prosím o kontrolu. Děkuji
FRST
Kód: Vybrat vše
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-03-2025
Ran by MartinKoščo (administrator) on KOSCO-LENOVO-NT (LENOVO 20NB0029MC) (14-03-2025 09:47:14)
Running from C:\Users\MartinKoščo\Desktop\FRST64.exe
Loaded Profiles: MSSQLSERVER
Platform: Microsoft Windows 11 Pro Version 24H2 26120.3380 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(C:\Program Files (x86)\Lenovo\VantageService\4.2.85.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.2.85.0\LenovoVantage-(GenericMessagingAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.2.85.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.2.85.0\LenovoVantage-(LenovoServiceBridgeAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.2.85.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.2.85.0\LenovoVantage-(SmartDisplayAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.2.85.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.2.85.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\133.0.3065.92\msedgewebview2.exe <21>
(C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\AI\ai.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\KeyboardManagerEngine\PowerToys.KeyboardManagerEngine.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\PowerToys.AlwaysOnTop.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\PowerToys.Awake.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\PowerToys.ColorPickerUI.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\PowerToys.CropAndLock.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\PowerToys.FancyZones.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\PowerToys.PowerLauncher.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\PowerToys.PowerOCR.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\WinUI3Apps\PowerToys.AdvancedPaste.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\WinUI3Apps\PowerToys.Peek.UI.exe
(cmd.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(cmd.exe ->) (Lenovo (Beijing) Limited -> Lenovo Group Limited) C:\Users\MartinKoščo\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_bddd75c806b28a5c\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_bddd75c806b28a5c\igfxEM.exe
(DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\dptf_helper.exe
(DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\tphkload.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\shtctky.exe
(DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\tphkload.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\tposd.exe
(explorer.exe ->) (FileOpen Systems Inc. -> FileOpen Systems Inc.) C:\Program Files\FileOpen\Services\FileOpenBroker64.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(explorer.exe ->) (Yealink (Xiamen) Network Technology Co., Ltd. -> ) C:\Users\MartinKoščo\AppData\Roaming\Yealink\Yealink Wireless Presentation Pod\app\PresentationLauncher.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\110\LocalDB\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\MartinKoščo\AppData\Local\Microsoft\OneDrive\25.035.0223.0003\Microsoft.SharePoint.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <25>
(services.exe ->) (Access Denied) [File not signed?] C:\Windows\System32\ApsInsMonSvc.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\efwd.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (eWay System s.r.o. -> eWay System s.r.o.) C:\Program Files\eWay-CRM\UpdateService.exe
(services.exe ->) (FileOpen Systems Inc. -> FileOpen Systems Inc.) C:\Program Files\FileOpen\Services\FileOpenManager64.exe
(services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_bddd75c806b28a5c\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_677610f31eedc829\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_d028eecaa2f7d439\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_d028eecaa2f7d439\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_ece153ca769ec179\aesm_service.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(services.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\tphkload.exe
(services.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\SysWOW64\EasyResume.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.2.85.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_54015d614dafb853\x64\ibmpmsvc.exe
(services.exe ->) (Lenovo -> Lenovo.) C:\Windows\System32\DriverStore\FileRepository\litsdrv.inf_amd64_64fe83bb6fa2a9a7\x64\LITSSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_5f2cd636dbc40dd2\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Lenovo.) C:\Windows\System32\ApsInsSvc.exe
(services.exe ->) (Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\Intel(R) Audio Service\IntelAudioService.exe
(services.exe ->) (Softland SRL -> Microsoft) C:\Program Files\Softland\novaPDF 9\Server\novapdfs.exe
(services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64U.exe
(services.exe ->) (Synaptics Incorporated -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(services.exe ->) (Synaptics Incorporated -> Conexant Systems LLC.) C:\Windows\CxSvc\CxAudioSvc.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated.) C:\Windows\System32\SynaHelperService.exe
(sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MSTeams_25060.203.3471.1730_x64__8wekyb3d8bbwe\ms-teams.exe <2>
(svchost.exe ->) (Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\PowerToys.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.OneNote_16001.14326.22094.0_x64__8wekyb3d8bbwe\onenoteim.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.289.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\MartinKoščo\AppData\Local\Microsoft\OneDrive\25.035.0223.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_525.5100.0.0_x64__cw5n1h2txyewy\WidgetBoard.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Microsoft.AAD.BrokerPlugin.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPHelper.exe
(SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [FileOpenBroker] => C:\Program Files\FileOpen\Services\FileOpenBroker64.exe [2089968 2022-06-07] (FileOpen Systems Inc. -> FileOpen Systems Inc.)
HKLM\...\Run: [Autodesk Access] => C:\Program Files\Autodesk\AdODIS\V1\Access\AdskAccessCore.exe [23042336 2024-05-21] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [196520 2024-10-28] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3952720 2022-06-01] (Microsoft Windows Hardware Compatibility Publisher -> Logitech, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711288 2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\Program Files\Autodesk\Genuine Service\GenuineService.exe [3727136 2024-09-25] (Autodesk, Inc. -> Autodesk)
HKLM\...\Policies\Explorer: [NoThumbnailCache] 0
HKLM\...\Policies\Explorer: [DisableThumbnailCache] 0
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-12-1-2416705766-1142710785-2529361033-311585214\...\Run: [Opera Browser Assistant] => C:\Users\MartinKoščo\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3004440 2020-04-29] (Opera Software AS -> Opera Software)
HKU\S-1-12-1-2416705766-1142710785-2529361033-311585214\...\Run: [MicrosoftEdgeAutoLaunch_91DBBEFD3316A188D8C66985889F2F00] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4417576 2025-03-13] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-12-1-2416705766-1142710785-2529361033-311585214\...\Run: [OpenVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [888096 2024-04-15] (OpenVPN Inc. -> )
HKU\S-1-12-1-2416705766-1142710785-2529361033-311585214\...\Run: [LenovoVantage] => C:\ProgramData\Lenovo\Vantage\Addins\LenovoCompanionAppAddin\1.0.0.40\LenovoVantage.exe [25496 2024-08-13] (Lenovo -> Lenovo)
HKU\S-1-12-1-2416705766-1142710785-2529361033-311585214\...\Run: [Microsoft.Lists] => C:\Users\MartinKoščo\AppData\Local\Microsoft\OneDrive\25.035.0223.0003\Microsoft.SharePoint.exe [1029456 2025-03-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-12-1-2416705766-1142710785-2529361033-311585214\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45452080 2025-02-18] (Gen Digital Inc. -> Gen Digital Inc.)
HKU\S-1-12-1-2416705766-1142710785-2529361033-311585214\...\Run: [StartLoad] => C:\Users\MartinKoščo\AppData\Roaming\Yealink\Yealink Wireless Presentation Pod\app\PresentationLauncher.exe [4565992 2025-03-13] (Yealink (Xiamen) Network Technology Co., Ltd. -> )
HKU\S-1-12-1-2416705766-1142710785-2529361033-311585214\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\MartinKoščo\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" [84783440 2025-03-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-12-1-2416705766-1142710785-2529361033-311585214\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\MartinKoščo\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-12-1-2416705766-1142710785-2529361033-311585214\...\RunOnce: [Uninstall 25.031.0217.0002] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\MartinKoščo\AppData\Local\Microsoft\OneDrive\25.031.0217.0002" [0 2025-03-14] () <==== ATTENTION [zero byte File/Folder]
HKU\S-1-12-1-2416705766-1142710785-2529361033-311585214\...\Policies\Explorer: [NoThumbnailCache] 0
HKU\S-1-12-1-2416705766-1142710785-2529361033-311585214\...\Policies\Explorer: [DisableThumbnailCache] 0
HKU\S-1-12-1-2416705766-1142710785-2529361033-311585214\...\Policies\Explorer: []
HKU\S-1-12-1-2416705766-1142710785-2529361033-311585214\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-12-1-2416705766-1142710785-2529361033-311585214\...\MountPoints2: {078f5d66-ffeb-11ef-a3d9-5c879c1d07c6} - "D:\PresentationLauncher.exe"
HKLM\...\Windows x64\Print Processors\hpcpp120: C:\Windows\System32\spool\prtprocs\x64\hpcpp120.DLL [342016 2012-01-27] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\hpcpp255: C:\Windows\System32\spool\prtprocs\x64\hpcpp255.dll [848384 2021-03-03] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.)
HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\WINDOWS\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [File not signed]
HKLM\...\Print\Monitors\HPMLM225: C:\WINDOWS\system32\hpmlm225.dll [308224 2018-11-14] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.)
HKLM\...\Print\Monitors\novaPDF 9 Port Monitor: C:\WINDOWS\system32\novamn9.dll [18944 2018-06-08] (Softland) [File not signed]
HKLM\...\Print\Monitors\PDF Architect 9 Monitor: C:\WINDOWS\system32\spool\DRIVERS\x64\brand_solution_name_pdfpmon_v.6.23.0.2.dll [974120 2023-12-11] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com))
HKLM\...\Print\Monitors\pdfcmon: C:\WINDOWS\system32\pdfcmon.dll [196096 2023-12-11] (pdfforge GmbH) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [>OpenVPN_UserSetup] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\130.0.6723.117\Installer\chrmstp.exe [2024-11-07] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{AC7DD106-EAB6-4b41-AC4F-D52FD62A82C7}] -> C:\Program Files\Fortinet\FortiClient\FortiCredentialProvider2.dll [2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
HKLM\Software\...\Authentication\Credential Provider Filters: [{AC7DD106-EAB6-4b41-AC4F-D52FD62A82C7}] -> C:\Program Files\Fortinet\FortiClient\FortiCredentialProvider2.dll [2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
HKLM\Software\...\Authentication\PLAP Providers: [{4fbb8b67-cf02-4982-a7a8-3dd06a2c2ebd}] -> C:\Program Files\OpenVPN\bin\libopenvpn_plap.dll [2024-04-15] (OpenVPN Inc. -> )
Startup: C:\Users\MartinKoščo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RT-Updater-SVO.lnk [2021-05-12]
ShortcutTarget: RT-Updater-SVO.lnk -> C:\Ross-Tech\VCDS-SVO\VCDS.exe (Ross-Tech, LLC -> Ross-Tech, LLC)
Startup: C:\Users\MartinKoščo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RT-Updater.lnk [2024-07-07]
ShortcutTarget: RT-Updater.lnk -> C:\Ross-Tech\VCDS\VCDS.EXE (Ross-Tech, LLC -> Ross-Tech, LLC)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {5C394816-1B26-4A1D-87EC-8A9156F46235} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2024-12-18] (Adobe Inc. -> Adobe Inc.)
Task: {D91BC140-C7B1-4B18-82B3-C24DF0EC0FB2} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_363_pepper.exe [1454136 2020-04-15] (Adobe Inc. -> Adobe)
Task: {A4F205A9-0E21-4869-9385-0E7F08F6EDBE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-04-15] (Adobe Inc. -> Adobe)
Task: {D28CDC49-3999-485F-8837-760E90C54EAB} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030872 2024-08-19] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {E865E6DC-F49F-455A-8667-51DBED582BF9} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030872 2024-08-19] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {1440321F-61EA-4629-A039-6CDE04D9BF73} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [3480504 2025-02-18] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {E0A839F6-E5A7-4BF2-920E-F3698A5FD1CB} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [6139696 2025-02-18] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "0c8fb1a6-3c94-4eb5-a780-12b5cea7915f" --version "6.33.0.11465" --silent
Task: {6B3B2FBE-A6A5-480B-B724-1581E028511C} - System32\Tasks\CCleanerSkipUAC - MartinKoščo => C:\Program Files\CCleaner\CCleaner.exe [39224624 2025-02-18] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {1EF71431-20A8-4B0C-B846-C41A0F6D692E} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [2902168 2025-03-11] (Microsoft Windows -> Microsoft Corporation)
Task: {BB1F6650-E3E0-4B58-BE92-906A9F73ABA2} - System32\Tasks\Driver Booster SkipUAC (MartinKoščo) => "C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe" /skipuac (No File)
Task: {CD613FC6-B8B8-4209-BE18-3A56DBAAB3D5} - System32\Tasks\Easy Connection to Screen => C:\Program Files\Samsung\Easy Connection to Screen\Ui.exe --hide (No File)
Task: {42F3AF01-B098-4B89-A96A-5B0F255B75D6} - System32\Tasks\eWay-CRM => C:\Program Files\eWay-CRM\eWayAgent.exe [68480 2025-01-16] (eWay System s.r.o. -> eWay System s.r.o.)
Task: {A5981469-F4E3-403C-97D5-907947B49C8C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-22] (Google LLC -> Google LLC)
Task: {53D6BB38-9BD9-49A1-A8D8-B2CB6B759268} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-22] (Google LLC -> Google LLC)
Task: {9925D8FA-B1E8-48B9-AF35-8630B266EC7E} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [5137472 2023-10-16] (Intel Corporation -> Intel Corporation)
Task: {3AA58C10-7D0A-4FDB-AFB9-2BF506DDC65B} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [5137472 2023-10-16] (Intel Corporation -> Intel Corporation)
Task: {1535BDE4-17AC-4A71-A0C4-1263484DD047} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)
Task: {76BFC980-D782-44BB-A87C-4E97A24711AA} - System32\Tasks\Lenovo Power Management Driver PnP Task => C:\WINDOWS\System32\ibmpmsvc.exe -PnPTask (No File)
Task: {4A82EFA3-0943-44B3-AD1C-0A1434D0A27F} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [94496 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {9E86620F-80E5-474A-BC72-B5319770CC1B} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => C:\WINDOWS\system32\sc.exe [102400 2024-04-01] (Microsoft Windows -> Microsoft Corporation) -> START ImControllerService
Task: {6D1B93B4-2557-45D6-8872-7B3B23556A2E} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => C:\WINDOWS\System32\reg.exe [110592 2024-04-01] (Microsoft Windows -> Microsoft Corporation) -> add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {594C6355-86FC-4A22-8521-50287B443838} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\84510283-8441-4e68-b75c-81fe138ee540 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {80A8344E-A94A-4372-8A4A-6E63184F8FCB} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\8feaac2b-2458-479e-ada1-cb5cf32b6f4a => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {02F3295E-1077-4723-8959-87707C2C915B} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\955d3b69-d6d6-415c-819c-b74d20be6b9c => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {EF56976C-7A78-4F5E-AF49-EBB82544736E} - System32\Tasks\Lenovo\Lenovo ITS PnP Task => C:\WINDOWS\System32\LITSSvc.exe -PnPTask (No File)
Task: {914A751F-FBF5-4470-994A-66F1ED5C586E} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-12-1-2416705766-1142710785-2529361033-311585214 => C:\Users\MartinKoščo\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [88584 2024-05-17] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {1ECB8A97-0B0A-43E3-8240-7B31129A5145} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [129368 2024-06-26] (Lenovo -> Lenovo)
Task: {AC458BED-8728-4E72-8751-E44E8D0F2A94} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\PowerMgrInst.exe [64984 2022-05-16] (Lenovo -> )
Task: {1876939F-D36D-436F-9444-B0E83369599F} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => C:\WINDOWS\system32\sc.exe [102400 2024-04-01] (Microsoft Windows -> Microsoft Corporation) -> start LenovoVantageService
Task: {49DD72FE-54E5-458F-871F-8CBB264241D1} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.85.0\ScheduleEventAction.exe [30152 2025-02-20] (Lenovo -> Lenovo)
Task: {1E57F74D-BB84-423D-8CC1-D8031C8099D8} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\4.2.85.0\ScheduleEventAction.exe [30152 2025-02-20] (Lenovo -> Lenovo)
Task: {4D4D90DD-57A4-44C6-9D5A-3CD9CB1D3615} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\4.2.85.0\ScheduleEventAction.exe [30152 2025-02-20] (Lenovo -> Lenovo)
Task: {BFC09A30-01D4-4538-8776-3FB5DCE60B2C} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.85.0\ScheduleEventAction.exe [30152 2025-02-20] (Lenovo -> Lenovo)
Task: {D5DDFF66-091E-4E33-AEFB-6F6DBEC01C6F} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.HardwareScan.SScan => C:\Program Files (x86)\Lenovo\VantageService\4.2.85.0\ScheduleEventAction.exe [30152 2025-02-20] (Lenovo -> Lenovo)
Task: {D252AD31-8B62-483D-A135-1B21D4E3E1C9} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\4.2.85.0\ScheduleEventAction.exe [30152 2025-02-20] (Lenovo -> Lenovo)
Task: {75B3AEB2-95B1-4E0D-93FC-EF040949446E} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.85.0\ScheduleEventAction.exe [30152 2025-02-20] (Lenovo -> Lenovo)
Task: {FB5CECC6-FFD9-4BA0-9786-0BB53DEC545A} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.85.0\ScheduleEventAction.exe [30152 2025-02-20] (Lenovo -> Lenovo)
Task: {3051D661-2E16-4431-8A08-972695E5D1D4} - System32\Tasks\Lenovo\Vantage\Schedule\NotificationCenter => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe NotificationCenter (No File)
Task: {950F9EF7-EB2A-4B60-8ED7-864C45F093B1} - System32\Tasks\Lenovo\Vantage\Schedule\SmartPerformance.ExpireReminder => C:\Program Files (x86)\Lenovo\VantageService\4.2.85.0\ScheduleEventAction.exe [30152 2025-02-20] (Lenovo -> Lenovo)
Task: {D534A911-1CB7-4A86-984C-6D3DE1DCF537} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinIdleScheduleTask => C:\ProgramData\Lenovo\Vantage\Addins\VantageCoreAddin\1.0.0.190\x64\IdleScheduleEventAction.exe [143768 2025-01-17] (Lenovo -> )
Task: {A4DED43F-252C-48D3-9816-AF051543FBF0} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinWeekScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.85.0\ScheduleEventAction.exe [30152 2025-02-20] (Lenovo -> Lenovo)
Task: {C4F1725F-FE49-4280-99E0-FAF3446DDAD4} - System32\Tasks\Lenovo\Vantage\StartupFixPlan => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\\uninstall.exe /repair (No File)
Task: {3EC4739A-93D0-4DCC-85A3-7DB043499983} - System32\Tasks\McAfee\DAD.Execute.Updates => "C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.4.111\DADUpdater.exe" (No File)
Task: {2CD31ABE-923A-4881-A6DF-47E81CC68804} - System32\Tasks\Microsoft\Office\Office Apps Prewarm => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [314456 2025-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {B2968F07-194F-417F-8608-AE8E844D7175} - System32\Tasks\Microsoft\Office\Office Apps Prewarm Recurring => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [314456 2025-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0028563-1A1F-4BA5-87A4-CFB82DACBF2C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28895416 2025-03-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {5E7CF207-EC3F-44BD-BB09-E47AA54EB3BD} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE16\opushutil.exe [67280 2025-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {46ED1F30-AC89-484B-8B74-95D14EF00B2E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28895416 2025-03-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCA3B7B5-F244-4490-8D27-153AAE4F3D5D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [314456 2025-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {9BE4FF2B-0884-496E-9F81-761BEC385E20} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [314456 2025-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {CBAEC7D0-995C-4233-8992-036B9D4BD488} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [197256 2025-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {662850E2-86F0-41B1-99A0-D5CFB80857DE} - System32\Tasks\Microsoft\Windows\AccountHealth\RecoverabilityToastTask => {B7F5B442-EBF8-46CD-9F0B-D8E45ED43492} C:\WINDOWS\system32\AccountHealth.dll [258048 2025-03-11] (Microsoft Windows -> Microsoft Corporation)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {B145538D-D814-444D-91DD-91DB2E001361} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => %systemroot%\system32\MusNotification.exe ReadyToReboot (No File)
Task: {5465943A-C518-42BA-A582-E926CF144AB7} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC ReadyToReboot (No File)
Task: {A091EE2D-B87F-45D4-B56E-8D7C3A6B230D} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery ReadyToReboot (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {DD89C567-BAF2-4411-B920-13DFC1A096B4} - System32\Tasks\Microsoft\Windows\WindowsAI\Recall\InitialConfiguration => {709FD5EF-7296-4154-BD3A-E9830FCFA60A} C:\WINDOWS\system32\ShellConfigTask.dll [229376 2025-03-11] (Microsoft Windows -> Microsoft Corporation)
Task: {D3EB9660-1D6B-4BFD-8864-BBACF8ACD105} - System32\Tasks\Microsoft\Windows\WindowsAI\Recall\PolicyConfiguration => {0BE6820D-B667-4CB6-931B-C153A77DA895} C:\WINDOWS\system32\ShellConfigTask.dll [229376 2025-03-11] (Microsoft Windows -> Microsoft Corporation)
Task: {F8BFCB79-082E-4DB6-A6C3-E94F73786337} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030872 2024-08-19] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {78E85BFC-EF83-49DF-ADA7-9CF5D57B5FA8} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [682560 2025-03-12] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {98C010CC-5BE3-4668-BBD0-90176112C767} - System32\Tasks\Mozilla\Firefox Background Update S-1-12-1-2416705766-1142710785-2529361033-311585214 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [682560 2025-03-12] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {0CACAFB1-397C-4EA6-A536-C178B6404E6B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34880 2025-03-12] (Mozilla Corporation -> Mozilla Foundation)
Task: {898BA603-9B40-413F-AD27-DE8B3F96A6EE} - System32\Tasks\OneDrive Startup Task-S-1-12-1-2416705766-1142710785-2529361033-311585214 => C:\Users\MartinKoščo\AppData\Local\Microsoft\OneDrive\25.035.0223.0003\OneDriveLauncher.exe [670528 2025-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {6E8E8920-AA3D-4C47-97D5-117191EE62DD} - System32\Tasks\Opera scheduled assistant Autoupdate 1582721347 => C:\Users\MartinKoščo\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\MartinKoščo\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {CA9C38A7-7EC2-4E90-A3D8-79767C98ACAC} - System32\Tasks\Opera scheduled Autoupdate 1581009370 => C:\Users\MartinKoščo\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [5645720 2025-02-28] (Opera Norway AS -> Opera Software)
Task: {0AB41089-D029-4633-845C-60E4331D93B2} - System32\Tasks\pdfforge GmbH\PDF Architect 9\App Notification => C:\Program Files\PDF Architect 9\architect-launcher.exe [2307520 2023-10-20] (pdfforge GmbH -> pdfforge GmbH)
Task: {E00982FE-60CC-438F-90A6-7AC14293DE7A} - System32\Tasks\pdfforge GmbH\PDF Architect 9\App Notification Logon => C:\Program Files\PDF Architect 9\architect-launcher.exe [2307520 2023-10-20] (pdfforge GmbH -> pdfforge GmbH)
Task: {0EF36AA6-B5EB-4498-9583-A0EBAE15DB98} - System32\Tasks\pdfforge GmbH\PDF Architect 9\Update => C:\Program Files\PDF Architect 9\architect.exe [3480000 2023-10-20] (pdfforge GmbH -> pdfforge GmbH)
Task: {FD4D37FE-2EFE-4040-844B-DAE9A5A8B00C} - System32\Tasks\PowerToys\Autorun for MartinKoščo => C:\Program Files\PowerToys\PowerToys.exe [1180704 2024-07-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {FA266A86-D1AF-4E27-AEA0-27CACF689058} - System32\Tasks\StartAllBack Update => C:\Program Files\StartAllBack\UpdateCheck.exe [49888 2025-02-11] (IP Zinukhov Stanislav Igorevich -> www.startisback.com)
Task: {2FDFE435-E892-4348-AEAE-18714A78E6AC} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [60632 2024-08-19] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {45DEE5C7-C5A0-431C-B44C-969F854B7429} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [324312 2024-08-19] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {910DFEC1-FEDC-4A70-8DBE-C77E8A0B8485} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1904536 2024-07-15] (Lenovo -> )
Task: {74187E4B-C21B-42BD-BD83-35ECBFF24D48} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1904536 2024-07-15] (Lenovo -> )
Task: {91F23EE8-90AB-451F-90C9-9A9205A6011C} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => C:\WINDOWS\System32\Wscript.exe [200704 2025-02-24] (Microsoft Windows -> Microsoft Corporation) -> C:\Program Files\Intel\SUR\QUEENCREEK\x64\//B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 81.200.55.222 81.200.55.223
Tcpip\..\Interfaces\{6f88ef3a-465a-4e1c-81fa-a8cebae8eada}: [DhcpNameServer] 192.168.1.1 81.200.55.222 81.200.55.223
Tcpip\..\Interfaces\{6f88ef3a-465a-4e1c-81fa-a8cebae8eada}\75966496F546F6D616: [DhcpNameServer] 192.168.19.29
Tcpip\..\Interfaces\{6f88ef3a-465a-4e1c-81fa-a8cebae8eada}\75966696F5B4163656E6B616: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e552cc9b-580b-4ae7-8576-1bb2cdabcc54}: [DhcpNameServer] 192.168.1.1 81.200.55.222 81.200.55.223
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\MartinKoščo\AppData\Local\Microsoft\Edge\User Data\Default [2025-03-11]
Edge Extension: (Dokumenty Google offline) - C:\Users\MartinKoščo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-11-07]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Edge relevant text changes) - C:\Users\MartinKoščo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-08-26]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
FireFox:
========
FF DefaultProfile: idrerpkz.default
FF ProfilePath: C:\Users\MartinKoščo\AppData\Roaming\Mozilla\Firefox\Profiles\idrerpkz.default [2023-02-28]
FF user.js: detected! => C:\Users\MartinKoščo\AppData\Roaming\Mozilla\Firefox\Profiles\idrerpkz.default\user.js [2023-03-16]
FF ProfilePath: C:\Users\MartinKoščo\AppData\Roaming\Mozilla\Firefox\Profiles\bkwx44c2.default-release [2025-03-14]
FF user.js: detected! => C:\Users\MartinKoščo\AppData\Roaming\Mozilla\Firefox\Profiles\bkwx44c2.default-release\user.js [2023-03-16]
FF Session Restore: Mozilla\Firefox\Profiles\bkwx44c2.default-release -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\bkwx44c2.default-release -> hxxps://mail.google.com; hxxps://meet.google.com
FF Extension: (Facebook Container) - C:\Users\MartinKoščo\AppData\Roaming\Mozilla\Firefox\Profiles\bkwx44c2.default-release\Extensions\@contain-facebook.xpi [2023-07-21]
FF Extension: (AdBlocker Ultimate) - C:\Users\MartinKoščo\AppData\Roaming\Mozilla\Firefox\Profiles\bkwx44c2.default-release\Extensions\adblockultimate@adblockultimate.net.xpi [2025-02-17]
FF Extension: (Dark Reader) - C:\Users\MartinKoščo\AppData\Roaming\Mozilla\Firefox\Profiles\bkwx44c2.default-release\Extensions\addon@darkreader.org.xpi [2025-03-03]
FF Extension: (Enhancer for YouTube™) - C:\Users\MartinKoščo\AppData\Roaming\Mozilla\Firefox\Profiles\bkwx44c2.default-release\Extensions\enhancerforyoutube@maximerf.addons.mozilla.org.xpi [2024-12-03]
FF Extension: (Hamty.cz doplněk) - C:\Users\MartinKoščo\AppData\Roaming\Mozilla\Firefox\Profiles\bkwx44c2.default-release\Extensions\Hamty.cz@Hamty.cz.xpi [2025-02-18]
FF Extension: (To Google Translate) - C:\Users\MartinKoščo\AppData\Roaming\Mozilla\Firefox\Profiles\bkwx44c2.default-release\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2021-06-23]
FF Extension: (Decentraleyes) - C:\Users\MartinKoščo\AppData\Roaming\Mozilla\Firefox\Profiles\bkwx44c2.default-release\Extensions\jid1-BoFifL9Vbdl2zQ@jetpack.xpi [2024-12-06]
FF Extension: (Privacy Badger) - C:\Users\MartinKoščo\AppData\Roaming\Mozilla\Firefox\Profiles\bkwx44c2.default-release\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2025-03-14]
FF Extension: (AdBlocker for YouTube™) - C:\Users\MartinKoščo\AppData\Roaming\Mozilla\Firefox\Profiles\bkwx44c2.default-release\Extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi [2024-11-22]
FF Extension: (AI Grammar Checker & Paraphraser – LanguageTool) - C:\Users\MartinKoščo\AppData\Roaming\Mozilla\Firefox\Profiles\bkwx44c2.default-release\Extensions\languagetool-webextension@languagetool.org.xpi [2025-01-15]
FF Extension: (SoundFixer) - C:\Users\MartinKoščo\AppData\Roaming\Mozilla\Firefox\Profiles\bkwx44c2.default-release\Extensions\soundfixer@unrelenting.technology.xpi [2024-11-27]
FF Extension: (uBlock Origin) - C:\Users\MartinKoščo\AppData\Roaming\Mozilla\Firefox\Profiles\bkwx44c2.default-release\Extensions\uBlock0@raymondhill.net.xpi [2025-01-20]
FF Extension: (Pinned WhatsApp Web) - C:\Users\MartinKoščo\AppData\Roaming\Mozilla\Firefox\Profiles\bkwx44c2.default-release\Extensions\whatsapppanel@alejandrobrizuela.com.ar.xpi [2021-06-29]
FF Extension: (Social Video Downloader) - C:\Users\MartinKoščo\AppData\Roaming\Mozilla\Firefox\Profiles\bkwx44c2.default-release\Extensions\{00e68183-fc7d-4a91-b5cc-f7f8272386db}.xpi [2025-02-18]
FF Extension: (YouTube NonStop) - C:\Users\MartinKoščo\AppData\Roaming\Mozilla\Firefox\Profiles\bkwx44c2.default-release\Extensions\{0d7cafdd-501c-49ca-8ebb-e3341caaa55e}.xpi [2024-11-27]
FF Extension: (Youtube to MP3 Converter - YTMP3.EU) - C:\Users\MartinKoščo\AppData\Roaming\Mozilla\Firefox\Profiles\bkwx44c2.default-release\Extensions\{2eded70b-8e41-4c8a-8067-771da68fe474}.xpi [2025-02-18]
FF Extension: (YouTube™ No Buffer - Stop Auto-playing) - C:\Users\MartinKoščo\AppData\Roaming\Mozilla\Firefox\Profiles\bkwx44c2.default-release\Extensions\{551f032e-353d-4d10-b186-b0026b1a666d}.xpi [2023-11-20]
FF Extension: (NoScript) - C:\Users\MartinKoščo\AppData\Roaming\Mozilla\Firefox\Profiles\bkwx44c2.default-release\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2025-01-03]
FF Extension: (Return YouTube Dislike) - C:\Users\MartinKoščo\AppData\Roaming\Mozilla\Firefox\Profiles\bkwx44c2.default-release\Extensions\{762f9885-5a13-4abd-9c77-433dcd38b8fd}.xpi [2024-11-27]
FF Extension: (Distill Web Monitor) - C:\Users\MartinKoščo\AppData\Roaming\Mozilla\Firefox\Profiles\bkwx44c2.default-release\Extensions\{7a73dc4b-1b38-40e7-ac56-7d356dd4af34}.xpi [2023-08-14]
FF Extension: (SpeedUp: Netflix, Prime videos) - C:\Users\MartinKoščo\AppData\Roaming\Mozilla\Firefox\Profiles\bkwx44c2.default-release\Extensions\{c2d283ab-0818-4f11-a7a6-fb84c332cb61}.xpi [2023-04-03]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-12-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-02-21] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2024-12-04] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2024-12-04] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2024-12-04] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2024-12-04] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2024-12-04] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2012-01-12] (Google Inc. -> Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.361.2 -> C:\Program Files (x86)\Java\jre1.8.0_361\bin\dtplugin\npDeployJava1.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.361.2 -> C:\Program Files (x86)\Java\jre1.8.0_361\bin\plugin2\npjp2.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-12-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-12-16] (Microsoft Corporation -> Microsoft Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2025-03-14]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\MartinKoščo\AppData\Local\Google\Chrome\User Data\Default [2025-03-12]
CHR Notifications: Default -> hxxps://meet.google.com; hxxps://www.tipsport.cz
CHR Extension: (uBlock Origin) - C:\Users\MartinKoščo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2025-01-23]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Axiom Browser Automation & Web Scraping) - C:\Users\MartinKoščo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpgamigjcbffkaiciiepndmonbfdimbb [2025-01-23]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\MartinKoščo\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-02-07]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Dokumenty Google offline) - C:\Users\MartinKoščo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-03-12]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\MartinKoščo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2024-04-18]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\MartinKoščo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-25]hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-12-1-2416705766-1142710785-2529361033-311585214\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-12-1-2416705766-1142710785-2529361033-311585214\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
Opera:
=======
OPR DefaultProfile: Default
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2024-12-18] (Adobe Inc. -> Adobe Inc.)
S4 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-04-15] (Adobe Inc. -> Adobe)
S3 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [18184984 2024-11-20] (Autodesk, Inc. -> Autodesk)
R3 ApsInsMonitorSvc; C:\WINDOWS\system32\ApsInsMonSvc.exe [27624 2025-03-14] (Access Denied) [File not signed?]
R2 ApsInsSvc; C:\WINDOWS\System32\ApsInsSvc.exe [187768 2019-08-08] (Microsoft Windows Hardware Compatibility Publisher -> Lenovo.)
S3 Autodesk Access Service Host; C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessServiceHost.exe [13773600 2024-07-26] (Autodesk, Inc. -> Autodesk, Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1088816 2025-02-18] (Gen Digital Inc. -> Gen Digital Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13768944 2025-03-01] (Microsoft Corporation -> Microsoft Corporation)
R2 CxAudioSvc; C:\WINDOWS\CxSvc\CxAudioSvc.exe [94496 2022-03-29] (Synaptics Incorporated -> Conexant Systems LLC.)
R2 CxAudMsg; C:\WINDOWS\System32\CxAudMsg64.exe [244512 2022-03-29] (Synaptics Incorporated -> Conexant Systems Inc.)
S2 CxUIUSvc; C:\WINDOWS\System32\CxUIUSvc64.exe [123144 2022-03-29] (Synaptics Incorporated -> Conexant Systems, Inc.)
S3 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_a8d0f03c50a0e3df\DAX3API.exe [2295320 2022-09-28] (Dolby Laboratories, Inc. -> Dolby Laboratories)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [47000 2025-02-19] (Intel Corporation -> Intel)
R2 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [330136 2025-02-19] (Intel Corporation -> Intel)
R2 efwd; C:\Program Files\ESET\ESET Security\efwd.exe [5563760 2024-10-28] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [4240120 2024-10-28] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [4240120 2024-10-28] (ESET, spol. s r.o. -> ESET)
R2 eWayUpdateService; C:\Program Files\eWay-CRM\UpdateService.exe [58240 2025-01-16] (eWay System s.r.o. -> eWay System s.r.o.)
S4 FA_Scheduler; C:\Program Files\Fortinet\FortiClient\scheduler.exe [138640 2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
R2 FileOpenManager; C:\Program Files\FileOpen\Services\FileOpenManager64.exe [846816 2022-06-07] (FileOpen Systems Inc. -> FileOpen Systems Inc.)
S4 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [243664 2025-03-06] (HP Inc. -> HP Inc.)
R2 IBMPMSVC; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_54015d614dafb853\x64\ibmpmsvc.exe [1037168 2024-10-14] (Lenovo -> Lenovo)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
R2 Lenovo Instant On; C:\WINDOWS\SysWOW64\EasyResume.exe [2352368 2022-05-16] (Lenovo -> Lenovo Group Limited)
S4 LenovoBrightCtrl; C:\WINDOWS\System32\DriverStore\FileRepository\litsdrv.inf_amd64_64fe83bb6fa2a9a7\x64\BrightnessControl.exe [160080 2024-07-29] (Lenovo -> Lenovo.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\4.2.85.0\LenovoVantageService.exe [34768 2025-02-20] (Lenovo -> Lenovo)
R2 LITSSVC; C:\WINDOWS\System32\DriverStore\FileRepository\litsdrv.inf_amd64_64fe83bb6fa2a9a7\x64\LITSSvc.exe [1099592 2024-07-29] (Lenovo -> Lenovo.)
S2 LPlatSvc; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_54015d614dafb853\x64\LPlatSvc.exe [916344 2024-10-14] (Lenovo -> Lenovo)
S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [370368 2015-06-10] (Microsoft Corporation -> Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2019-02-01] (HP Inc.) [File not signed]
R2 NovaPdf9Server; C:\Program Files\Softland\novaPDF 9\Server\novapdfs.exe [52664 2018-06-08] (Softland SRL -> Microsoft)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [24504 2024-04-15] (OpenVPN Inc. -> The OpenVPN project)
S3 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [65312 2024-04-15] (OpenVPN Inc. -> The OpenVPN Project)
S3 OptionsPlusUpdaterService; C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe [22217608 2025-02-28] (Logitech Inc -> Logitech, Inc.)
S3 PDF Architect 9; C:\Program Files\PDF Architect 9\activation-service.exe [3213248 2023-10-20] (pdfforge GmbH -> pdfforge GmbH)
S3 PDF Architect 9 Creator; C:\Program Files\PDF Architect 9\creator-ws.exe [508864 2023-10-20] (pdfforge GmbH -> pdfforge GmbH)
S3 PDF Architect 9 Update Service; C:\Program Files\PDF Architect 9\update-service.exe [414144 2023-10-20] (pdfforge GmbH -> pdfforge GmbH)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2019-02-01] (HP Inc.) [File not signed]
S3 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [15250864 2024-04-12] (ADLICE -> )
R2 SECOMNUService; C:\WINDOWS\System32\SECOMN64U.exe [596816 2021-10-22] (Sound Research Corporation -> Sound Research, Corp.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559312 2025-03-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [613056 2015-06-10] (Microsoft Corporation -> Microsoft Corporation)
R2 SynaHlp; C:\WINDOWS\System32\SynaHelperService.exe [255984 2021-12-29] (Synaptics Incorporated -> Synaptics Incorporated.)
S3 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [21819184 2025-01-24] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S4 tmInstall; C:\Program Files\Thrustmaster\FFB Racing wheel\drivers\amd64\tmInstall.EXE [281160 2022-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Thrustmaster®)
R2 TPHKLOAD; C:\WINDOWS\System32\DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\TPHKLOAD.exe [473760 2021-10-22] (Lenovo -> Lenovo Group Limited)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ZoomCptService; "C:\Program Files\Common Files\Zoom\Support\CptService.exe" -user_path "C:\Users\MartinKoščo\AppData\Roaming\Zoom"
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdfendrmgr; C:\WINDOWS\System32\DriverStore\FileRepository\amdfendr.inf_amd64_5f2cd636dbc40dd2\amdfendrmgr.sys [25672 2024-04-23] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_960126269e89c62e\amdsafd.sys [113880 2024-05-10] (Advanced Micro Devices -> Advanced Micro Devices)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0407052.inf_amd64_84d15514ad17ffa0\B406619\amdkmdag.sys [106596128 2024-09-04] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [61888 2023-05-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 BHTPCRDR; C:\WINDOWS\System32\drivers\bhtpcrdr.sys [176032 2019-06-12] (BayHub Technology Inc. -> BayHubTech/O2Micro)
R0 bhtsddr; C:\WINDOWS\System32\drivers\bhtsddr.sys [175336 2022-05-09] (BayHub Technology Inc. -> BayHubTech)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [220520 2024-10-28] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [16336 2024-10-24] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [268568 2024-10-28] (ESET, spol. s r.o. -> ESET)
S4 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [57872 2024-10-28] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [87784 2024-10-28] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [128552 2024-10-28] (ESET, spol. s r.o. -> ESET)
S3 fortiapd; C:\WINDOWS\System32\drivers\fortiapd.sys [27688 2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
R1 FortiFilter; C:\WINDOWS\system32\DRIVERS\FortiFilter.sys [35400 2020-05-11] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
S1 FortiFW; C:\WINDOWS\System32\drivers\FortiFW2.sys [47144 2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
S3 Fortips; C:\WINDOWS\System32\drivers\fortips.sys [157536 2020-05-11] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
R1 FortiShield; C:\WINDOWS\System32\drivers\FortiShield.sys [83512 2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
S3 fortisniff; C:\WINDOWS\System32\drivers\fortisniff2.sys [121384 2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
R3 ftsvnic; C:\WINDOWS\System32\drivers\ftsvnic.sys [64224 2020-05-11] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
R3 ft_vnic; C:\WINDOWS\System32\drivers\ftvnic.sys [70368 2020-05-11] (Fortinet Technologies (Canada) Inc. -> Fortinet Corporation)
R3 IBMPMDRV; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_54015d614dafb853\x64\ibmpmdrv.sys [56696 2024-10-14] (Lenovo -> Lenovo)
R3 ovpn-dco; C:\WINDOWS\System32\drivers\ovpn-dco.sys [91584 2024-04-14] (WDKTestCert lev,133391533294737317 -> OpenVPN, Inc)
R1 PMDRVS; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_54015d614dafb853\x64\pmdrvs.sys [42336 2024-10-14] (Lenovo -> Lenovo)
R3 pppop; C:\WINDOWS\System32\drivers\pppop64.sys [54344 2020-05-11] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
S3 qcfilter; C:\WINDOWS\System32\drivers\qcusbfilter.sys [40448 2014-05-23] (USBHostDriver(Test003) -> QUALCOMM Incorporated)
S4 RsFx0300; C:\WINDOWS\System32\DRIVERS\RsFx0300.sys [247488 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
S3 RT-USB; C:\WINDOWS\system32\drivers\RT-USB64.SYS [97152 2014-05-12] (Ross-Tech, LLC -> Ross-Tech LLC)
R0 Shockprf; C:\WINDOWS\System32\drivers\ApsX64.sys [156536 2019-08-08] (Microsoft Windows Hardware Compatibility Publisher -> Lenovo.)
S3 SymTAP; C:\WINDOWS\System32\drivers\SymTAP.sys [52104 2019-07-08] (Symantec Corporation -> The OpenVPN Project)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [41000 2024-04-18] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 ThermalFilter; C:\WINDOWS\System32\DriverStore\FileRepository\c_thermal.inf_amd64_7c72bd5d8dfdb374\ThermalFilter.sys [75376 2025-03-11] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
S3 tmwbulk; C:\WINDOWS\System32\Drivers\tmwbulk.sys [381984 2021-03-24] (Microsoft Windows Hardware Compatibility Publisher -> © Guillemot R&D, 2021. All rights reserved.)
R0 TPDIGIMN; C:\WINDOWS\System32\drivers\ApsHM64.sys [29048 2019-08-08] (Microsoft Windows Hardware Compatibility Publisher -> Lenovo.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [22104 2024-10-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [606624 2024-10-30] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105888 2024-10-30] (Microsoft Windows -> Microsoft Corporation)
S3 wini3ctarget; C:\WINDOWS\System32\DriverStore\FileRepository\wini3ctarget.inf_amd64_86709438665da200\wini3ctarget.sys [75208 2025-03-11] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [38176 2023-10-04] (WireGuard LLC -> WireGuard LLC)
R3 WSDPrintDevice; C:\WINDOWS\System32\DriverStore\FileRepository\wsdprint.inf_amd64_1f9e32519098c0b6\WSDPrint.sys [57344 2025-02-04] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-03-14 09:44 - 2025-03-14 09:44 - 000003386 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-12-1-2416705766-1142710785-2529361033-311585214
2025-03-14 09:44 - 2025-03-14 09:44 - 000002414 _____ C:\Users\MartinKoščo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-03-14 09:43 - 2025-03-14 09:43 - 002834160 _____ (Malwarebytes) C:\Users\MartinKoščo\Downloads\MBSetup.exe
2025-03-14 09:38 - 2025-03-14 09:38 - 002404352 _____ (Farbar) C:\Users\MartinKoščo\Desktop\FRST64.exe
2025-03-14 09:37 - 2025-03-14 09:37 - 000388608 _____ (Trend Micro Inc.) C:\Users\MartinKoščo\Desktop\hijackthis.exe
2025-03-14 08:23 - 2025-03-14 08:23 - 000003326 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2025-03-14 08:23 - 2025-03-14 08:23 - 000000670 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2025-03-14 08:08 - 2025-03-14 08:08 - 000813588 _____ C:\WINDOWS\system32\perfh005.dat
2025-03-14 08:08 - 2025-03-14 08:08 - 000192810 _____ C:\WINDOWS\system32\perfc005.dat
2025-03-14 08:04 - 2025-03-14 08:04 - 000003114 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2025-03-14 08:04 - 2025-03-14 08:04 - 000003102 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2025-03-14 08:03 - 2025-03-14 08:03 - 000027624 _____ C:\WINDOWS\system32\ApsInsMonSvc.exe
2025-03-13 10:16 - 2025-03-13 10:16 - 000000000 ____D C:\Users\MartinKoščo\AppData\Roaming\Yealink
2025-03-12 21:00 - 2025-03-12 21:00 - 000123357 _____ C:\Users\MartinKoščo\Downloads\readme_cz.pdf
2025-03-12 20:59 - 2025-03-12 21:00 - 004927659 _____ C:\Users\MartinKoščo\Downloads\DATA_3ZZH5.zip
2025-03-12 20:55 - 2025-03-12 20:55 - 018141728 _____ (< Genevo s.r.o. >) C:\Users\MartinKoščo\Downloads\Genevo-Universal-Updater-20250312.exe
2025-03-12 11:07 - 2025-03-13 10:10 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-03-11 16:56 - 2025-03-11 16:56 - 003944060 _____ C:\Users\MartinKoščo\Downloads\zaverecna_prace.pdf
2025-03-11 12:52 - 2025-03-11 12:53 - 001255068 _____ C:\Users\MartinKoščo\Documents\cc_20250311_125254.reg
2025-03-11 12:49 - 2025-03-11 12:49 - 000000000 ____D C:\WINDOWS\Panther
2025-03-11 12:38 - 2025-03-11 12:38 - 050630656 _____ C:\WINDOWS\system32\hkcubackup.hiv
2025-03-11 12:25 - 2025-03-11 12:25 - 000000000 ____D C:\WINDOWS\system32\AccountHealthAssets
2025-03-11 08:50 - 2025-03-14 08:04 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-03-11 08:44 - 2025-03-11 08:44 - 000029042 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-03-11 08:44 - 2025-03-11 08:44 - 000029042 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-03-11 08:13 - 2025-03-11 08:13 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2025-03-07 13:01 - 2025-03-11 12:53 - 000003648 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1581009370
2025-03-07 13:01 - 2025-03-07 13:01 - 000001423 _____ C:\Users\MartinKoščo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2025-02-28 12:00 - 2025-02-28 12:00 - 000000000 ____D C:\Program Files\Logi
2025-02-28 11:59 - 2025-02-28 12:00 - 000000000 ____D C:\Program Files\LogiOptionsPlus
2025-02-28 11:59 - 2025-02-28 11:59 - 000000859 _____ C:\Users\Public\Desktop\Logi Options+.lnk
2025-02-28 11:59 - 2025-02-28 11:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2025-02-28 11:04 - 2025-02-28 11:04 - 012969473 _____ C:\Users\MartinKoščo\Downloads\placemaker-v3.3.3.rbz
2025-02-27 11:56 - 2025-02-27 11:56 - 000000000 ____D C:\ProgramData\SketchPlus
2025-02-27 11:49 - 2025-02-27 11:49 - 001984801 _____ C:\Users\MartinKoščo\Desktop\MANUETA - sklad_20250127.dwg
2025-02-27 11:16 - 2025-02-27 11:16 - 000001156 _____ C:\Users\Public\Desktop\LayOut 2025.lnk
2025-02-27 11:16 - 2025-02-27 11:16 - 000000876 _____ C:\Users\Public\Desktop\SketchUp 2025.lnk
2025-02-27 11:16 - 2025-02-27 11:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2025
2025-02-27 10:00 - 2025-03-11 12:54 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2025-02-27 10:00 - 2025-02-27 10:00 - 000002082 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2025-02-27 10:00 - 2025-02-27 10:00 - 000002070 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2025-02-25 18:10 - 2025-02-25 18:10 - 000001545 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2025-02-25 13:57 - 2025-03-11 12:39 - 000000000 ____D C:\Users\MartinKoščo\Downloads\OneDrive_2025-02-25(1)
2025-02-24 12:10 - 2025-02-24 12:10 - 000005137 _____ C:\Users\MartinKoščo\Downloads\Webinar_ Touchless Demand Forecasting.ics
2025-02-17 17:24 - 2025-02-17 17:24 - 000002358 _____ C:\Users\MartinKoščo\Downloads\Logicon.rdp
2025-02-17 17:24 - 2025-02-17 17:24 - 000002358 _____ C:\Users\MartinKoščo\Downloads\Logicon(1).rdp
2025-02-17 14:17 - 2025-02-17 14:17 - 000012890 _____ C:\Users\MartinKoščo\Documents\MANUTEA - 022024 docházka k 14.2.2025.xlsx
2025-02-14 08:16 - 2025-02-14 08:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BIMTech Tools
2025-02-14 08:16 - 2025-02-14 08:16 - 000000000 ____D C:\Program Files\BIM Technology
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-03-14 09:48 - 2024-04-18 20:22 - 000063893 _____ C:\Users\MartinKoščo\Desktop\FRST.txt
2025-03-14 09:48 - 2023-10-06 13:43 - 000000000 ____D C:\Users\MartinKoščo\AppData\Local\CrashDumps
2025-03-14 09:47 - 2024-04-18 20:21 - 000000000 ____D C:\FRST
2025-03-14 09:44 - 2025-02-04 16:33 - 000003618 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-12-1-2416705766-1142710785-2529361033-311585214
2025-03-14 09:44 - 2025-02-04 16:33 - 000003612 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-12-1-2416705766-1142710785-2529361033-311585214
2025-03-14 09:44 - 2024-04-01 08:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-03-14 09:44 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-03-14 09:44 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-03-14 09:44 - 2023-09-12 13:44 - 000000000 ___RD C:\Users\MartinKoščo\PHARMOS, a.s
2025-03-14 09:44 - 2023-09-12 13:43 - 000000000 ___RD C:\Users\MartinKoščo\OneDrive - LOGICON Partner, s.r.o
2025-03-14 09:44 - 2023-09-12 13:43 - 000000000 ___RD C:\Users\MartinKoščo\LOGICON Partner, s.r.o
2025-03-14 09:44 - 2023-09-12 13:41 - 000000000 ___RD C:\Users\MartinKoščo\OneDrive
2025-03-14 09:43 - 2024-04-18 20:30 - 000126520 _____ C:\Users\MartinKoščo\Desktop\Addition.txt
2025-03-14 09:40 - 2020-01-20 00:15 - 000802816 _____ C:\Users\MartinKoščo\eWay_mkosco_4b912fbc_log.ldf
2025-03-14 09:35 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-03-14 09:32 - 2020-01-19 21:35 - 000000000 ____D C:\Users\MartinKoščo\AppData\Roaming\Microsoft\Excel
2025-03-14 08:14 - 2022-02-09 14:20 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-03-14 08:11 - 2020-01-20 00:15 - 639565824 _____ C:\Users\MartinKoščo\eWay_mkosco_4b912fbc.mdf
2025-03-14 08:08 - 2025-02-04 16:32 - 001974570 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-03-14 08:08 - 2024-04-01 08:24 - 000000000 ____D C:\WINDOWS\INF
2025-03-14 08:07 - 2020-06-15 07:33 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-03-14 08:04 - 2025-02-04 16:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\PowerToys
2025-03-14 08:04 - 2025-02-04 16:29 - 000005548 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-03-14 08:04 - 2020-06-17 09:39 - 000000000 ____D C:\ProgramData\boost_interprocess
2025-03-14 08:04 - 2020-01-20 11:59 - 000000000 ____D C:\ProgramData\Packages
2025-03-14 08:04 - 2020-01-20 11:56 - 000000000 __SHD C:\Users\MartinKoščo\IntelGraphicsProfiles
2025-03-14 08:04 - 2020-01-20 11:56 - 000000000 ____D C:\Users\MartinKoščo\AppData\Local\Packages
2025-03-14 08:03 - 2025-02-04 16:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-03-14 08:03 - 2024-10-07 19:30 - 000012288 ___SH C:\DumpStack.log.tmp
2025-03-14 08:03 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ServiceState
2025-03-14 08:03 - 2019-08-11 01:18 - 000000000 ____D C:\Intel
2025-03-13 11:57 - 2024-04-01 08:21 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2025-03-13 11:57 - 2019-08-11 01:24 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2025-03-13 11:56 - 2020-01-20 07:54 - 000000000 ____D C:\Users\MartinKoščo\AppData\Roaming\Microsoft\PowerPoint
2025-03-13 11:15 - 2025-02-04 16:33 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2025-03-13 10:10 - 2020-01-20 12:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-03-13 06:23 - 2025-02-04 16:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-03-12 20:23 - 2020-01-20 12:23 - 000000000 ____D C:\Users\MartinKoščo\AppData\Local\D3DSCache
2025-03-12 18:27 - 2025-02-04 16:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2025-03-12 18:27 - 2020-01-20 12:07 - 000001080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-03-12 11:06 - 2024-03-28 10:55 - 002897472 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2025-03-12 11:06 - 2024-03-28 10:55 - 000153152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2025-03-12 11:06 - 2024-03-28 10:55 - 000124480 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2025-03-12 11:06 - 2024-03-28 10:55 - 000075304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2025-03-12 11:06 - 2020-01-19 21:36 - 000000000 ____D C:\Users\MartinKoščo\AppData\Roaming\Microsoft\Word
2025-03-12 11:05 - 2024-03-28 10:55 - 000267816 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2025-03-12 11:05 - 2024-03-28 10:55 - 000243264 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2025-03-11 19:17 - 2020-04-06 11:11 - 000002454 ____H C:\Users\MartinKoščo\Documents\Default.rdp
2025-03-11 15:25 - 2024-04-18 20:34 - 000000000 ____D C:\Program Files\CCleaner
2025-03-11 12:57 - 2025-02-04 16:25 - 001034208 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-03-11 12:54 - 2025-02-04 16:33 - 000003628 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-03-11 12:54 - 2025-02-04 16:33 - 000003404 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-03-11 12:50 - 2023-11-27 08:33 - 000000000 ____D C:\Users\MartinKoščo\AppData\Local\LogiOptionsPlus
2025-03-11 12:49 - 2024-04-18 20:31 - 000000000 ____D C:\Program Files\TeamViewer
2025-03-11 12:48 - 2025-02-04 16:25 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2025-03-11 12:25 - 2024-04-01 17:31 - 000000000 ____D C:\WINDOWS\InboxApps
2025-03-11 12:25 - 2024-04-01 08:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-03-11 12:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\UUS
2025-03-11 12:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-03-11 12:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-03-11 12:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemApps
2025-03-11 12:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-03-11 12:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-03-11 12:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-03-11 12:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-03-11 08:11 - 2020-01-20 12:14 - 000000000 ____D C:\Program Files\Microsoft Office
2025-03-10 09:09 - 2022-02-04 08:05 - 000000000 ____D C:\Users\MartinKoščo\AppData\Local\AMD_Common
2025-03-08 10:51 - 2023-11-27 08:33 - 000000000 ____D C:\Users\MartinKoščo\AppData\Roaming\logioptionsplus
2025-03-06 09:58 - 2023-07-17 08:41 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2025-03-04 09:28 - 2020-04-07 09:15 - 000000000 ____D C:\Program Files (x86)\Intel
2025-03-04 09:27 - 2020-04-07 09:15 - 000000000 ____D C:\Program Files\Intel
2025-03-04 09:27 - 2019-08-11 01:03 - 000000000 ____D C:\ProgramData\Package Cache
2025-03-03 18:11 - 2020-03-24 13:47 - 000000000 ____D C:\WINDOWS\TempInst
2025-03-03 12:17 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\USOPrivate
2025-03-03 11:59 - 2024-04-01 17:31 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2025-03-03 11:59 - 2024-04-01 17:31 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2025-03-03 11:59 - 2024-04-01 17:31 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2025-03-03 11:59 - 2024-04-01 17:30 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2025-03-03 11:59 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2025-03-03 11:59 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\system32\F12
2025-03-03 11:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2025-03-02 15:14 - 2025-02-04 16:28 - 003345920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-02-27 11:49 - 2023-08-17 08:36 - 000000000 _____ C:\Users\MartinKoščo\Desktop\Audit report.txt
2025-02-27 11:19 - 2021-08-19 11:51 - 000000000 ____D C:\Users\MartinKoščo\AppData\Roaming\SketchUp
2025-02-27 11:19 - 2021-08-19 11:51 - 000000000 ____D C:\Users\MartinKoščo\AppData\Local\SketchUp
2025-02-27 11:17 - 2019-08-11 01:28 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2025-02-27 11:15 - 2021-08-19 11:45 - 000000000 ____D C:\ProgramData\SketchUp
2025-02-27 11:15 - 2021-08-19 11:45 - 000000000 ____D C:\Program Files\SketchUp
2025-02-27 11:14 - 2020-12-02 09:04 - 000000000 ____D C:\Users\MartinKoščo\AppData\Local\Downloaded Installations
2025-02-24 09:34 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-02-24 09:33 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\system32\UNP
2025-02-24 09:33 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2025-02-24 09:33 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-02-24 09:33 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\setup
2025-02-24 09:33 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2025-02-24 09:33 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-02-24 09:33 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-02-24 09:33 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-02-24 09:33 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\System
2025-02-18 13:59 - 2025-01-30 14:24 - 000000000 ____D C:\LOGICON
2025-02-18 12:51 - 2025-02-10 21:00 - 000000000 ____D C:\Users\MartinKoščo\Downloads\zasilka-RHXPH5Z54WZXDEFH
2025-02-18 12:51 - 2025-02-05 17:23 - 000000000 ____D C:\Users\MartinKoščo\Downloads\Autocom 2021.11 Cars & Truck
2025-02-18 12:51 - 2022-09-12 07:10 - 000000000 ____D C:\Users\MartinKoščo\AppData\Roaming\MPC-HC
2025-02-18 12:51 - 2020-01-20 12:25 - 000000000 ____D C:\Users\MartinKoščo\AppData\Roaming\Microsoft\Office
2025-02-17 12:06 - 2025-02-04 15:20 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2025-02-17 12:06 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2025-02-17 12:06 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2025-02-17 12:06 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-02-17 12:06 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2025-02-17 12:06 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2025-02-17 12:06 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\Provisioning
2025-02-17 12:06 - 2024-04-01 08:21 - 000000000 ____D C:\WINDOWS\servicing
2025-02-17 12:04 - 2025-02-04 15:46 - 000000000 ____D C:\Users\MartinKoščo
2025-02-17 08:21 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2025-02-17 08:17 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2025-02-14 08:16 - 2020-09-18 07:15 - 000000000 ____D C:\ProgramData\BIMTech
2025-02-13 18:23 - 2025-01-09 19:06 - 000000000 ____D C:\Users\MartinKoščo\Downloads\Photos-001
2025-02-13 16:53 - 2023-06-05 10:25 - 000000000 ____D C:\Program Files (x86)\BIMTECH
2025-02-13 12:20 - 2020-01-19 22:01 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-02-13 12:13 - 2020-01-19 22:01 - 209365816 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Files in the root of some directories ========
2021-05-21 08:58 - 2021-05-21 08:58 - 000052341 _____ () C:\Users\MartinKoščo\AppData\Roaming\Hodnoty oddělené čárkami.ADR
2024-03-04 15:14 - 2024-03-04 15:14 - 000003584 _____ () C:\Users\MartinKoščo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-04-06 09:30 - 2020-04-06 09:40 - 000002611 _____ () C:\Users\MartinKoščo\AppData\Local\krita-sysinfo.log
2020-04-06 09:30 - 2020-04-06 09:48 - 000005692 _____ () C:\Users\MartinKoščo\AppData\Local\krita.log
2020-04-06 09:48 - 2020-04-06 09:48 - 000000039 _____ () C:\Users\MartinKoščo\AppData\Local\kritadisplayrc
2020-04-06 09:30 - 2020-04-06 09:48 - 000016985 _____ () C:\Users\MartinKoščo\AppData\Local\kritarc
2023-08-21 11:24 - 2023-08-21 11:24 - 000000867 _____ () C:\Users\MartinKoščo\AppData\Local\recently-used.xbel
2023-02-28 10:35 - 2023-02-28 10:35 - 000007602 _____ () C:\Users\MartinKoščo\AppData\Local\Resmon.ResmonCfg
2025-02-05 17:32 - 2025-02-05 17:32 - 000000032 _____ () C:\Users\MartinKoščo\AppData\Local\SqlCe35_1_netFramework3.5.2.1.dll_temp
2021-02-16 12:04 - 2021-07-14 07:50 - 000028994 _____ () C:\Users\MartinKoščo\AppData\Local\Temptnodlogo.png
==================== FLock ==============================
2025-03-14 08:03 C:\WINDOWS\system32\ApsInsMonSvc.exe
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Přispějete na provoz fóra?