Prosím o kontrolu, čínská stránka Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: memphisto, Mods_senior, Security team

AlePet
nováček
Příspěvky: 31
Registrován: květen 19
Pohlaví: Žena

Re: Prosím o kontrolu, čínská stránka  Vyřešeno

Příspěvekod AlePet » 22 kvě 2019 22:14

OTL logfile created on: 22.05.2019 21:59:13 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Alenka v říši divů\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.17134.0)
Locale: 00000405 | Country: Česko | Language: CSY | Date Format: dd.MM.yyyy

3,88 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 51,48% Memory free
4,88 Gb Paging File | 2,91 Gb Available in Paging File | 59,75% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 237,23 Gb Total Space | 112,78 Gb Free Space | 47,54% Space Free | Partition Type: NTFS

Computer Name: ALENKA-PC | User Name: Alenka v říši divů | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found
PRC - C:\Users\Alenka v říši divů\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\SysWOW64\fontdrvhost.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe (Lenovo Group Ltd.)
PRC - C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe (Lenovo Group Ltd.)
PRC - C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (Lenovo Group Ltd.)
PRC - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor)
PRC - C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe (AVAST Software)
PRC - C:\Program Files\Elantech\ETDService.exe (ELAN Microelectronics Corp.)
PRC - C:\Program Files (x86)\Lenovo\System Update\SUService.exe ()


========== Modules (No Company Name) ==========

MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\3c4fc8da1134e187b81f4d8d49b4b94a\System.Data.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Numerics\84ef438af1e40cd00638af0f214170c3\System.Numerics.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\eb0d4fe0f65f8159df83a9b0af08bf98\System.ServiceModel.Internals.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\d0591221f8c0b23a943368675e6e1ece\SMDiagnostics.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Management\3184edf58e171f59fa5d36eb110815bb\System.Management.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime\cc1b047fbcc54f59e91627db5ba4fb28\System.Runtime.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Collections\f57c5108189731698fdcf3d07f00c6f7\System.Collections.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\296be67696c735eb85002175edd7f70f\System.Xml.Linq.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\d965c30c53468c92ec77b1694a33214b\System.Xml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\560d447a65c345c288b465cff8da1f45\System.Runtime.Serialization.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Net.Http\fb73bfac4226e743af801b2bc73e0ea1\System.Net.Http.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\29590db906a7bb52db2e4c19f9de4718\System.Configuration.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\9bff2c5d4d22b1a711e291cb2608e8fd\System.Core.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\898c4d39831f90a1288b65041277a311\System.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\a5a47e8e5e2880adecca43eb928673f1\mscorlib.ni.dll ()
MOD - C:\ProgramData\Lenovo\ImController\Plugins\LenovoWiFiSecurityPlugin\x86\x86\e_sqlite3.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (aswbIDSAgent) -- C:\Program Files\AVAST Software\Avast\aswidsagent.exe (AVAST Software)
SRV:64bit: - (AvastWscReporter) -- C:\Program Files\AVAST Software\Avast\wsc_proxy.exe (AVAST Software)
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (sedsvc) -- C:\Program Files\rempl\sedsvc.exe (Microsoft Corporation)
SRV:64bit: - (BcastDVRUserService) -- C:\Windows\SysNative\bcastdvruserservice.dll (Microsoft Corporation)
SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (diagnosticshub.standardcollector.service) -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (DiagTrack) -- C:\Windows\SysNative\diagtrack.dll (Microsoft Corporation)
SRV:64bit: - (ImControllerService) -- C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (Lenovo Group Ltd.)
SRV:64bit: - (DmEnrollmentSvc) -- C:\Windows\SysNative\Windows.Internal.Management.dll (Microsoft Corporation)
SRV:64bit: - (DoSvc) -- C:\Windows\SysNative\dosvc.dll (Microsoft Corporation)
SRV:64bit: - (NgcSvc) -- C:\Windows\SysNative\ngcsvc.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (wlpasvc) -- C:\Windows\SysNative\lpasvc.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (MBAMService) -- C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes)
SRV:64bit: - (WpnUserService_4b467) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UserDataSvc_4b467) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc_4b467) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PrintWorkflowUserSvc_4b467) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc_4b467) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc_4b467) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (MessagingService_4b467) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (DevicesFlowUserSvc_4b467) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (DevicePickerUserSvc_4b467) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (CDPUserSvc_4b467) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (BluetoothUserService_4b467) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (BcastDVRUserService_4b467) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (WaaSMedicSvc) -- C:\Windows\SysNative\WaaSMedicSvc.dll (Microsoft Corporation)
SRV:64bit: - (TokenBroker) -- C:\Windows\SysNative\TokenBroker.dll (Microsoft Corporation)
SRV:64bit: - (camsvc) -- C:\Windows\SysNative\CapabilityAccessManager.dll (Microsoft Corporation)
SRV:64bit: - (DsSvc) -- C:\Windows\SysNative\dssvc.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (CoreMessagingRegistrar) -- C:\Windows\SysNative\CoreMessaging.dll (Microsoft Corporation)
SRV:64bit: - (DusmSvc) -- C:\Windows\SysNative\dusmsvc.dll (Microsoft Corporation)
SRV:64bit: - (RmSvc) -- C:\Windows\SysNative\RMapi.dll (Microsoft Corporation)
SRV:64bit: - (ibtsiva) -- C:\WINDOWS\SysNative\ibtsiva.exe (Intel Corporation)
SRV:64bit: - (tzautoupdate) -- C:\Windows\SysNative\tzautoupdate.dll (Microsoft Corporation)
SRV:64bit: - (BthAvctpSvc) -- C:\Windows\SysNative\BthAvctpSvc.dll (Microsoft Corporation)
SRV:64bit: - (InstallService) -- C:\Windows\SysNative\InstallService.dll (Microsoft Corporation)
SRV:64bit: - (BTAGService) -- C:\Windows\SysNative\BTAGService.dll (Microsoft Corporation)
SRV:64bit: - (EntAppSvc) -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll (Microsoft Corporation)
SRV:64bit: - (icssvc) -- C:\Windows\SysNative\tetheringservice.dll (Microsoft Corporation)
SRV:64bit: - (PhoneSvc) -- C:\Windows\SysNative\PhoneService.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (UsoSvc) -- C:\Windows\SysNative\usocore.dll (Microsoft Corporation)
SRV:64bit: - (CDPSvc) -- C:\Windows\SysNative\cdpsvc.dll (Microsoft Corporation)
SRV:64bit: - (CDPUserSvc) -- C:\Windows\SysNative\cdpusersvc.dll (Microsoft Corporation)
SRV:64bit: - (RtkAudioService) -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor)
SRV:64bit: - (Dolby DAX2 API Service) -- C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe (Dolby Laboratories, Inc.)
SRV:64bit: - (WpcMonSvc) -- C:\Windows\SysNative\WpcDesktopMonSvc.dll (Microsoft Corporation)
SRV:64bit: - (spectrum) -- C:\Windows\SysNative\Spectrum.exe (Microsoft Corporation)
SRV:64bit: - (wisvc) -- C:\Windows\SysNative\FlightSettings.dll (Microsoft Corporation)
SRV:64bit: - (SharedRealitySvc) -- C:\Windows\SysNative\SharedRealitySvc.dll (Microsoft Corporation)
SRV:64bit: - (WFDSConMgrSvc) -- C:\Windows\SysNative\WFDSConMgrSvc.dll (Microsoft Corporation)
SRV:64bit: - (SecurityHealthService) -- C:\Windows\SysNative\SecurityHealthService.exe (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (PushToInstall) -- C:\Windows\SysNative\PushToInstall.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (MapsBroker) -- C:\Windows\SysNative\moshost.dll (Microsoft Corporation)
SRV:64bit: - (FrameServer) -- C:\Windows\SysNative\FrameServer.dll (Microsoft Corporation)
SRV:64bit: - (StateRepository) -- C:\Windows\SysNative\Windows.StateRepository.dll (Microsoft Corporation)
SRV:64bit: - (HvHost) -- C:\Windows\SysNative\hvhostsvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (cphs) -- C:\Windows\SysNative\DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\IntelCpHeciSvc.exe (Intel Corporation)
SRV:64bit: - (cplspcon) -- C:\Windows\SysNative\DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\IntelCpHDCPSvc.exe (Intel Corporation)
SRV:64bit: - (igfxCUIService2.0.0.0) -- C:\Windows\SysNative\DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\igfxCUIService.exe (Intel Corporation)
SRV:64bit: - (osrss) -- C:\Windows\SysNative\osrss.dll (Microsoft Corporation)
SRV:64bit: - (RetailDemo) -- C:\Windows\SysNative\RDXService.dll (Microsoft Corporation)
SRV:64bit: - (WalletService) -- C:\Windows\SysNative\WalletService.dll (Microsoft Corporation)
SRV:64bit: - (DevicePickerUserSvc) -- C:\Windows\SysNative\Windows.Devices.Picker.dll (Microsoft Corporation)
SRV:64bit: - (NaturalAuthentication) -- C:\Windows\SysNative\NaturalAuth.dll (Microsoft Corporation)
SRV:64bit: - (SmsRouter) -- C:\Windows\SysNative\SmsRouterSvc.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (diagsvc) -- C:\Windows\SysNative\DiagSvc.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (TieringEngineService) -- C:\Windows\SysNative\TieringEngineService.exe (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (SensorDataService) -- C:\Windows\SysNative\SensorDataService.exe (Microsoft Corporation)
SRV:64bit: - (PrintWorkflowUserSvc) -- C:\Windows\SysNative\PrintWorkflowService.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (UserManager) -- C:\Windows\SysNative\usermgr.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (NetSetupSvc) -- C:\Windows\SysNative\NetSetupSvc.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (DevicesFlowUserSvc) -- C:\Windows\SysNative\DevicesFlowBroker.dll (Microsoft Corporation)
SRV:64bit: - (shpamsvc) -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)
SRV:64bit: - (SensorService) -- C:\Windows\SysNative\SensorService.dll (Microsoft Corporation)
SRV:64bit: - (dmwappushservice) -- C:\Windows\SysNative\dmwappushsvc.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (UserDataSvc) -- C:\Windows\SysNative\UserDataService.dll (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc) -- C:\Windows\SysNative\Unistore.dll (Microsoft Corporation)
SRV:64bit: - (NgcCtnrSvc) -- C:\Windows\SysNative\NgcCtnrSvc.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (WpnService) -- C:\Windows\SysNative\wpnservice.dll (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc) -- C:\Windows\SysNative\PimIndexMaintenance.dll (Microsoft Corporation)
SRV:64bit: - (TimeBrokerSvc) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (WpnUserService) -- C:\Windows\SysNative\WpnUserService.dll (Microsoft Corporation)
SRV:64bit: - (XboxGipSvc) -- C:\Windows\SysNative\xboxgipsvc.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\lfsvc.dll (Microsoft Corporation)
SRV:64bit: - (SEMgrSvc) -- C:\Windows\SysNative\SEMgrSvc.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (LicenseManager) -- C:\Windows\SysNative\LicenseManagerSvc.dll (Microsoft Corporation)
SRV:64bit: - (DevQueryBroker) -- C:\Windows\SysNative\DevQueryBroker.dll (Microsoft Corporation)
SRV:64bit: - (XblGameSave) -- C:\Windows\SysNative\XblGameSave.dll (Microsoft Corporation)
SRV:64bit: - (embeddedmode) -- C:\Windows\SysNative\embeddedmodesvc.dll (Microsoft Corporation)
SRV:64bit: - (GraphicsPerfSvc) -- C:\Windows\SysNative\GraphicsPerfSvc.dll (Microsoft Corporation)
SRV:64bit: - (xbgm) -- C:\Windows\SysNative\xbgmsvc.exe (Microsoft Corporation)
SRV:64bit: - (WarpJITSvc) -- C:\Windows\SysNative\Windows.WARP.JITService.dll (Microsoft Corporation)
SRV:64bit: - (XblAuthManager) -- C:\Windows\SysNative\XblAuthManager.dll (Microsoft Corporation)
SRV:64bit: - (ClipSVC) -- C:\Windows\SysNative\ClipSVC.dll (Microsoft Corporation)
SRV:64bit: - (AJRouter) -- C:\Windows\SysNative\AJRouter.dll (Microsoft Corporation)
SRV:64bit: - (XboxNetApiSvc) -- C:\Windows\SysNative\XboxNetApiSvc.dll (Microsoft Corporation)
SRV:64bit: - (VacSvc) -- C:\Windows\SysNative\vac.dll (Microsoft Corporation)
SRV:64bit: - (LxpSvc) -- C:\Windows\SysNative\LanguageOverlayServer.dll (Microsoft Corporation)
SRV:64bit: - (SgrmBroker) -- C:\Windows\SysNative\SgrmBroker.exe (Microsoft Corporation)
SRV:64bit: - (MessagingService) -- C:\Windows\SysNative\MessagingService.dll (Microsoft Corporation)
SRV:64bit: - (BluetoothUserService) -- C:\Windows\SysNative\Microsoft.Bluetooth.UserService.dll (Microsoft Corporation)
SRV:64bit: - (IpxlatCfgSvc) -- C:\Windows\SysNative\ipxlatcfg.dll (Microsoft Corporation)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvcext.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvcext.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvmsession) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc) -- C:\Windows\SysNative\APHostService.dll (Microsoft Corporation)
SRV:64bit: - (ssh-agent) -- C:\Windows\SysNative\OpenSSH\ssh-agent.exe ()
SRV:64bit: - (SupportAssistAgent) -- C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe (Dell Inc.)
SRV:64bit: - (DDVCollectorSvcApi) -- C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe (Dell Inc.)
SRV:64bit: - (DDVDataCollector) -- C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe (Dell Inc.)
SRV:64bit: - (DDVRulesProcessor) -- C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe (Dell Inc.)
SRV:64bit: - (ETDService) -- C:\Program Files\Elantech\ETDService.exe (ELAN Microelectronics Corp.)
SRV - (WdNisSvc) -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\NisSrv.exe (Microsoft Corporation)
SRV - (WinDefend) -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MsMpEng.exe (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe)
SRV - (GoogleChromeElevationService) -- C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.157\elevation_service.exe (Google Inc.)
SRV - (DmEnrollmentSvc) -- C:\Windows\SysWOW64\Windows.Internal.Management.dll (Microsoft Corporation)
SRV - (TokenBroker) -- C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation)
SRV - (CoreMessagingRegistrar) -- C:\Windows\SysWOW64\CoreMessaging.dll (Microsoft Corporation)
SRV - (InstallService) -- C:\Windows\SysWOW64\InstallService.dll (Microsoft Corporation)
SRV - (wisvc) -- C:\Windows\SysWOW64\FlightSettings.dll (Microsoft Corporation)
SRV - (StateRepository) -- C:\Windows\SysWOW64\Windows.StateRepository.dll (Microsoft Corporation)
SRV - (cphs) -- C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (cplspcon) -- C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\IntelCpHDCPSvc.exe (Intel Corporation)
SRV - (igfxCUIService2.0.0.0) -- C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\igfxCUIService.exe (Intel Corporation)
SRV - (DevicePickerUserSvc) -- C:\Windows\SysWOW64\Windows.Devices.Picker.dll (Microsoft Corporation)
SRV - (PrintWorkflowUserSvc) -- C:\Windows\SysWOW64\PrintWorkflowService.dll (Microsoft Corporation)
SRV - (UnistoreSvc) -- C:\Windows\SysWOW64\Unistore.dll (Microsoft Corporation)
SRV - (tzautoupdate) -- C:\Windows\SysWOW64\tzautoupdate.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (PrintNotify) -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (CleanupPSvc) -- C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe (AVAST Software)
SRV - (FoxitReaderService) -- C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe (Foxit Software Inc.)
SRV - (iaStorAfsService) -- C:\Windows\IAStorAfsService\iaStorAfsService.exe (Intel Corporation)
SRV - (SUService) -- C:\Program Files (x86)\Lenovo\System Update\SUService.exe ()
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (iumsvc) -- C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe (Intel Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (amsdk) -- C:\Windows\SysNative\drivers\amsdk.sys (Copyright 2018.)
DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswHdsKe) -- C:\Windows\SysNative\drivers\aswHdsKe.sys (AVAST Software)
DRV:64bit: - (aswStm) -- C:\Windows\SysNative\drivers\aswStm.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys (AVAST Software)
DRV:64bit: - (aswKbd) -- C:\Windows\SysNative\drivers\aswKbd.sys (AVAST Software)
DRV:64bit: - (aswArPot) -- C:\Windows\SysNative\drivers\aswArPot.sys (AVAST Software)
DRV:64bit: - (aswArDisk) -- C:\Windows\SysNative\drivers\aswArDisk.sys (AVAST Software)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswbidsdriver) -- C:\Windows\SysNative\drivers\aswbidsdriver.sys (AVAST Software)
DRV:64bit: - (aswbidsh) -- C:\Windows\SysNative\drivers\aswbidsh.sys (AVAST Software)
DRV:64bit: - (aswbuniv) -- C:\Windows\SysNative\drivers\aswbuniv.sys (AVAST Software)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\wd\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\wd\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\wd\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (hvservice) -- C:\Windows\SysNative\drivers\hvservice.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (storqosflt) -- C:\Windows\SysNative\drivers\storqosflt.sys (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (wcifs) -- C:\Windows\SysNative\drivers\wcifs.sys (Microsoft Corporation)
DRV:64bit: - (CldFlt) -- C:\Windows\SysNative\drivers\cldflt.sys (Microsoft Corporation)
DRV:64bit: - (wdiwifi) -- C:\Windows\SysNative\drivers\WdiWiFi.sys (Microsoft Corporation)
DRV:64bit: - (ReFSv1) -- C:\WINDOWS\SysNative\drivers\refsv1.sys (Microsoft Corporation)
DRV:64bit: - (ReFS) -- C:\WINDOWS\SysNative\drivers\refs.sys (Microsoft Corporation)
DRV:64bit: - (MbamElam) -- C:\Windows\SysNative\drivers\MbamElam.sys (Malwarebytes)
DRV:64bit: - (bindflt) -- C:\Windows\SysNative\drivers\bindflt.sys (Microsoft Corporation)
DRV:64bit: - (aswElam) -- C:\Windows\SysNative\drivers\aswElam.sys (AVAST Software)
DRV:64bit: - (Netwtw04) -- C:\Windows\SysNative\drivers\Netwtw04.sys (Intel Corporation)
DRV:64bit: - (iaLPSS2_I2C) -- C:\Windows\SysNative\drivers\iaLPSS2_I2C.sys (Intel Corporation)
DRV:64bit: - (iaLPSS2_GPIO2) -- C:\Windows\SysNative\drivers\iaLPSS2_GPIO2.sys (Intel Corporation)
DRV:64bit: - (iorate) -- C:\Windows\SysNative\drivers\iorate.sys (Microsoft Corporation)
DRV:64bit: - (wcnfs) -- C:\Windows\SysNative\drivers\wcnfs.sys (Microsoft Corporation)
DRV:64bit: - (MMCSS) -- C:\Windows\SysNative\drivers\mmcss.sys (Microsoft Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\DriverStore\FileRepository\intcdaud.inf_amd64_ad5691824a5386fe\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (rt640x64) -- C:\Windows\SysNative\drivers\rt640x64.sys (Realtek )
DRV:64bit: - (ibtusb) -- C:\Windows\SysNative\drivers\ibtusb.sys (Intel Corporation)
DRV:64bit: - (rtsuvc) -- C:\Windows\SysNative\drivers\rtsuvc.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\TeeDriverW8x64.sys (Intel Corporation)
DRV:64bit: - (ACPIVPC) -- C:\Windows\SysNative\drivers\AcpiVpc.sys (Lenovo Corporation)
DRV:64bit: - (ETDSMBus) -- C:\Windows\SysNative\drivers\ETDSMBus.sys (ELAN Microelectronic Corp.)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (vhf) -- C:\Windows\SysNative\drivers\vhf.sys (Microsoft Corporation)
DRV:64bit: - (WinNat) -- C:\Windows\SysNative\drivers\winnat.sys (Microsoft Corporation)
DRV:64bit: - (Ucx01000) -- C:\Windows\SysNative\drivers\Ucx01000.sys (Microsoft Corporation)
DRV:64bit: - (WindowsTrustedRT) -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys (Microsoft Corporation)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (xboxgip) -- C:\Windows\SysNative\drivers\xboxgip.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (scmbus) -- C:\Windows\SysNative\drivers\scmbus.sys (Microsoft Corporation)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (storufs) -- C:\Windows\SysNative\drivers\storufs.sys (Microsoft Corporation)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (vmgid) -- C:\Windows\SysNative\drivers\vmgid.sys (Microsoft Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (SpatialGraphFilter) -- C:\Windows\SysNative\drivers\SpatialGraphFilter.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (irda) -- C:\Windows\SysNative\drivers\irda.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (bam) -- C:\Windows\SysNative\drivers\bam.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (afunix) -- C:\Windows\SysNative\drivers\afunix.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (NetAdapterCx) -- C:\Windows\SysNative\drivers\NetAdapterCx.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (Wof) -- C:\WINDOWS\SysNative\drivers\wof.sys (Microsoft Corporation)
DRV:64bit: - (applockerfltr) -- C:\Windows\SysNative\drivers\applockerfltr.sys (Microsoft Corporation)
DRV:64bit: - (WdmCompanionFilter) -- C:\Windows\SysNative\drivers\WdmCompanionFilter.sys (Microsoft Corporation)
DRV:64bit: - (Ufx01000) -- C:\Windows\SysNative\drivers\ufx01000.sys (Microsoft Corporation)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (UcmTcpciCx0101) -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys (Microsoft Corporation)
DRV:64bit: - (UcmCx0101) -- C:\Windows\SysNative\drivers\UcmCx.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (UrsCx01000) -- C:\Windows\SysNative\drivers\urscx01000.sys (Microsoft Corporation)
DRV:64bit: - (cnghwassist) -- C:\Windows\SysNative\drivers\cnghwassist.sys (Microsoft Corporation)
DRV:64bit: - (IndirectKmd) -- C:\Windows\SysNative\drivers\IndirectKmd.sys (Microsoft Corporation)
DRV:64bit: - (HwNClx0101) -- C:\Windows\SysNative\drivers\mshwnclx.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (SgrmAgent) -- C:\Windows\SysNative\drivers\SgrmAgent.sys (Microsoft Corporation)
DRV:64bit: - (GpuEnergyDrv) -- C:\Windows\SysNative\drivers\gpuenergydrv.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (FileCrypt) -- C:\Windows\SysNative\drivers\filecrypt.sys (Microsoft Corporation)
DRV:64bit: - (UdeCx) -- C:\Windows\SysNative\drivers\Udecx.sys (Microsoft Corporation)
DRV:64bit: - (Ramdisk) -- C:\Windows\SysNative\drivers\ramdisk.sys (Microsoft Corporation)
DRV:64bit: - (IPT) -- C:\Windows\SysNative\drivers\ipt.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (UcmUcsi) -- C:\Windows\SysNative\drivers\UcmUcsi.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (hidinterrupt) -- C:\Windows\SysNative\drivers\hidinterrupt.sys (Microsoft Corporation)
DRV:64bit: - (xinputhid) -- C:\Windows\SysNative\drivers\xinputhid.sys (Microsoft Corporation)
DRV:64bit: - (buttonconverter) -- C:\Windows\SysNative\drivers\buttonconverter.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (WindowsTrustedRTProxy) -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys (Microsoft Corporation)
DRV:64bit: - (ufxsynopsys) -- C:\Windows\SysNative\drivers\ufxsynopsys.sys (Microsoft Corporation)
DRV:64bit: - (UfxChipidea) -- C:\Windows\SysNative\drivers\UfxChipidea.sys (Microsoft Corporation)
DRV:64bit: - (UrsChipidea) -- C:\Windows\SysNative\drivers\urschipidea.sys (Microsoft Corporation)
DRV:64bit: - (UrsSynopsys) -- C:\Windows\SysNative\drivers\urssynopsys.sys (Microsoft Corporation)
DRV:64bit: - (genericusbfn) -- C:\Windows\SysNative\drivers\genericusbfn.sys (Microsoft Corporation)
DRV:64bit: - (cht4vbd) -- C:\Windows\SysNative\drivers\cht4vx64.sys (Chelsio Communications)
DRV:64bit: - (iaStorAVC) -- C:\Windows\SysNative\drivers\iaStorAVC.sys (Intel Corporation)
DRV:64bit: - (mlx4_bus) -- C:\Windows\SysNative\drivers\mlx4_bus.sys (Mellanox)
DRV:64bit: - (ibbus) -- C:\Windows\SysNative\drivers\ibbus.sys (Mellanox)
DRV:64bit: - (mausbhost) -- C:\Windows\SysNative\drivers\mausbhost.sys (Microsoft Corporation)
DRV:64bit: - (cht4iscsi) -- C:\Windows\SysNative\drivers\cht4sx64.sys (Chelsio Communications)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc.sys (Microsoft Corporation)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (ndfltr) -- C:\Windows\SysNative\drivers\ndfltr.sys (Mellanox)
DRV:64bit: - (pmem) -- C:\Windows\SysNative\drivers\pmem.sys (Microsoft Corporation)
DRV:64bit: - (nvdimm) -- C:\Windows\SysNative\drivers\nvdimm.sys (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (WinVerbs) -- C:\Windows\SysNative\drivers\winverbs.sys (Mellanox)
DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (percsas3i) -- C:\Windows\SysNative\drivers\percsas3i.sys (Avago Technologies)
DRV:64bit: - (percsas2i) -- C:\Windows\SysNative\drivers\percsas2i.sys (Avago Technologies)
DRV:64bit: - (mausbip) -- C:\Windows\SysNative\drivers\mausbip.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (bttflt) -- C:\Windows\SysNative\drivers\bttflt.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (hvcrash) -- C:\Windows\SysNative\drivers\hvcrash.sys (Microsoft Corporation)
DRV:64bit: - (SDFRd) -- C:\Windows\SysNative\drivers\SDFRd.sys (Microsoft Corporation)
DRV:64bit: - (WinMad) -- C:\Windows\SysNative\drivers\winmad.sys (Mellanox)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (swenum) -- C:\Windows\SysNative\DriverStore\FileRepository\swenum.inf_amd64_ea7b19c04e7a8136\swenum.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (volume) -- C:\Windows\SysNative\drivers\volume.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (QLogic Corporation)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (QLogic Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (ItSas35i) -- C:\Windows\SysNative\drivers\ItSas35i.sys (Avago Technologies)
DRV:64bit: - (LSI_SAS3i) -- C:\Windows\SysNative\drivers\lsi_sas3i.sys (Avago Technologies)
DRV:64bit: - (LSI_SAS2i) -- C:\Windows\SysNative\drivers\lsi_sas2i.sys (LSI Corporation)
DRV:64bit: - (CapImg) -- C:\Windows\SysNative\drivers\capimg.sys (Microsoft Corporation)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (rhproxy) -- C:\Windows\SysNative\drivers\rhproxy.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (megasas35i) -- C:\Windows\SysNative\drivers\megasas35i.sys (Avago Technologies)
DRV:64bit: - (megasas2i) -- C:\Windows\SysNative\drivers\MegaSas2i.sys (Avago Technologies)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (AcpiDev) -- C:\Windows\SysNative\drivers\AcpiDev.sys (Microsoft Corporation)
DRV:64bit: - (PNPMEM) -- C:\Windows\SysNative\drivers\pnpmem.sys (Microsoft Corporation)
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (iaLPSS2i_I2C_BXT_P) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_BXT_P.sys (Intel Corporation)
DRV:64bit: - (iaLPSS2i_I2C) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys (Intel Corporation)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (iai2c) -- C:\Windows\SysNative\drivers\iai2c.sys (Intel(R) Corporation)
DRV:64bit: - (iaLPSS2i_GPIO2_BXT_P) -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_BXT_P.sys (Intel Corporation)
DRV:64bit: - (iaLPSS2i_GPIO2) -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys (Intel Corporation)
DRV:64bit: - (CAD) -- C:\Windows\SysNative\drivers\CAD.sys (Microsoft Corporation)
DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_bcb89b3386563bd7\CompositeBus.sys (Microsoft Corporation)
DRV:64bit: - (iagpio) -- C:\Windows\SysNative\drivers\iagpio.sys (Intel(R) Corporation)
DRV:64bit: - (DDDriver) -- C:\Windows\SysNative\drivers\DDDriver64Dcsa.sys (Dell Inc.)
DRV:64bit: - (DellProf) -- C:\Windows\SysNative\drivers\DellProf.sys (Dell Computer Corporation)
DRV:64bit: - (ETDHCF) -- C:\Windows\SysNative\drivers\ETDHCF.sys (ELAN Microelectronics Corp.)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (iaStorAfs) -- C:\Windows\SysNative\drivers\iaStorAfs.sys (Intel Corporation)
DRV - (IntcDAud) -- C:\WINDOWS\System32\DriverStore\FileRepository\intcdaud.inf_amd64_ad5691824a5386fe\IntcDAud.sys (Intel(R) Corporation)
DRV - (igfx) -- C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\igdkmd64.sys (Intel Corporation)
DRV - (afunix) -- C:\Windows\SysWOW64\drivers\afunix.sys (Microsoft Corporation)
DRV - (swenum) -- C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_ea7b19c04e7a8136\swenum.sys (Microsoft Corporation)
DRV - (CompositeBus) -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_bcb89b3386563bd7\CompositeBus.sys (Microsoft Corporation)
DRV - (HWiNFO32) -- C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS (REALiX(tm))



Reklama
AlePet
nováček
Příspěvky: 31
Registrován: květen 19
Pohlaví: Žena

Re: Prosím o kontrolu, čínská stránka

Příspěvekod AlePet » 22 kvě 2019 22:15

========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {09EC426A-112F-4948-881B-825EA7BF984E}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{09EC426A-112F-4948-881B-825EA7BF984E}: "URL" = http://www.bing.com/search?q={SearchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope = {09EC426A-112F-4948-881B-825EA7BF984E}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{09EC426A-112F-4948-881B-825EA7BF984E}: "URL" = http://www.bing.com/search?q={SearchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://mystart.lenovo.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = FA 61 60 63 D7 10 D5 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {09EC426A-112F-4948-881B-825EA7BF984E}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll (Google LLC)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll (Google LLC)



O1 HOSTS File: ([2019.05.22 09:48:50 | 000,000,027 | RHS- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Skype for Business Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll (Microsoft Corporation)
O2 - BHO: (Skype for Business Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvLaunch.exe (AVAST Software)
O4:64bit: - HKLM..\Run: [DAX2_APP] C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe (Dolby Laboratories, Inc.)
O4:64bit: - HKLM..\Run: [SecurityHealth] C:\Program Files\Windows Defender\MSASCuiL.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lync] C:\Program Files\Microsoft Office\root\Office16\lync.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Skype] C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKCU..\Run: [Spotify] C:\Users\Alenka v říši divů\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInstrumentation = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableFullTrustStartupTasks = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUwpStartupTasks = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportFullTrustStartupTasks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportUwpStartupTasks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableFirstLogonAnimation = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleNetIDList = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NolowDiskSpaceChecks = 1
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105 File not found
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\Office16\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\Office16\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000012 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000013 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000013 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000013 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2cbbd853-3598-4364-aa9e-c0d5abd340ca}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{730b56e3-c48f-490e-a5b5-626b6d926b7d}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mso-minsb.16 {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mso-minsb-roaming.16 {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Handler\osf.16 {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Handler\osf-roaming.16 {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-minsb.16 {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-minsb-roaming.16 {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\osf.16 {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\osf-roaming.16 {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\SYSTEM32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysWow64\msv1_0.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2019.05.22 21:57:00 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Alenka v říši divů\Desktop\OTL.exe
[2019.05.22 21:51:20 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2019.05.22 20:04:52 | 000,000,000 | ---D | C] -- C:\AdsFix
[2019.05.22 20:03:57 | 006,154,648 | ---- | C] (SosVirus) -- C:\Users\Alenka v říši divů\Desktop\adsfix_V6_13.05.19.1.exe
[2019.05.22 20:02:53 | 000,000,000 | ---D | C] -- C:\QuickDiag
[2019.05.22 20:01:40 | 005,175,192 | ---- | C] (SosVirus) -- C:\Users\Alenka v říši divů\Desktop\QuickDiag.exe
[2019.05.21 09:09:40 | 000,000,000 | ---D | C] -- C:\FRST
[2019.05.21 09:08:39 | 002,435,072 | ---- | C] (Farbar) -- C:\Users\Alenka v říši divů\Desktop\frst.exe
[2019.05.21 09:06:30 | 000,000,000 | ---D | C] -- C:\Users\Alenka v říši divů\Desktop\backups
[2019.05.20 21:28:20 | 000,000,000 | ---D | C] -- C:\Users\Alenka v říši divů\AppData\Local\Zemana
[2019.05.20 21:28:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
[2019.05.20 21:28:17 | 000,232,792 | ---- | C] (Copyright 2018.) -- C:\WINDOWS\SysNative\drivers\amsdk.sys
[2019.05.20 21:28:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zemana
[2019.05.20 21:27:55 | 000,000,000 | ---D | C] -- C:\Users\Alenka v říši divů\AppData\Local\AMSDK
[2019.05.20 21:26:59 | 001,030,784 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSnx.sys
[2019.05.20 21:26:59 | 000,477,584 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSP.sys
[2019.05.20 21:26:59 | 000,385,640 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswVmm.sys
[2019.05.20 21:26:59 | 000,279,120 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswHdsKe.sys
[2019.05.20 21:26:59 | 000,262,496 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswbidsdriver.sys
[2019.05.20 21:26:59 | 000,225,096 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswStm.sys
[2019.05.20 21:26:59 | 000,207,448 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswArPot.sys
[2019.05.20 21:26:59 | 000,205,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswbidsh.sys
[2019.05.20 21:26:59 | 000,167,872 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys
[2019.05.20 21:26:59 | 000,112,312 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRdr2.sys
[2019.05.20 21:26:59 | 000,087,944 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys
[2019.05.20 21:26:59 | 000,061,472 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswbuniv.sys
[2019.05.20 21:26:59 | 000,042,288 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswKbd.sys
[2019.05.20 21:26:59 | 000,037,104 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswArDisk.sys
[2019.05.20 21:26:59 | 000,015,488 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswElam.sys
[2019.05.20 21:26:55 | 000,363,400 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe
[2019.05.19 10:05:33 | 000,000,000 | ---D | C] -- C:\Users\Alenka v říši divů\AppData\Roaming\Avast Tuneup
[2019.05.18 21:12:21 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller
[2019.05.18 20:16:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Sophos
[2019.05.18 20:15:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
[2019.05.18 20:15:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sophos
[2019.05.18 20:11:17 | 206,758,184 | ---- | C] (Sophos Limited) -- C:\Users\Alenka v říši divů\Desktop\Sophos Virus Removal Tool.exe
[2019.05.18 20:02:57 | 001,790,024 | ---- | C] (Malwarebytes) -- C:\Users\Alenka v říši divů\Desktop\JRT.exe
[2019.05.18 10:44:35 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2019.05.18 10:43:20 | 007,025,360 | ---- | C] (Malwarebytes) -- C:\Users\Alenka v říši divů\Desktop\AdwCleaner.exe
[2019.05.18 10:38:58 | 000,448,512 | ---- | C] (OldTimer Tools) -- C:\Users\Alenka v říši divů\Desktop\TFC (1).exe
[2019.05.18 10:38:25 | 000,448,512 | ---- | C] (OldTimer Tools) -- C:\Users\Alenka v říši divů\Desktop\TFC.exe
[2019.05.18 10:30:31 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Users\Alenka v říši divů\Desktop\ATF-Cleaner.exe
[2019.05.17 22:29:20 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Alenka v říši divů\Desktop\hijackthis.exe
[2019.05.17 11:07:04 | 000,000,000 | ---D | C] -- C:\Users\Alenka v říši divů\AppData\Local\mbam
[2019.05.17 11:06:42 | 000,000,000 | ---D | C] -- C:\Users\Alenka v říši divů\AppData\Local\mbamtray
[2019.05.17 11:06:29 | 000,020,936 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MbamElam.sys
[2019.05.17 11:06:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
[2019.05.17 11:06:26 | 000,153,328 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbae64.sys
[2019.05.17 11:06:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2019.05.17 11:06:20 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes
[2019.05.17 11:05:36 | 063,419,544 | ---- | C] (Malwarebytes ) -- C:\Users\Alenka v říši divů\Desktop\mb3-setup-consumer-3.7.1.2839-1.0.586-1.0.10624.exe
[2019.05.14 22:05:16 | 007,519,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll
[2019.05.14 22:05:16 | 006,569,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
[2019.05.14 22:05:13 | 025,855,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2019.05.14 22:05:03 | 022,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2019.05.14 22:05:02 | 009,084,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2019.05.14 22:05:01 | 007,436,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.storage.dll
[2019.05.14 22:04:58 | 008,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Data.Pdf.dll
[2019.05.14 22:04:58 | 007,593,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2019.05.14 22:04:57 | 005,625,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StartTileData.dll
[2019.05.14 22:04:56 | 005,788,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2019.05.14 22:04:55 | 006,043,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windows.storage.dll
[2019.05.14 22:04:54 | 003,613,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2019.05.14 22:04:53 | 004,866,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2019.05.14 22:04:53 | 004,384,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EdgeContent.dll
[2019.05.14 22:04:52 | 003,400,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2019.05.14 22:04:52 | 003,090,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\diagtrack.dll
[2019.05.14 22:04:52 | 002,882,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys
[2019.05.14 22:04:52 | 001,175,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncCore.dll
[2019.05.14 22:04:51 | 001,826,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.CloudStore.dll
[2019.05.14 22:04:51 | 001,035,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ApplyTrustOffline.exe
[2019.05.14 22:04:50 | 002,368,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WebRuntimeManager.dll
[2019.05.14 22:04:50 | 001,458,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dosvc.dll
[2019.05.14 22:04:50 | 001,219,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe
[2019.05.14 22:04:49 | 006,661,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
[2019.05.14 22:04:49 | 002,166,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2019.05.14 22:04:48 | 002,571,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2019.05.14 22:04:48 | 001,027,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe
[2019.05.14 22:04:47 | 002,175,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onecore.dll
[2019.05.14 22:04:47 | 001,454,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gdi32full.dll
[2019.05.14 22:04:47 | 001,376,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ole32.dll
[2019.05.14 22:04:47 | 000,808,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EdgeManager.dll
[2019.05.14 22:04:47 | 000,798,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetSetupEngine.dll
[2019.05.14 22:04:46 | 001,663,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GdiPlus.dll
[2019.05.14 22:04:46 | 001,560,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.desktop.dll
[2019.05.14 22:04:46 | 001,549,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2019.05.14 22:04:46 | 001,471,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GdiPlus.dll
[2019.05.14 22:04:46 | 001,364,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcastdvruserservice.dll
[2019.05.14 22:04:46 | 000,894,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\webplatstorageserver.dll
[2019.05.14 22:04:46 | 000,720,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel32.dll
[2019.05.14 22:04:46 | 000,669,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2019.05.14 22:04:46 | 000,607,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatehandlers.dll
[2019.05.14 22:04:46 | 000,353,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrd3x40.dll
[2019.05.14 22:04:46 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fcon.dll
[2019.05.14 22:04:45 | 001,459,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2019.05.14 22:04:45 | 000,985,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncHost.exe
[2019.05.14 22:04:45 | 000,567,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\daxexec.dll
[2019.05.14 22:04:44 | 001,634,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32full.dll
[2019.05.14 22:04:44 | 001,260,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2019.05.14 22:04:44 | 000,827,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Management.dll
[2019.05.14 22:04:44 | 000,784,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ngcsvc.dll
[2019.05.14 22:04:43 | 000,507,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgeIso.dll
[2019.05.14 22:04:43 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\JpnServiceDS.dll
[2019.05.14 22:04:42 | 004,054,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msi.dll
[2019.05.14 22:04:42 | 001,288,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werconcpl.dll
[2019.05.14 22:04:42 | 001,141,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2019.05.14 22:04:42 | 000,983,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2019.05.14 22:04:42 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncCore.dll
[2019.05.14 22:04:42 | 000,776,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wer.dll
[2019.05.14 22:04:42 | 000,776,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2019.05.14 22:04:42 | 000,608,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EdgeManager.dll
[2019.05.14 22:04:42 | 000,545,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hal.dll
[2019.05.14 22:04:41 | 001,130,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvproc.dll
[2019.05.14 22:04:41 | 001,098,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvproc.dll
[2019.05.14 22:04:41 | 000,576,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NetSetupEngine.dll
[2019.05.14 22:04:41 | 000,543,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2019.05.14 22:04:41 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AcGenral.dll
[2019.05.14 22:04:41 | 000,274,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browserbroker.dll
[2019.05.14 22:04:40 | 002,405,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AcGenral.dll
[2019.05.14 22:04:40 | 000,831,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncHost.exe
[2019.05.14 22:04:40 | 000,814,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieproxy.dll
[2019.05.14 22:04:40 | 000,790,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontdrvhost.exe
[2019.05.14 22:04:40 | 000,665,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wer.dll
[2019.05.14 22:04:40 | 000,593,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Internal.Management.dll
[2019.05.14 22:04:40 | 000,568,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcblaunch.exe
[2019.05.14 22:04:40 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\daxexec.dll
[2019.05.14 22:04:39 | 000,845,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapi.dll
[2019.05.14 22:04:39 | 000,793,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys
[2019.05.14 22:04:39 | 000,662,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontdrvhost.exe
[2019.05.14 22:04:39 | 000,653,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OneDriveSettingSyncProvider.dll
[2019.05.14 22:04:39 | 000,561,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2019.05.14 22:04:39 | 000,546,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FirewallAPI.dll
[2019.05.14 22:04:39 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmenrollengine.dll
[2019.05.14 22:04:39 | 000,522,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winspool.drv
[2019.05.14 22:04:39 | 000,361,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceEnroller.exe
[2019.05.14 22:04:39 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgeIso.dll
[2019.05.14 22:04:39 | 000,304,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\domgmt.dll
[2019.05.14 22:04:38 | 001,300,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AzureSettingSyncProvider.dll
[2019.05.14 22:04:38 | 000,667,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fveapi.dll
[2019.05.14 22:04:38 | 000,581,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSVideoDSP.dll
[2019.05.14 22:04:38 | 000,493,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFault.exe
[2019.05.14 22:04:38 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werui.dll
[2019.05.14 22:04:38 | 000,438,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Faultrep.dll
[2019.05.14 22:04:38 | 000,384,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Faultrep.dll
[2019.05.14 22:04:37 | 001,938,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AzureSettingSyncProvider.dll
[2019.05.14 22:04:37 | 001,307,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSVPXENC.dll
[2019.05.14 22:04:37 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nltest.exe
[2019.05.14 22:04:37 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmenrollengine.dll
[2019.05.14 22:04:37 | 000,434,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFault.exe
[2019.05.14 22:04:37 | 000,209,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wermgr.exe
[2019.05.14 22:04:37 | 000,164,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wfplwfs.sys
[2019.05.14 22:04:37 | 000,134,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.dll
[2019.05.14 22:04:37 | 000,076,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hvservice.sys
[2019.05.14 22:04:37 | 000,063,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptdll.dll
[2019.05.14 22:04:36 | 001,708,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSPhotography.dll
[2019.05.14 22:04:36 | 000,713,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSVideoDSP.dll
[2019.05.14 22:04:36 | 000,535,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OneDriveSettingSyncProvider.dll
[2019.05.14 22:04:36 | 000,462,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcdedit.exe
[2019.05.14 22:04:36 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\werui.dll
[2019.05.14 22:04:36 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SDDS.dll
[2019.05.14 22:04:36 | 000,412,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2019.05.14 22:04:36 | 000,396,088 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysNative\atmfd.dll
[2019.05.14 22:04:36 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msexcl40.dll
[2019.05.14 22:04:36 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmregistration.dll
[2019.05.14 22:04:36 | 000,192,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wermgr.exe
[2019.05.14 22:04:36 | 000,177,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\intelpep.sys
[2019.05.14 22:04:36 | 000,159,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFaultSecure.exe
[2019.05.14 22:04:36 | 000,146,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFaultSecure.exe
[2019.05.14 22:04:36 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatepolicy.dll
[2019.05.14 22:04:36 | 000,115,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kdnet.dll
[2019.05.14 22:04:35 | 001,311,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msjet40.dll
[2019.05.14 22:04:35 | 001,008,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.MixedRealityCapture.dll
[2019.05.14 22:04:35 | 000,773,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netlogon.dll
[2019.05.14 22:04:35 | 000,374,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BingASDS.dll
[2019.05.14 22:04:35 | 000,366,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieproxy.dll
[2019.05.14 22:04:35 | 000,342,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browserexport.exe
[2019.05.14 22:04:35 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mdmregistration.dll
[2019.05.14 22:04:35 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\t2embed.dll
[2019.05.14 22:04:35 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FilterDS.dll
[2019.05.14 22:04:35 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\t2embed.dll
[2019.05.14 22:04:35 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontsub.dll
[2019.05.14 22:04:35 | 000,120,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\microsoft-windows-kernel-processor-power-events.dll
[2019.05.14 22:04:35 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\updatepolicy.dll
[2019.05.14 22:04:35 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontsub.dll
[2019.05.14 22:04:35 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EduPrintProv.exe
[2019.05.14 22:04:35 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDSPnf.exe
[2019.05.14 22:04:35 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\perfproc.dll
[2019.05.14 22:04:34 | 001,361,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSPhotography.dll
[2019.05.14 22:04:34 | 001,295,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSVPXENC.dll
[2019.05.14 22:04:34 | 000,868,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.MixedRealityCapture.dll
[2019.05.14 22:04:34 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2019.05.14 22:04:34 | 000,578,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\webplatstorageserver.dll
[2019.05.14 22:04:34 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mspbde40.dll
[2019.05.14 22:04:34 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msIso.dll
[2019.05.14 22:04:34 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msltus40.dll
[2019.05.14 22:04:34 | 000,210,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DWWIN.EXE
[2019.05.14 22:04:34 | 000,209,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXApplicabilityBlob.dll
[2019.05.14 22:04:34 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enrollmentapi.dll
[2019.05.14 22:04:34 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DWWIN.EXE
[2019.05.14 22:04:34 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\enrollmentapi.dll
[2019.05.14 22:04:34 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakradiag.dll
[2019.05.14 22:04:34 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\perfproc.dll
[2019.05.14 22:04:33 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapibase.dll
[2019.05.14 22:04:33 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fveapibase.dll
[2019.05.14 22:04:33 | 000,300,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmenterprisediagnostics.dll
[2019.05.14 22:04:33 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmmigrator.dll
[2019.05.14 22:04:33 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\utcutil.dll
[2019.05.14 22:04:33 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NetDriverInstall.dll
[2019.05.14 22:04:33 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dtdump.exe
[2019.05.14 22:04:33 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iemigplugin.dll
[2019.05.14 22:04:07 | 000,835,688 | ---- | C] (Adobe) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2019.05.14 22:04:07 | 000,179,816 | ---- | C] (Adobe) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2019.05.09 17:52:21 | 000,425,128 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\SysNative\iMDriverHelper.dll
[2019.05.09 17:52:21 | 000,205,992 | ---- | C] (Lenovo Group Ltd.) -- C:\WINDOWS\SysNative\Lenovo.Modern.CoreTypes.dll
[2019.05.09 17:52:21 | 000,130,728 | ---- | C] (Lenovo Group Ltd.) -- C:\WINDOWS\SysNative\Lenovo.Modern.Utilities.dll
[2019.05.09 17:52:21 | 000,104,616 | ---- | C] (Lenovo Group Ltd.) -- C:\WINDOWS\SysNative\WudfUpdate_02000.dll
[2019.05.09 17:52:21 | 000,097,448 | ---- | C] (Lenovo Group Ltd.) -- C:\WINDOWS\SysNative\Lenovo.Modern.ImController.ImClient.dll
[2019.05.09 17:52:21 | 000,043,688 | ---- | C] (Lenovo Group Ltd.) -- C:\WINDOWS\SysNative\Lenovo.ImController.EventLogging.dll

AlePet
nováček
Příspěvky: 31
Registrován: květen 19
Pohlaví: Žena

Re: Prosím o kontrolu, čínská stránka

Příspěvekod AlePet » 22 kvě 2019 22:16

========== Files - Modified Within 30 Days ==========

[2019.05.22 22:01:23 | 000,075,659 | ---- | M] () -- C:\WINDOWS\ZAM.krnl.trace
[2019.05.22 22:01:04 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2019.05.22 21:57:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Alenka v říši divů\Desktop\OTL.exe
[2019.05.22 21:55:22 | 001,689,050 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2019.05.22 21:55:22 | 000,716,276 | ---- | M] () -- C:\WINDOWS\SysNative\perfh005.dat
[2019.05.22 21:55:22 | 000,699,960 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2019.05.22 21:55:22 | 000,144,534 | ---- | M] () -- C:\WINDOWS\SysNative\perfc005.dat
[2019.05.22 21:55:22 | 000,132,900 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2019.05.22 21:51:06 | 016,777,216 | -HS- | M] () -- C:\swapfile.sys
[2019.05.22 21:51:02 | 1665,441,792 | -HS- | M] () -- C:\hiberfil.sys
[2019.05.22 20:08:20 | 000,001,230 | ---- | M] () -- C:\Users\Alenka v říši divů\Desktop\AdsFix_Donate.lnk
[2019.05.22 20:04:06 | 006,154,648 | ---- | M] (SosVirus) -- C:\Users\Alenka v říši divů\Desktop\adsfix_V6_13.05.19.1.exe
[2019.05.22 20:01:50 | 005,175,192 | ---- | M] (SosVirus) -- C:\Users\Alenka v říši divů\Desktop\QuickDiag.exe
[2019.05.22 09:48:50 | 000,000,027 | RHS- | M] () -- C:\WINDOWS\SysNative\drivers\etc\hosts
[2019.05.21 21:39:41 | 002,268,550 | ---- | M] () -- C:\Users\Alenka v říši divů\Desktop\Bez názvu.png
[2019.05.21 09:08:48 | 002,435,072 | ---- | M] (Farbar) -- C:\Users\Alenka v říši divů\Desktop\frst.exe
[2019.05.20 21:28:19 | 000,001,340 | ---- | M] () -- C:\Users\Public\Desktop\Zemana AntiMalware.lnk
[2019.05.20 21:28:17 | 000,232,792 | ---- | M] (Copyright 2018.) -- C:\WINDOWS\SysNative\drivers\amsdk.sys
[2019.05.20 21:26:47 | 000,385,640 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswVmm.sys
[2019.05.20 21:26:44 | 000,477,584 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSP.sys
[2019.05.20 21:26:44 | 000,279,120 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswHdsKe.sys
[2019.05.20 21:26:44 | 000,225,096 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswStm.sys
[2019.05.20 21:26:44 | 000,167,872 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys
[2019.05.20 21:26:44 | 000,112,312 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRdr2.sys
[2019.05.20 21:26:44 | 000,087,944 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys
[2019.05.20 21:26:44 | 000,042,288 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswKbd.sys
[2019.05.20 21:26:41 | 000,363,400 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe
[2019.05.20 21:26:36 | 000,207,448 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswArPot.sys
[2019.05.20 21:26:36 | 000,037,104 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswArDisk.sys
[2019.05.20 21:26:35 | 001,030,784 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSnx.sys
[2019.05.20 21:26:32 | 000,262,496 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswbidsdriver.sys
[2019.05.20 21:26:32 | 000,205,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswbidsh.sys
[2019.05.20 21:26:32 | 000,061,472 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswbuniv.sys
[2019.05.20 11:50:34 | 002,038,755 | ---- | M] () -- C:\Users\Alenka v říši divů\Desktop\zoek.exe
[2019.05.19 10:07:46 | 000,344,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wd\WdFilter.sys
[2019.05.19 10:07:46 | 000,060,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wd\WdNisDrv.sys
[2019.05.19 10:07:46 | 000,046,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wd\WdBoot.sys
[2019.05.18 21:10:44 | 033,965,624 | ---- | M] () -- C:\Users\Alenka v říši divů\Desktop\RogueKiller_portable64.exe
[2019.05.18 20:15:57 | 000,002,841 | ---- | M] () -- C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
[2019.05.18 20:13:14 | 206,758,184 | ---- | M] (Sophos Limited) -- C:\Users\Alenka v říši divů\Desktop\Sophos Virus Removal Tool.exe
[2019.05.18 20:03:10 | 001,790,024 | ---- | M] (Malwarebytes) -- C:\Users\Alenka v říši divů\Desktop\JRT.exe
[2019.05.18 10:43:31 | 007,025,360 | ---- | M] (Malwarebytes) -- C:\Users\Alenka v říši divů\Desktop\AdwCleaner.exe
[2019.05.18 10:39:07 | 000,448,512 | ---- | M] (OldTimer Tools) -- C:\Users\Alenka v říši divů\Desktop\TFC (1).exe
[2019.05.18 10:38:29 | 000,448,512 | ---- | M] (OldTimer Tools) -- C:\Users\Alenka v říši divů\Desktop\TFC.exe
[2019.05.18 10:30:38 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Users\Alenka v říši divů\Desktop\ATF-Cleaner.exe
[2019.05.17 22:29:29 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Alenka v říši divů\Desktop\hijackthis.exe
[2019.05.17 11:06:28 | 000,001,927 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
[2019.05.17 11:05:47 | 063,419,544 | ---- | M] (Malwarebytes ) -- C:\Users\Alenka v říši divů\Desktop\mb3-setup-consumer-3.7.1.2839-1.0.586-1.0.10624.exe
[2019.05.15 14:58:44 | 000,403,736 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2019.05.04 01:53:18 | 000,835,688 | ---- | M] (Adobe) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2019.05.04 01:53:18 | 000,179,816 | ---- | M] (Adobe) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2019.05.03 14:14:23 | 000,790,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontdrvhost.exe
[2019.05.03 14:13:34 | 000,396,088 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysNative\atmfd.dll
[2019.05.03 14:13:20 | 001,376,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ole32.dll
[2019.05.03 13:55:03 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontsub.dll
[2019.05.03 13:54:54 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\t2embed.dll
[2019.05.03 13:51:09 | 003,613,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2019.05.03 13:51:09 | 001,364,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcastdvruserservice.dll
[2019.05.03 13:50:17 | 001,663,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GdiPlus.dll
[2019.05.03 13:50:08 | 004,054,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msi.dll
[2019.05.03 13:49:57 | 001,288,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werconcpl.dll
[2019.05.03 13:49:48 | 000,488,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werui.dll
[2019.05.03 13:49:29 | 000,210,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DWWIN.EXE
[2019.05.03 13:43:09 | 000,662,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontdrvhost.exe
[2019.05.03 13:30:29 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontsub.dll
[2019.05.03 13:30:28 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\t2embed.dll
[2019.05.03 13:28:26 | 002,882,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys
[2019.05.03 13:27:20 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DWWIN.EXE
[2019.05.03 13:26:39 | 000,425,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\werui.dll
[2019.05.03 13:25:53 | 001,471,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GdiPlus.dll
[2019.05.03 08:43:05 | 000,177,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\intelpep.sys
[2019.05.03 08:36:10 | 001,035,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ApplyTrustOffline.exe
[2019.05.03 08:34:13 | 000,159,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFaultSecure.exe
[2019.05.03 08:33:47 | 005,625,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StartTileData.dll
[2019.05.03 08:33:44 | 000,063,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptdll.dll
[2019.05.03 08:33:39 | 001,027,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe
[2019.05.03 08:33:38 | 001,219,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe
[2019.05.03 08:33:37 | 000,134,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.dll
[2019.05.03 08:33:34 | 000,076,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hvservice.sys
[2019.05.03 08:33:29 | 000,568,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcblaunch.exe
[2019.05.03 08:32:55 | 000,209,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wermgr.exe
[2019.05.03 08:32:53 | 000,438,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Faultrep.dll
[2019.05.03 08:32:42 | 000,776,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wer.dll
[2019.05.03 08:32:41 | 000,493,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFault.exe
[2019.05.03 08:32:10 | 000,164,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wfplwfs.sys
[2019.05.03 08:32:02 | 000,793,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys
[2019.05.03 08:31:58 | 007,436,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.storage.dll
[2019.05.03 08:31:57 | 007,519,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll
[2019.05.03 08:31:53 | 001,098,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvproc.dll
[2019.05.03 08:31:53 | 000,115,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kdnet.dll
[2019.05.03 08:31:52 | 001,141,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2019.05.03 08:31:51 | 001,459,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2019.05.03 08:31:51 | 000,983,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2019.05.03 08:31:46 | 000,412,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2019.05.03 08:31:45 | 009,084,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2019.05.03 08:31:41 | 001,260,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2019.05.03 08:31:35 | 000,545,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hal.dll
[2019.05.03 08:20:25 | 000,146,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFaultSecure.exe
[2019.05.03 08:20:21 | 000,434,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFault.exe
[2019.05.03 08:20:12 | 000,384,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Faultrep.dll
[2019.05.03 08:20:10 | 000,192,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wermgr.exe
[2019.05.03 08:19:50 | 000,665,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wer.dll
[2019.05.03 08:19:08 | 006,043,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windows.storage.dll
[2019.05.03 08:18:46 | 001,130,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvproc.dll
[2019.05.03 08:18:45 | 006,569,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
[2019.05.03 08:12:55 | 025,855,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2019.05.03 08:10:24 | 022,017,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2019.05.03 08:02:47 | 004,866,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2019.05.03 08:01:57 | 008,189,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Data.Pdf.dll
[2019.05.03 08:00:56 | 006,661,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
[2019.05.03 08:00:46 | 000,120,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\microsoft-windows-kernel-processor-power-events.dll
[2019.05.03 08:00:35 | 003,400,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2019.05.03 08:00:12 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\utcutil.dll
[2019.05.03 07:59:58 | 005,788,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2019.05.03 07:59:51 | 000,514,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nltest.exe
[2019.05.03 07:59:50 | 000,209,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXApplicabilityBlob.dll
[2019.05.03 07:59:17 | 007,593,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2019.05.03 07:59:16 | 001,307,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSVPXENC.dll
[2019.05.03 07:59:10 | 000,154,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakradiag.dll
[2019.05.03 07:58:58 | 000,894,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\webplatstorageserver.dll
[2019.05.03 07:58:46 | 000,462,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcdedit.exe
[2019.05.03 07:58:42 | 001,361,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSPhotography.dll
[2019.05.03 07:58:30 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dtdump.exe
[2019.05.03 07:58:16 | 002,175,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onecore.dll
[2019.05.03 07:58:12 | 001,708,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSPhotography.dll
[2019.05.03 07:58:02 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2019.05.03 07:57:42 | 001,549,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2019.05.03 07:57:32 | 001,826,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.CloudStore.dll
[2019.05.03 07:57:29 | 000,808,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EdgeManager.dll
[2019.05.03 07:57:09 | 000,561,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2019.05.03 07:57:07 | 000,608,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EdgeManager.dll
[2019.05.03 07:57:06 | 001,560,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.desktop.dll
[2019.05.03 07:57:02 | 001,295,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSVPXENC.dll
[2019.05.03 07:56:51 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\webplatstorageserver.dll
[2019.05.03 07:56:47 | 000,333,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgeIso.dll
[2019.05.03 07:56:29 | 000,773,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netlogon.dll
[2019.05.03 07:55:52 | 003,090,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\diagtrack.dll
[2019.05.03 07:55:18 | 002,166,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2019.05.03 07:54:58 | 000,845,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapi.dll
[2019.05.03 07:54:53 | 000,543,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2019.05.03 07:54:44 | 000,776,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2019.05.03 07:54:37 | 000,251,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msIso.dll
[2019.05.03 07:54:33 | 000,507,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgeIso.dll
[2019.05.03 07:54:22 | 000,669,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2019.05.03 07:54:04 | 000,667,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fveapi.dll
[2019.05.03 06:38:09 | 000,001,310 | ---- | M] () -- C:\WINDOWS\SysNative\tcbres.wim
[2019.04.24 09:06:44 | 000,017,635 | ---- | M] () -- C:\WINDOWS\SysNative\iMDriver.inf
[2019.04.24 09:06:40 | 000,205,992 | ---- | M] (Lenovo Group Ltd.) -- C:\WINDOWS\SysNative\Lenovo.Modern.CoreTypes.dll
[2019.04.24 09:06:40 | 000,130,728 | ---- | M] (Lenovo Group Ltd.) -- C:\WINDOWS\SysNative\Lenovo.Modern.Utilities.dll
[2019.04.24 09:06:40 | 000,104,616 | ---- | M] (Lenovo Group Ltd.) -- C:\WINDOWS\SysNative\WudfUpdate_02000.dll
[2019.04.24 09:06:40 | 000,104,616 | ---- | M] (Lenovo Group Ltd.) -- C:\WINDOWS\SysNative\ImController.CoInstaller.dll
[2019.04.24 09:06:40 | 000,097,448 | ---- | M] (Lenovo Group Ltd.) -- C:\WINDOWS\SysNative\Lenovo.Modern.ImController.ImClient.dll
[2019.04.24 09:06:40 | 000,054,440 | ---- | M] (Lenovo Group Ltd.) -- C:\WINDOWS\SysNative\ImController.InfInstaller.exe
[2019.04.24 09:06:40 | 000,043,688 | ---- | M] (Lenovo Group Ltd.) -- C:\WINDOWS\SysNative\Lenovo.ImController.EventLogging.dll
[2019.04.24 09:06:38 | 000,425,128 | ---- | M] (Lenovo Group Limited) -- C:\WINDOWS\SysNative\iMDriverHelper.dll
[2019.04.24 09:06:38 | 000,042,664 | ---- | M] (Lenovo Group Limited) -- C:\WINDOWS\SysNative\drivers\UMDF\iMDriver.dll
[2019.04.23 09:13:54 | 001,008,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.MixedRealityCapture.dll
[2019.04.23 08:14:32 | 000,868,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.MixedRealityCapture.dll

========== Files Created - No Company Name ==========

[2019.05.22 21:51:07 | 000,074,836 | ---- | C] () -- C:\WINDOWS\ZAM.krnl.trace
[2019.05.22 20:08:20 | 000,001,230 | ---- | C] () -- C:\Users\Alenka v říši divů\Desktop\AdsFix_Donate.lnk
[2019.05.21 21:34:14 | 002,268,550 | ---- | C] () -- C:\Users\Alenka v říši divů\Desktop\Bez názvu.png
[2019.05.20 21:28:19 | 000,001,340 | ---- | C] () -- C:\Users\Public\Desktop\Zemana AntiMalware.lnk
[2019.05.20 11:50:22 | 002,038,755 | ---- | C] () -- C:\Users\Alenka v říši divů\Desktop\zoek.exe
[2019.05.18 21:10:25 | 033,965,624 | ---- | C] () -- C:\Users\Alenka v říši divů\Desktop\RogueKiller_portable64.exe
[2019.05.18 20:15:57 | 000,002,841 | ---- | C] () -- C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
[2019.05.17 11:06:28 | 000,001,927 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
[2019.05.16 17:09:19 | 000,001,114 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
[2019.05.14 22:04:34 | 000,001,310 | ---- | C] () -- C:\WINDOWS\SysNative\tcbres.wim
[2019.05.09 17:52:21 | 000,017,635 | ---- | C] () -- C:\WINDOWS\SysNative\iMDriver.inf
[2018.09.18 11:05:42 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2018.09.18 11:02:27 | 002,841,312 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Mirage.dll
[2018.09.18 11:02:27 | 000,018,716 | ---- | C] () -- C:\WINDOWS\SysWow64\srms-apr.dat
[2018.09.06 04:02:26 | 000,168,320 | ---- | C] () -- C:\WINDOWS\SysWow64\libGLESv2.dll
[2018.09.06 04:02:26 | 000,133,504 | ---- | C] () -- C:\WINDOWS\SysWow64\libGLESv1_CM.dll
[2018.09.06 04:02:24 | 000,149,376 | ---- | C] () -- C:\WINDOWS\SysWow64\libEGL.dll
[2018.06.20 21:58:22 | 000,232,248 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkaninfo-1-999-0-0-0.exe
[2018.06.20 21:58:22 | 000,232,248 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkaninfo.exe
[2018.06.20 21:58:08 | 000,833,848 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkan-1-999-0-0-0.dll
[2018.06.20 21:58:08 | 000,833,848 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkan-1.dll
[2018.04.12 01:38:34 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2018.04.12 01:38:34 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2018.04.12 01:34:55 | 000,518,144 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2018.04.12 01:34:50 | 000,054,272 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2018.04.12 01:34:49 | 000,002,404 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2018.04.12 01:34:47 | 000,364,200 | ---- | C] () -- C:\WINDOWS\SysWow64\InputHost.dll
[2018.04.12 01:34:46 | 003,575,808 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.Analysis.dll
[2018.04.12 01:34:46 | 000,025,600 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.WARP.JITService.exe
[2018.04.12 01:34:45 | 000,329,216 | ---- | C] () -- C:\WINDOWS\SysWow64\ssdm.dll
[2018.04.12 01:34:45 | 000,223,232 | ---- | C] () -- C:\WINDOWS\SysWow64\HeatCore.dll
[2018.04.12 01:34:45 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat
[2018.04.12 01:34:45 | 000,111,616 | ---- | C] () -- C:\WINDOWS\SysWow64\WindowsDefaultHeatProcessor.dll
[2018.04.12 01:34:45 | 000,055,808 | ---- | C] () -- C:\WINDOWS\SysWow64\xboxgipsynthetic.dll
[2018.04.12 01:34:36 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2018.04.12 01:34:30 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2017.12.09 07:33:17 | 000,000,102 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc
[2017.12.09 07:32:53 | 000,000,000 | ---- | C] () -- C:\ProgramData\DP45977C.lfl
[2017.12.09 00:25:12 | 000,798,520 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkan-1-1-0-65-1.dll
[2017.12.09 00:25:00 | 000,490,808 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkaninfo-1-1-0-65-1.exe
[2017.07.20 19:21:34 | 000,776,992 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkan-1-1-0-54-1.dll
[2017.07.20 19:21:28 | 000,477,472 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkaninfo-1-1-0-54-1.exe

========== ZeroAccess Check ==========

[2019.01.24 11:40:32 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2019.05.03 08:31:58 | 007,436,536 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2019.05.03 08:19:08 | 006,043,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2018.04.12 01:34:40 | 000,973,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2018.04.12 01:34:55 | 000,785,408 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2018.04.12 01:34:40 | 000,524,288 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2018.03.13 18:35:05 | 000,000,000 | ---D | M] -- C:\Users\Alenka v říši divů\AppData\Roaming\AVAST Software
[2019.05.19 10:05:33 | 000,000,000 | ---D | M] -- C:\Users\Alenka v říši divů\AppData\Roaming\Avast Tuneup
[2019.01.24 11:46:51 | 000,000,000 | ---D | M] -- C:\Users\Alenka v říši divů\AppData\Roaming\BitTorrent
[2018.02.27 13:50:38 | 000,000,000 | ---D | M] -- C:\Users\Alenka v říši divů\AppData\Roaming\Foxit AgentInformation
[2019.03.28 13:45:53 | 000,000,000 | ---D | M] -- C:\Users\Alenka v říši divů\AppData\Roaming\Foxit Software
[2018.03.19 20:19:40 | 000,000,000 | ---D | M] -- C:\Users\Alenka v říši divů\AppData\Roaming\Opera Software
[2019.05.17 14:53:44 | 000,000,000 | ---D | M] -- C:\Users\Alenka v říši divů\AppData\Roaming\Spotify
[2019.02.21 18:59:18 | 000,000,000 | ---D | M] -- C:\Users\Alenka v říši divů\AppData\Roaming\uTorrent
[2018.07.13 17:51:59 | 000,000,000 | ---D | M] -- C:\Users\Alenka v říši divů\AppData\Roaming\WhatsApp

========== Purity Check ==========



< End of report >

AlePet
nováček
Příspěvky: 31
Registrován: květen 19
Pohlaví: Žena

Re: Prosím o kontrolu, čínská stránka

Příspěvekod AlePet » 22 kvě 2019 22:18

OTL Extras logfile created on: 22.05.2019 21:59:13 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Alenka v říši divů\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.17134.0)
Locale: 00000405 | Country: Česko | Language: CSY | Date Format: dd.MM.yyyy

3,88 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 51,48% Memory free
4,88 Gb Paging File | 2,91 Gb Available in Paging File | 59,75% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 237,23 Gb Total Space | 112,78 Gb Free Space | 47,54% Space Free | Partition Type: NTFS

Computer Name: ALENKA-PC | User Name: Alenka v říši divů | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location -literalPath '%V' (Microsoft Corporation)
Directory [UpdateEncryptionSettings] -- Reg Error: Key error.
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location -literalPath '%V' (Microsoft Corporation)
Directory [UpdateEncryptionSettings] -- Reg Error: Key error.
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\CBP]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\DPA]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = A9 99 1E 2B 28 4F D4 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\CBP]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\DPA]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09955ABC-D8BD-44D1-8E65-3BFE6D05DB31}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\root\office16\outlook.exe |
"{506A3D53-6BFA-47F2-BED7-F76B3515E206}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\opera\60.0.3255.84\opera.exe |
"{8573819D-A54D-48F7-8413-58716D486B93}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{C98FC9A0-CA6F-4ADD-9E74-5795E8C2084C}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\opera\60.0.3255.95\opera.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0254947B-17B3-4CAF-A34B-21C5BC1387E1}" = dir=out | name=@{microsoft.lockapp_10.0.17134.1_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{028138C8-CD06-4D9D-B6CA-5F502983528E}" = dir=in | name=@{microsoft.windowsfeedbackhub_1.1811.10571.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{067BF7C6-7204-4B84-8CC2-A9B3D7EDDFD6}" = dir=out | app=c:\windows\system32\backgroundtaskhost.exe |
"{07DD9021-E1F8-4DC5-B3A6-1C538C807408}" = dir=out | name=@{microsoft.bingweather_4.28.10351.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{08CC5D3D-925D-43ED-BF67-C937F5FB0754}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.17134.1.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{093CDA13-1BA9-457E-92E1-95630D93B290}" = dir=in | name=@{microsoft.windows.photos_2019.19011.19410.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{093E5BE0-3A98-4B93-9F25-B48A1BCDC4B2}" = dir=in | name=@{microsoft.messaging_4.1901.10241.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{0A871D27-2773-4231-86C6-9E7805750552}" = dir=out | name=@{microsoft.gethelp_10.1706.12921.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.gethelp/resources/appdisplayname} |
"{0B1AB9DF-647F-4DB9-942C-B5E1DD785B61}" = dir=out | name=@{microsoft.windows.holographicfirstrun_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.holographicfirstrun/resources/pkgdisplayname} |
"{0B65CF0E-1C3F-4D37-A578-ECD0DD9FA633}" = dir=out | name=@{microsoft.storepurchaseapp_11811.1001.18.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.storepurchaseapp/resources/displaytitle} |
"{0F00334C-FA43-4ED7-97A0-02E5E8889237}" = dir=out | name=@{e046963f.lenovocompanion_4.27.32.0_x86__k1h2ywk1493x8?ms-resource://e046963f.lenovocompanion/resources/appname} |
"{0F67D356-29FC-44FC-A0B3-EFACC8C2DB33}" = dir=out | app=c:\windows\system32\sihclient.exe |
"{10459726-98A4-4323-BBAE-E2ADC6506186}" = protocol=6 | dir=in | app=c:\users\alenka v říši divů\appdata\roaming\bittorrent\bittorrent.exe |
"{1200D59B-A935-4C69-A1FF-B73EBB7B15B1}" = dir=out | name=microsoft sticky notes |
"{144C0BE5-4021-46E3-A9D6-4B8D64D5EC1F}" = dir=out | app=c:\windows\systemapps\microsoft.xboxgamecallableui_cw5n1h2txyewy\xbox.tcui.exe |
"{14CE0506-598D-4756-A5E0-CB7DFF270911}" = dir=in | name=skype |
"{1500205E-B520-46E9-BC34-14B4303A3E1D}" = dir=out | name=@{microsoft.messaging_4.1901.10241.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{16B342E6-3129-4C83-B1EF-49DC0DBED41D}" = dir=in | name=@{microsoft.windows.cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{191F9B2B-293D-40D7-99BA-3C9BEEE06D3D}" = dir=out | name=windows_ie_ac_001 |
"{19733B60-2B3C-4439-BF39-1CA5ACF9D660}" = dir=out | name=@{microsoft.people_10.1812.10232.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} |
"{1BC6CF4D-E896-4C3E-9888-96692112D094}" = dir=out | name=@{microsoft.windowsfeedbackhub_1.1811.10571.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{1C324C0B-BE16-4C78-86AA-054DA664510A}" = dir=out | name=xbox game bar |
"{1CD1E1AB-7365-4E77-A18D-16E5AE404655}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.17134.1.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{21FD837D-E0C4-4A1F-911A-25210250AB07}" = dir=out | name=win32webviewhost |
"{22C8D94C-CC88-48B5-99BF-510F98928859}" = dir=in | name=@{e046963f.lenovocompanion_4.27.32.0_x86__k1h2ywk1493x8?ms-resource://e046963f.lenovocompanion/resources/appname} |
"{23381F17-2C26-4060-9203-CE691CCFA670}" = dir=out | name=@{microsoft.windows.sechealthui_10.0.17134.1_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.sechealthui/resources/packagedisplayname} |
"{23FB53D1-20DA-4E16-9167-A6DAE9C2F02A}" = dir=out | name=@{microsoft.bingweather_4.28.10351.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{25B54220-ED05-4BF9-9D60-FC4A467D88D6}" = dir=out | name=@{microsoft.windowsmaps_5.1812.10071.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} |
"{2756157B-F86B-4ED2-904C-F6B7D65B1A7D}" = dir=out | name=shell input application |
"{29081C9D-2486-4E2F-9DAC-4C093A03754A}" = dir=out | app=c:\windows\systemapps\microsoft.bioenrollment_cw5n1h2txyewy\bioenrollmenthost.exe |
"{29395D87-372B-42FC-B10F-CC5698901728}" = protocol=17 | dir=out | app=c:\program files (x86)\lenovo\system update\uncserver.exe |
"{2A583D59-B89D-44B1-9270-D846E960C1A4}" = dir=out | name=@{microsoft.windows.cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{2B652758-B368-4FDB-B4CD-47257AF516A9}" = dir=out | name=@{microsoft.windows.apprep.chxapp_1000.17134.1.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.apprep.chxapp/resources/displayname} |
"{2D5ADDD4-0DC0-4592-B9AA-C5C9CC997ECD}" = dir=out | name=@{microsoft.microsoft3dviewer_5.1811.27012.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoft3dviewer/common.view.uwp/resources/storeappname} |
"{2D9F2A86-BA9C-4050-85D0-C2C9C534EE39}" = dir=out | name=@{microsoft.people_10.1902.633.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} |
"{2E614D60-DD25-45D7-83C8-0AA8765316B9}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.17134.112_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} |
"{2ECDDA08-27BC-4593-A2AA-8BA653D0DEE8}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.17134.1.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{339E3BEC-064F-4C43-8DBC-DF218DFA8D49}" = dir=out | name=microsoft sticky notes |
"{33FCC472-B75F-4907-8E1C-E151D83F904F}" = dir=out | name=@{microsoft.windows.apprep.chxapp_1000.17134.1.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.apprep.chxapp/resources/displayname} |
"{355544EF-19A2-4F43-A0F9-915E26FF5F80}" = dir=in | name=@{e046963f.lenovocompanion_4.27.32.0_x86__k1h2ywk1493x8?ms-resource://e046963f.lenovocompanion/resources/appname} |
"{3562536C-D9DC-4034-96DD-9A3D9CB17A74}" = dir=out | name=linkedin |
"{3730DB64-D7AB-4479-A694-F6AB5DEC4915}" = dir=out | name=@{microsoft.windows.sechealthui_10.0.17134.1_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.sechealthui/resources/packagedisplayname} |
"{3A3E2B54-DDB8-4E88-AD60-0ECF9BE78E1C}" = dir=out | name=@{microsoft.windowscamera_2019.425.30.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscamera/lenssdk/resources/appstorename} |
"{3E0E415B-6B0D-40AF-AB8B-268F99A8700D}" = dir=out | name=@{microsoft.ppiprojection_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{3EFC7224-7047-40EF-AE61-891590EE4BB9}" = dir=in | name=@{microsoft.windowscommunicationsapps_16005.11425.20190.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{41BCD884-BF53-49FA-A9F6-A06A4EB73263}" = dir=out | app=c:\windows\systemapps\microsoft.lockapp_cw5n1h2txyewy\lockapp.exe |
"{47CEA805-6B19-4113-9835-20F3FD3D9247}" = dir=out | name=@{microsoft.lockapp_10.0.17134.1_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{4A3F0E17-7722-4829-9442-D8E45680C059}" = dir=in | name=@{microsoft.windowscommunicationsapps_16005.11425.20190.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{4AF3C7EA-DEA1-4A85-9A65-79C4F002BA9E}" = dir=out | name=@{e046963f.lenovocompanion_4.27.32.0_x86__k1h2ywk1493x8?ms-resource://e046963f.lenovocompanion/resources/appname} |
"{4B539033-EA9F-40F1-A4A0-1D65AB185C8B}" = dir=out | name=xbox tcui |
"{4F64F8D5-D578-4E4A-81DF-725FC8DFAC79}" = dir=in | name=@{microsoft.ppiprojection_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{514C5354-6745-42EC-BE7F-BE02407D1B3F}" = dir=in | name=@{microsoft.windows.cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{555390AE-C66B-4391-817D-666FEF03F3E1}" = dir=in | name=@{microsoft.messaging_4.1901.10241.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{5593DE37-C9B2-46EA-9945-65FCE5CB4144}" = dir=in | name=@{microsoft.windows.photos_2019.19031.17720.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{55B5F7E4-12E5-42FD-BBD3-4830F7436C39}" = dir=out | name=@{microsoft.windowscalculator_10.1903.21.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscalculator/resources/appstorename} |
"{561313D7-F057-4839-8D28-0B100355F506}" = dir=out | name=@{microsoft.microsoftedge_42.17134.1.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{56900479-66FE-433F-9000-DEEB46217877}" = dir=out | name=microsoft solitaire collection |
"{575FB190-B828-4A1C-9391-E595B54C6DD8}" = dir=out | app=c:\windows\system32\slui.exe |
"{59AF2CB0-3314-4847-9E1F-8A49EB0DBC08}" = dir=out | name=@{microsoft.windowscommunicationsapps_16005.11425.20190.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{5A8C9839-8B0C-40C5-A91A-D715A6B354C4}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.17134.1.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{5CC2C371-CB10-4B7A-B11E-CFE7EED1FA44}" = dir=out | app=c:\program files (x86)\iobit\driver booster\5.2.0\autoupdate.exe |
"{5D49CAB6-A4C5-45ED-BBE3-04077B403214}" = dir=out | name=skype |
"{5D871A33-836E-4068-841A-E8030BFD98FF}" = dir=in | name=@{microsoft.windowsstore_11811.1001.27.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{5F0E77C1-FB11-471D-ABDE-1939972486BE}" = dir=out | name=@{microsoft.desktopappinstaller_1.0.30732.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.desktopappinstaller/resources/appdisplayname} |
"{6407FFF3-0C19-4473-BA91-888FEB0F8DAD}" = dir=out | app=c:\windows\systemapps\parentalcontrols_cw5n1h2txyewy\wpcuapapp.exe |
"{642101F2-6E8D-4544-8804-C4A726352DE1}" = dir=in | name=@{microsoft.windowsfeedbackhub_1.1811.10862.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{6455258A-010C-4040-A248-A6CD87939D1C}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{66D45843-FF7B-4F34-93EF-92A806EEAC2B}" = dir=out | name=@{microsoft.microsoftofficehub_17.10314.31700.1000_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{6838D842-83AF-4672-B1C1-62D54722122A}" = dir=in | name=@{microsoft.zunemusic_10.19011.11311.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{6991CD5D-30B2-4AB6-9DA5-51367263C5FE}" = dir=out | name=print 3d |
"{6ADDAB40-BC9F-486F-8ABA-69E938ED3242}" = dir=out | name=@{microsoft.microsoftedge_42.17134.1.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{6D60FD6F-FCEE-405B-A107-5644B4ECA7E6}" = protocol=6 | dir=in | app=c:\program files\microsoft office\root\office16\lync.exe |
"{715D50DA-8B16-457E-A1A2-9BED1C0C6004}" = dir=out | name=@{microsoft.microsoft3dviewer_6.1903.4012.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoft3dviewer/common.view.uwp/resources/storeappname} |
"{72D0FF13-3C34-4E4D-A2E5-BF58E588A535}" = dir=out | name=@{microsoft.zunevideo_10.19021.10411.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{7373C6A6-3D7C-4281-8B9D-5BACDA9578D6}" = dir=out | name=@{microsoft.accountscontrol_10.0.17134.1_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{73F818B1-BFE2-4C58-8F1C-F48C0415942C}" = dir=in | name=@{microsoft.microsoftedge_42.17134.1.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{744CD786-8055-4DB0-84B8-445CCBA87E2E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\root\office16\lync.exe |
"{784730A9-9E15-4D8B-B87D-CD026C8BC543}" = dir=out | name=@{microsoft.messaging_4.1901.10241.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{793F6EE0-4870-4277-8C0F-1321FE552247}" = dir=out | name=@{microsoft.xboxidentityprovider_12.53.10001.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxidentityprovider/resources/displayname} |
"{7D32D4C1-E426-45E7-9F97-0452F1E9CD8B}" = dir=out | name=xbox gaming overlay |
"{7EC726E4-319E-425F-A71E-AE93A23F79E3}" = dir=out | name=@{microsoft.windows.peopleexperiencehost_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.peopleexperiencehost/resources/pkgdisplayname} |
"{80BC783A-42FF-47D8-8F86-ADC241D2A5E6}" = protocol=17 | dir=in | app=c:\users\alenka v říši divů\appdata\roaming\bittorrent\bittorrent.exe |
"{81148912-C15D-44A4-BD8D-7D3FA0C1B006}" = dir=in | name=@{microsoft.ppiprojection_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{812FF0F8-1BC9-49ED-B84A-93B111E72F31}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.17134.1.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{8253DBFC-3A35-4B33-AD22-9498DABFDFBF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\root\office16\ucmapi.exe |
"{82B1DE42-F089-43D8-BE75-02C798112E5A}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.17134.1.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{832224C8-22D4-4DD5-A3B6-498FC811F182}" = dir=out | name=@{microsoft.windowscommunicationsapps_16005.11425.20190.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{8681CA90-68FA-401D-832E-E4654AD9F677}" = dir=out | name=@{microsoft.windowsstore_11904.1001.1.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{86F69025-E83C-4414-B84B-A2792A1BB97F}" = dir=out | name=@{microsoft.windows.photos_2019.19011.19410.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{8A073EF5-1CC9-4BA8-B03E-2E26E793A388}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{8B1FE92A-3616-4A1E-AF67-1BBA7429CEC2}" = dir=in | name=onenote |
"{8BA6F38A-9FC7-4787-9F89-C01F6DC01120}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{8BD7A026-C540-4135-B19C-8A4A843F2568}" = dir=out | name=@{microsoft.windowsfeedbackhub_1.1811.10862.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{8BDE8C5C-8029-4ED4-9CA1-55D36BA0A1C2}" = dir=out | name=@{microsoft.windowscamera_2019.124.60.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscamera/lenssdk/resources/appstorename} |
"{8BE9C9E4-142B-407B-9EE5-44F17AC5D754}" = dir=in | name=@{microsoft.microsoftedge_42.17134.1.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{8CA52904-845A-48D4-A923-7938A9F98968}" = dir=out | name=@{e046963f.lenovocompanion_4.27.32.0_x86__k1h2ywk1493x8?ms-resource://e046963f.lenovocompanion/resources/appname} |
"{8CE21DAE-7F54-4397-B630-901516D1C5BD}" = dir=in | name=@{e046963f.lenovocompanion_4.27.32.0_x86__k1h2ywk1493x8?ms-resource://e046963f.lenovocompanion/resources/appname} |
"{8E830ADA-FDD7-4FD8-A119-061DB28CE8D6}" = dir=out | name=@{microsoft.windows.peopleexperiencehost_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.peopleexperiencehost/resources/pkgdisplayname} |
"{92EC44E7-B83F-4100-BA36-E24895944DAB}" = dir=out | name=@{microsoft.desktopappinstaller_1.0.30311.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.desktopappinstaller/resources/appdisplayname} |
"{93E4A80D-A4CC-498C-875F-6A7F9FFB9336}" = dir=in | name=@{microsoft.oneconnect_5.1902.361.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnectstrings/oneconnect/appstorename} |
"{93FDA8A9-C40C-4FE6-9F60-1482992D9F56}" = dir=out | name=@{microsoft.windowsstore_11811.1001.27.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{95D2E548-2C8A-4E3A-B36D-B1906477DB9E}" = dir=out | name=@{microsoft.zunemusic_10.19011.11311.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{9639CB00-0B03-4468-8A78-1C58E74525FE}" = dir=out | app=c:\windows\system32\wermgr.exe |
"{96D7CC59-6B9A-41C5-8328-ABFF81026694}" = dir=in | name=@{microsoft.desktopappinstaller_1.0.30311.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.desktopappinstaller/resources/appdisplayname} |
"{96E3D4DC-BB57-4C9A-B306-C89D18F0C71B}" = dir=out | name=@{microsoft.storepurchaseapp_11811.1001.18.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.storepurchaseapp/resources/displaytitle} |
"{97E8F3AE-6F3A-41B1-8140-57321F7CD6D2}" = dir=in | app=c:\program files (x86)\iobit\driver booster\5.2.0\dbdownloader.exe |
"{99086B69-C141-4127-8C92-F7FAFD2F8794}" = protocol=6 | dir=in | app=c:\users\alenka v říši divů\appdata\roaming\spotify\spotify.exe |
"{995AFF61-1C30-43D3-B9FF-25BA95CACF83}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{99B95F7C-F2B3-4DBB-B180-E010646AEEBE}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{9A0026A3-9C2A-4F46-A589-48AEEABCBE1E}" = dir=out | name=@{microsoft.windows.holographicfirstrun_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.holographicfirstrun/resources/pkgdisplayname} |
"{9FFDF2A2-00D3-4D28-8B88-225740B84A62}" = dir=in | name=print 3d |
"{A3B219A4-74FD-421A-890C-847086E708E3}" = dir=out | name=microsoft pay |
"{A52934A4-7F9C-4821-A7B0-8C14D52B24CC}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.17134.1.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{A6872586-1E12-46D6-B491-9FB3EE534316}" = dir=out | app=c:\windows\systemapps\microsoft.accountscontrol_cw5n1h2txyewy\accountscontrolhost.exe |
"{A6FD92F7-ED9A-4B9C-BB02-B8F9EF56AF26}" = dir=in | name=@{microsoft.microsoftofficehub_17.10314.31700.1000_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{A8D221A5-7650-439A-807E-93AA8FD8EB98}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.17134.1.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{A9144480-073B-44E0-B237-3AD4E42739F9}" = dir=out | name=@{microsoft.lockapp_10.0.16299.15_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{AAB10182-C27C-4C01-B5C4-72F053C2E8AC}" = dir=out | app=c:\windows\system32\wsqmcons.exe |
"{AB877502-8DBD-42FC-8217-24216ABF3D9C}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{AD685AA7-EDA1-42C4-A7F2-AAB838F096ED}" = dir=out | app=c:\windows\system32\msfeedssync.exe |
"{AEA60857-D026-4C39-B9F7-BF382B093FB4}" = dir=out | app=c:\windows\system32\compattelrunner.exe |
"{AF513A57-493A-42CC-A3BE-2FF7AC8868B6}" = dir=out | app=c:\windows\system32\settingsynchost.exe |
"{B0ED5521-3234-4BC1-8986-19495F511E03}" = dir=in | name=@{microsoft.ppiprojection_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{B2935070-8160-43BC-BE20-D74F349B3687}" = dir=out | app=c:\windows\systemapps\microsoft.windows.cortana_cw5n1h2txyewy\searchui.exe |
"{B4099B11-915F-4C8F-AC19-F84E4FBDBE35}" = dir=out | name=@{e046963f.lenovocompanion_4.27.32.0_x86__k1h2ywk1493x8?ms-resource://e046963f.lenovocompanion/resources/appname} |
"{BAA97E84-027C-41EA-8394-2BCFFB9F85E2}" = dir=in | name=onenote |
"{BBBAF38B-A77D-47C9-A36A-E701CAF0013B}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.17134.112_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} |
"{BF26DF38-24CA-4121-A5D7-36C4AA53A366}" = dir=in | app=c:\program files (x86)\iobit\driver booster\5.2.0\driverbooster.exe |
"{BFC659FF-CA8E-41B8-B8E1-6C82B1DD0B24}" = dir=out | name=@{microsoft.windows.cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{BFC8D53D-B23F-4FAE-81B1-A21A3A1E0C2B}" = dir=out | name=win32webviewhost |
"{C02BBDA3-26F5-4FBD-80BA-FBAC6973EE79}" = dir=out | name=@{microsoft.windowscalculator_10.1812.10048.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscalculator/resources/appstorename} |
"{C14FE87B-1F59-46E3-8F4E-EAC4BE863BD3}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{C3C5E256-FE87-4F85-930C-E3B73A6051ED}" = dir=out | name=linkedin |
"{C65CABDF-90F2-4DD3-9D94-A997DEAC9925}" = dir=out | app=c:\program files (x86)\iobit\driver booster\5.2.0\driverbooster.exe |
"{C6E496A1-3652-4427-A78D-8DFD64B2397A}" = dir=in | name=@{e046963f.lenovocompanion_4.27.32.0_x86__k1h2ywk1493x8?ms-resource://e046963f.lenovocompanion/resources/appname} |
"{C783A9DE-F3B9-4759-AF7E-2895FE013ACD}" = dir=in | name=@{microsoft.desktopappinstaller_1.0.30732.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.desktopappinstaller/resources/appdisplayname} |
"{C78F5157-03C9-4AFC-ABC9-ABBAF7713620}" = dir=out | name=office |
"{C7B65CA5-D6D0-4864-8A09-40716C46F455}" = dir=out | name=@{microsoft.ppiprojection_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{CC08500E-2A53-4737-A50F-318FAF59F509}" = dir=out | name=microsoft solitaire collection |
"{CC4039B4-57CF-46C6-8474-E525D26733E8}" = dir=out | name=onenote |
"{CE3FA9F6-B7E9-40E6-9B89-5CEC9CE143C2}" = dir=out | app=c:\windows\systemapps\microsoft.aad.brokerplugin_cw5n1h2txyewy\microsoft.aad.brokerplugin.exe |
"{CF228DBC-6FA4-49F6-9BAB-09704B1F3B4A}" = dir=in | name=microsoft sticky notes |
"{CF73802A-0472-4AE7-95DB-EE39EDB927BA}" = dir=in | name=print 3d |
"{CF9609E5-C16B-4A57-A869-767EA04D777A}" = dir=out | app=c:\windows\system32\mrt.exe |
"{D01DBA4E-5F77-4599-982A-842E4234CB65}" = dir=out | app=c:\windows\system32\taskhostw.exe |
"{D06D40D7-7A3E-41B1-9549-B86533F1FEA5}" = dir=in | name=win32webviewhost |
"{D0E17AB1-47ED-4B20-9E64-13FC8059578A}" = dir=out | app=c:\program files (x86)\iobit\driver booster\5.2.0\dbdownloader.exe |
"{D0E7C148-7C74-47EB-8F67-665A130808F4}" = protocol=17 | dir=in | app=c:\program files\microsoft office\root\office16\ucmapi.exe |
"{D1302A03-1669-420E-AAE9-016437464DEA}" = dir=out | name=@{microsoft.mspaint_5.1904.8017.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.mspaint/resources/appname} |
"{D186FEEE-6B73-4BAF-AA3E-567B2E05A43C}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{D1AECD5C-B065-4BF0-989A-8A072EF91689}" = dir=out | name=xbox gaming overlay |
"{D1D4783D-9B7B-43CD-B480-C6BEEB091017}" = dir=out | name=@{microsoft.getstarted_6.15.12641.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} |
"{D57C1661-C3F4-4437-8720-26D4E2E49AA8}" = dir=out | name=@{microsoft.gethelp_10.1706.20381.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.gethelp/resources/appdisplayname} |
"{D5E4068E-817F-4112-AD08-A0C6E9A31247}" = dir=out | name=shell input application |
"{D659FCF8-81E9-4784-B469-F7AC07A454E0}" = dir=out | name=@{microsoft.ppiprojection_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{D83DA807-ACF7-4EF0-8C64-46E4D15C710A}" = dir=in | name=microsoft solitaire collection |
"{D8E5BCD5-D1BF-41FD-B24C-516F9ED897F4}" = dir=out | name=@{microsoft.ppiprojection_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{DAEB7301-7AE0-4B8E-980F-B0D159FE0EDE}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.16299.371_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} |
"{DEFF202C-B558-4EB5-BECB-5C81BEC19564}" = dir=in | name=@{microsoft.ppiprojection_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{E0D4C315-5166-4977-A258-29C34A34215B}" = dir=out | name=@{microsoft.windows.photos_2019.19031.17720.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{E28F90CD-7BBB-4E1D-A0F9-B50A79E4982C}" = dir=in | name=@{microsoft.zunevideo_10.19021.10411.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{E452C6E8-9CB6-4321-A848-73262D703EDA}" = dir=out | name=@{microsoft.oneconnect_5.1902.361.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnectstrings/oneconnect/appstorename} |
"{E4B2EDA6-E0B6-4359-B899-156B5BA804A6}" = dir=out | name=onenote |
"{E5A0CC3D-C360-4ADA-8C06-2B823B1F8A4A}" = dir=out | name=@{microsoft.xboxidentityprovider_12.46.25001.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxidentityprovider/resources/displayname} |
"{EAA58B8F-F8F6-480A-B748-516B98F5424E}" = dir=in | name=win32webviewhost |
"{ECF99C98-8D64-4311-8E0F-4755D43164F4}" = dir=out | name=print 3d |
"{ED7EA482-E28A-4DBF-B91A-BB7A14492F1B}" = protocol=17 | dir=in | app=c:\users\alenka v říši divů\appdata\roaming\spotify\spotify.exe |
"{EFF43677-352D-4817-9BFA-704B797291B5}" = dir=in | name=@{e046963f.lenovocompanion_4.27.32.0_x86__k1h2ywk1493x8?ms-resource://e046963f.lenovocompanion/resources/appname} |
"{F09E4CE0-7D1D-4E0E-B14E-48C0FA481F13}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{F31E87E9-600A-47DE-8153-B7573B05FDC6}" = dir=in | name=microsoft solitaire collection |
"{F6C9E9DD-563B-4463-9479-7A8686D54C20}" = dir=in | name=@{e046963f.lenovocompanion_4.27.32.0_x86__k1h2ywk1493x8?ms-resource://e046963f.lenovocompanion/resources/appname} |
"{F77187C9-F424-4C77-94E3-3AE8DE234563}" = dir=out | name=@{microsoft.windows.oobenetworkcaptiveportal_10.0.17134.1_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.oobenetworkcaptiveportal/resources/appdisplayname} |
"{F84782F4-2632-4B52-80F4-43B6097106E7}" = dir=out | name=xbox game bar |
"{F9622EC7-2038-4D91-94FC-E063EC213F1D}" = dir=in | name=@{microsoft.windowsstore_11904.1001.1.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{FA15B26E-DB66-4331-B944-30EF6D882E8A}" = dir=in | name=microsoft sticky notes |
"{FA760B5B-AF61-4DBE-9E53-73C1A265A793}" = dir=in | app=c:\program files (x86)\iobit\driver booster\5.2.0\autoupdate.exe |
"{FAB2A03F-97C6-4730-AF28-B411011513B9}" = dir=out | app=c:\windows\system32\dmclient.exe |
"{FC200FBC-56B1-46F3-B2B1-3A8670ECDAD1}" = dir=out | name=@{microsoft.mspaint_5.1811.20017.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.mspaint/resources/appname} |
"{FD44E04D-BA35-4B4E-A9CF-BC891C84B469}" = dir=out | name=@{microsoft.accountscontrol_10.0.17134.1_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{FE54E6B6-E254-4FA1-A6EB-2153D61B2D4E}" = dir=out | name=@{microsoft.windows.oobenetworkcaptiveportal_10.0.17134.1_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.oobenetworkcaptiveportal/resources/appdisplayname} |
"{FF164A12-44DB-483C-A17F-AAA2F73B9862}" = protocol=6 | dir=out | app=c:\program files (x86)\lenovo\system update\uncserver.exe |
"TCP Query User{0800B84F-CB9B-42EF-8470-011DF1F1AC06}C:\users\alenka v říši divů\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\alenka v říši divů\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{183E7003-C29F-4A1A-A62E-F91F561E0D90}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{FD82E21F-F466-4D6F-94A3-657BD7D51680}C:\users\alenka v říši divů\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\alenka v říši divů\appdata\roaming\spotify\spotify.exe |
"UDP Query User{484B4DD4-1223-4A44-8501-1D98C6A933A5}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{89B6BBC6-730F-4C4A-94C7-85EB3AF8CA86}C:\users\alenka v říši divů\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\alenka v říši divů\appdata\roaming\spotify\spotify.exe |
"UDP Query User{F77ACF4E-9D97-4E0D-8927-FFE8F38B4A44}C:\users\alenka v říši divů\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\alenka v říši divů\appdata\roaming\utorrent\utorrent.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1CEAC85D-2590-4760-800F-8DE5E91F3700}" = Intel(R) Management Engine Components
"{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1" = Malwarebytes verze 3.7.1.2839
"{8738A898-221B-4279-BC87-FEF7938022C1}" = Dolby Audio X2 Windows API SDK
"{90160000-007E-0000-1000-0000000FF1CE}" = Office 16 Click-to-Run Licensing Component
"{90160000-008C-0000-1000-0000000FF1CE}" = Office 16 Click-to-Run Extensibility Component
"{90160000-008C-0405-1000-0000000FF1CE}" = Office 16 Click-to-Run Localization Component
"{9207D68E-666A-49C7-A900-9F5B2FF289E4}" = Dolby Audio X2 Windows APP
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{94E05108-3E4E-4F2E-AC5F-33A1B22B779C}" = Intel(R) Chipset Device Software
"{9DD6B149-CEBC-4910-B11A-242393EDF6D3}" = Dell SupportAssistAgent
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{BB1B550F-329D-4B07-A8D0-82914483411C}" = Intel(R) Management Engine Components
"{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}" = Intel(R) ME UninstallLegacy
"7-Zip" = 7-Zip 18.01 (x64)
"Drive Manager Easy Kit 1.4.2" = Drive Manager Easy Kit
"O365ProPlusRetail - cs-cz" = Microsoft Office 365 ProPlus - cs-cz
"VulkanRT1.0.54.1" = Vulkan Run Time Libraries 1.0.54.1
"VulkanRT1.0.65.1" = Vulkan Run Time Libraries 1.0.65.1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{050d4fc8-5d48-4b8f-8972-47c82c46020f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
"{075CC190-59EE-499F-828B-0B5C098C8C15}_is1" = Avast Cleanup Premium
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{17408817-d415-4768-a160-ae6d46d6bdb0}" = Intel(R) Chipset Device Software
"{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}" = Skype™ 7.40
"{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1" = Zemana AntiMalware verze 3.1.66
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{69BCE4AC-9572-3271-A2FB-9423BDA36A43}" = Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215
"{AA8BC571-E96E-4478-927F-CB44CC7D7D07}" = Intel(R) Update Manager
"{B829E117-D072-41EA-9606-9826A38D34C1}" = Sophos Virus Removal Tool
"{BBF2AC74-720C-3CB3-8291-5E34039232FA}" = Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215
"{e2803110-78b3-4664-a479-3611a381656a}" = Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"Adobe Flash Player PPAPI" = Adobe Flash Player 32 PPAPI
"Avast Antivirus" = Avast Free Antivirus
"Foxit Reader_is1" = Foxit Reader
"Google Chrome" = Google Chrome
"Opera 60.0.3255.95" = Opera Stable 60.0.3255.95
"TVSU_is1" = Lenovo System Update
"VLC media player" = VLC media player

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1" = Lenovo Service Bridge
"OneDriveSetup.exe" = Microsoft OneDrive
"Spotify" = Spotify
"WhatsApp" = WhatsApp

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 18.05.2019 17:47:24 | Computer Name = Alenka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: zoek.exe, verze: 0.0.0.0, časové razítko:
0x00000000 Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17134.753, časové
razítko: 0x976ea24c Kód výjimky: 0xc0000409 Posun chyby: 0x00111942 ID chybujícího
procesu: 0x23d4 Čas spuštění chybující aplikace: 0x01d50dc342c678b0 Cesta k chybující
aplikaci: C:\Users\Alenka v říši divů\Desktop\zoek.exe Cesta k chybujícímu modulu:
C:\WINDOWS\System32\KERNELBASE.dll ID zprávy: 7b3b59b2-808d-4b21-b650-d1d9e65a9cf4
Úplný
název chybujícího balíčku: ? ID aplikace související s chybujícím balíčkem: ?

Error - 18.05.2019 17:49:05 | Computer Name = Alenka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: zoek.exe, verze: 0.0.0.0, časové razítko:
0x00000000 Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17134.753, časové
razítko: 0x976ea24c Kód výjimky: 0xc0000409 Posun chyby: 0x00111942 ID chybujícího
procesu: 0x1b08 Čas spuštění chybující aplikace: 0x01d50dc37f43b62f Cesta k chybující
aplikaci: C:\Users\Alenka v říši divů\Desktop\zoek.exe Cesta k chybujícímu modulu:
C:\WINDOWS\System32\KERNELBASE.dll ID zprávy: c022ade4-4649-4404-8acb-ef57999a28d1
Úplný
název chybujícího balíčku: ? ID aplikace související s chybujícím balíčkem: ?

Error - 18.05.2019 17:49:55 | Computer Name = Alenka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: zoek.exe, verze: 0.0.0.0, časové razítko:
0x00000000 Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17134.753, časové
razítko: 0x976ea24c Kód výjimky: 0xc0000409 Posun chyby: 0x00111942 ID chybujícího
procesu: 0x2294 Čas spuštění chybující aplikace: 0x01d50dc39cc766e5 Cesta k chybující
aplikaci: C:\Users\Alenka v říši divů\Desktop\zoek.exe Cesta k chybujícímu modulu:
C:\WINDOWS\System32\KERNELBASE.dll ID zprávy: c9161267-dda2-4963-a622-f3c98d0a9e3b
Úplný
název chybujícího balíčku: ? ID aplikace související s chybujícím balíčkem: ?

Error - 18.05.2019 17:52:29 | Computer Name = Alenka-PC | Source = Microsoft-Windows-SpellChecker | ID = 33
Description =

Error - 18.05.2019 17:54:41 | Computer Name = Alenka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: zoek.exe, verze: 0.0.0.0, časové razítko:
0x00000000 Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17134.753, časové
razítko: 0x976ea24c Kód výjimky: 0xc0000409 Posun chyby: 0x00111942 ID chybujícího
procesu: 0x228c Čas spuštění chybující aplikace: 0x01d50dc44724ac91 Cesta k chybující
aplikaci: C:\Users\Alenka v říši divů\Desktop\zoek.exe Cesta k chybujícímu modulu:
C:\WINDOWS\System32\KERNELBASE.dll ID zprávy: 6a05bb46-1dd4-4933-ae7c-17059e6e60d0
Úplný
název chybujícího balíčku: ? ID aplikace související s chybujícím balíčkem: ?

Error - 18.05.2019 17:56:40 | Computer Name = Alenka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: zoek.exe, verze: 0.0.0.0, časové razítko:
0x00000000 Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17134.753, časové
razítko: 0x976ea24c Kód výjimky: 0xc0000409 Posun chyby: 0x00111942 ID chybujícího
procesu: 0x1870 Čas spuštění chybující aplikace: 0x01d50dc48dda7917 Cesta k chybující
aplikaci: C:\Users\Alenka v říši divů\Desktop\zoek.exe Cesta k chybujícímu modulu:
C:\WINDOWS\System32\KERNELBASE.dll ID zprávy: 1df3c328-dca2-40dc-94a2-e035854d9f1a
Úplný
název chybujícího balíčku: ? ID aplikace související s chybujícím balíčkem: ?

Error - 18.05.2019 17:58:13 | Computer Name = Alenka-PC | Source = Microsoft-Windows-SpellChecker | ID = 33
Description =

Error - 19.05.2019 4:06:14 | Computer Name = Alenka-PC | Source = Microsoft-Windows-SpellChecker | ID = 33
Description =

Error - 19.05.2019 4:10:13 | Computer Name = Alenka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: zoek.exe, verze: 0.0.0.0, časové razítko:
0x00000000 Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17134.753, časové
razítko: 0x976ea24c Kód výjimky: 0xc0000409 Posun chyby: 0x00111942 ID chybujícího
procesu: 0xb70 Čas spuštění chybující aplikace: 0x01d50e1a42c96af0 Cesta k chybující
aplikaci: C:\Users\Alenka v říši divů\Desktop\zoek.exe Cesta k chybujícímu modulu:
C:\WINDOWS\System32\KERNELBASE.dll ID zprávy: eff73489-51b9-47da-bf9b-3e723a327961
Úplný
název chybujícího balíčku: ? ID aplikace související s chybujícím balíčkem: ?

Error - 19.05.2019 4:19:21 | Computer Name = Alenka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: zoek (1).exe, verze: 0.0.0.0, časové razítko:
0x00000000 Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17134.753, časové
razítko: 0x976ea24c Kód výjimky: 0xc0000409 Posun chyby: 0x00111942 ID chybujícího
procesu: 0x24d8 Čas spuštění chybující aplikace: 0x01d50e1b897f1cb8 Cesta k chybující
aplikaci: C:\Users\Alenka v říši divů\Desktop\zoek (1).exe Cesta k chybujícímu modulu:
C:\WINDOWS\System32\KERNELBASE.dll ID zprávy: b2619224-1c46-4e2e-9695-446741941532
Úplný
název chybujícího balíčku: ? ID aplikace související s chybujícím balíčkem: ?

[ System Events ]
Error - 22.05.2019 15:52:46 | Computer Name = Alenka-PC | Source = Service Control Manager | ID = 7000
Description = Služba Browser neuspěla při spuštění v důsledku následující chyby:
%%1053

Error - 22.05.2019 15:52:46 | Computer Name = Alenka-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Browser bylo dosaženo časového limitu
(30000 ms).

Error - 22.05.2019 15:52:46 | Computer Name = Alenka-PC | Source = Service Control Manager | ID = 7000
Description = Služba Browser neuspěla při spuštění v důsledku následující chyby:
%%1053

Error - 22.05.2019 15:53:22 | Computer Name = Alenka-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Browser bylo dosaženo časového limitu
(30000 ms).

Error - 22.05.2019 15:53:22 | Computer Name = Alenka-PC | Source = Service Control Manager | ID = 7000
Description = Služba Browser neuspěla při spuštění v důsledku následující chyby:
%%1053

Error - 22.05.2019 15:53:22 | Computer Name = Alenka-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Browser bylo dosaženo časového limitu
(30000 ms).

Error - 22.05.2019 15:53:22 | Computer Name = Alenka-PC | Source = Service Control Manager | ID = 7000
Description = Služba Browser neuspěla při spuštění v důsledku následující chyby:
%%1053

Error - 22.05.2019 15:53:22 | Computer Name = Alenka-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Browser bylo dosaženo časového limitu
(30000 ms).

Error - 22.05.2019 15:53:22 | Computer Name = Alenka-PC | Source = Service Control Manager | ID = 7000
Description = Služba Browser neuspěla při spuštění v důsledku následující chyby:
%%1053

Error - 22.05.2019 16:01:11 | Computer Name = Alenka-PC | Source = DCOM | ID = 10000
Description =


< End of report >

AlePet
nováček
Příspěvky: 31
Registrován: květen 19
Pohlaví: Žena

Re: Prosím o kontrolu, čínská stránka

Příspěvekod AlePet » 22 kvě 2019 22:27

Při použití Adsfix, z nějakého důvodu jsem byla upozorněna, že je zapnutý Malwarebytes, a přitom zapnutý nebyl, ani na pozadí. Kontrolovala jsem to ve Správci úloh.

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 39709
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Prosím o kontrolu, čínská stránka

Příspěvekod jaro3 » 22 kvě 2019 22:45

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {09EC426A-112F-4948-881B-825EA7BF984E}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{09EC426A-112F-4948-881B-825EA7BF984E}: "URL" = http://www.bing.com/search?q={SearchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{09EC426A-112F-4948-881B-825EA7BF984E}: "URL" = http://www.bing.com/search?q={SearchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://mystart.lenovo.com/ [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {09EC426A-112F-4948-881B-825EA7BF984E}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105 File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job /s
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Program Files\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Windows\SysNative\drivers\*.tmp
C:\Windows\SysWow64\drivers\*.tmp
C:\Program Files (x86)\*.tmp
C:\Windows\SysWow64\*.tmp
C:\Windows\SysNative\*.tmp
C:\Program Files (x86)\*.tmp

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
""=""%1" %*"

:Commands
[resethosts]
[purity]
[emptytemp]
[EMPTYFLASH]
[EMPTYJAVA]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

AlePet
nováček
Příspěvky: 31
Registrován: květen 19
Pohlaví: Žena

Re: Prosím o kontrolu, čínská stránka

Příspěvekod AlePet » 22 kvě 2019 23:17

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{09EC426A-112F-4948-881B-825EA7BF984E}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{09EC426A-112F-4948-881B-825EA7BF984E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{09EC426A-112F-4948-881B-825EA7BF984E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{09EC426A-112F-4948-881B-825EA7BF984E}\ not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully!
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel\ deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Se&nd to OneNote\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Se&nd to OneNote\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\system32\DUMP*.tmp not found.
File\Folder c:\windows\Tasks\*.job not found.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Program Files\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
File\Folder C:\Windows\SysNative\drivers\*.tmp not found.
File\Folder C:\Windows\SysWow64\drivers\*.tmp not found.
File\Folder C:\Program Files (x86)\*.tmp not found.
File\Folder C:\Windows\SysWow64\*.tmp not found.
File\Folder C:\Windows\SysNative\*.tmp not found.
File\Folder C:\Program Files (x86)\*.tmp not found.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command\\""|""%1" %*" /E : value set successfully!
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Alenka v říši divů
->Temp folder emptied: 249856 bytes
->Temporary Internet Files folder emptied: 586253 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: petre
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 235764 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1,00 mb


[EMPTYFLASH]

User: Alenka v říši divů
->Flash cache emptied: 0 bytes

User: All Users

User: Default

User: Default User

User: petre

User: Public

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: Alenka v říši divů

User: All Users

User: Default

User: Default User

User: petre

User: Public

Total Java Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 05222019_231434

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\AvLock.txt scheduled to be moved on reboot.
C:\WINDOWS\temp\ALENKA-PC-20190522-2151.log moved successfully.
C:\WINDOWS\temp\aria-debug-3132.log moved successfully.
File\Folder C:\WINDOWS\temp\officeclicktorun.exe_streamserver(20190522215110C3C).log not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 39709
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Prosím o kontrolu, čínská stránka

Příspěvekod jaro3 » 23 kvě 2019 19:29

Co ta čínská stránka?
případně vlož obrázek do přílohy příspěvku.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

AlePet
nováček
Příspěvky: 31
Registrován: květen 19
Pohlaví: Žena

Re: Prosím o kontrolu, čínská stránka

Příspěvekod AlePet » 23 kvě 2019 19:58

Stále se objevovala, ale přemýšlela jsem, čím to může být. Tak jsem si stránku otevřela a snažila se hledat nějaké vodítko. Poté jsem našla v počítači soubor ve složce uživatelů s názvem "Alenka", který jsem neznala. Smazala ho a nabídka k otevření se už neotevřela. Takže snad už dobrý.

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 39709
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Prosím o kontrolu, čínská stránka

Příspěvekod jaro3 » 23 kvě 2019 21:36

Tak to byl falešný uživatelský účet?

Stáhni si zde DelFix
Další odkazy:
https://toolslib.net/downloads/viewdownload/2-delfix/
http://ccm.net/download/download-24087-delfix
https://www.bleepingcomputer.com/download/delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7, 8 a10 musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

AlePet
nováček
Příspěvky: 31
Registrován: květen 19
Pohlaví: Žena

Re: Prosím o kontrolu, čínská stránka

Příspěvekod AlePet » 23 kvě 2019 21:45

Falešný účet ne, nějaký soubor, bohužel jsem se zapomněla podívat co za typ souboru to bylo. Každopádně problém zmizel a já děkuji za Váš čas. Moc jste mi pomohl.

# DelFix v1.013 - Logfile created 23/05/2019 at 21:42:40
# Updated 17/04/2016 by Xplode
# Username : Alenka v říši divů - ALENKA-PC
# Operating System : Windows 10 Home (64 bits)

~ Removing disinfection tools ...

Deleted : C:\_OTL
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\AdsFix
Deleted : C:\QuickDiag
Deleted : C:\AdsFix_22_05_2019_21_48_40.txt
Deleted : C:\Users\Alenka v říši divů\Desktop\Addition.txt
Deleted : C:\Users\Alenka v říši divů\Desktop\AdsFix_22_05_2019_21_48_40.txt
Deleted : C:\Users\Alenka v říši divů\Desktop\AdsFix_Donate.lnk
Deleted : C:\Users\Alenka v říši divů\Desktop\adsfix_V6_13.05.19.1.exe
Deleted : C:\Users\Alenka v říši divů\Desktop\AdwCleaner.exe
Deleted : C:\Users\Alenka v říši divů\Desktop\Extras.Txt
Deleted : C:\Users\Alenka v říši divů\Desktop\Fixlog.txt
Deleted : C:\Users\Alenka v říši divů\Desktop\frst.exe
Deleted : C:\Users\Alenka v říši divů\Desktop\JRT.exe
Deleted : C:\Users\Alenka v říši divů\Desktop\JRT.txt
Deleted : C:\Users\Alenka v říši divů\Desktop\hijackthis.exe
Deleted : C:\Users\Alenka v říši divů\Desktop\hijackthis.log
Deleted : C:\Users\Alenka v říši divů\Desktop\OTL.Txt
Deleted : C:\Users\Alenka v říši divů\Desktop\OTL.exe
Deleted : C:\Users\Alenka v říši divů\Desktop\QuickDiag.exe
Deleted : C:\Users\Alenka v říši divů\Desktop\RogueKiller_portable64.exe
Deleted : C:\Users\Alenka v říši divů\Desktop\TFC (1).exe
Deleted : C:\Users\Alenka v říši divů\Desktop\TFC.exe
Deleted : C:\Users\Alenka v říši divů\Desktop\zoek.exe
Deleted : HKCU\Software\g3n-h@ckm@n
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

~ Cleaning system restore ...

Deleted : RP #36 [Naplánovaný kontrolní bod | 04/30/2019 11:52:57]
Deleted : RP #37 [Naplánovaný kontrolní bod | 05/08/2019 19:05:34]
Deleted : RP #38 [Windows Update | 05/14/2019 19:43:43]
Deleted : RP #39 [Windows Update | 05/18/2019 08:29:43]
Deleted : RP #40 [JRT Pre-Junkware Removal | 05/18/2019 18:05:15]

New restore point created !

########## - EOF - ##########


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: CommonCrawl [Bot] a 7 hostů