converze vsech word do pdf, sama
Napsal: 07 čer 2025 20:37
Zdravim, zrejme nejaky malware...? prevedli se mi skoro vsechny wrod docs do pdf.
Log frst
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-06-2025
Ran by Köket (administrator) on DESKTOP-MDT6U91 (LENOVO 20FR004PMS) (07-06-2025 21:27:28)
Running from C:\Users\Köket\OneDrive\Desktop\FRST64.exe
Loaded Profiles: Köket
Platform: Microsoft Windows 10 Pro Version 22H2 19045.5854 (X64) Language: Swedish (Sweden) -> English (United States)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(C:\Program Files\Bitdefender Agent\ProductAgentService.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\27.1.1.13\DiscoverySrv.exe
(C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bduserhost.exe <2>
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (S.C. BITDEFENDER S.R.L. -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\wsccommunicator.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ->) (Synaptics Incorporated -> Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\Program Files\WindowsApps\MSTeams_25094.310.3616.953_x64__8wekyb3d8bbwe\ms-teams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\136.0.3240.92\msedgewebview2.exe <26>
(C:\Program Files\WindowsApps\OpenAI.ChatGPT-Desktop_1.2025.153.0_x64__2p2nqsd0c76g0\app\ChatGPT.exe ->) (Dexcom Inc. -> Dexcom Inc.) C:\Program Files (x86)\Dexcom\Uploader\Dexcom.Agent.Uploader.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxEM.exe
(explorer.exe ->) (50BDFD77-8903-4850-9FFE-6E8522F64D5B -> OpenAI) C:\Program Files\WindowsApps\OpenAI.ChatGPT-Desktop_1.2025.153.0_x64__2p2nqsd0c76g0\app\ChatGPT.exe <5>
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnapp.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <11>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\25.091.0512.0001\Microsoft.SharePoint.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe <2>
(Grammarly, Inc. -> Grammarly) C:\Users\Köket\AppData\Local\Grammarly\DesktopIntegrations\Grammarly.Desktop.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MSTeams_25094.310.3616.953_x64__8wekyb3d8bbwe\ms-teams.exe <2>
(Samsung Electronics CO., LTD. -> ) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\Dexcom\Updater\Dexcom.Agent.UpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (AnyDesk Software GmbH -> AnyDesk Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2>
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\redline\bdredline.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\safepay\bdservicehost.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe <3>
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnService.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\SAII\CxUtilSvc.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(services.exe ->) (Get Aura Inc -> AnchorFree Inc.) C:\Program Files\Bitdefender\Bitdefender VPN\UnifiedSDK.Service\UnifiedSDK.Service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_c2ac023763d5d3ad\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_d4f47df9c2216d4d\LMS.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\SysWOW64\Lenovo\PowerMgr\EasyResume.exe
(services.exe ->) (Lenovo -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(services.exe ->) (Logitech Inc -> ) C:\Program Files (x86)\Logitech\LogiSyncStub\LogiSyncStub.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25040.2-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25040.2-0\MsMpEng.exe
(services.exe ->) (Sierra Wireless, Inc -> Sierra Wireless, Inc.) C:\Windows\Sierra Wireless Inc\bin\SwiService.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2502.2.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2522.2.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\25.091.0512.0001\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe [1088224 2025-06-04] (Bitdefender SRL -> Bitdefender)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] (Samsung Electronics CO., LTD. -> )
HKLM\...\Run: [BdVpnApp] => C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnApp.exe [501424 2025-03-20] (Bitdefender SRL -> Bitdefender)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [126328160 2021-11-23] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [DexcomUploader] => C:\Program Files (x86)\Dexcom\Uploader\Dexcom.Agent.Uploader.exe [575216 2023-12-26] (Dexcom Inc. -> Dexcom Inc.)
HKU\S-1-5-21-1759685886-848360775-207772720-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4967240 2025-06-04] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1759685886-848360775-207772720-1001\...\Run: [MicrosoftEdgeAutoLaunch_B6362D3D1E2D51B3BDF317BAE5AD01E8] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --win-session-start [4141096 2025-06-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1759685886-848360775-207772720-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Köket\AppData\Local\Microsoft\Teams\Update.exe [2593968 2024-06-17] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1759685886-848360775-207772720-1001\...\Run: [Microsoft.Lists] => C:\Program Files\Microsoft OneDrive\25.091.0512.0001\Microsoft.SharePoint.exe [1004352 2025-06-04] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1759685886-848360775-207772720-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [41352088 2025-04-24] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1759685886-848360775-207772720-1001\...\Run: [Grammarly] => C:\Users\Köket\AppData\Local\Grammarly\DesktopIntegrations\Grammarly.Desktop.exe [272472 2025-06-05] (Grammarly, Inc. -> Grammarly)
HKLM\...\Windows x64\Print Processors\shj2mPC: C:\Windows\System32\spool\prtprocs\x64\shj2mpc.dll [91216 2022-01-24] (联想图像(天津)科技有限公司 -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\EPSON SX440 Series 64MonitorBE: C:\WINDOWS\system32\E_ILMHBE.DLL [120320 2011-04-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\shj2m Langmon: C:\WINDOWS\system32\shj2mlm.dll [70224 2022-01-24] (联想图像(天津)科技有限公司 -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\137.0.7151.69\Installer\chrmstp.exe [2025-06-06] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2024-10-08]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {85F7A81F-76A9-4706-8D77-2CCCFD88F9B7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2025-03-21] (Adobe Inc. -> Adobe Inc.)
Task: {27B06E57-94D2-4DCF-8147-8CE2C777E4C1} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\27.1.1.13\WatchDog.exe [1158440 2025-05-12] (Bitdefender SRL -> Bitdefender) -> C:\Program Files\Bitdefender Agent\27.1.1.13\repair
Task: {99004331-4D1C-4D7B-A6C8-326FA51CA646} - System32\Tasks\EPM Preload => C:\Program Files (x86)\HP\Easy Printer Manager\EPM2DotNetHandler.exe [1339256 2021-12-16] (HP Inc. -> )
Task: {F045DD90-F789-4EF1-A83B-31D66DA09031} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem138.0.7194.0{ADB5CDC1-6556-4508-8B6C-240B860D479A} => C:\Program Files (x86)\Google\GoogleUpdater\138.0.7194.0\updater.exe [7080032 2025-05-22] (Google LLC -> Google LLC)
Task: {E03A1412-1900-413B-8E6B-4CDD0F993169} - System32\Tasks\Lenovo Power Management Driver PnP Task => C:\Windows\System32\ibmpmsvc.exe [949632 2019-12-11] (Lenovo -> Lenovo.)
Task: {D7089E66-FE9E-4F1F-8BF9-10A3FA100C69} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [129368 2024-06-26] (Lenovo -> Lenovo)
Task: {02739049-40A4-463D-AAB3-0A871F1CE921} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\PowerMgrInst.exe [67424 2024-06-26] (Lenovo -> )
Task: {7667728B-EAB3-4502-83D6-49BADE6F6234} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28955376 2025-05-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {AE4E5D96-FBD9-4EED-8BDA-74CB2C20F948} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE16\opushutil.exe [68312 2025-05-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {7ECA976B-1C31-449D-AC9B-9B16040D068E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28955376 2025-05-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {C585DD47-F736-44DC-8652-53257D60D002} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309960 2025-05-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {FB7D9425-ADD5-4738-B84F-60D8541A7FC1} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309960 2025-05-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {73974384-6679-47AE-9D46-2FBADDB49C59} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [225992 2025-05-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {A503D9FD-7AEB-4533-97F7-422FB5132300} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4548528 2025-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {50BA8B71-9837-43C6-A13D-B57EF9F1B436} - System32\Tasks\Microsoft\Office\Office Startup Boost => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309960 2025-05-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {58994E70-E8D7-493E-BD25-BA9884F41788} - System32\Tasks\Microsoft\Office\Office Startup Boost Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309960 2025-05-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {97652850-4FAB-41E8-9987-FE5D15918F8B} - System32\Tasks\Microsoft\Windows\Conexant\AFA => C:\Program Files\CONEXANT\cAudioFilterAgent\SACpl.exe [1823232 2016-07-05] (Conexant Systems, Inc.) [File not signed] -> C:\Program Files\CONEXANT\cAudioFilterAgent\/uid:cAudioFilterAgent /delay:45
Task: {FF640DCA-6D0F-4485-AB02-1D0432D1FD80} - System32\Tasks\Microsoft\Windows\Conexant\SA2 => C:\Program Files\CONEXANT\SAII\SACpl.exe [1832280 2017-06-07] (Conexant Systems, Inc. -> Conexant Systems, Inc.) -> C:\Program Files\CONEXANT\SAII\/c /delay:45
Task: {897C32A1-3FE5-43C0-944C-75EC6EF821D1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25040.2-0\MpCmdRun.exe [1753416 2025-05-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {41DC117B-B6CC-4118-9D35-0C23CCE8FEA2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25040.2-0\MpCmdRun.exe [1753416 2025-05-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AE89E63C-DA5F-43B9-9B3A-3D8C1A0E22DD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25040.2-0\MpCmdRun.exe [1753416 2025-05-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {90B2A7AF-1F24-42F7-837A-2C9CDDFB1D64} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25040.2-0\MpCmdRun.exe [1753416 2025-05-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {96E5E14D-49C4-44AC-859B-DB26371A4C49} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34880 2025-05-30] (Mozilla Corporation -> Mozilla Foundation)
Task: {67E65830-C8AF-40CD-AD1D-2405E9575E19} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4223808 2025-06-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {DB088606-C604-4DC8-993E-8AC2A634D431} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1759685886-848360775-207772720-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4223808 2025-06-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {FABBA6AA-82D5-4462-9CC2-90BCA7467C29} - System32\Tasks\OneDrive Startup Task-S-1-5-21-1759685886-848360775-207772720-1001 => C:\Program Files\Microsoft OneDrive\25.091.0512.0001\OneDriveLauncher.exe [684880 2025-06-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {BB13E5B2-AD0F-4F64-B257-B3B49B1FA6CA} - System32\Tasks\ZoomUpdateTaskUser-S-1-5-21-1759685886-848360775-207772720-1001 => C:\Users\Köket\AppData\Roaming\Zoom\bin\Zoom.exe [441144 2025-05-27] (Zoom Video Communications, Inc. -> Zoom Communications, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 127.0.0.1 agent.mydiabetesdata.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8f87ee97-3ceb-44cf-a972-525533679e71}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{8f87ee97-3ceb-44cf-a972-525533679e71}: [DhcpDomain] Home
Tcpip\..\Interfaces\{8f87ee97-3ceb-44cf-a972-525533679e71}\D457A6F42394E6475627E65647F523E24374F5645453033363: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{8f87ee97-3ceb-44cf-a972-525533679e71}\D6F647F6025663370263431353: [DhcpNameServer] 192.168.43.190
Tcpip\..\Interfaces\{8f87ee97-3ceb-44cf-a972-525533679e71}\F423D294E6475627E65647D2134343D2537484A7: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{b9f87465-9259-47e2-9cd0-c6ba1c267745}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b9f87465-9259-47e2-9cd0-c6ba1c267745}: [DhcpDomain] lan
Tcpip\..\Interfaces\{b9f87465-9259-47e2-9cd0-c6ba1c267745}\7416C6168797023523030264540264030313: [DhcpNameServer] 192.168.115.133
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Köket\AppData\Local\Microsoft\Edge\User Data\Default [2025-06-07]
Edge Extension: (Grammarly: AI Writing and Grammar Checker App) - C:\Users\Köket\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cnlefmmeadmemmdciolhbnfeacpdfbkd [2025-06-04]
Edge Extension: (BEW lite) - C:\Users\Köket\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fhbohimaelbohpjbbldcngcnapndodjp [2025-05-29]
Edge Extension: (Google Docs Offline) - C:\Users\Köket\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-06-07]
Edge Extension: (Edge relevant text changes) - C:\Users\Köket\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-28]
Edge Extension: (Speed Dial 2 New tab) - C:\Users\Köket\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ohpagamjnemfmmgildfkjgbnabhojcdj [2024-12-11]
Edge Profile: C:\Users\Köket\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2025-06-04]
Edge Notifications: Profile 1 -> hxxps://eu.my.glooko.com
Edge Extension: (Bitdefender Anti-tracker) - C:\Users\Köket\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\dbconhplchnbippmjabbcedokimacfjl [2024-07-24]
Edge Extension: (Google Docs Offline) - C:\Users\Köket\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-05-01]
Edge Extension: (Edge relevant text changes) - C:\Users\Köket\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-28]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [dbconhplchnbippmjabbcedokimacfjl]
FireFox:
========
FF DefaultProfile: 9ira9l6f.default
FF ProfilePath: C:\Users\Köket\AppData\Roaming\Mozilla\Firefox\Profiles\9ira9l6f.default [2025-01-23]
FF ProfilePath: C:\Users\Köket\AppData\Roaming\Mozilla\Firefox\Profiles\zlwlvyza.default-release [2025-06-07]
FF Extension: (Grammarly: AI Writing and Grammar Checker App) - C:\Users\Köket\AppData\Roaming\Mozilla\Firefox\Profiles\zlwlvyza.default-release\Extensions\87677a2c52b84ad3a151a4a72f5bd3c4@jetpack.xpi [2025-05-14]
FF Extension: (Language: Svenska (Swedish)) - C:\Users\Köket\AppData\Roaming\Mozilla\Firefox\Profiles\zlwlvyza.default-release\Extensions\langpack-sv-SE@firefox.mozilla.org.xpi [2025-06-02]
FF Extension: (MetaMask) - C:\Users\Köket\AppData\Roaming\Mozilla\Firefox\Profiles\zlwlvyza.default-release\Extensions\webextension@metamask.io.xpi [2025-05-22]
FF Extension: (BNB Chain Wallet) - C:\Users\Köket\AppData\Roaming\Mozilla\Firefox\Profiles\zlwlvyza.default-release\Extensions\{0a395005-c941-4030-83c9-018ee43e3414}.xpi [2025-01-26]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\Köket\AppData\Roaming\Mozilla\Firefox\Profiles\zlwlvyza.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2025-05-15]
FF HKLM\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi => not found
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2025-05-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-04-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2025-05-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2025-05-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-1759685886-848360775-207772720-1001: SkypeForBusinessPlugin-16.2 -> C:\Users\Köket\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-1759685886-848360775-207772720-1001: SkypeForBusinessPlugin64-16.2 -> C:\Users\Köket\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi-x64.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\bd_js_config.js [2025-01-23] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\bd_config.cfg [2025-01-23] <==== ATTENTION
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Köket\AppData\Local\Google\Chrome\User Data\Default [2025-06-07]
CHR Notifications: Default -> hxxps://meet.google.com; hxxps://web.whatsapp.com
CHR Extension: (Authenticator) - C:\Users\Köket\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhghoamapcdpbohphigoooaddinpkbai [2024-10-09]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Köket\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-06-04]
CHR Extension: (BEW lite) - C:\Users\Köket\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhbohimaelbohpjbbldcngcnapndodjp [2025-05-29]
CHR Extension: (Google Dokument Offline) - C:\Users\Köket\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-06-01]
CHR Extension: (Windscribe - Free Proxy and Ad Blocker) - C:\Users\Köket\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmpcagpplmpfojmgmnngilcnanddlhb [2025-02-19]
CHR Extension: (Ad Blocker App) - C:\Users\Köket\AppData\Local\Google\Chrome\User Data\Default\Extensions\iamhhblhmpldjchjecmapgoikpjmmfoe [2024-05-07]
CHR Extension: (Speed Dial 3™(APP)) - C:\Users\Köket\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibfhiehdjpogpbdcicjnphklppinghjj [2022-04-22]
CHR Extension: (Speed Dial 2 New tab) - C:\Users\Köket\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2025-03-07]
CHR Extension: (Grammarly: AI Writing and Grammar Checker App) - C:\Users\Köket\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2025-06-04]
CHR Extension: (Betalning via Chrome Web Store) - C:\Users\Köket\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-22]
CHR Profile: C:\Users\Köket\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-06-22]
CHR Profile: C:\Users\Köket\AppData\Local\Google\Chrome\User Data\System Profile [2023-08-23]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKU\S-1-5-21-1759685886-848360775-207772720-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2025-03-21] (Adobe Inc. -> Adobe Inc.)
R3 AfVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\UnifiedSDK.Service\UnifiedSDK.Service.exe [69128688 2024-06-14] (Get Aura Inc -> AnchorFree Inc.)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [5631808 2025-04-24] (AnyDesk Software GmbH -> AnyDesk Software GmbH)
R2 BDAppSrv; C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe [851640 2025-03-19] (Bitdefender SRL -> Bitdefender)
R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [851640 2025-06-04] (Bitdefender SRL -> Bitdefender)
R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [851640 2025-06-04] (Bitdefender SRL -> Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2946088 2023-08-31] (Bitdefender SRL -> Bitdefender)
R2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [2577184 2023-07-20] (Bitdefender SRL -> Bitdefender)
R2 BDSafepaySrv; C:\Program Files\Bitdefender\Bitdefender Security App\Safepay\bdservicehost.exe [851640 2025-06-04] (Bitdefender SRL -> Bitdefender)
R2 bdvpnservice; C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnservice.exe [516928 2025-03-20] (Bitdefender SRL -> Bitdefender)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13724376 2025-05-27] (Microsoft Corporation -> Microsoft Corporation)
R2 Dexcom Agent Update Service; C:\Program Files (x86)\Dexcom\Updater\Dexcom.Agent.UpdateService.exe [7680 2023-12-26] () [File not signed]
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2020-06-01] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\25.091.0512.0001\FileSyncHelper.exe [3622208 2025-06-04] (Microsoft Corporation -> Microsoft Corporation)
R2 Lenovo Instant On; C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\EasyResume.exe [2352392 2024-06-26] (Lenovo -> Lenovo Group Limited)
R2 LogiSyncStub; C:\Program Files (x86)\Logitech\LogiSyncStub\LogiSyncStub.exe [2257984 2022-02-08] (Logitech Inc -> )
S2 LPlatSvc; C:\WINDOWS\System32\LPlatSvc.exe [892288 2019-12-11] (Lenovo -> Lenovo.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9445832 2025-05-28] (Malwarebytes Inc -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-05-15] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25040.2-0\MpDefenderCoreService.exe [2050904 2025-05-22] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\25.091.0512.0001\OneDriveUpdaterService.exe [3873608 2025-06-04] (Microsoft Corporation -> Microsoft Corporation)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [760160 2025-05-12] (Bitdefender SRL -> Bitdefender)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559304 2025-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SwiService; C:\WINDOWS\Sierra Wireless Inc\bin\SwiService.exe [1801720 2020-08-18] (Sierra Wireless, Inc -> Sierra Wireless, Inc.)
S2 SynaHlp; C:\WINDOWS\System32\SynaHelperService.exe [254920 2022-01-18] (Synaptics Incorporated -> Synaptics Incorporated.)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [295872 2025-06-04] (Bitdefender SRL -> Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [851640 2025-06-04] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25040.2-0\NisSrv.exe [4525976 2025-05-22] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25040.2-0\MsMpEng.exe [278304 2025-05-22] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [7786032 2025-05-16] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 BdDci4; C:\WINDOWS\system32\DRIVERS\bddci4.sys [971312 2025-02-19] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [24568 2023-11-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
S3 bdprivmon; C:\WINDOWS\System32\DRIVERS\bdprivmon.sys [49200 2023-08-21] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender SRL)
S3 bduefiscan; C:\WINDOWS\system32\DRIVERS\bduefiscan.sys [42432 2024-09-05] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R1 bdvpn_netfilter; C:\WINDOWS\System32\drivers\bdvpn_netfilter.sys [94600 2021-09-16] (Pango Inc. -> Pango Inc)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 dlcdcncm; C:\WINDOWS\System32\drivers\dlcdcncm660.sys [153248 2022-08-30] (DISPLAYLINK (UK) LIMITED -> DisplayLink Corp.)
R1 Gemma; C:\WINDOWS\System32\DRIVERS\gemma.sys [1791064 2025-02-06] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender S.R.L. Bucharest, ROMANIA)
R2 Ignisv2; C:\WINDOWS\system32\DRIVERS\ignisv2.sys [848472 2025-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [331168 2025-04-10] (Microsoft Windows -> Microsoft Corporation)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [234072 2025-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [22120 2025-05-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [242752 2025-05-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R0 PMDRVS; C:\WINDOWS\System32\drivers\pmdrvs.sys [38160 2019-12-11] (Lenovo -> Lenovo.)
R2 SSPORT; C:\WINDOWS\system32\Drivers\SSPORT.sys [14224 2021-04-01] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 swmbbser01; C:\WINDOWS\system32\DRIVERS\swmbbser01.sys [297176 2020-08-18] (Sierra Wireless, Inc -> Sierra Wireless Incorporated)
R2 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [629184 2023-11-15] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 usbscan; C:\WINDOWS\System32\drivers\usbscan.sys [49664 2023-10-10] (Microsoft Corporation) [File not signed]
R0 vlflt; C:\WINDOWS\System32\DRIVERS\vlflt.sys [1438768 2025-05-16] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [19984 2025-05-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [606568 2025-05-22] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100736 2025-05-22] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-06-07 21:27 - 2025-06-07 21:29 - 000036797 _____ C:\Users\Köket\OneDrive\Desktop\FRST.txt
2025-06-07 21:13 - 2025-06-07 21:13 - 002406912 _____ (Farbar) C:\Users\Köket\OneDrive\Desktop\FRST64.exe
2025-06-01 18:06 - 2025-06-01 18:06 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2025-06-01 17:57 - 2025-06-01 18:07 - 002952556 _____ C:\WINDOWS\Minidump\060125-24187-01.dmp
2025-06-01 17:57 - 2025-06-01 17:57 - 1550019288 _____ C:\WINDOWS\MEMORY.DMP
2025-05-30 07:44 - 2025-06-04 14:27 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-05-29 18:00 - 2025-05-31 17:00 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2025-05-29 17:47 - 2025-05-29 17:51 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2025-05-27 20:55 - 2025-05-27 20:55 - 000000000 ___HD C:\OneDriveTemp
2025-05-27 09:43 - 2025-05-27 09:43 - 000000000 ____D C:\Users\Köket\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2025-05-22 17:30 - 2025-05-22 17:30 - 000115792 _____ C:\ProgramData\agent.update.1747927842.bdinstall.v2.bin
2025-05-15 19:48 - 2025-06-07 21:28 - 000000000 ____D C:\Users\Köket\AppData\Local\Malwarebytes
2025-05-15 19:47 - 2025-05-15 19:47 - 000002093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2025-05-15 19:47 - 2025-05-15 19:47 - 000000000 ____D C:\ProgramData\Malwarebytes
2025-05-15 19:47 - 2025-05-15 19:47 - 000000000 ____D C:\Program Files\Malwarebytes
2025-05-14 18:25 - 2025-05-14 18:25 - 000022680 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-05-14 18:23 - 2025-05-14 18:23 - 000022680 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-05-14 18:06 - 2025-05-14 18:06 - 000000000 ___HD C:\$WinREAgent
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-06-07 21:28 - 2022-05-11 19:15 - 000000000 ____D C:\FRST
2025-06-07 21:26 - 2024-10-17 10:20 - 000000000 __SHD C:\Users\Köket\OneDriveCloudTemp
2025-06-07 21:21 - 2023-03-17 11:29 - 000000000 ____D C:\ProgramData\AnyDesk
2025-06-07 21:21 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-06-07 21:19 - 2022-09-05 12:00 - 000000000 ____D C:\Users\Köket\OneDrive\Documents\Skatteverket
2025-06-07 21:19 - 2022-04-23 14:51 - 000000000 ____D C:\Users\Köket\AppData\Roaming\Microsoft\Excel
2025-06-07 21:18 - 2022-04-12 20:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-06-07 21:04 - 2021-11-12 19:15 - 000000000 ___RD C:\Users\Köket\OneDrive
2025-06-07 21:02 - 2022-09-08 15:12 - 000000000 ___RD C:\Users\Köket\care.cz
2025-06-07 20:34 - 2022-04-18 14:43 - 000000000 ____D C:\Users\Köket\AppData\Roaming\Microsoft\Word
2025-06-07 20:30 - 2021-11-12 19:13 - 000000000 ____D C:\Users\Köket\AppData\Local\Packages
2025-06-07 20:08 - 2021-11-16 17:52 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-06-07 19:07 - 2022-11-03 15:26 - 000000000 ____D C:\Users\Köket\OneDrive\Documents\Crowdestor
2025-06-07 18:13 - 2021-11-16 18:01 - 000000000 ____D C:\Users\Köket\AppData\Local\D3DSCache
2025-06-07 15:50 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-06-07 15:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-06-06 20:28 - 2021-12-22 17:33 - 000002243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-06-06 13:46 - 2025-01-23 08:13 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-06-06 10:35 - 2024-09-08 13:22 - 000001423 _____ C:\Users\Köket\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Grammarly.lnk
2025-06-06 10:35 - 2024-09-08 13:22 - 000001421 _____ C:\Users\Köket\OneDrive\Desktop\Grammarly.lnk
2025-06-06 10:35 - 2024-09-08 13:22 - 000000000 ____D C:\Users\Köket\AppData\Local\Grammarly
2025-06-05 08:10 - 2021-11-16 17:53 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-06-05 07:54 - 2023-03-14 13:35 - 000000000 ____D C:\Users\Köket\AppData\Roaming\AnyDesk
2025-06-05 07:54 - 2022-04-17 11:04 - 000000000 ____D C:\Users\Köket\AppData\Roaming\Microsoft\Teams
2025-06-05 07:53 - 2021-11-12 19:13 - 000000000 __SHD C:\Users\Köket\IntelGraphicsProfiles
2025-06-04 21:44 - 2025-01-29 17:08 - 000003540 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-1759685886-848360775-207772720-1001
2025-06-04 21:44 - 2022-04-20 14:22 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2025-06-04 21:44 - 2022-04-18 10:14 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2025-06-04 21:44 - 2022-04-18 10:14 - 000002132 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-06-04 21:44 - 2021-12-22 17:27 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1759685886-848360775-207772720-1001
2025-06-04 14:35 - 2021-11-16 18:01 - 001690502 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-06-04 14:35 - 2019-12-07 16:43 - 000714812 _____ C:\WINDOWS\system32\perfh01D.dat
2025-06-04 14:35 - 2019-12-07 16:43 - 000145728 _____ C:\WINDOWS\system32\perfc01D.dat
2025-06-04 14:35 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2025-06-04 14:27 - 2025-01-23 08:13 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-06-04 14:27 - 2021-11-16 17:59 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-06-04 14:27 - 2021-11-16 17:52 - 000008192 ___SH C:\DumpStack.log.tmp
2025-06-04 14:27 - 2021-11-12 19:12 - 000000000 ____D C:\Intel
2025-06-04 14:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2025-06-04 14:26 - 2021-11-16 17:55 - 000000000 ____D C:\Users\Köket
2025-06-04 14:26 - 2019-12-07 11:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2025-06-04 14:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2025-06-04 14:15 - 2022-04-17 10:40 - 000000000 ____D C:\Program Files (x86)\HP
2025-06-02 08:02 - 2022-04-17 14:16 - 000000000 ____D C:\Users\Köket\OneDrive\Documents\CARE Czech
2025-06-02 07:49 - 2025-01-23 08:13 - 000001065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-06-01 18:07 - 2023-11-21 18:05 - 000000000 ____D C:\WINDOWS\Minidump
2025-06-01 17:58 - 2022-04-18 10:09 - 000000000 ____D C:\Program Files\Microsoft Office
2025-06-01 17:58 - 2019-12-07 11:03 - 000131072 _____ C:\WINDOWS\system32\config\ELAM
2025-05-31 17:00 - 2022-05-26 18:02 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2025-05-30 15:33 - 2022-05-04 13:36 - 000000000 ____D C:\Users\Köket\AppData\Local\CrashDumps
2025-05-29 21:14 - 2022-05-26 17:57 - 000000000 ____D C:\Users\Köket\AppData\Local\Adobe
2025-05-29 17:59 - 2022-05-26 18:01 - 000000000 ____D C:\Program Files\Common Files\Adobe
2025-05-28 08:55 - 2022-04-17 11:16 - 000000000 ____D C:\Users\Köket\AppData\Roaming\Zoom
2025-05-27 15:13 - 2022-04-19 14:21 - 000000000 ____D C:\Users\Köket\AppData\Roaming\Microsoft\PowerPoint
2025-05-27 09:43 - 2024-10-22 18:01 - 000004244 _____ C:\WINDOWS\system32\Tasks\ZoomUpdateTaskUser-S-1-5-21-1759685886-848360775-207772720-1001
2025-05-27 09:43 - 2024-07-31 09:50 - 000001957 _____ C:\Users\Köket\OneDrive\Desktop\Zoom Workplace.lnk
2025-05-22 17:30 - 2022-04-17 09:51 - 000003842 _____ C:\WINDOWS\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2025-05-22 17:30 - 2022-04-17 09:49 - 000000000 ____D C:\Program Files\Bitdefender Agent
2025-05-22 11:53 - 2021-11-13 05:49 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2025-05-20 11:36 - 2023-07-10 22:12 - 000000000 ____D C:\Users\Köket\AppData\Roaming\BankID
2025-05-19 20:39 - 2021-12-22 17:59 - 000003678 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-05-19 20:39 - 2021-12-22 17:59 - 000003582 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7db02d471af08
2025-05-16 12:25 - 2024-09-19 22:42 - 001438768 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\vlflt.sys
2025-05-16 12:25 - 2022-04-17 09:52 - 007786032 _____ (Bitdefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\atc.sys
2025-05-15 19:47 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-05-15 00:45 - 2021-11-16 17:52 - 000440744 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-05-15 00:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-05-15 00:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-05-15 00:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2025-05-15 00:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2025-05-15 00:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-05-15 00:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2025-05-15 00:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-05-15 00:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2025-05-15 00:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-05-15 00:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-05-15 00:43 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2025-05-15 00:43 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-05-15 00:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-05-15 00:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-05-15 00:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2025-05-15 00:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-05-15 00:43 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2025-05-14 18:42 - 2021-11-12 19:40 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-05-14 18:38 - 2021-11-12 19:40 - 214836568 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-05-14 18:30 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-05-14 18:23 - 2021-11-16 17:55 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-05-14 16:43 - 2025-02-19 08:49 - 000000000 ____D C:\ProgramData\BDLogging
==================== Files in the root of some directories ========
2022-05-15 17:15 - 2022-05-15 17:15 - 000000017 _____ () C:\Users\Köket\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Log frst
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-06-2025
Ran by Köket (administrator) on DESKTOP-MDT6U91 (LENOVO 20FR004PMS) (07-06-2025 21:27:28)
Running from C:\Users\Köket\OneDrive\Desktop\FRST64.exe
Loaded Profiles: Köket
Platform: Microsoft Windows 10 Pro Version 22H2 19045.5854 (X64) Language: Swedish (Sweden) -> English (United States)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(C:\Program Files\Bitdefender Agent\ProductAgentService.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\27.1.1.13\DiscoverySrv.exe
(C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bduserhost.exe <2>
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (S.C. BITDEFENDER S.R.L. -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\wsccommunicator.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ->) (Synaptics Incorporated -> Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\Program Files\WindowsApps\MSTeams_25094.310.3616.953_x64__8wekyb3d8bbwe\ms-teams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\136.0.3240.92\msedgewebview2.exe <26>
(C:\Program Files\WindowsApps\OpenAI.ChatGPT-Desktop_1.2025.153.0_x64__2p2nqsd0c76g0\app\ChatGPT.exe ->) (Dexcom Inc. -> Dexcom Inc.) C:\Program Files (x86)\Dexcom\Uploader\Dexcom.Agent.Uploader.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxEM.exe
(explorer.exe ->) (50BDFD77-8903-4850-9FFE-6E8522F64D5B -> OpenAI) C:\Program Files\WindowsApps\OpenAI.ChatGPT-Desktop_1.2025.153.0_x64__2p2nqsd0c76g0\app\ChatGPT.exe <5>
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnapp.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <11>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\25.091.0512.0001\Microsoft.SharePoint.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe <2>
(Grammarly, Inc. -> Grammarly) C:\Users\Köket\AppData\Local\Grammarly\DesktopIntegrations\Grammarly.Desktop.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MSTeams_25094.310.3616.953_x64__8wekyb3d8bbwe\ms-teams.exe <2>
(Samsung Electronics CO., LTD. -> ) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\Dexcom\Updater\Dexcom.Agent.UpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (AnyDesk Software GmbH -> AnyDesk Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2>
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\redline\bdredline.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\safepay\bdservicehost.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe <3>
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnService.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\SAII\CxUtilSvc.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(services.exe ->) (Get Aura Inc -> AnchorFree Inc.) C:\Program Files\Bitdefender\Bitdefender VPN\UnifiedSDK.Service\UnifiedSDK.Service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_c2ac023763d5d3ad\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_d4f47df9c2216d4d\LMS.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\SysWOW64\Lenovo\PowerMgr\EasyResume.exe
(services.exe ->) (Lenovo -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(services.exe ->) (Logitech Inc -> ) C:\Program Files (x86)\Logitech\LogiSyncStub\LogiSyncStub.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25040.2-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25040.2-0\MsMpEng.exe
(services.exe ->) (Sierra Wireless, Inc -> Sierra Wireless, Inc.) C:\Windows\Sierra Wireless Inc\bin\SwiService.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2502.2.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2522.2.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\25.091.0512.0001\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe [1088224 2025-06-04] (Bitdefender SRL -> Bitdefender)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] (Samsung Electronics CO., LTD. -> )
HKLM\...\Run: [BdVpnApp] => C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnApp.exe [501424 2025-03-20] (Bitdefender SRL -> Bitdefender)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [126328160 2021-11-23] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [DexcomUploader] => C:\Program Files (x86)\Dexcom\Uploader\Dexcom.Agent.Uploader.exe [575216 2023-12-26] (Dexcom Inc. -> Dexcom Inc.)
HKU\S-1-5-21-1759685886-848360775-207772720-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4967240 2025-06-04] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1759685886-848360775-207772720-1001\...\Run: [MicrosoftEdgeAutoLaunch_B6362D3D1E2D51B3BDF317BAE5AD01E8] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --win-session-start [4141096 2025-06-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1759685886-848360775-207772720-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Köket\AppData\Local\Microsoft\Teams\Update.exe [2593968 2024-06-17] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1759685886-848360775-207772720-1001\...\Run: [Microsoft.Lists] => C:\Program Files\Microsoft OneDrive\25.091.0512.0001\Microsoft.SharePoint.exe [1004352 2025-06-04] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1759685886-848360775-207772720-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [41352088 2025-04-24] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1759685886-848360775-207772720-1001\...\Run: [Grammarly] => C:\Users\Köket\AppData\Local\Grammarly\DesktopIntegrations\Grammarly.Desktop.exe [272472 2025-06-05] (Grammarly, Inc. -> Grammarly)
HKLM\...\Windows x64\Print Processors\shj2mPC: C:\Windows\System32\spool\prtprocs\x64\shj2mpc.dll [91216 2022-01-24] (联想图像(天津)科技有限公司 -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\EPSON SX440 Series 64MonitorBE: C:\WINDOWS\system32\E_ILMHBE.DLL [120320 2011-04-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\shj2m Langmon: C:\WINDOWS\system32\shj2mlm.dll [70224 2022-01-24] (联想图像(天津)科技有限公司 -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\137.0.7151.69\Installer\chrmstp.exe [2025-06-06] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2024-10-08]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {85F7A81F-76A9-4706-8D77-2CCCFD88F9B7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2025-03-21] (Adobe Inc. -> Adobe Inc.)
Task: {27B06E57-94D2-4DCF-8147-8CE2C777E4C1} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\27.1.1.13\WatchDog.exe [1158440 2025-05-12] (Bitdefender SRL -> Bitdefender) -> C:\Program Files\Bitdefender Agent\27.1.1.13\repair
Task: {99004331-4D1C-4D7B-A6C8-326FA51CA646} - System32\Tasks\EPM Preload => C:\Program Files (x86)\HP\Easy Printer Manager\EPM2DotNetHandler.exe [1339256 2021-12-16] (HP Inc. -> )
Task: {F045DD90-F789-4EF1-A83B-31D66DA09031} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem138.0.7194.0{ADB5CDC1-6556-4508-8B6C-240B860D479A} => C:\Program Files (x86)\Google\GoogleUpdater\138.0.7194.0\updater.exe [7080032 2025-05-22] (Google LLC -> Google LLC)
Task: {E03A1412-1900-413B-8E6B-4CDD0F993169} - System32\Tasks\Lenovo Power Management Driver PnP Task => C:\Windows\System32\ibmpmsvc.exe [949632 2019-12-11] (Lenovo -> Lenovo.)
Task: {D7089E66-FE9E-4F1F-8BF9-10A3FA100C69} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [129368 2024-06-26] (Lenovo -> Lenovo)
Task: {02739049-40A4-463D-AAB3-0A871F1CE921} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\PowerMgrInst.exe [67424 2024-06-26] (Lenovo -> )
Task: {7667728B-EAB3-4502-83D6-49BADE6F6234} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28955376 2025-05-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {AE4E5D96-FBD9-4EED-8BDA-74CB2C20F948} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE16\opushutil.exe [68312 2025-05-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {7ECA976B-1C31-449D-AC9B-9B16040D068E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28955376 2025-05-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {C585DD47-F736-44DC-8652-53257D60D002} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309960 2025-05-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {FB7D9425-ADD5-4738-B84F-60D8541A7FC1} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309960 2025-05-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {73974384-6679-47AE-9D46-2FBADDB49C59} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [225992 2025-05-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {A503D9FD-7AEB-4533-97F7-422FB5132300} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4548528 2025-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {50BA8B71-9837-43C6-A13D-B57EF9F1B436} - System32\Tasks\Microsoft\Office\Office Startup Boost => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309960 2025-05-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {58994E70-E8D7-493E-BD25-BA9884F41788} - System32\Tasks\Microsoft\Office\Office Startup Boost Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309960 2025-05-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {97652850-4FAB-41E8-9987-FE5D15918F8B} - System32\Tasks\Microsoft\Windows\Conexant\AFA => C:\Program Files\CONEXANT\cAudioFilterAgent\SACpl.exe [1823232 2016-07-05] (Conexant Systems, Inc.) [File not signed] -> C:\Program Files\CONEXANT\cAudioFilterAgent\/uid:cAudioFilterAgent /delay:45
Task: {FF640DCA-6D0F-4485-AB02-1D0432D1FD80} - System32\Tasks\Microsoft\Windows\Conexant\SA2 => C:\Program Files\CONEXANT\SAII\SACpl.exe [1832280 2017-06-07] (Conexant Systems, Inc. -> Conexant Systems, Inc.) -> C:\Program Files\CONEXANT\SAII\/c /delay:45
Task: {897C32A1-3FE5-43C0-944C-75EC6EF821D1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25040.2-0\MpCmdRun.exe [1753416 2025-05-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {41DC117B-B6CC-4118-9D35-0C23CCE8FEA2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25040.2-0\MpCmdRun.exe [1753416 2025-05-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AE89E63C-DA5F-43B9-9B3A-3D8C1A0E22DD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25040.2-0\MpCmdRun.exe [1753416 2025-05-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {90B2A7AF-1F24-42F7-837A-2C9CDDFB1D64} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25040.2-0\MpCmdRun.exe [1753416 2025-05-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {96E5E14D-49C4-44AC-859B-DB26371A4C49} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34880 2025-05-30] (Mozilla Corporation -> Mozilla Foundation)
Task: {67E65830-C8AF-40CD-AD1D-2405E9575E19} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4223808 2025-06-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {DB088606-C604-4DC8-993E-8AC2A634D431} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1759685886-848360775-207772720-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4223808 2025-06-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {FABBA6AA-82D5-4462-9CC2-90BCA7467C29} - System32\Tasks\OneDrive Startup Task-S-1-5-21-1759685886-848360775-207772720-1001 => C:\Program Files\Microsoft OneDrive\25.091.0512.0001\OneDriveLauncher.exe [684880 2025-06-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {BB13E5B2-AD0F-4F64-B257-B3B49B1FA6CA} - System32\Tasks\ZoomUpdateTaskUser-S-1-5-21-1759685886-848360775-207772720-1001 => C:\Users\Köket\AppData\Roaming\Zoom\bin\Zoom.exe [441144 2025-05-27] (Zoom Video Communications, Inc. -> Zoom Communications, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 127.0.0.1 agent.mydiabetesdata.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8f87ee97-3ceb-44cf-a972-525533679e71}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{8f87ee97-3ceb-44cf-a972-525533679e71}: [DhcpDomain] Home
Tcpip\..\Interfaces\{8f87ee97-3ceb-44cf-a972-525533679e71}\D457A6F42394E6475627E65647F523E24374F5645453033363: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{8f87ee97-3ceb-44cf-a972-525533679e71}\D6F647F6025663370263431353: [DhcpNameServer] 192.168.43.190
Tcpip\..\Interfaces\{8f87ee97-3ceb-44cf-a972-525533679e71}\F423D294E6475627E65647D2134343D2537484A7: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{b9f87465-9259-47e2-9cd0-c6ba1c267745}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b9f87465-9259-47e2-9cd0-c6ba1c267745}: [DhcpDomain] lan
Tcpip\..\Interfaces\{b9f87465-9259-47e2-9cd0-c6ba1c267745}\7416C6168797023523030264540264030313: [DhcpNameServer] 192.168.115.133
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Köket\AppData\Local\Microsoft\Edge\User Data\Default [2025-06-07]
Edge Extension: (Grammarly: AI Writing and Grammar Checker App) - C:\Users\Köket\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cnlefmmeadmemmdciolhbnfeacpdfbkd [2025-06-04]
Edge Extension: (BEW lite) - C:\Users\Köket\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fhbohimaelbohpjbbldcngcnapndodjp [2025-05-29]
Edge Extension: (Google Docs Offline) - C:\Users\Köket\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-06-07]
Edge Extension: (Edge relevant text changes) - C:\Users\Köket\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-28]
Edge Extension: (Speed Dial 2 New tab) - C:\Users\Köket\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ohpagamjnemfmmgildfkjgbnabhojcdj [2024-12-11]
Edge Profile: C:\Users\Köket\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2025-06-04]
Edge Notifications: Profile 1 -> hxxps://eu.my.glooko.com
Edge Extension: (Bitdefender Anti-tracker) - C:\Users\Köket\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\dbconhplchnbippmjabbcedokimacfjl [2024-07-24]
Edge Extension: (Google Docs Offline) - C:\Users\Köket\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-05-01]
Edge Extension: (Edge relevant text changes) - C:\Users\Köket\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-28]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [dbconhplchnbippmjabbcedokimacfjl]
FireFox:
========
FF DefaultProfile: 9ira9l6f.default
FF ProfilePath: C:\Users\Köket\AppData\Roaming\Mozilla\Firefox\Profiles\9ira9l6f.default [2025-01-23]
FF ProfilePath: C:\Users\Köket\AppData\Roaming\Mozilla\Firefox\Profiles\zlwlvyza.default-release [2025-06-07]
FF Extension: (Grammarly: AI Writing and Grammar Checker App) - C:\Users\Köket\AppData\Roaming\Mozilla\Firefox\Profiles\zlwlvyza.default-release\Extensions\87677a2c52b84ad3a151a4a72f5bd3c4@jetpack.xpi [2025-05-14]
FF Extension: (Language: Svenska (Swedish)) - C:\Users\Köket\AppData\Roaming\Mozilla\Firefox\Profiles\zlwlvyza.default-release\Extensions\langpack-sv-SE@firefox.mozilla.org.xpi [2025-06-02]
FF Extension: (MetaMask) - C:\Users\Köket\AppData\Roaming\Mozilla\Firefox\Profiles\zlwlvyza.default-release\Extensions\webextension@metamask.io.xpi [2025-05-22]
FF Extension: (BNB Chain Wallet) - C:\Users\Köket\AppData\Roaming\Mozilla\Firefox\Profiles\zlwlvyza.default-release\Extensions\{0a395005-c941-4030-83c9-018ee43e3414}.xpi [2025-01-26]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\Köket\AppData\Roaming\Mozilla\Firefox\Profiles\zlwlvyza.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2025-05-15]
FF HKLM\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi => not found
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2025-05-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-04-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2025-05-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2025-05-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-1759685886-848360775-207772720-1001: SkypeForBusinessPlugin-16.2 -> C:\Users\Köket\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-1759685886-848360775-207772720-1001: SkypeForBusinessPlugin64-16.2 -> C:\Users\Köket\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi-x64.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\bd_js_config.js [2025-01-23] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\bd_config.cfg [2025-01-23] <==== ATTENTION
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Köket\AppData\Local\Google\Chrome\User Data\Default [2025-06-07]
CHR Notifications: Default -> hxxps://meet.google.com; hxxps://web.whatsapp.com
CHR Extension: (Authenticator) - C:\Users\Köket\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhghoamapcdpbohphigoooaddinpkbai [2024-10-09]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Köket\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-06-04]
CHR Extension: (BEW lite) - C:\Users\Köket\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhbohimaelbohpjbbldcngcnapndodjp [2025-05-29]
CHR Extension: (Google Dokument Offline) - C:\Users\Köket\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-06-01]
CHR Extension: (Windscribe - Free Proxy and Ad Blocker) - C:\Users\Köket\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmpcagpplmpfojmgmnngilcnanddlhb [2025-02-19]
CHR Extension: (Ad Blocker App) - C:\Users\Köket\AppData\Local\Google\Chrome\User Data\Default\Extensions\iamhhblhmpldjchjecmapgoikpjmmfoe [2024-05-07]
CHR Extension: (Speed Dial 3™(APP)) - C:\Users\Köket\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibfhiehdjpogpbdcicjnphklppinghjj [2022-04-22]
CHR Extension: (Speed Dial 2 New tab) - C:\Users\Köket\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2025-03-07]
CHR Extension: (Grammarly: AI Writing and Grammar Checker App) - C:\Users\Köket\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2025-06-04]
CHR Extension: (Betalning via Chrome Web Store) - C:\Users\Köket\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-22]
CHR Profile: C:\Users\Köket\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-06-22]
CHR Profile: C:\Users\Köket\AppData\Local\Google\Chrome\User Data\System Profile [2023-08-23]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKU\S-1-5-21-1759685886-848360775-207772720-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2025-03-21] (Adobe Inc. -> Adobe Inc.)
R3 AfVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\UnifiedSDK.Service\UnifiedSDK.Service.exe [69128688 2024-06-14] (Get Aura Inc -> AnchorFree Inc.)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [5631808 2025-04-24] (AnyDesk Software GmbH -> AnyDesk Software GmbH)
R2 BDAppSrv; C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe [851640 2025-03-19] (Bitdefender SRL -> Bitdefender)
R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [851640 2025-06-04] (Bitdefender SRL -> Bitdefender)
R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [851640 2025-06-04] (Bitdefender SRL -> Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2946088 2023-08-31] (Bitdefender SRL -> Bitdefender)
R2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [2577184 2023-07-20] (Bitdefender SRL -> Bitdefender)
R2 BDSafepaySrv; C:\Program Files\Bitdefender\Bitdefender Security App\Safepay\bdservicehost.exe [851640 2025-06-04] (Bitdefender SRL -> Bitdefender)
R2 bdvpnservice; C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnservice.exe [516928 2025-03-20] (Bitdefender SRL -> Bitdefender)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13724376 2025-05-27] (Microsoft Corporation -> Microsoft Corporation)
R2 Dexcom Agent Update Service; C:\Program Files (x86)\Dexcom\Updater\Dexcom.Agent.UpdateService.exe [7680 2023-12-26] () [File not signed]
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2020-06-01] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\25.091.0512.0001\FileSyncHelper.exe [3622208 2025-06-04] (Microsoft Corporation -> Microsoft Corporation)
R2 Lenovo Instant On; C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\EasyResume.exe [2352392 2024-06-26] (Lenovo -> Lenovo Group Limited)
R2 LogiSyncStub; C:\Program Files (x86)\Logitech\LogiSyncStub\LogiSyncStub.exe [2257984 2022-02-08] (Logitech Inc -> )
S2 LPlatSvc; C:\WINDOWS\System32\LPlatSvc.exe [892288 2019-12-11] (Lenovo -> Lenovo.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9445832 2025-05-28] (Malwarebytes Inc -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-05-15] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25040.2-0\MpDefenderCoreService.exe [2050904 2025-05-22] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\25.091.0512.0001\OneDriveUpdaterService.exe [3873608 2025-06-04] (Microsoft Corporation -> Microsoft Corporation)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [760160 2025-05-12] (Bitdefender SRL -> Bitdefender)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559304 2025-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SwiService; C:\WINDOWS\Sierra Wireless Inc\bin\SwiService.exe [1801720 2020-08-18] (Sierra Wireless, Inc -> Sierra Wireless, Inc.)
S2 SynaHlp; C:\WINDOWS\System32\SynaHelperService.exe [254920 2022-01-18] (Synaptics Incorporated -> Synaptics Incorporated.)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [295872 2025-06-04] (Bitdefender SRL -> Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [851640 2025-06-04] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25040.2-0\NisSrv.exe [4525976 2025-05-22] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25040.2-0\MsMpEng.exe [278304 2025-05-22] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [7786032 2025-05-16] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 BdDci4; C:\WINDOWS\system32\DRIVERS\bddci4.sys [971312 2025-02-19] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [24568 2023-11-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
S3 bdprivmon; C:\WINDOWS\System32\DRIVERS\bdprivmon.sys [49200 2023-08-21] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender SRL)
S3 bduefiscan; C:\WINDOWS\system32\DRIVERS\bduefiscan.sys [42432 2024-09-05] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R1 bdvpn_netfilter; C:\WINDOWS\System32\drivers\bdvpn_netfilter.sys [94600 2021-09-16] (Pango Inc. -> Pango Inc)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 dlcdcncm; C:\WINDOWS\System32\drivers\dlcdcncm660.sys [153248 2022-08-30] (DISPLAYLINK (UK) LIMITED -> DisplayLink Corp.)
R1 Gemma; C:\WINDOWS\System32\DRIVERS\gemma.sys [1791064 2025-02-06] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender S.R.L. Bucharest, ROMANIA)
R2 Ignisv2; C:\WINDOWS\system32\DRIVERS\ignisv2.sys [848472 2025-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [331168 2025-04-10] (Microsoft Windows -> Microsoft Corporation)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [234072 2025-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [22120 2025-05-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [242752 2025-05-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R0 PMDRVS; C:\WINDOWS\System32\drivers\pmdrvs.sys [38160 2019-12-11] (Lenovo -> Lenovo.)
R2 SSPORT; C:\WINDOWS\system32\Drivers\SSPORT.sys [14224 2021-04-01] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 swmbbser01; C:\WINDOWS\system32\DRIVERS\swmbbser01.sys [297176 2020-08-18] (Sierra Wireless, Inc -> Sierra Wireless Incorporated)
R2 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [629184 2023-11-15] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 usbscan; C:\WINDOWS\System32\drivers\usbscan.sys [49664 2023-10-10] (Microsoft Corporation) [File not signed]
R0 vlflt; C:\WINDOWS\System32\DRIVERS\vlflt.sys [1438768 2025-05-16] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [19984 2025-05-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [606568 2025-05-22] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100736 2025-05-22] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-06-07 21:27 - 2025-06-07 21:29 - 000036797 _____ C:\Users\Köket\OneDrive\Desktop\FRST.txt
2025-06-07 21:13 - 2025-06-07 21:13 - 002406912 _____ (Farbar) C:\Users\Köket\OneDrive\Desktop\FRST64.exe
2025-06-01 18:06 - 2025-06-01 18:06 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2025-06-01 17:57 - 2025-06-01 18:07 - 002952556 _____ C:\WINDOWS\Minidump\060125-24187-01.dmp
2025-06-01 17:57 - 2025-06-01 17:57 - 1550019288 _____ C:\WINDOWS\MEMORY.DMP
2025-05-30 07:44 - 2025-06-04 14:27 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-05-29 18:00 - 2025-05-31 17:00 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2025-05-29 17:47 - 2025-05-29 17:51 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2025-05-27 20:55 - 2025-05-27 20:55 - 000000000 ___HD C:\OneDriveTemp
2025-05-27 09:43 - 2025-05-27 09:43 - 000000000 ____D C:\Users\Köket\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2025-05-22 17:30 - 2025-05-22 17:30 - 000115792 _____ C:\ProgramData\agent.update.1747927842.bdinstall.v2.bin
2025-05-15 19:48 - 2025-06-07 21:28 - 000000000 ____D C:\Users\Köket\AppData\Local\Malwarebytes
2025-05-15 19:47 - 2025-05-15 19:47 - 000002093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2025-05-15 19:47 - 2025-05-15 19:47 - 000000000 ____D C:\ProgramData\Malwarebytes
2025-05-15 19:47 - 2025-05-15 19:47 - 000000000 ____D C:\Program Files\Malwarebytes
2025-05-14 18:25 - 2025-05-14 18:25 - 000022680 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-05-14 18:23 - 2025-05-14 18:23 - 000022680 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-05-14 18:06 - 2025-05-14 18:06 - 000000000 ___HD C:\$WinREAgent
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-06-07 21:28 - 2022-05-11 19:15 - 000000000 ____D C:\FRST
2025-06-07 21:26 - 2024-10-17 10:20 - 000000000 __SHD C:\Users\Köket\OneDriveCloudTemp
2025-06-07 21:21 - 2023-03-17 11:29 - 000000000 ____D C:\ProgramData\AnyDesk
2025-06-07 21:21 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-06-07 21:19 - 2022-09-05 12:00 - 000000000 ____D C:\Users\Köket\OneDrive\Documents\Skatteverket
2025-06-07 21:19 - 2022-04-23 14:51 - 000000000 ____D C:\Users\Köket\AppData\Roaming\Microsoft\Excel
2025-06-07 21:18 - 2022-04-12 20:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-06-07 21:04 - 2021-11-12 19:15 - 000000000 ___RD C:\Users\Köket\OneDrive
2025-06-07 21:02 - 2022-09-08 15:12 - 000000000 ___RD C:\Users\Köket\care.cz
2025-06-07 20:34 - 2022-04-18 14:43 - 000000000 ____D C:\Users\Köket\AppData\Roaming\Microsoft\Word
2025-06-07 20:30 - 2021-11-12 19:13 - 000000000 ____D C:\Users\Köket\AppData\Local\Packages
2025-06-07 20:08 - 2021-11-16 17:52 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-06-07 19:07 - 2022-11-03 15:26 - 000000000 ____D C:\Users\Köket\OneDrive\Documents\Crowdestor
2025-06-07 18:13 - 2021-11-16 18:01 - 000000000 ____D C:\Users\Köket\AppData\Local\D3DSCache
2025-06-07 15:50 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-06-07 15:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-06-06 20:28 - 2021-12-22 17:33 - 000002243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-06-06 13:46 - 2025-01-23 08:13 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-06-06 10:35 - 2024-09-08 13:22 - 000001423 _____ C:\Users\Köket\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Grammarly.lnk
2025-06-06 10:35 - 2024-09-08 13:22 - 000001421 _____ C:\Users\Köket\OneDrive\Desktop\Grammarly.lnk
2025-06-06 10:35 - 2024-09-08 13:22 - 000000000 ____D C:\Users\Köket\AppData\Local\Grammarly
2025-06-05 08:10 - 2021-11-16 17:53 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-06-05 07:54 - 2023-03-14 13:35 - 000000000 ____D C:\Users\Köket\AppData\Roaming\AnyDesk
2025-06-05 07:54 - 2022-04-17 11:04 - 000000000 ____D C:\Users\Köket\AppData\Roaming\Microsoft\Teams
2025-06-05 07:53 - 2021-11-12 19:13 - 000000000 __SHD C:\Users\Köket\IntelGraphicsProfiles
2025-06-04 21:44 - 2025-01-29 17:08 - 000003540 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-1759685886-848360775-207772720-1001
2025-06-04 21:44 - 2022-04-20 14:22 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2025-06-04 21:44 - 2022-04-18 10:14 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2025-06-04 21:44 - 2022-04-18 10:14 - 000002132 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-06-04 21:44 - 2021-12-22 17:27 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1759685886-848360775-207772720-1001
2025-06-04 14:35 - 2021-11-16 18:01 - 001690502 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-06-04 14:35 - 2019-12-07 16:43 - 000714812 _____ C:\WINDOWS\system32\perfh01D.dat
2025-06-04 14:35 - 2019-12-07 16:43 - 000145728 _____ C:\WINDOWS\system32\perfc01D.dat
2025-06-04 14:35 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2025-06-04 14:27 - 2025-01-23 08:13 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-06-04 14:27 - 2021-11-16 17:59 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-06-04 14:27 - 2021-11-16 17:52 - 000008192 ___SH C:\DumpStack.log.tmp
2025-06-04 14:27 - 2021-11-12 19:12 - 000000000 ____D C:\Intel
2025-06-04 14:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2025-06-04 14:26 - 2021-11-16 17:55 - 000000000 ____D C:\Users\Köket
2025-06-04 14:26 - 2019-12-07 11:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2025-06-04 14:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2025-06-04 14:15 - 2022-04-17 10:40 - 000000000 ____D C:\Program Files (x86)\HP
2025-06-02 08:02 - 2022-04-17 14:16 - 000000000 ____D C:\Users\Köket\OneDrive\Documents\CARE Czech
2025-06-02 07:49 - 2025-01-23 08:13 - 000001065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-06-01 18:07 - 2023-11-21 18:05 - 000000000 ____D C:\WINDOWS\Minidump
2025-06-01 17:58 - 2022-04-18 10:09 - 000000000 ____D C:\Program Files\Microsoft Office
2025-06-01 17:58 - 2019-12-07 11:03 - 000131072 _____ C:\WINDOWS\system32\config\ELAM
2025-05-31 17:00 - 2022-05-26 18:02 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2025-05-30 15:33 - 2022-05-04 13:36 - 000000000 ____D C:\Users\Köket\AppData\Local\CrashDumps
2025-05-29 21:14 - 2022-05-26 17:57 - 000000000 ____D C:\Users\Köket\AppData\Local\Adobe
2025-05-29 17:59 - 2022-05-26 18:01 - 000000000 ____D C:\Program Files\Common Files\Adobe
2025-05-28 08:55 - 2022-04-17 11:16 - 000000000 ____D C:\Users\Köket\AppData\Roaming\Zoom
2025-05-27 15:13 - 2022-04-19 14:21 - 000000000 ____D C:\Users\Köket\AppData\Roaming\Microsoft\PowerPoint
2025-05-27 09:43 - 2024-10-22 18:01 - 000004244 _____ C:\WINDOWS\system32\Tasks\ZoomUpdateTaskUser-S-1-5-21-1759685886-848360775-207772720-1001
2025-05-27 09:43 - 2024-07-31 09:50 - 000001957 _____ C:\Users\Köket\OneDrive\Desktop\Zoom Workplace.lnk
2025-05-22 17:30 - 2022-04-17 09:51 - 000003842 _____ C:\WINDOWS\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2025-05-22 17:30 - 2022-04-17 09:49 - 000000000 ____D C:\Program Files\Bitdefender Agent
2025-05-22 11:53 - 2021-11-13 05:49 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2025-05-20 11:36 - 2023-07-10 22:12 - 000000000 ____D C:\Users\Köket\AppData\Roaming\BankID
2025-05-19 20:39 - 2021-12-22 17:59 - 000003678 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-05-19 20:39 - 2021-12-22 17:59 - 000003582 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7db02d471af08
2025-05-16 12:25 - 2024-09-19 22:42 - 001438768 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\vlflt.sys
2025-05-16 12:25 - 2022-04-17 09:52 - 007786032 _____ (Bitdefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\atc.sys
2025-05-15 19:47 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-05-15 00:45 - 2021-11-16 17:52 - 000440744 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-05-15 00:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-05-15 00:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-05-15 00:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2025-05-15 00:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2025-05-15 00:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-05-15 00:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2025-05-15 00:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-05-15 00:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2025-05-15 00:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-05-15 00:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-05-15 00:43 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2025-05-15 00:43 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-05-15 00:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-05-15 00:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-05-15 00:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2025-05-15 00:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-05-15 00:43 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2025-05-14 18:42 - 2021-11-12 19:40 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-05-14 18:38 - 2021-11-12 19:40 - 214836568 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-05-14 18:30 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-05-14 18:23 - 2021-11-16 17:55 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-05-14 16:43 - 2025-02-19 08:49 - 000000000 ____D C:\ProgramData\BDLogging
==================== Files in the root of some directories ========
2022-05-15 17:15 - 2022-05-15 17:15 - 000000017 _____ () C:\Users\Köket\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================