656 2024-04-17] (Logitech Inc -> Logitech, Inc.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9424792 2024-11-17] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-10-20] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpDefenderCoreService.exe [2071592 2025-06-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1930888 2022-03-29] (A-Volute SAS -> Nahimic)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_3aa6688a380906ed\Display.NvContainer\NVDisplay.Container.exe [1275000 2024-09-28] (NVIDIA Corporation -> NVIDIA Corporation)
R2 OptionsPlusUpdaterService; C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe [20445008 2025-06-20] (Logitech Inc -> Logitech, Inc.)
R2 postgresql-x64-17; C:\Program Files\PostgreSQL\17\bin\pg_ctl.exe [130048 2024-12-02] (PostgreSQL Global Development Group) [File not signed]
R3 ProtonVPN Service; C:\Program Files\Proton\VPN\v4.2.0\ProtonVPNService.exe [464624 2025-06-13] (Proton AG -> ProtonVPN)
S3 ProtonVPN WireGuard; C:\Program Files\Proton\VPN\v4.2.0\ProtonVPN.WireGuardService.exe [464112 2025-06-13] (Proton AG -> ProtonVPN)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [807352 2024-01-15] (Oracle Corporation -> Oracle and/or its affiliates)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [13066904 2024-12-16] (Riot Games, Inc. -> Riot Games, Inc.)
S3 VSInstallerElevationService; C:\Program Files (x86)\Microsoft Visual Studio\Installer\VSInstallerElevationService.exe [41896 2023-08-09] (Microsoft Corporation -> Microsoft)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [142304 2022-06-01] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\NisSrv.exe [4513624 2025-06-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MsMpEng.exe [278328 2025-06-17] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S1 aehd; C:\WINDOWS\system32\DRIVERS\aehd.sys [403080 2024-06-17] (Google LLC -> Google LLC)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 fse; C:\WINDOWS\System32\drivers\fse.sys [222528 2025-01-03] (Microsoft Windows -> Microsoft Corporation)
R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [330112 2025-06-17] (Microsoft Windows -> Microsoft Corporation)
S2 l1vhlwf; C:\WINDOWS\System32\drivers\l1vhlwf.sys [140688 2025-06-26] (Microsoft Windows -> Microsoft Corporation)
R3 logi_lamparray; C:\WINDOWS\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_cdf3ca3c77d5f267\logi_lamparray.sys [98864 2024-04-17] (Logitech Inc -> Logitech, Inc.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-12-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239568 2024-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 NahimicBTLink; C:\WINDOWS\System32\drivers\NahimicBTLink.sys [85144 2021-09-13] (A-Volute SAS -> Windows (R) Win 7 DDK provider)
R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [85144 2021-09-13] (A-Volute SAS -> Windows (R) Win 7 DDK provider)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2023-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys [47240 2024-04-03] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvpcf; C:\WINDOWS\System32\drivers\nvpcf.sys [237216 2024-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 ProtonVPNCallout; C:\Program Files\Proton\VPN\v4.2.0\Resources\ProtonVPN.CalloutDriver.sys [40360 2025-02-10] (Proton AG -> Proton AG)
S3 rtucx22x64; C:\WINDOWS\System32\DriverStore\FileRepository\rtucx22x64.inf_amd64_a6eb3abe5befec7d\rtucx22x64.sys [1876424 2024-04-24] (Realtek Semiconductor Corp. -> Realtek Corporation)
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [43568 2024-07-22] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 SteelSeries_Sonar_VAD; C:\WINDOWS\System32\DriverStore\FileRepository\steelseries-sonar-vad.inf_amd64_7a086649438f4409\SteelSeries-Sonar-VAD.sys [95400 2024-08-07] (SteelSeries ApS -> Windows (R) Win 7 DDK provider)
S3 ThermalFilter; C:\WINDOWS\System32\DriverStore\FileRepository\c_thermal.inf_amd64_732a53ed1662b707\ThermalFilter.sys [75376 2025-03-28] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
S3 usb-platformdetection; C:\WINDOWS\System32\DriverStore\FileRepository\usb-platformdetection.inf_amd64_0f001fe089215073\usb-platformdetection.sys [53248 2025-06-26] (Microsoft Windows -> )
S3 VBoxNetAdp; C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys [254664 2024-01-15] (Oracle Corporation -> Oracle and/or its affiliates)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [265536 2024-01-15] (Oracle Corporation -> Oracle and/or its affiliates)
R1 VBoxSup; C:\WINDOWS\system32\DRIVERS\VBoxSup.sys [1064064 2024-01-15] (Oracle Corporation -> Oracle and/or its affiliates)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [33335160 2024-12-16] (Riot Games, Inc. -> Riot Games, Inc.)
S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [98304 2025-05-29] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20032 2025-06-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [612768 2025-06-17] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100744 2025-06-17] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [29592 2023-06-04] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2023-06-04] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-07-03 18:01 - 2025-07-03 18:02 - 000046654 _____ C:\Users\xmaxi\Downloads\FRST.txt
2025-07-03 18:01 - 2025-07-03 18:01 - 000000000 ____D C:\Users\xmaxi\Downloads\FRST-OlderVersion
2025-07-03 17:48 - 2025-07-03 18:02 - 000000000 ____D C:\FRST
2025-07-03 01:11 - 2025-07-03 01:11 - 000192203 _____ C:\Users\xmaxi\Downloads\Long Form Proposal.pdf
2025-07-03 01:11 - 2025-07-03 01:11 - 000105620 _____ C:\Users\xmaxi\Downloads\Short Form Proposal.pdf
2025-07-02 23:53 - 2025-07-03 18:01 - 002407936 _____ (Farbar) C:\Users\xmaxi\Downloads\FRST64.exe
2025-07-02 17:09 - 2025-07-02 17:09 - 000713002 _____ C:\WINDOWS\system32\perfh005.dat
2025-07-02 17:09 - 2025-07-02 17:09 - 000153200 _____ C:\WINDOWS\system32\perfc005.dat
2025-07-01 23:54 - 2025-07-01 23:54 - 002515384 _____ C:\Users\xmaxi\Downloads\BASE_NETGUN_PTASHKA (2).FCStd
2025-07-01 23:04 - 2025-07-01 23:04 - 002515384 _____ C:\Users\xmaxi\Downloads\BASE_NETGUN_PTASHKA (1).FCStd
2025-07-01 23:03 - 2025-07-01 23:03 - 000852536 _____ C:\Users\xmaxi\Downloads\REV0 (1).ork
2025-07-01 23:02 - 2025-07-01 23:02 - 000002355 _____ C:\Users\xmaxi\Downloads\NETGUN_PTASHKA_OPENROCKET_MULTI_MOTOR_REVC (1).ork
2025-07-01 22:57 - 2025-07-01 22:57 - 000893439 _____ C:\Users\xmaxi\Downloads\Foldable_Wing.pdf
2025-07-01 00:51 - 2025-07-01 00:51 - 002515384 _____ C:\Users\xmaxi\Downloads\BASE_NETGUN_PTASHKA.FCStd
2025-07-01 00:51 - 2025-07-01 00:51 - 000002342 _____ C:\Users\xmaxi\Downloads\BASE_NETGUN_PTASHKA.ork
2025-07-01 00:42 - 2025-07-01 00:42 - 018841970 _____ C:\Users\xmaxi\Downloads\TeamPhoto.xcf
2025-07-01 00:42 - 2025-07-01 00:42 - 000004805 _____ C:\Users\xmaxi\AppData\Local\recently-used.xbel
2025-07-01 00:24 - 2025-07-01 00:24 - 002269505 _____ C:\Users\xmaxi\Downloads\IMG_1920.HEIC
2025-06-30 21:05 - 2025-07-01 20:34 - 000000471 _____ C:\Users\xmaxi\Downloads\salon_crm.txt
2025-06-30 19:31 - 2025-06-30 19:31 - 022866882 _____ (AI Helps) C:\Users\xmaxi\Downloads\BeautyProSetup_id694378.exe
2025-06-30 19:25 - 2025-07-01 00:11 - 000000000 ____D C:\Users\xmaxi\Downloads\New folder (22)
2025-06-30 14:18 - 2025-07-01 23:00 - 000204584 _____ C:\Users\xmaxi\Downloads\NETGUN_PTASHKA_OPENROCKET_MULTI_MOTOR_REVC.ork
2025-06-30 12:42 - 2025-06-30 12:42 - 002712647 _____ C:\Users\xmaxi\Downloads\EXPERIMENTAL INTERCEPTOR REV A.pdf
2025-06-29 22:25 - 2025-06-29 22:25 - 000015833 _____ C:\Users\xmaxi\Downloads\výpočet položek za hodinu (5).xlsx
2025-06-29 22:23 - 2025-06-29 22:23 - 000015757 _____ C:\Users\xmaxi\Downloads\výpočet položek za hodinu (4).xlsx
2025-06-29 22:21 - 2025-06-29 22:21 - 000015717 _____ C:\Users\xmaxi\Downloads\výpočet položek za hodinu (3).xlsx
2025-06-29 21:50 - 2025-06-29 21:50 - 000013951 _____ C:\Users\xmaxi\Downloads\výpočet položek za hodinu (2).xlsx
2025-06-29 21:47 - 2025-06-29 21:47 - 000013921 _____ C:\Users\xmaxi\Downloads\výpočet položek za hodinu (1).xlsx
2025-06-28 14:51 - 2025-06-28 14:51 - 000503425 _____ C:\Users\xmaxi\Downloads\SkyDenex - civilian maritime shipping (2).pdf
2025-06-28 14:50 - 2025-06-28 14:50 - 001214442 _____ C:\Users\xmaxi\Downloads\SkyDenexPitchDeck.pdf
2025-06-28 14:40 - 2025-06-28 14:40 - 000011729 _____ C:\Users\xmaxi\Downloads\výpočet položek za hodinu.xlsx
2025-06-27 15:12 - 2025-06-27 15:12 - 000045371 _____ C:\Users\xmaxi\Downloads\WhatsApp Ptt 2025-06-24 at 19.13.48.ogg
2025-06-27 14:22 - 2025-06-27 14:22 - 000179512 _____ (Zoom Communications, Inc.) C:\Users\xmaxi\Downloads\Zoom_cm_fof5tnZ9vvrZo4_m9AC19zcsWtbj11UcMNOcMWJgyjpY5tCvTj7O@hFWVjNQ0wLRhlXpL_ka53ae880ef9a3ac2_.exe
2025-06-27 06:57 - 2025-06-27 06:57 - 000000000 ____D C:\WINDOWS\system32\ruxim
2025-06-26 23:15 - 2025-07-03 17:59 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-06-26 23:11 - 2025-06-26 23:11 - 000073956 _____ C:\WINDOWS\SysWOW64\ctac.json
2025-06-26 23:11 - 2025-06-26 23:11 - 000073956 _____ C:\WINDOWS\system32\ctac.json
2025-06-26 23:11 - 2025-06-26 23:11 - 000033519 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-06-26 23:11 - 2025-06-26 23:11 - 000033519 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-06-25 23:34 - 2025-06-26 00:14 - 000088900 _____ C:\Users\xmaxi\Downloads\Micro Missile Tube One Pager.pdf
2025-06-25 10:28 - 2025-06-25 10:28 - 008261663 _____ C:\Users\xmaxi\Downloads\SkyDenex - civilian maritime shipping.pptx
2025-06-25 10:28 - 2025-06-25 10:28 - 000503425 _____ C:\Users\xmaxi\Downloads\SkyDenex - civilian maritime shipping (1).pdf
2025-06-25 01:33 - 2025-06-25 01:33 - 000464720 _____ C:\Users\xmaxi\Downloads\SkyDenex - civilian maritime shipping.pdf
2025-06-25 00:23 - 2025-06-25 00:23 - 000030706 _____ C:\Users\xmaxi\Downloads\HireRight.pdf
2025-06-24 23:16 - 2025-06-24 23:16 - 000438099 _____ C:\Users\xmaxi\Downloads\Candidate One Pager - EMEA - March'25.pdf
2025-06-24 16:42 - 2025-06-24 16:43 - 000000000 ____D C:\Users\xmaxi\Downloads\New folder (21)
2025-06-24 10:04 - 2025-06-24 10:04 - 007341823 _____ C:\Users\xmaxi\Downloads\Rozbiehame globálnu realitnú revolúciu – prepájaním realitných kancelárií a budovaním komunít kupujúcich vytvárame synergie, ktoré robia trh otvorenejší, efektívnejší a dostupný naprieč hranicami..pdf
2025-06-24 00:50 - 2025-06-24 00:52 - 000126571 _____ C:\Users\xmaxi\Downloads\Employment Agreement - Pen Signature 2025-06-20.pdf
2025-06-23 21:03 - 2025-06-23 21:03 - 000560594 _____ C:\Users\xmaxi\Downloads\SkyDenex ReadDeck.pdf
2025-06-22 19:51 - 2025-06-22 19:51 - 049879720 _____ C:\Users\xmaxi\Downloads\SkyDenex - civilian energy grid.pptx
2025-06-21 23:27 - 2025-06-21 23:27 - 000007170 _____ C:\Users\xmaxi\Downloads\Read Deck_ Protecting Electrical Power Plants from.md
2025-06-21 19:38 - 2025-06-21 19:38 - 032692850 _____ C:\Users\xmaxi\Downloads\(AIAA Education) E. Fleeman - Tactical Missile Design, Second Edition-AIAA (2006).pdf
2025-06-21 14:33 - 2025-06-21 14:33 - 000852536 _____ C:\Users\xmaxi\Downloads\REV0.ork
2025-06-21 14:33 - 2025-06-21 14:33 - 000732796 _____ C:\Users\xmaxi\Downloads\REV1_ROCKET.FCStd
2025-06-21 14:33 - 2025-06-21 14:33 - 000732796 _____ C:\Users\xmaxi\Downloads\REV1_ROCKET (1).FCStd
2025-06-20 10:03 - 2025-06-20 10:05 - 000000000 ____D C:\Program Files\LogiOptionsPlus
2025-06-20 10:03 - 2025-06-20 10:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2025-06-19 22:47 - 2025-06-19 22:47 - 022327185 _____ C:\Users\xmaxi\Downloads\H1K.pptx
2025-06-19 22:02 - 2025-06-19 22:02 - 000000011 _____ C:\Users\xmaxi\Downloads\heslo_renomia.txt
2025-06-18 22:23 - 2025-06-18 22:23 - 001016583 _____ C:\Users\xmaxi\Downloads\boarding-pass.pdf
2025-06-18 20:05 - 2025-06-18 20:05 - 000002599 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WSL.lnk
2025-06-18 20:05 - 2025-06-18 20:05 - 000002546 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WSL Settings.lnk
2025-06-18 20:04 - 2025-06-18 20:05 - 000000000 ____D C:\Program Files\WSL
2025-06-17 00:07 - 2025-06-17 00:07 - 000215468 _____ C:\Users\xmaxi\Downloads\Infineon-IRLML6344-DataSheet-v01_01-EN.pdf
2025-06-16 20:35 - 2025-06-16 20:35 - 000115736 _____ C:\Users\xmaxi\Downloads\Potvrzení schůzky  · Samoobslužný zákaznický portál.pdf
2025-06-16 20:05 - 2025-06-16 20:06 - 065700030 _____ C:\Users\xmaxi\Downloads\DH-LITE.pdf
2025-06-15 22:56 - 2025-06-17 16:42 - 000000000 ____D C:\Users\xmaxi\Downloads\New folder (20)
2025-06-15 21:33 - 2025-06-15 21:33 - 000188092 _____ C:\Users\xmaxi\Downloads\Програма Brave1.pdf
2025-06-13 15:39 - 2025-06-13 15:39 - 000655862 _____ C:\Users\xmaxi\Downloads\tnw2025_ticket_B1eNGKGw.pdf
2025-06-10 13:56 - 2025-06-10 14:02 - 000283114 _____ C:\Users\xmaxi\Downloads\Statement_RUS_Sanctions_0b20b787e7.pdf
2025-06-09 22:13 - 2025-06-09 22:13 - 005846291 _____ C:\Users\xmaxi\Downloads\Micro Missile Platform One Pager.pdf
2025-06-09 21:45 - 2025-06-09 21:45 - 000247027 _____ C:\Users\xmaxi\Downloads\one-pager (copied-document).pdf
2025-06-09 21:27 - 2025-06-09 21:27 - 003655427 _____ C:\Users\xmaxi\Downloads\missile.xcf
2025-06-09 20:12 - 2025-06-09 20:12 - 000738436 _____ C:\Users\xmaxi\Downloads\optoelectronic turret yask draft EN.pdf
2025-06-09 15:33 - 2025-06-09 15:33 - 005436245 _____ C:\Users\xmaxi\Downloads\NETGUN_PTASHKA_OPENROCKET_SINGLE_MOTOR_REVB_FILLED.stl
2025-06-09 15:33 - 2025-06-09 15:33 - 000000000 ____D C:\Users\xmaxi\AppData\Roaming\OpenRocket
2025-06-09 15:31 - 2025-06-09 15:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenRocket
2025-06-09 15:31 - 2025-06-09 15:31 - 000000000 ____D C:\Program Files\OpenRocket
2025-06-09 15:29 - 2025-06-09 15:30 - 118595688 _____ (OpenRocket) C:\Users\xmaxi\Downloads\OpenRocket-23.09-Windows.exe
2025-06-08 22:46 - 2025-07-03 00:03 - 000000000 ____D C:\Users\xmaxi\AppData\Roaming\hyperbeam
2025-06-08 22:45 - 2025-06-08 22:45 - 067911232 _____ (Hyperbeam, Inc.) C:\Users\xmaxi\Downloads\Hyperbeam Setup 0.21.0.exe
2025-06-08 22:45 - 2025-06-08 22:45 - 000002342 _____ C:\Users\xmaxi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hyperbeam.lnk
2025-06-08 22:45 - 2025-06-08 22:45 - 000002340 _____ C:\Users\xmaxi\OneDrive\Plocha\Hyperbeam.lnk
2025-06-08 22:45 - 2025-06-08 22:45 - 000000000 ____D C:\Users\xmaxi\AppData\Local\hyperbeam-updater
2025-06-08 18:44 - 2025-06-08 18:44 - 000000024 _____ C:\Users\xmaxi\Downloads\twilio_2FA_recovery_code.txt
2025-06-07 22:15 - 2025-06-07 22:19 - 000000576 _____ C:\Users\xmaxi\Downloads\realecon_new.txt
2025-06-07 20:56 - 2025-06-07 20:56 - 030181148 _____ C:\Users\xmaxi\Downloads\drive-download-20250607T185535Z-1-001 (2).zip
2025-06-07 20:55 - 2025-06-07 20:55 - 011539505 _____ C:\Users\xmaxi\Downloads\drive-download-20250607T185535Z-1-001.zip
2025-06-05 06:24 - 2025-06-05 06:24 - 000000000 ____D C:\Users\xmaxi\Downloads\drive-download-20250605T042334Z-1-001
2025-06-05 06:23 - 2025-06-05 06:23 - 051124908 _____ C:\Users\xmaxi\Downloads\drive-download-20250605T042334Z-1-001.zip
2025-06-04 10:21 - 2025-06-04 10:21 - 001465991 _____ C:\Users\xmaxi\Downloads\Presentation (1).pdf
2025-06-03 22:20 - 2025-06-03 22:20 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2025-06-03 09:00 - 2025-06-03 09:00 - 000044120 _____ C:\Users\xmaxi\Downloads\RE-2025-01403 (1).pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-07-03 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-07-03 18:01 - 2022-08-07 12:02 - 000000000 ____D C:\Users\xmaxi\AppData\Local\LogiOptionsPlus
2025-07-03 18:01 - 2022-03-27 21:05 - 000000000 ____D C:\Users\xmaxi\AppData\Local\D3DSCache
2025-07-03 17:59 - 2024-07-14 20:05 - 000001464 _____ C:\Users\xmaxi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Grammarly.lnk
2025-07-03 17:59 - 2024-07-14 20:05 - 000001462 _____ C:\Users\xmaxi\OneDrive\Plocha\Grammarly.lnk
2025-07-03 17:59 - 2024-07-14 20:05 - 000000000 ____D C:\Users\xmaxi\AppData\Local\Grammarly
2025-07-03 17:59 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-07-03 17:59 - 2024-01-07 22:34 - 000000000 ____D C:\Users\xmaxi\AppData\Local\Battle.net
2025-07-03 17:59 - 2022-08-08 20:33 - 000000437 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2025-07-03 17:57 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-07-03 17:55 - 2022-09-11 14:28 - 000000000 ____D C:\Program Files (x86)\Steam
2025-07-03 17:51 - 2024-06-07 11:47 - 000000000 ____D C:\Users\xmaxi\AppData\Roaming\Notion Calendar
2025-07-03 17:50 - 2024-04-28 16:02 - 000000000 ____D C:\Users\xmaxi\AppData\Roaming\Signal
2025-07-03 17:45 - 2024-12-29 20:27 - 000000000 ____D C:\Users\xmaxi\AppData\Roaming\Cursor
2025-07-03 17:45 - 2022-07-30 18:56 - 000000000 ____D C:\Users\xmaxi\AppData\Local\CrashDumps
2025-07-03 17:40 - 2025-03-19 18:42 - 000000000 ____D C:\Users\xmaxi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cursor
2025-07-03 17:39 - 2025-05-17 12:01 - 000003326 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2025-07-03 17:39 - 2025-05-17 12:01 - 000000670 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2025-07-03 17:11 - 2022-03-27 20:33 - 000000000 ____D C:\ProgramData\NVIDIA
2025-07-03 17:06 - 2024-04-30 17:47 - 000000000 ____D C:\Users\xmaxi\AppData\Roaming\Slack
2025-07-03 10:46 - 2022-03-27 20:29 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-07-03 10:36 - 2024-07-04 22:06 - 000000000 ____D C:\Users\xmaxi\AppData\Roaming\Jabra Direct
2025-07-02 23:55 - 2022-08-07 12:09 - 000000000 ____D C:\Users\xmaxi\AppData\Roaming\discord
2025-07-02 23:54 - 2022-08-07 12:08 - 000000000 ____D C:\Users\xmaxi\AppData\Local\Discord
2025-07-02 23:51 - 2024-04-16 00:59 - 000000000 ____D C:\Users\xmaxi\AppData\Roaming\Messenger
2025-07-02 23:51 - 2023-04-30 04:49 - 000000000 ___RD C:\Users\xmaxi\iCloudDrive
2025-07-02 23:51 - 2023-04-30 04:48 - 000000000 ___RD C:\Users\xmaxi\iCloudPhotos
2025-07-02 23:51 - 2022-03-28 17:40 - 000000000 ____D C:\Program Files\CCleaner
2025-07-02 23:50 - 2022-03-27 20:42 - 000000000 ___RD C:\Users\xmaxi\OneDrive
2025-07-02 23:49 - 2025-01-03 16:12 - 000000000 ____D C:\Users\xmaxi
2025-07-02 23:49 - 2024-03-24 23:42 - 000000000 ____D C:\Users\xmaxi\AppData\Roaming\Notepad++
2025-07-02 23:43 - 2024-06-16 20:56 - 000000000 ____D C:\Users\xmaxi\AppData\Roaming\draw.io
2025-07-02 23:43 - 2022-08-07 12:09 - 000002290 _____ C:\Users\xmaxi\OneDrive\Plocha\Discord.lnk
2025-07-02 20:32 - 2023-10-31 20:27 - 000000000 ____D C:\Program Files\Microsoft Office
2025-07-02 17:18 - 2024-04-01 09:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-07-02 17:09 - 2025-01-06 17:19 - 001692324 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-07-02 17:09 - 2024-04-01 09:24 - 000000000 ____D C:\WINDOWS\INF
2025-07-02 00:15 - 2025-01-29 03:43 - 000003576 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-2571359450-2151739589-3148544484-1001
2025-07-02 00:15 - 2025-01-06 17:19 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2571359450-2151739589-3148544484-1001
2025-07-02 00:15 - 2025-01-06 17:19 - 000003368 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2571359450-2151739589-3148544484-1001
2025-07-02 00:15 - 2022-03-27 22:11 - 000002420 _____ C:\Users\xmaxi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-07-01 00:43 - 2024-04-27 19:32 - 000000000 ____D C:\Users\xmaxi\AppData\Local\babl-0.1
2025-07-01 00:42 - 2024-04-27 19:33 - 000000000 ____D C:\Users\xmaxi\AppData\Local\gtk-2.0
2025-07-01 00:11 - 2022-05-14 03:11 - 000000000 ____D C:\ProgramData\Zoner
2025-06-30 22:18 - 2025-01-06 17:15 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-06-30 18:57 - 2022-03-27 22:51 - 000002736 _____ C:\Users\xmaxi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2025-06-30 18:57 - 2022-03-27 22:51 - 000002711 _____ C:\Users\xmaxi\OneDrive\Plocha\Avast Secure Browser.lnk
2025-06-29 22:54 - 2024-05-17 10:04 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2025-06-29 22:51 - 2025-01-06 18:17 - 000007592 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-06-29 22:51 - 2025-01-06 17:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-06-29 22:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ServiceState
2025-06-29 22:51 - 2022-03-27 22:11 - 000012288 ___SH C:\DumpStack.log.tmp
2025-06-27 13:23 - 2024-07-04 01:05 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-06-27 13:16 - 2024-06-16 20:56 - 000000000 ____D C:\Program Files\draw.io
2025-06-27 06:59 - 2025-01-06 17:15 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2025-06-27 06:59 - 2024-04-01 09:21 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2025-06-27 06:58 - 2025-01-06 17:15 - 000481920 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-06-27 06:58 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-06-27 06:58 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2025-06-27 06:58 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\InstallShield
2025-06-27 06:58 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-06-27 06:57 - 2024-04-01 09:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-06-27 06:57 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-06-27 06:57 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-06-27 06:57 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-06-27 06:57 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\migwiz
2025-06-27 06:57 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-06-27 06:57 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-06-27 06:57 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-06-27 06:57 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-06-27 06:57 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\Provisioning
2025-06-27 06:57 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2025-06-27 06:57 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-06-27 06:57 - 2024-04-01 09:21 - 000000000 ____D C:\WINDOWS\servicing
2025-06-27 06:56 - 2024-12-15 00:55 - 000000000 ____D C:\Users\xmaxi\AppData\Roaming\Docker Desktop
2025-06-26 23:11 - 2025-01-06 17:18 - 003384320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-06-26 22:53 - 2024-12-15 00:49 - 000000000 ____D C:\Users\xmaxi\AppData\Roaming\Docker
2025-06-26 09:47 - 2025-01-06 17:19 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2025-06-26 00:45 - 2023-06-04 19:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proton
2025-06-25 22:53 - 2024-12-15 00:55 - 000000000 ____D C:\Users\xmaxi\.docker
2025-06-22 17:33 - 2024-06-08 21:13 - 000000000 ____D C:\Users\xmaxi\AppData\Roaming\Notion
2025-06-22 14:29 - 2024-05-24 08:30 - 000000000 ____D C:\Users\xmaxi\AppData\Roaming\RealtimeBoard
2025-06-21 12:53 - 2023-01-18 20:44 - 000000000 ____D C:\Users\xmaxi\AppData\Roaming\JabraSDK
2025-06-20 10:05 - 2025-03-05 15:21 - 000000000 ____D C:\Program Files\Logi
2025-06-18 19:45 - 2025-01-22 15:29 - 000000000 ____D C:\WINDOWS\Minidump
2025-06-18 19:45 - 2022-03-28 02:23 - 007669934 ____N C:\WINDOWS\Minidump\061825-22468-01.dmp
2025-06-17 13:08 - 2022-08-07 16:11 - 000000000 ____D C:\Users\xmaxi\.ssh
2025-06-17 11:52 - 2022-03-28 02:23 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2025-06-17 09:14 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2025-06-16 23:42 - 2022-03-27 20:33 - 000000000 ____D C:\ProgramData\Packages
2025-06-16 23:33 - 2022-03-27 21:06 - 000000000 ____D C:\Users\xmaxi\AppData\Local\PlaceholderTileLogoFolder
2025-06-16 23:33 - 2022-03-27 20:41 - 000000000 ____D C:\Users\xmaxi\AppData\Local\Packages
2025-06-15 14:46 - 2024-10-18 19:16 - 000000000 ____D C:\Users\xmaxi\.gk
2025-06-15 12:28 - 2022-09-18 20:41 - 000000189 _____ C:\Users\xmaxi\AppData\Roaming\.flutter_tool_state
2025-06-14 18:27 - 2022-03-28 02:23 - 004953216 ____N C:\WINDOWS\Minidump\061425-18781-01.dmp
2025-06-13 08:56 - 2025-01-06 17:19 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2025-06-13 08:56 - 2024-10-27 21:47 - 000002084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller.lnk
2025-06-13 08:56 - 2022-10-12 19:16 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2025-06-11 22:24 - 2022-08-27 18:42 - 000003168 _____ C:\Users\xmaxi\OneDrive\Plocha\Proton Mail.lnk
2025-06-11 20:40 - 2024-04-30 17:47 - 000002248 _____ C:\Users\xmaxi\OneDrive\Plocha\Slack.lnk
2025-06-11 20:40 - 2024-04-30 17:47 - 000000000 ____D C:\Users\xmaxi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Slack Technologies Inc
2025-06-11 20:40 - 2024-04-30 17:47 - 000000000 ____D C:\Users\xmaxi\AppData\Local\slack
2025-06-11 07:11 - 2024-12-22 21:33 - 134222904 _____ C:\WINDOWS\392667600.dat
2025-06-11 07:10 - 2024-12-14 20:51 - 000000000 ____D C:\Users\xmaxi\AppData\Roaming\pgadmin4
2025-06-11 07:10 - 2024-04-01 18:30 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-06-11 07:10 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-06-11 00:24 - 2022-03-27 21:46 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-06-11 00:19 - 2022-03-27 21:46 - 216824056 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-06-10 23:09 - 2024-12-14 20:51 - 000000000 ____D C:\Users\xmaxi\AppData\Roaming\pgAdmin
2025-06-07 20:37 - 2025-06-01 05:47 - 000000000 ____D C:\Users\xmaxi\Downloads\New folder (19)
2025-06-05 09:22 - 2024-09-01 13:55 - 000000000 ____D C:\Users\xmaxi\AppData\Roaming\obs-studio
2025-06-03 23:46 - 2022-09-18 19:25 - 000000000 ____D C:\Users\xmaxi\AppData\Roaming\Kodi

==================== Files in the root of some directories ========

2024-12-14 20:40 - 2024-12-14 20:40 - 346849016 _____ (PostgreSQL Global Development Group) C:\Users\xmaxi\postgresql_17.exe
2022-09-18 20:41 - 2022-09-18 20:56 - 000000078 _____ () C:\Users\xmaxi\AppData\Roaming\.flutter
2022-09-18 20:41 - 2025-06-15 12:28 - 000000189 _____ () C:\Users\xmaxi\AppData\Roaming\.flutter_tool_state
2024-05-19 01:13 - 2024-05-19 01:14 - 000000128 _____ () C:\Users\xmaxi\AppData\Local\PUTTY.RND
2025-07-01 00:42 - 2025-07-01 00:42 - 000004805 _____ () C:\Users\xmaxi\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================