Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

zpomaleny notas

Patříte mezi Vzorné návštěvníky? Pak je tato sekce pro vás.

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Zamčeno
Zpráva
Autor
korkis
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 157
Registrován: 16 zář 2007 14:37
Kontaktovat uživatele:

zpomaleny notas

#1 Příspěvek od korkis »

zdravicko,
manzelka si pravdepodobne pritahla z prace nejakou haved na USB mozna na externim hard discu, Eset na me vyplivl tohle(viz obrazek) notas je celkem zpomaleny, muzete se ji na to prosim kouknout...

Лог утилиты random's system information tool 1.10 (автор: random/random)
Run by User at 2018-10-12 23:11:53
Майкрософт Windows 8.1 для одного языка
Системный раздел C: размер 5 GB (2%) Свободно 202 GB
Total RAM: 4008 MB (29% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:12:03, on 12-10-2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe
C:\Program Files (x86)\Lenovo\Lenovo Transition\TransitionServer.exe
C:\Users\User\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe
C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvController.exe
C:\Program Files (x86)\ABBYY Lingvo x6\LvAgent.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
C:\Program Files (x86)\ABBYY Lingvo x6\LingvoCOMHelper.exe
C:\Program Files\trend micro\User.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE12DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Yoga Picks] C:\Program Files (x86)\Lenovo\Yoga Picks\Yoga Picks.exe -s
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [Lingvo Launcher] "C:\Program Files (x86)\ABBYY Lingvo x6\LvAgent.exe" /STARTUP
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [HW_OPENEYE_OUC_MegaFon | Modem] "C:\Program Files (x86)\MegaFon Modem\UpdateDog\ouc.exe"
O4 - HKCU\..\Run: [Mobile Partner] C:\Program Files (x86)\MobileWiFi\MobileWiFi
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\User\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\User\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - Startup: EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
O4 - Startup: Send to OneNote.lnk = C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
O4 - Global Startup: ISCTSystray.lnk = C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O8 - Extra context menu item: Новая заметка - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Перевести с помощью ABBYY Lingvo x&6 - res://C:\Program Files (x86)\ABBYY Lingvo x6\Lingvo.exe/3000
O8 - Extra context menu item: Скопировать закладку - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Скопировать изображение - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Скопировать эту страницу - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Сохранить выделенный фрагмент - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: sage.keysurvey2.com
O15 - ESC Trusted Zone: sage.keysurvey2.com
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://kaplanprofessional.webex.com/cl ... atgpc1.cab
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: Сервис лицензирования ABBYY Lingvo x6 (ABBYY.Licensing.Lingvo.Desktop.16.0) - ABBYY Production LLC - C:\Program Files (x86)\Common Files\ABBYY\Lingvo\16.0\Licensing\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Обновление Dropbox (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Обновление Dropbox (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Unknown owner - C:\WINDOWS\system32\DbxSvc.exe (file missing)
O23 - Service: @oem13.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Processor Participant Service Application (DptfParticipantProcessorService) - Unknown owner - C:\WINDOWS\system32\DptfParticipantProcessorService.exe (file missing)
O23 - Service: @oem13.inf,%WIN32_DPTF_POLICY_CONFIGTDP_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Config TDP Service Application (DptfPolicyConfigTDPService) - Unknown owner - C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe (file missing)
O23 - Service: @oem13.inf,%WIN32_DPTF_POLICY_CRITICAL_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Critical Service Application (DptfPolicyCriticalService) - Unknown owner - C:\WINDOWS\system32\DptfPolicyCriticalService.exe (file missing)
O23 - Service: @oem13.inf,%WIN32_DPTF_POLICY_LPM_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Low Power Mode Service Application (DptfPolicyLpmService) - Unknown owner - C:\WINDOWS\system32\DptfPolicyLpmService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service: ESET Firewall Helper (ekrnEpfw) - ESET - C:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Служба Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Служба Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Smart Connect Technology Agent (ISCTAgent) - Unknown owner - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LsvUIService - Lenovo - C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: PGService - PointGrab LTD - C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
O23 - Service: PG_Service_Launcher - PointGrab LTD - C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: Sage 50 Accounts Control v24 - Sage (UK) Ltd. - C:\Program Files (x86)\Sage\AccountsServiceV24\sg50CtrlSvc_v24.exe
O23 - Service: Sage 50 Accounts Service v24 - Sage (UK) Ltd. - C:\Program Files (x86)\Sage\AccountsServiceV24\sg50svc_v24.exe
O23 - Service: Sage AutoUpdate Manager Service v2 - Sage UK Limited - C:\Program Files (x86)\Common Files\Sage\Shared\AutoUpdateManager\v2\Sage.Central.AutoUpdateManager.Service.exe
O23 - Service: Sage SData Service - Sage (UK) Limited - C:\Program Files (x86)\Common Files\Sage SData\Sage.SData.Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ymc - Lenovo - C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
O23 - Service: YogaPicks.AppService - Unknown owner - C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 17090 bytes

======Список процессов======





wininit.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS

C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\System32\spoolsv.exe
"C:\Program Files (x86)\Common Files\ABBYY\Lingvo\16.0\Licensing\NetworkLicenseServer.exe" -service
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\system32\DptfParticipantProcessorService.exe
dashost.exe {e0ab833b-0bd3-4582-a1d6b1d53c842a2b}
C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe
C:\WINDOWS\system32\DptfPolicyCriticalService.exe
C:\WINDOWS\system32\DptfPolicyLpmService.exe
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\ProgramData\DatacardService\HWDeviceService64.exe" -/service
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe"
C:\Windows\System32\LenovoWiFiHotspotSvr.exe
"C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe"
"C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe"
"C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
"C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe" -Embedding
"C:\Program Files (x86)\Sage\AccountsServiceV24\sg50CtrlSvc_v24.exe"
"C:\Program Files (x86)\Sage\AccountsServiceV24\sg50svc_v24.exe"
"C:\Program Files (x86)\Common Files\Sage\Central\AutoUpdateClient\Sage.Central.AutoUpdateManager.Service.exe"
"C:\Program Files (x86)\Common Files\Sage\Shared\AutoUpdateManager\v2\Sage.Central.AutoUpdateManager.Service.exe"
"C:\Program Files (x86)\Common Files\Sage SData\Sage.SData.Service.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
"C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe"
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-a120be87-5e94-4d56-bce8-0f0b5eb12982 -SystemEventPortName:HostProcess-63d9c0d8-2bb7-4e1d-93be-3aa65e7e1a4c -IoCancelEventPortName:HostProcess-fdfd030f-93b5-4eaa-8ae5-7edca31aa408 -NonStateChangingEventPortName:HostProcess-d7fa831a-cff2-4f99-9b50-53e1c0dee2d9 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:e3947521-d50c-47e0-88c3-e6616201dad9 -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"

"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
taskhost.exe $(Arg0)
C:\WINDOWS\system32\DbxSvc.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
-hiberboot
taskhostex.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\WINDOWS\Explorer.EXE
igfxHK.exe
igfxTray.exe
"C:\WINDOWS\system32\igfxEM.exe" -Embedding
/QuitInfo:0000000000000D0C;0000000000000EF0;
C:\Windows\System32\skydrive.exe -Embedding
/loadhooks /Parent:00000000000030f8
taskhost.exe
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Windows\System32\DptfPolicyLpmServiceHelper.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
"C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe" AutoRun
"C:\Program Files (x86)\Lenovo\Lenovo Transition\TransitionServer.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe"
"C:\Program Files\ESET\ESET Security\egui.exe" /hide
szndesktop.exe default start
"C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe"
"C:\Users\User\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Lenovo\Yoga Picks\Yoga Picks.exe" -s
"C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" -type:crashpad-handler --no-upload-gzip --no-rate-limit --capture-python --no-identify-client-via-url --database=C:\Users\User\AppData\Local\Dropbox\Crashpad --metrics-dir=0 --url=https://d.dropbox.com/report_crashpad_minidump --https-pin=0x23,0xf2,0xed,0xff,0x3e,0xde,0x90,0x25,0x9a,0x9e,0x30,0xf4,0xa,0xf8,0xf9,0x12,0xa5,0xe5,0xb3,0x69,0x4e,0x69,0x38,0x44,0x3,0x41,0xf6,0x6,0xe,0x1,0x4f,0xfa --https-pin=0xaf,0xf9,0x88,0x90,0x6d,0xde,0x12,0x95,0x5d,0x9b,0xeb,0xbf,0x92,0x8f,0xdc,0xc3,0x1c,0xce,0x32,0x8d,0x5b,0x93,0x84,0xf2,0x1c,0x89,0x41,0xca,0x26,0xe2,0x3,0x91 --https-pin=0x5a,0x88,0x96,0x47,0x22,0xe,0x54,0xd6,0xbd,0x8a,0x16,0x81,0x72,0x24,0x52,0xb,0xb5,0xc7,0x8e,0x58,0x98,0x4b,0xd5,0x70,0x50,0x63,0x88,0xb9,0xde,0xf,0x7,0x5f --https-pin=0xfe,0xa2,0xb7,0xd6,0x45,0xfb,0xa7,0x3d,0x75,0x3c,0x1e,0xc9,0xa7,0x87,0xc,0x40,0xe1,0xf7,0xb0,0xc5,0x61,0xe9,0x27,0xb9,0x85,0xbf,0x71,0x18,0x66,0xe3,0x6f,0x22 --https-pin=0x76,0xee,0x85,0x90,0x37,0x4c,0x71,0x54,0x37,0xbb,0xca,0x6b,0xba,0x60,0x28,0xea,0xdd,0xe2,0xdc,0x6d,0xbb,0xb8,0xc3,0xf6,0x10,0xe8,0x51,0xf1,0x1d,0x1a,0xb7,0xf5 --https-pin=0x6d,0xbf,0xae,0x0,0xd3,0x7b,0x9c,0xd7,0x3f,0x8f,0xb4,0x7d,0xe6,0x59,0x17,0xaf,0x0,0xe0,0xdd,0xdf,0x42,0xdb,0xce,0xac,0x20,0xc1,0x7c,0x2,0x75,0xee,0x20,0x95 --https-pin=0x1e,0xa3,0xc5,0xe4,0x3e,0xd6,0x6c,0x2d,0xa2,0x98,0x3a,0x42,0xa4,0xa7,0x9b,0x1e,0x90,0x67,0x86,0xce,0x9f,0x1b,0x58,0x62,0x14,0x19,0xa0,0x4,0x63,0xa8,0x7d,0x38 --https-pin=0x87,0xaf,0x34,0xd6,0x6f,0xb3,0xf2,0xfd,0xf3,0x6e,0x9,0x11,0x1e,0x9a,0xba,0x2f,0x6f,0x44,0xb2,0x7,0xf3,0x86,0x3f,0x3d,0xb,0x54,0xb2,0x50,0x23,0x90,0x9a,0xa5 --https-pin=0xbc,0xfb,0x44,0xaa,0xb9,0xad,0x2,0x10,0x15,0x70,0x6b,0x41,0x21,0xea,0x76,0x1c,0x81,0xc9,0xe8,0x89,0x67,0x59,0xf,0x6f,0x94,0xae,0x74,0x4d,0xc8,0x8b,0x78,0xfb --https-pin=0xab,0x98,0x49,0x52,0x76,0xad,0xf1,0xec,0xaf,0xf2,0x8f,0x35,0xc5,0x30,0x48,0x78,0x1e,0x5c,0x17,0x18,0xda,0xb9,0xc8,0xe6,0x7a,0x50,0x4f,0x4f,0x6a,0x51,0x32,0x8f --https-pin=0x49,0x5,0x46,0x66,0x23,0xab,0x41,0x78,0xbe,0x92,0xac,0x5c,0xbd,0x65,0x84,0xf7,0xa1,0xe1,0x7f,0x27,0x65,0x2d,0x5a,0x85,0xaf,0x89,0x50,0x4e,0xa2,0x39,0xaa,0xaa --https-pin=0x56,0x32,0xd9,0x7b,0xfa,0x77,0x5b,0xf3,0xc9,0x9d,0xde,0xa5,0x2f,0xc2,0x55,0x34,0x10,0x86,0x40,0x16,0x72,0x9c,0x52,0xdd,0x65,0x24,0xc8,0xa9,0xc3,0xb4,0x48,0x9f --https-pin=0x2a,0x8f,0x2d,0x8a,0xf0,0xeb,0x12,0x38,0x98,0xf7,0x4c,0x86,0x6a,0xc3,0xfa,0x66,0x90,0x54,0xe2,0x3c,0x17,0xbc,0x7a,0x95,0xbd,0x2,0x34,0x19,0x2d,0xc6,0x35,0xd0 --https-pin=0x32,0xb6,0x4b,0x66,0x72,0x7a,0x20,0x63,0xe4,0x6,0x6f,0x3b,0x95,0x8c,0xb0,0xaa,0xee,0x57,0x6a,0x5e,0xce,0xfd,0x95,0x33,0x99,0xbb,0x88,0x74,0x73,0x1d,0x95,0x87 --https-pin=0xf5,0x3c,0x22,0x5,0x98,0x17,0xdd,0x96,0xf4,0x0,0x65,0x16,0x39,0xd2,0xf8,0x57,0xe2,0x10,0x70,0xa5,0x9a,0xbe,0xd9,0x7,0x94,0x0,0xd9,0xf6,0x95,0x50,0x69,0x0 --https-pin=0x67,0xdc,0x4f,0x32,0xfa,0x10,0xe7,0xd0,0x1a,0x79,0xa0,0x73,0xaa,0xc,0x9e,0x2,0x12,0xec,0x2f,0xfc,0x3d,0x77,0x9e,0xa,0xa7,0xf9,0xc0,0xf0,0xe1,0xc2,0xc8,0x93 --https-pin=0x19,0x6,0xc6,0x12,0x4d,0xbb,0x43,0x85,0x78,0xd0,0xe,0x6,0x6d,0x50,0x54,0xc6,0xc3,0x7f,0xf,0xa6,0x2,0x8c,0x5,0x54,0x5e,0x9,0x94,0xed,0xda,0xec,0x86,0x29 --https-pin=0x1d,0x75,0xd0,0x83,0x1b,0x9e,0x8,0x85,0x39,0x4d,0x32,0xc7,0xa1,0xbf,0xdb,0x3d,0xbc,0x1c,0x28,0xe2,0xb0,0xe8,0x39,0x1f,0xb1,0x35,0x98,0x1d,0xbc,0x5b,0xa9,0x36 --annotation=buildno=Dropbox-win-59.4.93 --annotation=client_session_id=e08e85ff-7023-4b77-ad57-cb20893a3540 --annotation=host_int_account1_boot=4813439260 --annotation=machine_id=91d8eb91-4bec-4bf1-ad2b-25706ea1b4f1 --annotation=platform=win --annotation=platform_version=8.1 --initial-client-data=0x12c,0x130,0x134,0x128,0x138,0x63c00da4,0x63c00db4,0x63c00dc4
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" -type:exit-monitor -session-token:e08e85ff-7023-4b77-ad57-cb20893a3540 -target-handle:284 -target-shutdown-event:312 -target-restart-event:296 "-target-command-line:\"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe\" /systemstartup" -python-version:3.5.4 -method:collectupload -handler-pipe:\\.\pipe\crashpad_12928_XQVESBFLGTXUBFVO
"C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe" /AutoRun
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="13372.0.1395101058\464772231" -parentBuildID 20181001155545 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - "C:\Users\User\AppData\LocalLow\Mozilla\Temp-{146ece9f-f852-4c2e-9081-e6294535ebdd}" 13372 "\\.\pipe\gecko-crash-server-pipe.13372" 1188 gpu
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="13372.13.1916625288\595218223" -childID 2 -isForBrowser -prefsHandle 1784 -prefsLen 28383 -schedulerPrefs 0001,2 -parentBuildID 20181001155545 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 13372 "\\.\pipe\gecko-crash-server-pipe.13372" 1800 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="13372.20.1587621262\447401243" -childID 3 -isForBrowser -prefsHandle 2320 -prefsLen 28383 -schedulerPrefs 0001,2 -parentBuildID 20181001155545 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 13372 "\\.\pipe\gecko-crash-server-pipe.13372" 2332 tab
"C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvController.exe" -run
"C:\Program Files (x86)\ABBYY Lingvo x6\LvAgent.exe" /STARTUP
"C:\Program Files (x86)\ABBYY Lingvo x6\LvAgent64.exe"
C:\WINDOWS\system32\WLANExt.exe 365202297248
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe" -Embedding
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVShNotify.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVShNotify.exe"
"C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE" sr
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="13372.48.711789150\1892986388" -childID 7 -isForBrowser -prefsHandle 4860 -prefsLen 32865 -schedulerPrefs 0001,2 -parentBuildID 20181001155545 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 13372 "\\.\pipe\gecko-crash-server-pipe.13372" 5680 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="13372.55.742961913\11845759" -childID 8 -isForBrowser -prefsHandle 5604 -prefsLen 32865 -schedulerPrefs 0001,2 -parentBuildID 20181001155545 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 13372 "\\.\pipe\gecko-crash-server-pipe.13372" 5212 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="13372.62.719166742\1334904681" -childID 9 -isForBrowser -prefsHandle 5068 -prefsLen 32865 -schedulerPrefs 0001,2 -parentBuildID 20181001155545 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 13372 "\\.\pipe\gecko-crash-server-pipe.13372" 3512 tab
C:\WINDOWS\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-0f51e882-bc0b-4983-937c-faccd1990231 -SystemEventPortName:HostProcess-38d312fc-6955-4564-a8c9-3ff4ee0adfb9 -IoCancelEventPortName:HostProcess-e86f75f4-108b-4cec-821b-7523d517e702 -NonStateChangingEventPortName:HostProcess-efaebe19-a2ca-45af-afb2-a9624b898c1d -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:a0978326-c1a7-48da-9164-5da2a3a32c9f -DeviceGroupId:WpdFsGroup
"C:\Program Files\Greenshot\Greenshot.exe"
"C:\Program Files (x86)\ABBYY Lingvo x6\LingvoCOMHelper.exe" -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\User\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\User\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\User\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=69.0.3497.100 --initial-client-data=0x11c,0x120,0x124,0x118,0x128,0x7ffe7fb154d0,0x7ffe7fb154e0,0x7ffe7fb154f0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=10452 --on-initialized-event-handle=468 --parent-handle=472 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1284,13676697011166977672,13458012366165540074,131072 --gpu-preferences=KAAAAAAAAACAAwBAAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=5960062827339577795 --mojo-platform-channel-handle=1296 --ignored=" --type=renderer " /prefetch:2
"C:\Users\User\AppData\Local\Google\Chrome\User Data\SwReporter\30.160.202\software_reporter_tool.exe" --engine=2 --session-id=MRrdhzuPOWjwZMeT6AxWDiaSh03Y0efS4+pinv/R --registry-suffix=ESET
"c:\users\user\appdata\local\google\chrome\user data\swreporter\30.160.202\software_reporter_tool.exe" --crash-handler "--database=c:\users\user\appdata\local\Google\Software Reporter Tool" --url=https://clients2.google.com/cr/report --annotation=plat=Win32 --annotation=prod=ChromeFoil --annotation=ver=30.160.202 --initial-client-data=0x18c,0x184,0x190,0x188,0x194,0x7ff6620da9e8,0x7ff6620da9f8,0x7ff6620daa08
"c:\users\user\appdata\local\google\chrome\user data\swreporter\30.160.202\software_reporter_tool.exe" --use-crash-handler-with-id="\\.\pipe\crashpad_11268_ZZTFNXRZLMJHOIOV" --sandboxed-process-id=2 --sandbox-mojo-pipe-token=BFD8A95FAE52E3FE150262016604851D --mojo-platform-channel-handle=412 --engine=2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1284,13676697011166977672,13458012366165540074,131072 --service-pipe-token=3263737729906586214 --lang=ru --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=2.5 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=3263737729906586214 --renderer-client-id=10 --mojo-platform-channel-handle=3220 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1284,13676697011166977672,13458012366165540074,131072 --service-pipe-token=11555684652796338107 --lang=ru --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=2.5 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=11555684652796338107 --renderer-client-id=20 --mojo-platform-channel-handle=3096 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1284,13676697011166977672,13458012366165540074,131072 --service-pipe-token=3357235032020462777 --lang=ru --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=2.5 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=3357235032020462777 --renderer-client-id=29 --mojo-platform-channel-handle=2884 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe76_ Global\UsGthrCtrlFltPipeMssGthrPipe76 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 572 576 584 65536 580
"C:\Users\User\Desktop\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Папка назначеных зданий======

C:\WINDOWS\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Přílohy
2018-10-12 23_28_55-essssssssssssset - Word.jpg
2018-10-12 23_28_55-essssssssssssset - Word.jpg (41.03 KiB) Zobrazeno 4480 x

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118197
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: zpomaleny notas

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

korkis
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 157
Registrován: 16 zář 2007 14:37
Kontaktovat uživatele:

Re: zpomaleny notas

#3 Příspěvek od korkis »

# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-10-12.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-13-2018
# Duration: 00:00:02
# OS: Windows 8.1 Single Language
# Cleaned: 39
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\Pokki
Deleted C:\Users\Public\Pokki
Deleted C:\Users\User\AppData\Local\Nichrome

***** [ Files ] *****

Deleted C:\Windows\SysWOW64\VisualDiscovery.ini
Deleted C:\Windows\System32\VisualDiscoveryOff.ini
Deleted C:\Windows\SysWOW64\VisualDiscoveryOff.ini

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Classes\pokki
Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\TBDEn|SBOEM0
Deleted HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDWFP
Deleted HKLM\Software\Wow6432Node\CLASSES\APPID\VISUALDISCOVERY.EXE
Deleted HKLM\SOFTWARE\CLASSES\APPID\VISUALDISCOVERY.EXE
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{EBF4B60F-A863-426F-BE6F-5DFE83BC574F}
Deleted HKLM\Software\Classes\Interface\{EBF4B60F-A863-426F-BE6F-5DFE83BC574F}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{EA4AD895-2A7F-430E-B973-DEE6C4E743A9}
Deleted HKLM\Software\Classes\Interface\{EA4AD895-2A7F-430E-B973-DEE6C4E743A9}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{C1F9CFCE-A7DC-4072-8B31-1DEA57004C86}
Deleted HKLM\Software\Classes\Interface\{C1F9CFCE-A7DC-4072-8B31-1DEA57004C86}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{8128586C-DF69-4266-873F-CF4C6F705A7C}
Deleted HKLM\Software\Classes\Interface\{8128586C-DF69-4266-873F-CF4C6F705A7C}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{79FBDBEA-A722-4ABD-BEC0-B7D463F6BA0E}
Deleted HKLM\Software\Classes\Interface\{79FBDBEA-A722-4ABD-BEC0-B7D463F6BA0E}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{617E26CE-E6E1-4C75-A68A-A001F2B98491}
Deleted HKLM\Software\Classes\Interface\{617E26CE-E6E1-4C75-A68A-A001F2B98491}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{5D7F05E3-075A-43AF-8BC7-21E2F7F38845}
Deleted HKLM\Software\Classes\Interface\{5D7F05E3-075A-43AF-8BC7-21E2F7F38845}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{2E5FA7B4-61A2-4662-BBCE-62BBB20FC649}
Deleted HKLM\Software\Classes\Interface\{2E5FA7B4-61A2-4662-BBCE-62BBB20FC649}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{CB6BF8B6-E12B-42FA-A478-91BCCDE475DC}
Deleted HKLM\Software\Classes\TypeLib\{CB6BF8B6-E12B-42FA-A478-91BCCDE475DC}
Deleted HKLM\Software\Wow6432Node\VisualDiscovery
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Deleted HKLM\Software\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Deleted HKLM\Software\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Deleted HKLM\Software\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [5051 octets] - [13/10/2018 18:30:48]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118197
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: zpomaleny notas

#4 Příspěvek od Rudy »

Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

korkis
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 157
Registrován: 16 zář 2007 14:37
Kontaktovat uživatele:

Re: zpomaleny notas

#5 Příspěvek od korkis »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10.10.2018
Ran by User (administrator) on LENOVO-PC (13-10-2018 19:45:05)
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available Profiles: User)
Platform: Windows 8.1 Single Language (Update) (X64) Language: Русский (Россия)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ABBYY Production LLC) C:\Program Files (x86)\Common Files\ABBYY\Lingvo\16.0\Licensing\NetworkLicenseServer.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(LENOVO INCORPORATED.) C:\Program Files\lenovo\iMController\SystemAgentService.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe
(Sage (UK) Ltd.) C:\Program Files (x86)\Sage\AccountsServiceV24\sg50CtrlSvc_v24.exe
(Sage (UK) Ltd.) C:\Program Files (x86)\Sage\AccountsServiceV24\sg50svc_v24.exe
(Microsoft) C:\Program Files (x86)\Common Files\Sage\Central\AutoUpdateClient\Sage.Central.AutoUpdateManager.Service.exe
(Sage UK Limited) C:\Program Files (x86)\Common Files\Sage\Shared\AutoUpdateManager\v2\Sage.Central.AutoUpdateManager.Service.exe
(Sage (UK) Limited) C:\Program Files (x86)\Common Files\Sage SData\Sage.SData.Service.exe
(Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
() C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
() C:\Program Files (x86)\Lenovo\Lenovo Transition\TransitionServer.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Users\User\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
() C:\Users\User\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Yoga Picks\Yoga Picks.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvController.exe
(ABBYY) C:\Program Files (x86)\ABBYY Lingvo x6\LvAgent.exe
(ABBYY) C:\Program Files (x86)\ABBYY Lingvo x6\LvAgent64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13656792 2013-10-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1353432 2013-09-26] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [111976 2013-08-02] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [AutoStartTransition] => C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe [294672 2014-08-30] ()
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [59923440 2014-08-30] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-08-30] (Lenovo(beijing) Limited)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [540672 2015-04-19] (Greenshot)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [177928 2018-09-21] (ESET)
HKLM-x32\...\Run: [Yoga Picks] => C:\Program Files (x86)\Lenovo\Yoga Picks\Yoga Picks.exe [119280 2014-01-06] (Lenovo)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3784512 2018-10-09] (Dropbox, Inc.)
HKLM-x32\...\Run: [Lingvo Launcher] => C:\Program Files (x86)\ABBYY Lingvo x6\LvAgent.exe [773512 2014-11-25] (ABBYY)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53282944 2015-06-29] (Skype Technologies S.A.)
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\Run: [HW_OPENEYE_OUC_MegaFon | Modem] => "C:\Program Files (x86)\MegaFon Modem\UpdateDog\ouc.exe"
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\Run: [Mobile Partner] => C:\Program Files (x86)\MobileWiFi\MobileWiFi.exe [62816 2011-04-20] ()
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\User\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] ()
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\User\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] ()
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\MountPoints2: {03fa1958-a598-11e5-8283-28b2bd4e1d94} - "E:\AutoRun.exe"
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\MountPoints2: {26c9e3b4-350d-11e5-825b-28b2bd4e1d98} - "G:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\MountPoints2: {39fc2e68-0d0e-11e6-8297-28b2bd4e1d98} - "E:\AutoRun.exe"
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\MountPoints2: {718f40cd-a050-11e8-82eb-28b2bd4e1d98} - "E:\AutoRun.exe"
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\MountPoints2: {718f42fe-a050-11e8-82eb-28b2bd4e1d98} - "E:\AutoRun.exe"
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\MountPoints2: {79913721-0815-11e7-82b1-28b2bd4e1d94} - "E:\AutoRun.exe"
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\MountPoints2: {79913757-0815-11e7-82b1-28b2bd4e1d94} - "E:\AutoRun.exe"
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\MountPoints2: {8412b1e4-eca4-11e7-82d6-28b2bd4e1d98} - "F:\AutoRun.exe"
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\MountPoints2: {8b711e56-0811-11e7-82ae-28b2bd4e1d98} - "E:\AutoRun.exe"
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\MountPoints2: {8cf0d810-e770-11e7-82d6-28b2bd4e1d98} - "E:\AutoRun.exe"
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\MountPoints2: {8cf0f229-e770-11e7-82d6-28b2bd4e1d98} - "G:\AutoRun.exe"
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\MountPoints2: {9065f563-59a9-11e7-82bb-28b2bd4e1d98} - "E:\AutoRun.exe"
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\MountPoints2: {b8e11b6c-a599-11e5-8284-28b2bd4e1d98} - "E:\AutoRun.exe"
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\MountPoints2: {cb40f53b-2d5a-11e5-825a-28b2bd4e1d98} - "E:\AutoRun.exe"
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\MountPoints2: {cb40f551-2d5a-11e5-825a-28b2bd4e1d98} - "E:\AutoRun.exe"
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\MountPoints2: {d6e06fdf-f6d1-11e6-82ad-28b2bd4e1d98} - "E:\AutoRun.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk [2014-08-30]
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2015-10-05]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2018-07-02]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{262C7014-838A-4A00-8943-A22692A760C0}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{674585E2-6DB3-46E0-88DD-9022875695F0}: [DhcpNameServer] 150.201.1.2
Tcpip\..\Interfaces\{DF763CD4-2C62-480C-88BC-BD73740C47AC}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3240854412-3608332257-3228819990-1001 -> DefaultScope {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = hxxps://yandex.ru/search/?text={searchTerms}&clid=2261464
SearchScopes: HKU\S-1-5-21-3240854412-3608332257-3228819990-1001 -> {16BE8AE9-90EB-414C-8E02-8228D8FF4072} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-3240854412-3608332257-3228819990-1001 -> {3D4598C0-844F-4714-814E-9B475B804867} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3240854412-3608332257-3228819990-1001 -> {67988789-4935-4DDE-8AA0-86F70C52714E} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-3240854412-3608332257-3228819990-1001 -> {795564A3-B758-4504-A796-BE2E885D3F29} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3240854412-3608332257-3228819990-1001 -> {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = hxxps://yandex.ru/search/?text={searchTerms}&clid=2261464
SearchScopes: HKU\S-1-5-21-3240854412-3608332257-3228819990-1001 -> {8F304FA2-CD41-4A6A-8676-17EA69084A58} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3240854412-3608332257-3228819990-1001 -> {9D845832-CD82-46EF-9C4B-113CD5885147} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3240854412-3608332257-3228819990-1001 -> {B6BE0CC7-F890-4849-A63E-0D3D960B6A40} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3240854412-3608332257-3228819990-1001 -> {D798CA1E-89A6-4420-BFA9-F39A9938FE48} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-3240854412-3608332257-3228819990-1001 -> {E72989D1-7BD1-4520-8491-6D8F838BE8E5} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-10-13] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-18] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-18] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-18] (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2016-03-25] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-18] (Oracle Corporation)
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} hxxps://kaplanprofessional.webex.com/client/WBXclient-31.14.3-30/nbr/ieatgpc1.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-04] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-04] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-04] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-04] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\bgn6i82o.default-1444330943552 [2018-10-13]
FF Homepage: Mozilla\Firefox\Profiles\bgn6i82o.default-1444330943552 -> hxxps://www.mozilla.org/en-GB/firefox/new/?utm_ ... m=referral
FF Extension: (YouTube Video and Audio Downloader) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\bgn6i82o.default-1444330943552\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2017-05-20] [Legacy]
FF Extension: (1-Click YouTube Video Downloader) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\bgn6i82o.default-1444330943552\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2018-08-10]
FF Extension: (No Name) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\bgn6i82o.default-1444330943552\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}.xpi [2018-01-18]
FF Extension: (YouTube Video and Audio Downloader (Dev Edt.)) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\bgn6i82o.default-1444330943552\Extensions\{f73df109-8fb4-453e-8373-f59e61ca4da3}.xpi [2018-09-10]
FF Extension: (Telemetry coverage) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\bgn6i82o.default-1444330943552\features\{22c73728-61fe-4790-be58-b5fa9fe601d6}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-10-12] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_31_0_0_122.dll [2018-10-10] ()
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-18] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40620.0\npctrl.dll [2015-06-19] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_122.dll [2018-10-10] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-18] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40620.0\npctrl.dll [2015-06-19] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-07] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-10-06] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR NewTab: Default -> Active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTab.html", Not-active:"chrome-extension://blmojkbhnkkphngknkmgccmlenfaelkd/speeddial/html/newTab.html"
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2018-10-13]
CHR Extension: (Seznam doplněk - Email) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-10-13]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2018-10-13]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2017-08-21]
CHR Extension: (Платежная система Интернет-магазина Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-11]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-10-13]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-13]
CHR HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [blmojkbhnkkphngknkmgccmlenfaelkd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
OPR Extension: (SaveFrom.net helper) - C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\npdpplbicnmpoigidfdjadamgfkilaak [2015-08-23]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.Lingvo.Desktop.16.0; C:\Program Files (x86)\Common Files\ABBYY\Lingvo\16.0\Licensing\NetworkLicenseServer.exe [1045712 2014-10-02] (ABBYY Production LLC)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9677088 2018-09-29] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-13] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-13] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2018-10-09] (Dropbox, Inc.)
R2 DptfParticipantProcessorService; C:\WINDOWS\system32\DptfParticipantProcessorService.exe [115632 2013-08-02] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe [116656 2013-08-02] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\WINDOWS\system32\DptfPolicyCriticalService.exe [148688 2013-08-02] (Intel Corporation)
R2 DptfPolicyLpmService; C:\WINDOWS\system32\DptfPolicyLpmService.exe [124880 2013-08-02] (Intel Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2260144 2018-09-21] (ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2260144 2018-09-21] (ESET)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [282096 2014-04-15] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-11-07] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-21] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-08-30] (Lenovo(beijing) Limited)
R2 LsvUIService; C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe [70416 2014-08-30] (Lenovo)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-17] ()
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [167176 2014-02-24] (PointGrab LTD)
R2 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [512776 2014-02-24] (PointGrab LTD)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [288472 2013-09-13] (Realtek Semiconductor)
R2 Sage 50 Accounts Control v24; C:\Program Files (x86)\Sage\AccountsServiceV24\sg50CtrlSvc_v24.exe [2707456 2017-08-11] (Sage (UK) Ltd.) [File not signed]
R2 Sage 50 Accounts Service v24; C:\Program Files (x86)\Sage\AccountsServiceV24\sg50svc_v24.exe [4506624 2017-08-11] (Sage (UK) Ltd.) [File not signed]
R2 Sage AutoUpdate Manager Service; C:\Program Files (x86)\Common Files\Sage\Central\AutoUpdateClient\Sage.Central.AutoUpdateManager.Service.exe [8192 2013-06-04] (Microsoft) [File not signed]
R2 Sage AutoUpdate Manager Service v2; C:\Program Files (x86)\Common Files\Sage\Shared\AutoUpdateManager\v2\Sage.Central.AutoUpdateManager.Service.exe [8192 2016-10-26] (Sage UK Limited) [File not signed]
R2 Sage SData Service; C:\Program Files (x86)\Common Files\Sage SData\Sage.SData.Service.exe [43008 2017-06-30] (Sage (UK) Limited) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [34576 2014-08-30] (Lenovo)
R2 YogaPicks.AppService; C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe [19440 2014-01-06] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-01-17] (Intel® Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AX88772; C:\WINDOWS\system32\DRIVERS\ax88772.sys [113864 2013-07-18] (ASIX Electronics Corp.)
R3 btmaux; C:\WINDOWS\system32\DRIVERS\btmaux.sys [140600 2014-03-26] (Motorola Solutions, Inc.)
R3 btmhsf; C:\WINDOWS\system32\DRIVERS\btmhsf.sys [1424184 2014-04-22] (Motorola Solutions, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 DptfDevPch; C:\WINDOWS\system32\DRIVERS\DptfDevPch.sys [114680 2013-08-02] (Intel Corporation)
R3 DptfDevProc; C:\WINDOWS\system32\DRIVERS\DptfDevProc.sys [287160 2013-08-02] (Intel Corporation)
R3 DptfManager; C:\WINDOWS\system32\DRIVERS\DptfManager.sys [494272 2013-08-02] (Intel Corporation)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [141512 2018-09-21] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [109232 2018-09-21] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15872 2018-02-19] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [188824 2018-09-21] (ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50144 2018-09-21] (ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [82304 2018-09-21] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [109864 2018-09-21] (ESET)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [192456 2014-05-09] (Intel Corporation)
R3 ikbevent; C:\WINDOWS\system32\DRIVERS\ikbevent.sys [21408 2013-08-08] ()
R3 imsevent; C:\WINDOWS\system32\DRIVERS\imsevent.sys [21920 2013-08-08] ()
R3 INETMON; C:\WINDOWS\System32\Drivers\INETMON.sys [29088 2013-08-07] ()
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46568 2013-08-07] ()
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation)
R3 NETwNb64; C:\WINDOWS\system32\DRIVERS\Netwbw02.sys [3443680 2014-06-01] (Intel Corporation)
S3 NETwNe64; C:\WINDOWS\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 SensorsServiceDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-29] (Synaptics Incorporated)
R3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv_x64.sys [1527712 2013-12-31] (Sunplus)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
S3 dbx; system32\DRIVERS\dbx.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-13 19:45 - 2018-10-13 19:45 - 000032926 _____ C:\Users\User\Desktop\FRST.txt
2018-10-13 19:45 - 2018-10-13 19:45 - 000000000 ____D C:\FRST
2018-10-13 19:43 - 2018-10-13 19:43 - 002414592 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2018-10-13 18:29 - 2018-10-13 18:31 - 000000000 ____D C:\AdwCleaner
2018-10-13 18:24 - 2018-10-13 18:24 - 007592144 _____ (Malwarebytes) C:\Users\User\Desktop\adwcleaner_7.2.4.0.exe
2018-10-13 10:14 - 2018-10-13 10:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2018-10-12 23:11 - 2018-10-12 23:12 - 000000000 ____D C:\rsit
2018-10-12 23:11 - 2018-10-12 23:12 - 000000000 ____D C:\Program Files\trend micro
2018-10-12 23:10 - 2018-10-12 23:10 - 001222144 _____ C:\Users\User\Desktop\RSITx64.exe
2018-10-12 00:13 - 2018-10-12 00:27 - 000000000 ____D C:\Users\User\Desktop\Advanced Excel Exercises
2018-10-12 00:10 - 2018-10-12 00:13 - 000066349 _____ C:\Users\User\Desktop\Advanced excel slides.pptx
2018-10-10 23:39 - 2018-10-10 23:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-10-09 12:53 - 2018-10-09 12:53 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2018-10-09 12:53 - 2018-10-09 12:53 - 000050232 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2018-10-09 12:53 - 2018-10-09 12:53 - 000050232 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2018-10-09 12:53 - 2018-10-09 12:53 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2018-10-04 10:06 - 2018-10-04 10:06 - 000406379 _____ C:\Users\User\Downloads\Scan 4 Oct 2018.pdf
2018-09-30 18:37 - 2018-09-30 18:37 - 001938786 _____ C:\Users\User\Downloads\Karel Korytak PRC.pdf
2018-09-30 18:33 - 2018-09-30 18:33 - 000859568 _____ C:\Users\User\Downloads\For Ekaterina to sign.pdf
2018-09-30 18:33 - 2018-09-30 18:33 - 000607668 _____ C:\Users\User\Downloads\For Karel to sign.pdf
2018-09-23 19:39 - 2018-09-23 19:39 - 000257104 _____ C:\Users\User\Downloads\d5e9f49c189eb8600e848fc87c7667cb.pdf
2018-09-23 19:38 - 2018-09-23 19:38 - 000257085 _____ C:\Users\User\Downloads\760175ebe7ff5e42f8679cfbd15df515.pdf
2018-09-23 15:33 - 2018-10-11 21:23 - 000000000 ____D C:\Users\User\Documents\ГОЛОС
2018-09-21 09:27 - 2018-09-21 09:27 - 000001930 _____ C:\Users\Public\Desktop\ESET Banking & Payment protection.lnk
2018-09-21 09:26 - 2018-09-21 09:26 - 000000000 ____D C:\Users\Все пользователи\ESET
2018-09-21 09:26 - 2018-09-21 09:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2018-09-21 09:26 - 2018-09-21 09:26 - 000000000 ____D C:\ProgramData\ESET
2018-09-21 09:26 - 2018-09-21 09:26 - 000000000 ____D C:\Program Files\ESET
2018-09-14 07:57 - 2018-09-14 07:57 - 008053271 _____ C:\Users\User\Documents\Skills – Self Development [Autosaved].pptx
2018-09-13 10:48 - 2018-09-13 10:59 - 719049788 _____ C:\Users\User\Downloads\split_1509905436.zip

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-13 19:44 - 2014-08-31 08:45 - 000797718 _____ C:\WINDOWS\system32\perfh019.dat
2018-10-13 19:44 - 2014-08-31 08:45 - 000165046 _____ C:\WINDOWS\system32\perfc019.dat
2018-10-13 19:44 - 2014-03-18 10:53 - 001811630 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-10-13 19:44 - 2013-08-22 14:36 - 000000000 ____D C:\WINDOWS\Inf
2018-10-13 19:42 - 2017-06-24 11:32 - 000000000 ____D C:\Users\User\AppData\Roaming\Seznam.cz
2018-10-13 19:42 - 2015-07-18 15:46 - 000003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3240854412-3608332257-3228819990-1001
2018-10-13 18:35 - 2015-07-18 15:48 - 000003948 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4EEA4EF6-FA22-47B2-8B67-5D2787C05E39}
2018-10-13 18:32 - 2015-07-22 17:46 - 000000000 ____D C:\Users\User\AppData\Roaming\Skype
2018-10-13 18:31 - 2016-11-18 15:53 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-10-13 18:31 - 2015-12-13 15:28 - 000001112 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2018-10-13 18:31 - 2015-08-23 09:28 - 000000000 ___RD C:\Users\User\OneDrive
2018-10-13 18:31 - 2015-07-18 16:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-10-13 18:31 - 2013-08-22 15:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-10-13 18:31 - 2013-08-22 14:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2018-10-13 12:04 - 2015-12-13 15:28 - 000001116 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2018-10-13 10:15 - 2013-08-22 16:36 - 000000000 ____D C:\Users\Все пользователи\regid.1991-06.com.microsoft
2018-10-13 10:15 - 2013-08-22 16:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-10-13 10:14 - 2018-09-07 08:07 - 000002349 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-10-13 10:14 - 2016-01-30 23:17 - 000002407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-10-13 10:14 - 2016-01-30 23:17 - 000002406 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-10-13 10:14 - 2016-01-30 23:17 - 000002370 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-10-13 10:14 - 2016-01-30 23:17 - 000002369 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-10-13 10:14 - 2016-01-30 23:17 - 000002363 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-10-13 10:14 - 2016-01-30 23:17 - 000002357 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-10-13 10:13 - 2015-08-17 20:15 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-10-13 08:52 - 2016-11-24 07:53 - 000000000 ____D C:\Users\User\AppData\LocalLow\Mozilla
2018-10-12 23:30 - 2015-09-27 20:03 - 000000000 ____D C:\FFOutput
2018-10-12 09:13 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-10-12 00:32 - 2018-02-10 15:11 - 000000000 ____D C:\Users\User\Documents\SELF-DEVELOPMENT
2018-10-12 00:32 - 2015-07-18 15:41 - 000000000 ____D C:\Users\User\AppData\Local\Packages
2018-10-10 23:42 - 2015-07-18 16:15 - 000004476 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-10-10 23:41 - 2015-07-18 16:14 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-10-10 23:39 - 2015-12-13 15:28 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-10-10 08:34 - 2018-03-13 15:41 - 000004528 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-10-10 08:34 - 2015-10-24 13:49 - 000004354 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2018-10-10 08:34 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-10-10 08:34 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-10-09 08:03 - 2015-07-23 23:38 - 000000000 ____D C:\Users\User\AppData\Local\CrashDumps
2018-10-07 11:30 - 2015-12-13 11:04 - 000000000 ____D C:\Users\User\AppData\Local\ElevatedDiagnostics
2018-10-06 10:59 - 2015-10-03 15:16 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-09-30 22:43 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-09-30 20:28 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-09-23 14:52 - 2018-02-10 15:14 - 000000000 ____D C:\Users\User\Documents\PLANNING
2018-09-23 12:47 - 2017-07-19 06:21 - 000003172 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3240854412-3608332257-3228819990-1001
2018-09-23 12:46 - 2016-04-18 18:54 - 000002358 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive для бизнеса.lnk
2018-09-21 21:59 - 2015-12-13 15:28 - 000004088 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2018-09-21 21:59 - 2015-12-13 15:28 - 000003852 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2018-09-21 09:27 - 2017-04-25 13:19 - 000188824 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2018-09-21 09:27 - 2017-04-25 13:19 - 000141512 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2018-09-21 09:27 - 2017-04-25 13:19 - 000109864 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2018-09-21 09:27 - 2017-04-25 13:19 - 000109232 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2018-09-21 09:27 - 2017-04-25 13:19 - 000082304 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2018-09-21 09:27 - 2017-04-25 13:19 - 000050144 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2018-09-18 20:07 - 2013-08-22 16:36 - 000000000 ___HD C:\Program Files\WindowsApps
2018-09-18 19:55 - 2015-07-18 16:01 - 000002211 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-09-18 19:55 - 2015-07-18 16:01 - 000002170 _____ C:\Users\Public\Desktop\Google Chrome.lnk

==================== Files in the root of some directories =======

2015-07-26 14:06 - 2015-07-26 14:06 - 000000917 _____ () C:\Users\User\AppData\Local\recently-used.xbel

Some files in TEMP:
====================
2018-10-11 08:29 - 2018-10-11 08:31 - 066971904 _____ (Free Time Co., Ltd) C:\Users\User\AppData\Local\Temp\FFSetup4.4.0.0.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-10-13 10:15

==================== End of FRST.txt ============================

korkis
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 157
Registrován: 16 zář 2007 14:37
Kontaktovat uživatele:

Re: zpomaleny notas

#6 Příspěvek od korkis »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10.10.2018
Ran by User (13-10-2018 19:45:33)
Running from C:\Users\User\Desktop
Windows 8.1 Single Language (Update) (X64) (2015-07-18 14:40:57)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

User (S-1-5-21-3240854412-3608332257-3228819990-1001 - Administrator - Enabled) => C:\Users\User
Администратор (S-1-5-21-3240854412-3608332257-3228819990-500 - Administrator - Disabled)
Гость (S-1-5-21-3240854412-3608332257-3228819990-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_SharePointDesigner_{3EC77D26-799B-4CD8-914F-C1565E796173}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-040C-0000-0000000FF1CE}_SharePointDesigner_{430971B1-C31E-45DA-81E0-72C095BAB72C}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-0C0A-0000-0000000FF1CE}_SharePointDesigner_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_SharePointDesigner_{00C5525B-3CB3-467D-8100-2E6FB306CD86}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-002A-0409-1000-0000000FF1CE}_SharePointDesigner_{FAD8A83E-9BAC-4179-9268-A35948034D85}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_SharePointDesigner_{FAD8A83E-9BAC-4179-9268-A35948034D85}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0115-0409-0000-0000000FF1CE}_SharePointDesigner_{FAD8A83E-9BAC-4179-9268-A35948034D85}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0116-0409-1000-0000000FF1CE}_SharePointDesigner_{FAD8A83E-9BAC-4179-9268-A35948034D85}) (Version: - Microsoft) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ABBYY Lingvo x6 (HKLM-x32\...\{A1600000-0000-0000-0000-074957833700}) (Version: 16.0.89 - ABBYY)
Adobe Acrobat Reader DC - Russian (HKLM-x32\...\{AC76BA86-7AD7-1049-7B44-AC0F074E4100}) (Version: 19.008.20074 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.180 - Adobe Systems Incorporated)
Adobe Connect (HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\Adobe Connect App) (Version: 11.9.985.57 - Adobe Systems Inc.)
Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.122 - Adobe Systems Incorporated)
AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.60.1497, 15.07.2015 - AIMP DevTeam)
Anki (HKLM-x32\...\Anki) (Version: - )
Audacity 2.2.1 (HKLM-x32\...\Audacity_is1) (Version: 2.2.1 - Audacity Team)
BwgBurn Version 0.7.0 (HKLM-x32\...\{52512614-1026-4E91-8208-FA9B80B62C1A}) (Version: 0.7.0 - BwgSoftware)
Canon MP495 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP495_series) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - Название организации) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.38.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Dropbox (HKLM-x32\...\Dropbox) (Version: 59.4.93 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.1.51 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.1.51 - Lenovo)
ESET Security (HKLM\...\{C26AA376-9D1B-4B7B-A1F0-DC41E8530176}) (Version: 11.2.49.0 - ESET, spol. s r.o.)
Evernote v. 5.9.9 (HKLM-x32\...\{CC4235DA-F2CA-11E5-8B13-005056951CAD}) (Version: 5.9.9.9915 - Evernote Corp.)
FormatFactory 3.6.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.6.0.0 - Format Factory)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\{879FC63D-310A-3526-B4F4-D7139F94D7A6}) (Version: 69.0.3497.100 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Greenshot 1.2.6.7 (HKLM\...\Greenshot_is1) (Version: 1.2.6.7 - Greenshot)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2103 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1419.2) (HKLM\...\{302600C1-6BDF-4FD1-1405-148929CC1385}) (Version: 17.0.1405.0464 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{195C6F66-0397-40C0-AFA8-6742F5D0088D}) (Version: 4.2.41.2633 - Intel Corporation)
Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.5.43 - SunplusIT)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Motion Control (HKLM-x32\...\{E9325F15-6339-45E8-9DC4-C2D44B623039}) (Version: 2.5.1.0224 - PointGrab) Hidden
Lenovo Motion Control (HKLM-x32\...\InstallShield_{E9325F15-6339-45E8-9DC4-C2D44B623039}) (Version: 2.5.1.0224 - PointGrab)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo Smart Voice (HKLM\...\Lenovo SmartVoice) (Version: 1.0.2.4 - Lenovo)
Lenovo Transition (HKLM\...\Lenovo Transition) (Version: 2.0.13.12271 - Lenovo)
LibreOffice 4.3.6.2 (HKLM-x32\...\{9F410B70-8A45-4F28-985E-F9731219BCBC}) (Version: 4.3.6.2 - The Document Foundation)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.10827.20150 - Microsoft Corporation)
Microsoft Office SharePoint Designer 2007 (HKLM-x32\...\SharePointDesigner) (Version: 12.0.6215.1000 - Microsoft Corporation)
Microsoft Office SharePoint Designer 2007 Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{37180755-CA2B-40AD-9637-89FB0CE7CB36}) (Version: - Microsoft)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\OneDriveSetup.exe) (Version: 18.151.0729.0012 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40620.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
MobileWiFi (HKLM-x32\...\MobileWiFi) (Version: TOOL-ConnLaucher_WIN1.09.02.00 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 62.0.3 (x64 en-GB) (HKLM\...\Mozilla Firefox 62.0.3 (x64 en-GB)) (Version: 62.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.2 - Mozilla)
Mozilla Thunderbird 38.1.0 (x86 ru) (HKLM-x32\...\Mozilla Thunderbird 38.1.0 (x86 ru)) (Version: 38.1.0 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10827.20150 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10827.20150 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10827.20150 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.10827.20150 - Microsoft Corporation) Hidden
Payroll for Windows (HKLM-x32\...\{2CE1F603-8789-477F-90AE-B14688BBE2FE}) (Version: 20.01 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{6767B4D5-15A3-4BF8-9DCD-C5C90E962C57}) (Version: 20.01 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{7C49ECA8-4089-4C67-B7A3-4F142E6448CE}) (Version: 20.01 - Sage (UK) Limited) Hidden
qBittorrent 3.2.1 (HKLM-x32\...\qBittorrent) (Version: 3.2.1 - The qBittorrent project)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30164 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7058 - Realtek Semiconductor Corp.)
Sage 50 Accounts (HKLM-x32\...\{75da8592-b395-4d98-8196-3be12aacc384}) (Version: 24.0.68.0 - Sage (UK) Ltd.)
Sage 50 Accounts (HKLM-x32\...\{7ECBAB60-486B-4CE6-A727-05B0149B3DDC}) (Version: 24.0.68.0 - Sage (UK) Ltd) Hidden
Sage 50 Accounts Data Access Components (HKLM-x32\...\{D59AB1C7-AE84-44BF-AF19-EFCFA87D6DD1}) (Version: 24.0.68.0 - Sage (UK) Ltd) Hidden
Sage 50 Accounts ODBC 64 bit (HKLM\...\{2F117DD5-6206-436D-8154-94CF4A44F3A7}) (Version: 24.0.68.0 - Sage (UK) Ltd) Hidden
Sage 50 Accounts Report Pack (HKLM-x32\...\{48BD7141-1008-4FFF-952B-4B3D99A76175}) (Version: 24.0.68.0 - Sage (UK) Ltd) Hidden
Seznam Software (HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\SeznamInstall) (Version: 2.1.32 - Seznam.cz)
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.7 - Synaptics Incorporated)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
XMind 8 Update 6 (v3.7.6) (HKLM-x32\...\XMind_is1) (Version: 3.7.6.201711210129 - XMind Ltd.)
Yoga Picks (HKLM-x32\...\{267C8BA0-876B-4589-9F14-EFB84ABCEA7F}) (Version: 1.5.014.0106 - Lenovo)
Пакет драйверов Windows - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Пакет драйверов Windows - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Программное обеспечение Intel® PROSet/Wireless (HKLM-x32\...\{2f4d8103-e601-4d48-b81d-d508d760aaba}) (Version: 17.0.3 - Intel Corporation)
Руководства пользователя (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3240854412-3608332257-3228819990-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileCoAuthLib64.dll => No File
CustomCLSID: HKU\S-1-5-21-3240854412-3608332257-3228819990-1001_Classes\CLSID\{683F0EBB-E4DC-D653-A1EE-E8E1A0FBD050}\InprocServer32 -> C:\WINDOWS\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3240854412-3608332257-3228819990-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP3\System\aimp_menu64.dll [2015-07-18] (AIMP DevTeam)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-09-21] (ESET)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-09-21] (ESET)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP3\System\aimp_menu64.dll [2015-07-18] (AIMP DevTeam)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2014-03-07] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2014-03-07] (Intel Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-09-21] (ESET)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1A544C8F-2345-4BF3-B962-CEAD513BC5D7} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2018-10-13] (Microsoft Corporation)
Task: {1DED3851-55AD-496E-BF02-CEC6A089160C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {23F6057A-C8B2-44A3-AFB9-C58837D86BF4} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-13] (Dropbox, Inc.)
Task: {28A8BC9B-373E-425A-BC5A-D4AC42C47F84} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-18] (Google Inc.)
Task: {2EFDA1C5-C3E4-4463-AC0E-64428EF25C83} - System32\Tasks\Lenovo Smart Voice => C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe [2014-08-30] (Lenovo)
Task: {4F174552-05A9-49AD-824B-16279C48960E} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-10-10] (Adobe Systems Incorporated)
Task: {544FC4A5-2A1E-4662-989E-0832BD410327} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-29] (Microsoft Corporation)
Task: {5BD0666B-D571-4CC7-A636-54863C306026} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-18] (Google Inc.)
Task: {6E7067D5-5070-4DA8-AF9E-1E28AE2E5CFF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {71B68687-CB9D-488D-A12F-FF9502A58935} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-29] (Synaptics Incorporated)
Task: {8101A65F-C37B-41E0-9802-260D035D4112} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-21] ()
Task: {8CD2A55B-2BD2-4D4F-8372-BE4F30F51947} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-13] (Dropbox, Inc.)
Task: {924377AD-903D-4B67-94B3-EBDA0177EEF8} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {9FDF2D85-59A8-4672-AF06-69C4F8517C2D} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-10-13] (Microsoft Corporation)
Task: {A858137A-D38E-40EA-AB29-6F2BAAACBA69} - \AutoPico Daily Restart -> No File <==== ATTENTION
Task: {B5B7CE89-2D8C-4827-9904-064E9E6565DB} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-10-13] (Microsoft Corporation)
Task: {C9273CE1-5945-4DAC-9DA0-A6447D45189B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-29] (Microsoft Corporation)
Task: {CDA14F94-B26C-47BA-8C47-8EE2C30441C8} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-10-13] (Microsoft Corporation)
Task: {DCA2300E-9659-4170-95E7-6CB4AE5C9AC1} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_122_Plugin.exe [2018-10-10] (Adobe Systems Incorporated)
Task: {E3FAC89D-59C3-4268-BBC8-66D9AF48D926} - System32\Tasks\Sage.Global.Services.OverDrive.Core#Housekeeping => C:\Program Files (x86)\Common Files\Sage Data Exchange\Sage.Data.Exchange.Client.exe [2017-04-26] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\User\Documents\CFA\Документы - Ярлык.lnk -> C:\Users\User\Documents () <==== Cyrillic
Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive для бизнеса.lnk -> C:\Users\User\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation) <==== Cyrillic

==================== Loaded Modules (Whitelisted) ==============

2011-03-14 16:27 - 2011-03-14 16:27 - 000346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2013-11-07 14:12 - 2013-11-07 14:12 - 000198120 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-11-07 14:12 - 2013-11-07 14:12 - 000054760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2013-11-07 14:12 - 2013-11-07 14:12 - 000034792 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2014-08-30 21:30 - 2012-04-24 11:43 - 000390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-08-30 21:30 - 2014-08-30 21:30 - 000062224 _____ () C:\ProgramData\LenovoTransition\Server\x64\dptf.dll
2014-08-30 21:28 - 2014-01-06 12:14 - 000019440 _____ () C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe
2018-04-08 09:15 - 2017-11-13 16:46 - 000092368 _____ () C:\Users\User\AppData\Roaming\Seznam.cz\bin\31268libfoxloader-x64.dll
2014-08-30 21:30 - 2014-08-30 21:30 - 000294672 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe
2014-08-30 21:30 - 2014-08-30 21:30 - 000108304 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\TransitionServer.exe
2014-08-30 16:34 - 2014-03-07 02:21 - 000080312 _____ () C:\WINDOWS\system32\igfxexps.dll
2015-03-13 14:54 - 2015-03-13 14:54 - 000053248 _____ () C:\Program Files\CCleaner\lang\lang-1049.dll
2017-06-24 11:32 - 2017-11-13 16:38 - 000506064 _____ () C:\Users\User\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2017-06-24 11:32 - 2017-02-08 13:39 - 000080576 _____ () C:\Users\User\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
2017-12-29 13:25 - 2017-12-29 13:25 - 000291840 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Gloaae92e31#\ee5a27c41be0ca413ad543daa66d413f\Windows.Globalization.ni.dll
2018-05-23 20:43 - 2018-05-23 20:43 - 001027072 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Networking\35f50eb36795cefd0755fc9902fbd5b2\Windows.Networking.ni.dll
2018-03-26 20:32 - 2018-03-26 20:32 - 000284160 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\8249db0bc98bdd98d06f387fa673bc22\Windows.Foundation.ni.dll
2018-09-18 19:55 - 2018-09-15 09:26 - 005110616 _____ () C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.100\libglesv2.dll
2018-09-18 19:55 - 2018-09-15 09:26 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.100\libegl.dll
2014-02-24 13:39 - 2014-02-24 13:39 - 000013576 _____ () C:\Program Files (x86)\Lenovo\Motion Control\PointGrabDeviceAPI.dll
2017-08-11 17:17 - 2017-08-11 17:17 - 000121856 _____ () C:\Program Files (x86)\Sage\AccountsServiceV24\OfficeAdapterLib.dll
2014-08-30 21:30 - 2014-08-30 21:30 - 000102672 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\Config\3200\TransitionLib.dll
2014-08-30 21:30 - 2014-08-30 21:30 - 000101648 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\LUpdatePackage.dll
2017-11-22 21:33 - 2017-11-13 16:49 - 000085200 _____ () C:\Users\User\AppData\Roaming\Seznam.cz\bin\24257libfoxloader.dll
2017-06-24 11:32 - 2018-02-21 11:36 - 000869584 _____ () C:\Users\User\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2016-03-25 15:36 - 2016-03-25 15:36 - 000439480 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2016-03-25 15:36 - 2016-03-25 15:36 - 000321208 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2018-10-10 23:39 - 2018-10-09 12:53 - 001140552 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-10-10 23:39 - 2018-10-09 12:53 - 002247496 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2018-05-10 07:57 - 2018-10-09 12:58 - 000023376 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.cp35-win32.pyd
2018-10-10 23:39 - 2018-10-09 12:55 - 000025456 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.cp35-win32.pyd
2018-05-10 07:57 - 2018-10-09 12:53 - 000142312 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.cp35-win32.pyd
2018-10-10 23:39 - 2018-10-09 12:56 - 001953640 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.cp35-win32.pyd
2018-10-10 23:39 - 2018-10-09 12:56 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.cp35-win32.pyd
2018-10-10 23:39 - 2018-10-09 12:53 - 000117720 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes35.dll
2018-05-10 07:57 - 2018-10-09 12:53 - 000109024 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.cp35-win32.pyd
2018-10-10 23:39 - 2018-10-09 12:56 - 000083784 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.cp35-win32.pyd
2018-10-10 23:39 - 2018-10-09 12:53 - 000418264 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom35.dll
2018-05-10 07:57 - 2018-10-09 12:53 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.cp35-win32.pyd
2018-05-10 07:57 - 2018-10-09 12:53 - 000049128 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.cp35-win32.pyd
2018-10-10 23:39 - 2018-10-09 12:56 - 000074072 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.cp35-win32.pyd
2018-05-10 07:57 - 2018-10-09 12:53 - 000131552 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.cp35-win32.pyd
2018-10-10 23:39 - 2018-10-09 12:55 - 000025944 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.cp35-win32.pyd
2018-05-10 07:57 - 2018-10-09 12:53 - 000026600 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.cp35-win32.pyd
2018-05-10 07:57 - 2018-10-09 12:53 - 000182752 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.cp35-win32.pyd
2018-05-10 07:57 - 2018-10-09 12:53 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.cp35-win32.pyd
2018-05-10 07:57 - 2018-10-09 12:53 - 000118760 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.cp35-win32.pyd
2018-05-10 07:57 - 2018-10-09 12:58 - 000401752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.cp35-win32.pyd
2018-05-10 07:57 - 2018-10-09 12:53 - 000028640 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.cp35-win32.pyd
2018-05-10 07:57 - 2018-10-09 12:58 - 000034664 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.cp35-win32.pyd
2018-10-10 23:39 - 2018-10-09 12:53 - 000023704 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.cp35-win32.pyd
2018-05-10 07:57 - 2018-10-09 12:53 - 000053736 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.cp35-win32.pyd
2018-05-10 07:57 - 2018-10-09 12:53 - 000064992 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.cp35-win32.pyd
2018-05-10 07:57 - 2018-10-09 12:58 - 000059744 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.cp35-win32.pyd
2018-05-10 07:57 - 2018-10-09 12:58 - 000068968 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.cp35-win32.pyd
2018-05-10 07:57 - 2018-10-09 12:58 - 000028520 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.cp35-win32.pyd
2018-10-10 23:39 - 2018-10-09 12:55 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.cp35-win32.pyd
2018-05-10 07:57 - 2018-10-09 12:53 - 000032408 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.cp35-win32.pyd
2018-10-10 23:39 - 2018-10-09 12:56 - 000156504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.cp35-win32.pyd
2018-05-10 07:57 - 2018-10-09 12:58 - 000092488 _____ () C:\Program Files (x86)\Dropbox\Client\sip.cp35-win32.pyd
2018-10-10 23:39 - 2018-10-09 12:56 - 001778000 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.cp35-win32.pyd
2018-10-10 23:39 - 2018-10-09 12:56 - 000518992 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.cp35-win32.pyd
2018-10-10 23:39 - 2018-10-09 12:56 - 000052056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.cp35-win32.pyd
2018-10-10 23:39 - 2018-10-09 12:56 - 001929552 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.cp35-win32.pyd
2018-10-10 23:39 - 2018-10-09 12:57 - 003821392 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.cp35-win32.pyd
2018-10-10 23:39 - 2018-10-09 12:56 - 000044888 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.cp35-win32.pyd
2018-10-10 23:39 - 2018-10-09 12:56 - 000132944 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.cp35-win32.pyd
2018-10-10 23:39 - 2018-10-09 12:56 - 000218456 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.cp35-win32.pyd
2018-10-10 23:39 - 2018-10-09 12:56 - 000205656 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.cp35-win32.pyd
2018-05-10 07:57 - 2018-10-09 12:53 - 000061408 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.cp35-win32.pyd
2018-05-10 07:57 - 2018-10-09 12:58 - 000051552 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.cp35-win32.pyd
2018-05-10 07:57 - 2018-10-09 12:53 - 000027624 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.cp35-win32.pyd
2018-08-02 08:21 - 2018-10-09 12:58 - 000033632 _____ () C:\Program Files (x86)\Dropbox\Client\winreindex.compiled._winreindex.cp35-win32.pyd
2018-05-10 07:57 - 2018-10-09 12:58 - 000028008 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.cp35-win32.pyd
2018-05-10 07:57 - 2018-10-09 12:58 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.cp35-win32.pyd
2018-05-10 07:57 - 2018-10-09 12:58 - 000025448 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.cp35-win32.pyd
2018-05-10 07:57 - 2018-10-09 12:58 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.cp35-win32.pyd
2018-10-10 23:39 - 2018-10-09 12:56 - 000031600 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.cp35-win32.pyd
2018-05-10 07:57 - 2018-10-09 12:53 - 000486880 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.cp35-win32.pyd
2018-10-10 23:39 - 2018-10-09 12:57 - 000102736 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.cp35-win32.pyd
2018-05-10 07:57 - 2018-10-09 12:58 - 000029040 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.cp35-win32.pyd
2018-10-10 23:39 - 2018-10-09 12:56 - 000029024 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.cp35-win32.pyd
2018-10-10 23:39 - 2018-10-09 12:53 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2018-05-10 07:57 - 2018-10-09 12:58 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.cp35-win32.pyd
2018-10-10 23:39 - 2018-10-09 12:56 - 000433992 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2018-05-10 07:57 - 2018-10-09 12:58 - 000035680 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.cp35-win32.pyd
2018-10-10 23:39 - 2018-10-09 12:56 - 000025920 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2018-10-10 23:39 - 2018-10-09 12:56 - 001592128 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2018-05-10 07:57 - 2018-10-09 12:58 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.shcore.compiled._winffi_shcore.cp35-win32.pyd
2018-09-12 09:01 - 2018-10-09 12:58 - 000028520 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.shell32.compiled._winffi_shell32.cp35-win32.pyd
2018-05-10 07:57 - 2018-10-09 12:58 - 000029544 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.cp35-win32.pyd
2018-10-10 23:39 - 2018-10-09 12:56 - 000530768 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.cp35-win32.pyd
2018-10-10 23:39 - 2018-10-09 12:56 - 000348496 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.cp35-win32.pyd
2018-10-10 23:39 - 2018-10-09 12:56 - 000037200 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.cp35-win32.pyd
2014-08-30 21:30 - 2014-08-30 21:30 - 000101648 _____ () C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LUpdatePackage.dll
2014-08-30 21:04 - 2013-08-08 21:25 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\keysurvey2.com -> sage.keysurvey2.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2017-06-23 19:51 - 000000852 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{7EB5647C-000F-4B6B-8E57-2FEA6DFE678B}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{8651BF9C-1101-47C8-B2AA-98C274932143}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{451492D0-0AA9-430D-8E4E-775F126564A2}] => (Allow) LPort=55100
FirewallRules: [{0FAFA4E4-90D1-4F5A-ABDF-E19BD4FB6D8D}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{B428294C-BC2C-4694-9331-7ABD1CB4077F}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{D1AEB5F4-35BC-4CFF-BD3B-866417A27AC4}] => (Allow) C:\Users\User\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{227A60D7-4D91-4C95-A659-E28210CCAE41}] => (Allow) LPort=1688
FirewallRules: [{9B2A5E7D-4F43-40DB-9343-D5693CE9A8D8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{41868B10-9183-4D8C-99D6-4ABB36F7A089}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{097CCF42-62F7-41B9-B087-22D582F125FB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CF6BCBD8-B94E-4F33-8BB4-A40081A73A47}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1B64F6C6-DB63-4965-A393-564D1C6389E6}] => (Allow) C:\Program Files (x86)\Sage\AccountsServiceV24\sg50svc_v24.exe
FirewallRules: [{51E60566-94E0-4940-9AE2-E005DAB2C259}] => (Allow) C:\Program Files (x86)\Sage\AccountsServiceV24\sg50CtrlSvc_v24.exe
FirewallRules: [{E96D411A-F10D-4EC1-9088-0FDBF24C4C4D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{B03B25AA-BB78-4939-98BE-F8F287CE6A7D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{F618FAB1-BE81-42A2-9A18-CDD8B7D03CE7}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

==================== Restore Points =========================

05-10-2018 19:07:21 Запланированная контрольная точка
13-10-2018 10:12:47 Запланированная контрольная точка

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/13/2018 06:32:35 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Не удалось создать контекст архивации для "D:\Audacity\audacity.exe". Ошибка в файле манифеста или политики "" в строке .
Версия компонента, требуемая для приложения, конфликтует с другой, уже активной версией.
Конфликтующие компоненты:
Компонент 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Компонент 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (10/13/2018 06:32:03 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Не удалось создать контекст архивации для "D:\Audacity\audacity.exe". Ошибка в файле манифеста или политики "" в строке .
Версия компонента, требуемая для приложения, конфликтует с другой, уже активной версией.
Конфликтующие компоненты:
Компонент 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Компонент 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (10/13/2018 06:24:15 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Не удалось создать контекст архивации для "D:\Audacity\audacity.exe". Ошибка в файле манифеста или политики "" в строке .
Версия компонента, требуемая для приложения, конфликтует с другой, уже активной версией.
Конфликтующие компоненты:
Компонент 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Компонент 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (10/13/2018 06:23:36 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Не удалось создать контекст архивации для "D:\Audacity\audacity.exe". Ошибка в файле манифеста или политики "" в строке .
Версия компонента, требуемая для приложения, конфликтует с другой, уже активной версией.
Конфликтующие компоненты:
Компонент 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Компонент 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (10/13/2018 10:14:22 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Не удалось создать контекст архивации для "D:\Audacity\audacity.exe". Ошибка в файле манифеста или политики "" в строке .
Версия компонента, требуемая для приложения, конфликтует с другой, уже активной версией.
Конфликтующие компоненты:
Компонент 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Компонент 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (10/13/2018 10:14:14 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Не удалось создать контекст архивации для "D:\Audacity\audacity.exe". Ошибка в файле манифеста или политики "" в строке .
Версия компонента, требуемая для приложения, конфликтует с другой, уже активной версией.
Конфликтующие компоненты:
Компонент 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Компонент 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (10/13/2018 10:13:56 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Не удалось создать контекст архивации для "D:\Audacity\audacity.exe". Ошибка в файле манифеста или политики "" в строке .
Версия компонента, требуемая для приложения, конфликтует с другой, уже активной версией.
Конфликтующие компоненты:
Компонент 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Компонент 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (10/13/2018 09:33:50 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0


System errors:
=============
Error: (10/13/2018 06:31:20 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Модуль расширяемости беспроводной сети неожиданно прекратил работу.

Путь к модулю: C:\WINDOWS\System32\IWMSSvc.dll

Error: (10/13/2018 06:31:20 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Модуль расширяемости беспроводной сети неожиданно прекратил работу.

Путь к модулю: C:\WINDOWS\System32\IWMSSvc.dll

Error: (10/13/2018 06:31:18 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Модуль расширяемости беспроводной сети неожиданно прекратил работу.

Путь к модулю: C:\WINDOWS\System32\IWMSSvc.dll

Error: (10/13/2018 06:31:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Служба "Intel(R) PROSet/Wireless Zero Configuration Service" неожиданно прервана. Это произошло (раз): 1.

Error: (10/13/2018 06:31:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Служба "ymc" неожиданно прервана. Это произошло (раз): 1.

Error: (10/13/2018 06:31:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Служба Microsoft Office ClickToRun Service была неожиданно завершена. Это произошло 1 раз(а). Следующее корректирующее действие будет предпринято через 0 мсек: Перезапуск службы.

Error: (10/13/2018 06:31:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Служба "Sage SData Service" неожиданно прервана. Это произошло (раз): 1.

Error: (10/13/2018 06:31:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Служба "YogaPicks.AppService" неожиданно прервана. Это произошло (раз): 1.


Windows Defender:
===================================
Date: 2017-06-23 19:30:15.822
Description:
Проверка, выполняемая Защитник Windows, была остановлена до полного завершения.
ИД проверки: {3617D4CE-CD4B-4625-B167-5DAB3C1E2903}
Тип проверки: Антивредоносная программа
Параметры проверки: Быстрая проверка
Пользователь: NT AUTHORITY\СИСТЕМА

Date: 2017-06-23 07:37:17.802
Description:
Проверка, выполняемая Защитник Windows, была остановлена до полного завершения.
ИД проверки: {96F96CA4-6D00-4373-9E7B-82B968821321}
Тип проверки: Антивредоносная программа
Параметры проверки: Быстрая проверка
Пользователь: NT AUTHORITY\СИСТЕМА

Date: 2017-06-23 07:09:50.893
Description:
Проверка, выполняемая Защитник Windows, была остановлена до полного завершения.
ИД проверки: {3336D3A3-85F8-4BC0-B149-4DAC7C7540E1}
Тип проверки: Антивредоносная программа
Параметры проверки: Быстрая проверка
Пользователь: NT AUTHORITY\СИСТЕМА

Date: 2017-06-21 07:12:41.047
Description:
Проверка, выполняемая Защитник Windows, была остановлена до полного завершения.
ИД проверки: {37E1F6BF-D531-4D80-9054-18A497740909}
Тип проверки: Антивредоносная программа
Параметры проверки: Быстрая проверка
Пользователь: NT AUTHORITY\СИСТЕМА

Date: 2017-06-18 09:47:17.429
Description:
Проверка, выполняемая Защитник Windows, была остановлена до полного завершения.
ИД проверки: {8678D9DD-5140-4029-AC13-7B53AB1F0C26}
Тип проверки: Антивредоносная программа
Параметры проверки: Быстрая проверка
Пользователь: NT AUTHORITY\СИСТЕМА

Date: 2016-06-07 12:06:38.766
Description:
При проверке, выполняемой Защитник Windows, произошла ошибка, что привело к завершению проверки.
ИД проверки: {947D1F66-F73D-4D5E-90DD-C2427765EA5D}
Тип проверки: Антивредоносная программа
Параметры проверки: Быстрая проверка
Пользователь: NT AUTHORITY\СИСТЕМА
Код ошибки: 0x8050800d
Описание ошибки: Не удается отобразить некоторые записи журнала. Повторите попытку через несколько минут. Если это не поможет, очистите журнал и вновь повторите попытку.

CodeIntegrity:
===================================

Date: 2017-06-23 19:53:21.206
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-06-23 19:53:21.150
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-06-23 19:53:21.088
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-06-23 19:53:21.011
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-06-23 19:53:20.768
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-06-04 19:00:20.597
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-06-04 19:00:20.539
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-06-04 19:00:20.475
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 70%
Total physical RAM: 4008.27 MB
Available physical RAM: 1171.91 MB
Total Virtual: 8016.55 MB
Available Virtual: 4343.04 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:197.15 GB) (Free:11.71 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:21.42 GB) NTFS
Drive i: (HD710 PRO) (Fixed) (Total:931.28 GB) (Free:158.17 GB) FAT32

\\?\Volume{538024ee-d72d-4951-b1ff-f60beaff73c8}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.69 GB) NTFS
\\?\Volume{8b1f7b10-04eb-435e-9b4f-d624459484ff}\ (PBR_DRV) (Fixed) (Total:13.99 GB) (Free:4.04 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 48802735)

Partition: GPT.

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 0E6E31F4)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=0C)

==================== End of Addition.txt ============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118197
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: zpomaleny notas

#7 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {28A8BC9B-373E-425A-BC5A-D4AC42C47F84} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-18] (Google Inc.)
Task: {5BD0666B-D571-4CC7-A636-54863C306026} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-18] (Google Inc.)
Task: {A858137A-D38E-40EA-AB29-6F2BAAACBA69} - \AutoPico Daily Restart -> No File <==== ATTENTION
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\MountPoints2: {03fa1958-a598-11e5-8283-28b2bd4e1d94} - "E:\AutoRun.exe"
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\MountPoints2: {26c9e3b4-350d-11e5-825b-28b2bd4e1d98} - "G:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\MountPoints2: {39fc2e68-0d0e-11e6-8297-28b2bd4e1d98} - "E:\AutoRun.exe"
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\MountPoints2: {718f40cd-a050-11e8-82eb-28b2bd4e1d98} - "E:\AutoRun.exe"
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\MountPoints2: {718f42fe-a050-11e8-82eb-28b2bd4e1d98} - "E:\AutoRun.exe"
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\MountPoints2: {79913721-0815-11e7-82b1-28b2bd4e1d94} - "E:\AutoRun.exe"
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\MountPoints2: {79913757-0815-11e7-82b1-28b2bd4e1d94} - "E:\AutoRun.exe"
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\MountPoints2: {8412b1e4-eca4-11e7-82d6-28b2bd4e1d98} - "F:\AutoRun.exe"
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\MountPoints2: {8b711e56-0811-11e7-82ae-28b2bd4e1d98} - "E:\AutoRun.exe"
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\MountPoints2: {8cf0d810-e770-11e7-82d6-28b2bd4e1d98} - "E:\AutoRun.exe"
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\MountPoints2: {8cf0f229-e770-11e7-82d6-28b2bd4e1d98} - "G:\AutoRun.exe"
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\MountPoints2: {9065f563-59a9-11e7-82bb-28b2bd4e1d98} - "E:\AutoRun.exe"
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\MountPoints2: {b8e11b6c-a599-11e5-8284-28b2bd4e1d98} - "E:\AutoRun.exe"
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\MountPoints2: {cb40f53b-2d5a-11e5-825a-28b2bd4e1d98} - "E:\AutoRun.exe"
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\MountPoints2: {cb40f551-2d5a-11e5-825a-28b2bd4e1d98} - "E:\AutoRun.exe"
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\MountPoints2: {d6e06fdf-f6d1-11e6-82ad-28b2bd4e1d98} - "E:\AutoRun.exe"
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3240854412-3608332257-3228819990-1001 -> {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = hxxps://yandex.ru/search/?text={searchTerms}&clid=2261464
C:\Users\User\AppData\Local\Temp

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

korkis
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 157
Registrován: 16 zář 2007 14:37
Kontaktovat uživatele:

Re: zpomaleny notas

#8 Příspěvek od korkis »

here we go

Fix result of Farbar Recovery Scan Tool (x64) Version: 10.10.2018
Ran by User (13-10-2018 20:34:28) Run:1
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available Profiles: User)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {28A8BC9B-373E-425A-BC5A-D4AC42C47F84} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-18] (Google Inc.)
Task: {5BD0666B-D571-4CC7-A636-54863C306026} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-18] (Google Inc.)
Task: {A858137A-D38E-40EA-AB29-6F2BAAACBA69} - \AutoPico Daily Restart -> No File <==== ATTENTION
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\MountPoints2: {03fa1958-a598-11e5-8283-28b2bd4e1d94} - "E:\AutoRun.exe"
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\MountPoints2: {26c9e3b4-350d-11e5-825b-28b2bd4e1d98} - "G:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\MountPoints2: {39fc2e68-0d0e-11e6-8297-28b2bd4e1d98} - "E:\AutoRun.exe"
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\MountPoints2: {718f40cd-a050-11e8-82eb-28b2bd4e1d98} - "E:\AutoRun.exe"
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\MountPoints2: {718f42fe-a050-11e8-82eb-28b2bd4e1d98} - "E:\AutoRun.exe"
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\MountPoints2: {79913721-0815-11e7-82b1-28b2bd4e1d94} - "E:\AutoRun.exe"
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\MountPoints2: {79913757-0815-11e7-82b1-28b2bd4e1d94} - "E:\AutoRun.exe"
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\MountPoints2: {8412b1e4-eca4-11e7-82d6-28b2bd4e1d98} - "F:\AutoRun.exe"
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\MountPoints2: {8b711e56-0811-11e7-82ae-28b2bd4e1d98} - "E:\AutoRun.exe"
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\MountPoints2: {8cf0d810-e770-11e7-82d6-28b2bd4e1d98} - "E:\AutoRun.exe"
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\MountPoints2: {8cf0f229-e770-11e7-82d6-28b2bd4e1d98} - "G:\AutoRun.exe"
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\MountPoints2: {9065f563-59a9-11e7-82bb-28b2bd4e1d98} - "E:\AutoRun.exe"
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\MountPoints2: {b8e11b6c-a599-11e5-8284-28b2bd4e1d98} - "E:\AutoRun.exe"
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\MountPoints2: {cb40f53b-2d5a-11e5-825a-28b2bd4e1d98} - "E:\AutoRun.exe"
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\MountPoints2: {cb40f551-2d5a-11e5-825a-28b2bd4e1d98} - "E:\AutoRun.exe"
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\...\MountPoints2: {d6e06fdf-f6d1-11e6-82ad-28b2bd4e1d98} - "E:\AutoRun.exe"
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3240854412-3608332257-3228819990-1001 -> {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = hxxps://yandex.ru/search/?text={searchTerms}&clid=2261464
C:\Users\User\AppData\Local\Temp

EmptyTemp:
End

*****************

Processes closed successfully.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{28A8BC9B-373E-425A-BC5A-D4AC42C47F84}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{28A8BC9B-373E-425A-BC5A-D4AC42C47F84}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5BD0666B-D571-4CC7-A636-54863C306026}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5BD0666B-D571-4CC7-A636-54863C306026}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A858137A-D38E-40EA-AB29-6F2BAAACBA69}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A858137A-D38E-40EA-AB29-6F2BAAACBA69}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoPico Daily Restart" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{03fa1958-a598-11e5-8283-28b2bd4e1d94} => removed successfully
HKLM\Software\Classes\CLSID\{03fa1958-a598-11e5-8283-28b2bd4e1d94} => not found
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{26c9e3b4-350d-11e5-825b-28b2bd4e1d98} => removed successfully
HKLM\Software\Classes\CLSID\{26c9e3b4-350d-11e5-825b-28b2bd4e1d98} => not found
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{39fc2e68-0d0e-11e6-8297-28b2bd4e1d98} => removed successfully
HKLM\Software\Classes\CLSID\{39fc2e68-0d0e-11e6-8297-28b2bd4e1d98} => not found
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{718f40cd-a050-11e8-82eb-28b2bd4e1d98} => removed successfully
HKLM\Software\Classes\CLSID\{718f40cd-a050-11e8-82eb-28b2bd4e1d98} => not found
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{718f42fe-a050-11e8-82eb-28b2bd4e1d98} => removed successfully
HKLM\Software\Classes\CLSID\{718f42fe-a050-11e8-82eb-28b2bd4e1d98} => not found
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{79913721-0815-11e7-82b1-28b2bd4e1d94} => removed successfully
HKLM\Software\Classes\CLSID\{79913721-0815-11e7-82b1-28b2bd4e1d94} => not found
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{79913757-0815-11e7-82b1-28b2bd4e1d94} => removed successfully
HKLM\Software\Classes\CLSID\{79913757-0815-11e7-82b1-28b2bd4e1d94} => not found
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8412b1e4-eca4-11e7-82d6-28b2bd4e1d98} => removed successfully
HKLM\Software\Classes\CLSID\{8412b1e4-eca4-11e7-82d6-28b2bd4e1d98} => not found
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8b711e56-0811-11e7-82ae-28b2bd4e1d98} => removed successfully
HKLM\Software\Classes\CLSID\{8b711e56-0811-11e7-82ae-28b2bd4e1d98} => not found
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8cf0d810-e770-11e7-82d6-28b2bd4e1d98} => removed successfully
HKLM\Software\Classes\CLSID\{8cf0d810-e770-11e7-82d6-28b2bd4e1d98} => not found
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8cf0f229-e770-11e7-82d6-28b2bd4e1d98} => removed successfully
HKLM\Software\Classes\CLSID\{8cf0f229-e770-11e7-82d6-28b2bd4e1d98} => not found
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9065f563-59a9-11e7-82bb-28b2bd4e1d98} => removed successfully
HKLM\Software\Classes\CLSID\{9065f563-59a9-11e7-82bb-28b2bd4e1d98} => not found
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b8e11b6c-a599-11e5-8284-28b2bd4e1d98} => removed successfully
HKLM\Software\Classes\CLSID\{b8e11b6c-a599-11e5-8284-28b2bd4e1d98} => not found
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cb40f53b-2d5a-11e5-825a-28b2bd4e1d98} => removed successfully
HKLM\Software\Classes\CLSID\{cb40f53b-2d5a-11e5-825a-28b2bd4e1d98} => not found
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cb40f551-2d5a-11e5-825a-28b2bd4e1d98} => removed successfully
HKLM\Software\Classes\CLSID\{cb40f551-2d5a-11e5-825a-28b2bd4e1d98} => not found
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d6e06fdf-f6d1-11e6-82ad-28b2bd4e1d98} => removed successfully
HKLM\Software\Classes\CLSID\{d6e06fdf-f6d1-11e6-82ad-28b2bd4e1d98} => not found
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKU\S-1-5-21-3240854412-3608332257-3228819990-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8} => removed successfully
HKLM\Software\Classes\CLSID\{8C3078A0-9AAB-4371-85D1-656CA8E46EE8} => not found
C:\Users\User\AppData\Local\Temp => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 39578159 B
Java, Flash, Steam htmlcache => 3118 B
Windows/system/drivers => 496473481 B
Edge => 0 B
Chrome => 62050049 B
Firefox => 583877270 B
Opera => 196608 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 22196 B
NetworkService => 0 B
User => 69196188 B

RecycleBin => 12718026134 B
EmptyTemp: => 13 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:35:24 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118197
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: zpomaleny notas

#9 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

korkis
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 157
Registrován: 16 zář 2007 14:37
Kontaktovat uživatele:

Re: zpomaleny notas

#10 Příspěvek od korkis »

Vypada to svižnější. Mame čisto?

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118197
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: zpomaleny notas

#11 Příspěvek od Rudy »

Mělo by být čisto.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

korkis
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 157
Registrován: 16 zář 2007 14:37
Kontaktovat uživatele:

Re: zpomaleny notas

#12 Příspěvek od korkis »

Awesome :) Diky moc :| You are STAR :thumbsup:
Můžeme zamčít :)

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118197
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: zpomaleny notas

#13 Příspěvek od Rudy »

Rádo se stalo! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno