Prosím o kontrolu logu Vyřešeno

[ADA64]

Zdravím a prosím o kontrolu logu.
V Chromu jsem si při stahování souboru z uložiště omylem klikl na stahovací banner reimageplus.com a od té doby se mi samostatně při kliknutí na odkaz otvírají reklamní okna a neustále mě nutí si stáhnout program na opravu PC. Už to tady poměrně přesně popsal janpi. Mimo těchto problémů prohlížeče se ostatní zdá OK. Tak prosím, jestli někdo může pomoci.
Děkuji předem

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:56:19, on 6.6.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18315)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\Sierra Wireless Inc\LENOVO MBIM Toolkit\FirmwareApp.exe
C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_desktop.exe
C:\Program Files (x86)\Lenovo\Password Manager\password_manager.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\sysWow64\SearchProtocolHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\JAG\Downloads\HijackThis (1).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13-comm.msn.com/?pc=LNJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" 60
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [HPPQVideo] "C:\Program Files (x86)\HP\ScheduledLaunch\HP Color LaserJet CM1312 MFP Series\bin\hppschlnch.exe" -r SOFTWARE\Hewlett-Packard\ScheduledLaunch\CLJ_CM1312_MFP_Series -f PQOptimizerVideo.xml -o remindLater
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [VideoDownloaderUltimate] C:\ProgramData\VideoDownloaderUltimateWinApp\VideoDownloaderUltimate.exe /repair
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: AcPrfMgrSvc - Lenovo - C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
O23 - Service: AcSvc - Lenovo - C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: DisplayLinkManager (DisplayLinkService) - DisplayLink Corp. - C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
O23 - Service: Lenovo Doze Mode Service (DozeSvc) - Lenovo. - C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Firmware Updater Service (FirmwareUpdaterService) - Unknown owner - C:\Program Files (x86)\Sierra Wireless Inc\LENOVO MBIM Toolkit\firmwareupdaterservice.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: Intel Bluetooth Service (iBtSiva) - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: IntelModemAuthenticator - Intel Mobile Communications - C:\Program Files (x86)\Intel Mobile Communications\ModemAuthenticator\IntelModemAuthenticator.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Lenovo Camera Mute (LENOVO.CAMMUTE) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Lenovo Keyboard Noise Reduction (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
O23 - Service: Lenovo Virtual Camera Controller (LENOVO.TVTVCAM) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
O23 - Service: PowerENGAGE Maintenance Service (LenovoProdRegManager) - Aviata, Inc. - C:\Program Files (x86)\Lenovo Registration\EngageService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: lnvDiscoveryWinSvc - Lenovo - C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe
O23 - Service: Lenovo Platform Service (LPlatSvc) - Unknown owner - C:\Windows\system32\LPlatSvc.exe (file missing)
O23 - Service: Lenovo Solution Center System Service (LSC.Services.SystemService) - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Session Launcher Service (PelService) - Unknown owner - C:\Program Files\Lenovo\Lenovo Mouse Suite\Service\PelService.exe
O23 - Service: Power Manager Service (Power Manager DBC Service) - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo QuickControl Master Service (QuickControlMasterSvc) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe
O23 - Service: Lenovo QuickControl Service (QuickControlService) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ShareItSvc - SHAREit Technologies Co.Ltd - C:\Program Files (x86)\Lenovo\SHAREit\Shareit.Service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: Sierra Wireless Service (SwiService) - Sierra Wireless, Inc. - C:\Program Files (x86)\Sierra Wireless Inc\Utils\SwiService.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\Windows\System32\TPHDEXLG64.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Synaptics FP WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\Windows\system32\valWBFPolicyService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 16605 bytes

[Reklama]

[Clorky]

A proč zakládáš 4 stejná témata? Lag to byl asi těžko, když je mezi dobou založení víc, jak minuta. Příště na to dej pozor.

Ltb:// Uživatel psal přes kontaktní formulář, šlo o problém při vkládání nového tématu...po vložení se zobrazí chyba, ale rovněž se uloží i nově zakládané téma - uživatel si tohoto nevšiml... Nicméně ten prvotní problém je v té chybě, kterou zde máme - vyřeší se updatem fóra na vyšší verzi, ten je již v přípravě, díky.

[jerabina]

Ahoj, vítej na fóru PC-HELP!

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.

===================================================

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

===================================================

Stáhni AdwCleaner (by Xplode)

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

===================================================

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na Kopírovat do schránky a a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.

[ADA64]

Zdravím, děkuji za reakci a návod, zde jsou výsledky:
1) ATF Cleanar jsem díky Chromu vynechal

2) TFC jsem nechal proběhnout a restartoval

3) AdwCleaner (by Xplode) jsem nechal skenovat a zde je log:

# AdwCleaner v5.119 - Log vytvořen 07/06/2016 v 15:47:49
# Aktualizováno 30/05/2016 by Xplode
# Databáze : 2016-06-07.1 [Server]
# Operační system : Windows 7 Professional Service Pack 1 (X64)
# Uživatelské jméno : JAG - JAG-PC
# Spuštěno z : C:\Users\JAG\Desktop\AdwCleaner.exe
# Nastavení : Sken
# Podpora : http://toolslib.net/forum

***** [ Služby ] *****


***** [ Složky ] *****


***** [ Soubory ] *****


***** [ DLL ] *****


***** [ WMI ] *****


***** [ Zástupci ] *****


***** [ Naplánované úlohy ] *****


***** [ Registry ] *****

Klíč Nalezeno : HKLM\SOFTWARE\Classes\s
Klíč Nalezeno : HKCU\Software\Link64
Klíč Nalezeno : HKU\S-1-5-21-377955874-304036406-2546264200-1000\Software\Link64
Hodnota Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [VideoDownloaderUltimate]
Hodnota Nalezeno : HKU\S-1-5-21-377955874-304036406-2546264200-1000\Software\Microsoft\Windows\CurrentVersion\Run [VideoDownloaderUltimate]

***** [ Prohlížeče ] *****


*************************

C:\AdwCleaner\AdwCleaner[S1].txt - [1218 bytů] - [07/06/2016 15:46:12]
C:\AdwCleaner\AdwCleaner[S2].txt - [1139 bytů] - [07/06/2016 15:47:49]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1212 bytů] ##########

4)Malwarebytes' Anti-Malware jsem nechal aktualizovat a skenovat nyní a zde je výsledek:

Malwarebytes Anti-Malware
http://www.malwarebytes.org

Datum skenování: 7.6.2016
Čas skenování: 16:02
Protokol:
Správce: Ano

Verze: 2.2.1.1043
Databáze malwaru: v2016.06.07.04
Databáze rootkitů: v2016.05.27.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: JAG

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 301937
Uplynulý čas: 6 min, 48 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

Ještě pro úplnost, používám v Chromu dva profily jeden soukromí a druhý pracovní, nebo přesněji dva uživatele a popisované problémy se děly pouze v tom jednom profilu, kde došlo k tomu ukliknutí se.
Stávající stav po všech doporučených krocích je takový, že ty samovolně otevírající okna se sami neotevírají, zřejmě díky Malwarebytes' Anti-Malware protože se neustále objevují hlášky o tom, že program zamezil otevření okna.

[ADA64]

Oprava: profil je samozřejmě soukromý a ne soukromí
Sorry

[jerabina]

V pořádku, jsem zvyklý i na horší pravopisné prasárny a jedna gramatická chyba většinou nezkazí dojem z celého příspěvku napsaného gramaticky správně a navíc tady nejsme na češtinářském fóru, ale na fóru, kde se zabýváme počítači, takže to tady zase tolik neřešíme
I když nemůžu říct, že by nebylo krásné, když by všichni psali alespoň z poloviny tak gramaticky/typograficky správně jako ty...

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“

Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [C?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

[ADA64]

Zdravím a omlouvám se opožděnou reakci, měl jsem nějaké časově vypjaté období a víkend "digitálního klidu" a teď výsledky:
1) Spuštěn AdwCleaner jako správce a zde výsledek:

# AdwCleaner v5.119 - Log vytvořen 13/06/2016 v 10:36:47
# Aktualizováno 30/05/2016 by Xplode
# Databáze : 2016-06-12.1 [Server]
# Operační system : Windows 7 Professional Service Pack 1 (X64)
# Uživatelské jméno : JAG - JAG-PC
# Spuštěno z : C:\Users\JAG\Desktop\AdwCleaner.exe
# Nastavení : Čištění
# Podpora : http://toolslib.net/forum

***** [ Služby ] *****


***** [ Složky ] *****


***** [ Soubory ] *****


***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Zástupci ] *****


***** [ Naplánované úlohy ] *****


***** [ Registry ] *****

[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\s
[-] Klíč Smazáno : HKCU\Software\Link64
[-] Hodnota Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [VideoDownloaderUltimate]
[#] Hodnota Smazáno : HKU\S-1-5-21-377955874-304036406-2546264200-1000\Software\Microsoft\Windows\CurrentVersion\Run [VideoDownloaderUltimate]

***** [ Prohlížeče ] *****


*************************

:: "Tracing" klíče smazány
:: Nastavení Winsock vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [1104 bytů] - [13/06/2016 10:36:47]
C:\AdwCleaner\AdwCleaner[S1].txt - [1218 bytů] - [07/06/2016 15:46:12]
C:\AdwCleaner\AdwCleaner[S2].txt - [1291 bytů] - [07/06/2016 15:47:49]
C:\AdwCleaner\AdwCleaner[S3].txt - [1364 bytů] - [09/06/2016 17:15:57]
C:\AdwCleaner\AdwCleaner[S4].txt - [1437 bytů] - [09/06/2016 18:21:30]
C:\AdwCleaner\AdwCleaner[S5].txt - [1510 bytů] - [09/06/2016 18:22:07]
C:\AdwCleaner\AdwCleaner[S6].txt - [1589 bytů] - [09/06/2016 18:24:58]
C:\AdwCleaner\AdwCleaner[S7].txt - [1656 bytů] - [13/06/2016 10:33:29]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1688 bytů] ##########

2) Deaktivován antivir a spuštěn JRT jako správce a zde výsledek:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 7 Professional x64
Ran by JAG (Administrator) on po 13.06.2016 at 10:54:41,00
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 8

Successfully deleted: C:\Users\JAG\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\81NF2KWP (Temporary Internet Files Folder)
Successfully deleted: C:\Users\JAG\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LSF23IFN (Temporary Internet Files Folder)
Successfully deleted: C:\Users\JAG\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PMBGCX1T (Temporary Internet Files Folder)
Successfully deleted: C:\Users\JAG\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W3CTLQ31 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\81NF2KWP (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LSF23IFN (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PMBGCX1T (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W3CTLQ31 (Temporary Internet Files Folder)



Registry: 3

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFC82AB9-B5C2-430C-BD4D-F5C1AF43371A} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 13.06.2016 at 10:56:17,43
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

3)Spuštěn RogueKillerx64 jako správce a zde je výsledek:

RogueKiller V12.3.2.0 (x64) [Jun 6 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : JAG [Práva správce]
Started from : C:\Users\JAG\Desktop\RogueKillerX64.exe
Mód : Prohledat -- Datum : 06/13/2016 11:14:49

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 9 ¤¤¤
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-377955874-304036406-2546264200-1000\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.seznam.cz/ -> Nalezeno
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-377955874-304036406-2546264200-1000\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.seznam.cz/ -> Nalezeno
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-377955874-304036406-2546264200-1000\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://lenovo13-comm.msn.com/?pc=LNJB -> Nalezeno
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-377955874-304036406-2546264200-1000\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://lenovo13-comm.msn.com/?pc=LNJB -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{BF756B82-3253-49C7-B0CF-FFDBDEF14241} | DhcpNameServer : 10.0.0.254 10.0.0.8 ([][]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{BF756B82-3253-49C7-B0CF-FFDBDEF14241} | DhcpNameServer : 10.0.0.254 10.0.0.8 ([][]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{BF756B82-3253-49C7-B0CF-FFDBDEF14241} | DhcpNameServer : 10.0.0.254 10.0.0.8 ([][]) -> Nalezeno
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-377955874-304036406-2546264200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Nalezeno
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-377955874-304036406-2546264200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: SAMSUNG MZ7LN512HCHP-000 SCSI Disk Device +++++
--- User ---
[MBR] 2c738b87fb33eae8550c86a5775f7bdd
[BSP] ef7b4a85194d4a54aa3f6e4dcec56d19 : Lenovo|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 1500 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 3074048 | Size: 471064 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 967813120 | Size: 15820 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

Zatím situace se samootvíráním oken stejná u toho jednoho profilu Chromu.

[jaro3]

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan
- Pak klikni na "Prohledat " ,po jeho skončení:
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
(musíš dát myší zatržítko do toho čtverečku vlevo od registru ap.)

- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Vypni antivir i firewall.
Stáhni
Zoek.exe

a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor , náběh programu může trvat déle.

Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .

Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.

Vlož nový log z HJT + informuj o problémech.

[ADA64]

1) Deaktivován antivir a firewall, spuštěn RogueKiller jako správce, následně vymazáno dle návodu a zde je výpis:

RogueKiller V12.3.3.0 (x64) [Jun 13 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : JAG [Práva správce]
Started from : C:\Users\JAG\Desktop\RogueKillerX64.exe
Mód : Smazat -- Datum : 06/14/2016 11:00:26

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 9 ¤¤¤
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-377955874-304036406-2546264200-1000\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.seznam.cz/ -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-377955874-304036406-2546264200-1000\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.seznam.cz/ -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-377955874-304036406-2546264200-1000\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://lenovo13-comm.msn.com/?pc=LNJB -> Nahrazeno (http://www.microsoft.com/isapi/redir.dl ... ar=msnhome)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-377955874-304036406-2546264200-1000\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://lenovo13-comm.msn.com/?pc=LNJB -> Nahrazeno (http://www.microsoft.com/isapi/redir.dl ... ar=msnhome)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{BF756B82-3253-49C7-B0CF-FFDBDEF14241} | DhcpNameServer : 10.0.0.138 ([]) -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{BF756B82-3253-49C7-B0CF-FFDBDEF14241} | DhcpNameServer : 10.0.0.138 ([]) -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{BF756B82-3253-49C7-B0CF-FFDBDEF14241} | DhcpNameServer : 10.0.0.254 10.0.0.8 ([][]) -> Nahrazeno ()
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-377955874-304036406-2546264200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Nahrazeno (1)
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-377955874-304036406-2546264200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Nahrazeno (1)

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: SAMSUNG MZ7LN512HCHP-000 SCSI Disk Device +++++
--- User ---
[MBR] 2c738b87fb33eae8550c86a5775f7bdd
[BSP] ef7b4a85194d4a54aa3f6e4dcec56d19 : Lenovo|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 1500 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 3074048 | Size: 471064 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 967813120 | Size: 15820 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK


2) Stále vypnutý antivir a firewal, spuštěn Zoek jako správce, dále dle návodu a zde je výpis:

Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by JAG on Łt 14.06.2016 at 11:04:05,96.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\JAG\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

14.6.2016 11:05:22 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\COMMON~1\SWF Studio deleted successfully
C:\PROGRA~3\firebird deleted successfully
C:\Users\JAG\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\JAG\AppData\Local\EmieSiteList deleted successfully
C:\Users\JAG\AppData\Local\EmieUserList deleted successfully
C:\Users\JAG\AppData\Local\GHISLER deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\JAG\AppData\Roaming\Thunderbird\Profiles\d3qxz01m.default\prefs.js:

Added to C:\Users\JAG\AppData\Roaming\Thunderbird\Profiles\d3qxz01m.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\Users\JAG\AppData\Roaming\reaper deleted
C:\support deleted
C:\PROGRA~3\Package Cache deleted

==== Orphaned Tasks deleted from Registry ======================

Lenovo\Run TVSU Once deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\JAG\AppData\Roaming\Thunderbird\Profiles\d3qxz01m.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{FCF36B88-1BBA-487f-B64B-D2E8980A9293}"="C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension" [09.05.2016 14:54]

==== Firefox Extensions ======================

ProfilePath: C:\Users\JAG\AppData\Roaming\Thunderbird\Profiles\d3qxz01m.default
- Provider for Google Calendar - %ProfilePath%\extensions\{a62ef8ec-5fdc-40c2-873c-223b8a6925cc}
- Lightning - %ProfilePath%\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103}

==== Firefox Plugins ======================


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lpdfbkehegfmedglgemnhbnpmfmioggj - No path found[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[]

Google Drive App Launcher - JAG\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh
ThinkVantage Password Manager - JAG\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpdfbkehegfmedglgemnhbnpmfmioggj
Video Downloader - JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc
Options-old - JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bdokagampppgbnjfdlkfpphniapiiifn
Seznam Lištička - Slovník - JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd
History 2 - JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cahejgbbfgmlmjgdjlibphdjeldhagkp
FVD Suggestions - JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\caoielngcdpgeldnckhponffkiajaobo
Image Downloader - JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cnpniohnfphhjihaiiggeabnkjhpaldj
Nokia Drop - JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ddgankdgamemlpbbfnbdphddncdcmkhf
Tampermonkey - JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo
AdBlock - JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom
OneNote Web Clipper - JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gojbdfnpnhogfdgjbigejoaolejmgdhk
CloudConvert - JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hfpmbfgodkfcebpgheiedaddoikmljkk
Google Drive App Launcher - JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh
Simple Bookmarks - JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nafmgkhgdblkabfjfegmafagpccaobfg
MP3 Downloader - JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pldidnmickidalpaoejffbkgkjfhohoe

==== Chromium Fix ======================

C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_toolbar.yahoo.com_0.localstorage deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_toolbar.yahoo.com_0.localstorage-journal deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_cdncache-a.akamaihd.net_0.localstorage deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_cdncache-a.akamaihd.net_0.localstorage-journal deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_adamsinline.com_0.localstorage deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_adamsinline.com_0.localstorage-journal deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_adserver.adtech.de_0.localstorage deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_adserver.adtech.de_0.localstorage-journal deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_advert.uloz.to_0.localstorage deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_advert.uloz.to_0.localstorage-journal deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_static.coupontime00.coupontime.co_0.localstorage deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_static.coupontime00.coupontime.co_0.localstorage-journal deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_static.cmptch.com_0.localstorage deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_static.cmptch.com_0.localstorage-journal deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_static.olark.com_0.localstorage deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_dsms0mj1bbhn4.cloudfront.net_0.localstorage deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_dsms0mj1bbhn4.cloudfront.net_0.localstorage-journal deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.lenovoservices.cz_0.localstorage deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.lenovoservices.cz_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{FFC82AB9-B5C2-430C-BD4D-F5C1AF43371A}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FFC82AB9-B5C2-430C-BD4D-F5C1AF43371A}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{FFC82AB9-B5C2-430C-BD4D-F5C1AF43371A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - No_Url_Value
HKLM\SearchScopes\{FFC82AB9-B5C2-430C-BD4D-F5C1AF43371A} - http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=LNJB
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{FFC82AB9-B5C2-430C-BD4D-F5C1AF43371A}"
HKLM\Wow6432Node\SearchScopes\{FFC82AB9-B5C2-430C-BD4D-F5C1AF43371A} - http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=LNJB
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

==== Reset Google Chrome ======================

C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences was reset successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Secure Preferences was reset successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data was reset successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\JAG\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=301 folders=65 140807693 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\JAG\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\JAG\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc" deleted

==== EOF on Łt 14.06.2016 at 11:19:52,58 ======================


3) Následně spuštěn HiJack a zde je log:

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 11:23:20, on 14.6.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18315)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\Sierra Wireless Inc\LENOVO MBIM Toolkit\FirmwareApp.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
C:\Windows\SysWOW64\notepad.exe
C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_desktop.exe
C:\Program Files (x86)\Lenovo\Password Manager\password_manager.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe
C:\Users\JAG\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" 60
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [HPPQVideo] "C:\Program Files (x86)\HP\ScheduledLaunch\HP Color LaserJet CM1312 MFP Series\bin\hppschlnch.exe" -r SOFTWARE\Hewlett-Packard\ScheduledLaunch\CLJ_CM1312_MFP_Series -f PQOptimizerVideo.xml -o remindLater
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: AcPrfMgrSvc - Lenovo - C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
O23 - Service: AcSvc - Lenovo - C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: DisplayLinkManager (DisplayLinkService) - DisplayLink Corp. - C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
O23 - Service: Lenovo Doze Mode Service (DozeSvc) - Lenovo. - C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Firmware Updater Service (FirmwareUpdaterService) - Unknown owner - C:\Program Files (x86)\Sierra Wireless Inc\LENOVO MBIM Toolkit\firmwareupdaterservice.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: Intel Bluetooth Service (iBtSiva) - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: IntelModemAuthenticator - Intel Mobile Communications - C:\Program Files (x86)\Intel Mobile Communications\ModemAuthenticator\IntelModemAuthenticator.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Lenovo Camera Mute (LENOVO.CAMMUTE) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Lenovo Keyboard Noise Reduction (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
O23 - Service: Lenovo Virtual Camera Controller (LENOVO.TVTVCAM) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
O23 - Service: PowerENGAGE Maintenance Service (LenovoProdRegManager) - Aviata, Inc. - C:\Program Files (x86)\Lenovo Registration\EngageService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: lnvDiscoveryWinSvc - Lenovo - C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe
O23 - Service: Lenovo Platform Service (LPlatSvc) - Unknown owner - C:\Windows\system32\LPlatSvc.exe (file missing)
O23 - Service: Lenovo Solution Center System Service (LSC.Services.SystemService) - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Session Launcher Service (PelService) - Unknown owner - C:\Program Files\Lenovo\Lenovo Mouse Suite\Service\PelService.exe
O23 - Service: Power Manager Service (Power Manager DBC Service) - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo QuickControl Master Service (QuickControlMasterSvc) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe
O23 - Service: Lenovo QuickControl Service (QuickControlService) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ShareItSvc - SHAREit Technologies Co.Ltd - C:\Program Files (x86)\Lenovo\SHAREit\Shareit.Service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: Sierra Wireless Service (SwiService) - Sierra Wireless, Inc. - C:\Program Files (x86)\Sierra Wireless Inc\Utils\SwiService.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\Windows\System32\TPHDEXLG64.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Synaptics FP WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\Windows\system32\valWBFPolicyService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 15528 bytes

Stav: v tento moment se problém zdál jako vyřešený, nedocházelo k žádnému samovolnému otvírání oken a Chrom pracoval svižně, načítání stránek bylo daleko rychlejší než předtím, pouze se výrazně prodloužilo samotné načítání Win 7 při restartu i opakovaně nejen po Zoek. Časová prodleva při načítání win od naběhnutí modré uvítací obrazovky do zobrazení přihlášení účtu trvá více jak půl minuty.

Následně jsem všimnul, že jednotlivé profily Chromu nejsou přihlášené do Googlu, no a po přihlášeni obou účtů nastaly ty samé problémy znovu. Pro kompletnost, mám na účtech Googlu nastavenou plnou synchronizaci.

Nevím jestli je to k něčemu, ale zde je ještě log Hijacku po tom přihlášení, protože ten první je ještě před přihlášením Chromu do Googlu.

Boot mode: Normal

Running processes:
C:\Program Files (x86)\Sierra Wireless Inc\LENOVO MBIM Toolkit\FirmwareApp.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_desktop.exe
C:\Program Files (x86)\Lenovo\Password Manager\password_manager.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\JAG\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" 60
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [HPPQVideo] "C:\Program Files (x86)\HP\ScheduledLaunch\HP Color LaserJet CM1312 MFP Series\bin\hppschlnch.exe" -r SOFTWARE\Hewlett-Packard\ScheduledLaunch\CLJ_CM1312_MFP_Series -f PQOptimizerVideo.xml -o remindLater
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: AcPrfMgrSvc - Lenovo - C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
O23 - Service: AcSvc - Lenovo - C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: DisplayLinkManager (DisplayLinkService) - DisplayLink Corp. - C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
O23 - Service: Lenovo Doze Mode Service (DozeSvc) - Lenovo. - C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Firmware Updater Service (FirmwareUpdaterService) - Unknown owner - C:\Program Files (x86)\Sierra Wireless Inc\LENOVO MBIM Toolkit\firmwareupdaterservice.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: Intel Bluetooth Service (iBtSiva) - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: IntelModemAuthenticator - Intel Mobile Communications - C:\Program Files (x86)\Intel Mobile Communications\ModemAuthenticator\IntelModemAuthenticator.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Lenovo Camera Mute (LENOVO.CAMMUTE) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Lenovo Keyboard Noise Reduction (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
O23 - Service: Lenovo Virtual Camera Controller (LENOVO.TVTVCAM) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
O23 - Service: PowerENGAGE Maintenance Service (LenovoProdRegManager) - Aviata, Inc. - C:\Program Files (x86)\Lenovo Registration\EngageService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: lnvDiscoveryWinSvc - Lenovo - C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe
O23 - Service: Lenovo Platform Service (LPlatSvc) - Unknown owner - C:\Windows\system32\LPlatSvc.exe (file missing)
O23 - Service: Lenovo Solution Center System Service (LSC.Services.SystemService) - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Session Launcher Service (PelService) - Unknown owner - C:\Program Files\Lenovo\Lenovo Mouse Suite\Service\PelService.exe
O23 - Service: Power Manager Service (Power Manager DBC Service) - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo QuickControl Master Service (QuickControlMasterSvc) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe
O23 - Service: Lenovo QuickControl Service (QuickControlService) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ShareItSvc - SHAREit Technologies Co.Ltd - C:\Program Files (x86)\Lenovo\SHAREit\Shareit.Service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: Sierra Wireless Service (SwiService) - Sierra Wireless, Inc. - C:\Program Files (x86)\Sierra Wireless Inc\Utils\SwiService.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\Windows\System32\TPHDEXLG64.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Synaptics FP WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\Windows\system32\valWBFPolicyService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 16105 bytes

[jaro3]

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[ADA64]

1) Fixnuté uvedené položky v HJT dle návodu

2) Vypnutý firewall, antivir a spuštěn jako správce ComboFix a zde je log

ComboFix 16-06-01.01 - JAG 14.06.2016 16:47:07.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.11984.9318 [GMT 2:00]
Spuštěný z: c:\users\JAG\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
SP: Microsoft Security Essentials *Disabled/Updated* {CDE0C533-D3CD-62A1-E772-AFADDF863628}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\users\JAG\AppData\Local\Temp\_MEI57162\_ctypes.pyd
c:\users\JAG\AppData\Local\Temp\_MEI57162\_elementtree.pyd
c:\users\JAG\AppData\Local\Temp\_MEI57162\_hashlib.pyd
c:\users\JAG\AppData\Local\Temp\_MEI57162\_multiprocessing.pyd
c:\users\JAG\AppData\Local\Temp\_MEI57162\_psutil_windows.pyd
c:\users\JAG\AppData\Local\Temp\_MEI57162\_socket.pyd
c:\users\JAG\AppData\Local\Temp\_MEI57162\_ssl.pyd
c:\users\JAG\AppData\Local\Temp\_MEI57162\_yappi.pyd
c:\users\JAG\AppData\Local\Temp\_MEI57162\common.time34.pyd
c:\users\JAG\AppData\Local\Temp\_MEI57162\hashobjs_ext.pyd
c:\users\JAG\AppData\Local\Temp\_MEI57162\pyexpat.pyd
c:\users\JAG\AppData\Local\Temp\_MEI57162\pysqlite2._sqlite.pyd
c:\users\JAG\AppData\Local\Temp\_MEI57162\python27.dll
c:\users\JAG\AppData\Local\Temp\_MEI57162\pythoncom27.dll
c:\users\JAG\AppData\Local\Temp\_MEI57162\PyWinTypes27.dll
c:\users\JAG\AppData\Local\Temp\_MEI57162\select.pyd
c:\users\JAG\AppData\Local\Temp\_MEI57162\thumbnails_ext.pyd
c:\users\JAG\AppData\Local\Temp\_MEI57162\unicodedata.pyd
c:\users\JAG\AppData\Local\Temp\_MEI57162\usb_ext.pyd
c:\users\JAG\AppData\Local\Temp\_MEI57162\win32api.pyd
c:\users\JAG\AppData\Local\Temp\_MEI57162\win32com.shell.shell.pyd
c:\users\JAG\AppData\Local\Temp\_MEI57162\win32crypt.pyd
c:\users\JAG\AppData\Local\Temp\_MEI57162\win32event.pyd
c:\users\JAG\AppData\Local\Temp\_MEI57162\win32file.pyd
c:\users\JAG\AppData\Local\Temp\_MEI57162\win32gui.pyd
c:\users\JAG\AppData\Local\Temp\_MEI57162\win32inet.pyd
c:\users\JAG\AppData\Local\Temp\_MEI57162\win32pdh.pyd
c:\users\JAG\AppData\Local\Temp\_MEI57162\win32pipe.pyd
c:\users\JAG\AppData\Local\Temp\_MEI57162\win32process.pyd
c:\users\JAG\AppData\Local\Temp\_MEI57162\win32profile.pyd
c:\users\JAG\AppData\Local\Temp\_MEI57162\win32security.pyd
c:\users\JAG\AppData\Local\Temp\_MEI57162\win32ts.pyd
c:\users\JAG\AppData\Local\Temp\_MEI57162\windows._lib_cacheinvalidation.pyd
c:\users\JAG\AppData\Local\Temp\_MEI57162\wx._animate.pyd
c:\users\JAG\AppData\Local\Temp\_MEI57162\wx._controls_.pyd
c:\users\JAG\AppData\Local\Temp\_MEI57162\wx._core_.pyd
c:\users\JAG\AppData\Local\Temp\_MEI57162\wx._gdi_.pyd
c:\users\JAG\AppData\Local\Temp\_MEI57162\wx._html2.pyd
c:\users\JAG\AppData\Local\Temp\_MEI57162\wx._misc_.pyd
c:\users\JAG\AppData\Local\Temp\_MEI57162\wx._windows_.pyd
c:\users\JAG\AppData\Local\Temp\_MEI57162\wx._wizard.pyd
c:\users\JAG\AppData\Local\Temp\_MEI57162\wxbase30u_net_vc90.dll
c:\users\JAG\AppData\Local\Temp\_MEI57162\wxbase30u_vc90.dll
c:\users\JAG\AppData\Local\Temp\_MEI57162\wxmsw30u_adv_vc90.dll
c:\users\JAG\AppData\Local\Temp\_MEI57162\wxmsw30u_core_vc90.dll
c:\users\JAG\AppData\Local\Temp\_MEI57162\wxmsw30u_html_vc90.dll
c:\users\JAG\AppData\Local\Temp\_MEI57162\wxmsw30u_webview_vc90.dll
c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744BA0000000010\11.0.0\eula.ini
c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744BA0000000010\11.0.0\eula.ini2
Q:\AUTORUN.INF
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-05-14 do 2016-06-14 )))))))))))))))))))))))))))))))
.
.
2016-06-14 11:10 . 2016-05-26 20:28 11895896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{507A6CA7-F25B-4A59-912F-ACC7CE469BD6}\mpengine.dll
2016-06-14 09:22 . 2016-06-14 09:22 -------- d-----w- c:\users\JAG\AppData\Local\GHISLER
2016-06-14 09:21 . 2016-05-26 20:28 11895896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2016-06-14 09:17 . 2016-06-14 09:04 24064 ----a-w- c:\windows\zoek-delete.exe
2016-06-14 09:17 . 2016-06-14 15:57 -------- d-----w- c:\users\JAG\AppData\Local\Temp
2016-06-14 09:04 . 2016-06-14 09:15 -------- d-----w- C:\zoek_backup
2016-06-13 09:08 . 2016-06-14 08:17 28272 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2016-06-13 09:07 . 2016-06-13 09:35 -------- d-----w- c:\programdata\RogueKiller
2016-06-13 08:45 . 2016-06-03 13:05 1413120 ----a-w- c:\windows\system32\appraiser.dll
2016-06-13 08:45 . 2016-06-06 16:58 41704 ----a-w- c:\windows\system32\CompatTelRunner.exe
2016-06-13 08:45 . 2016-06-06 16:50 1204224 ----a-w- c:\windows\system32\aeinv.dll
2016-06-13 08:45 . 2016-05-27 13:06 569856 ----a-w- c:\windows\system32\generaltel.dll
2016-06-13 08:45 . 2016-05-27 13:06 544256 ----a-w- c:\windows\system32\devinv.dll
2016-06-13 08:45 . 2016-05-27 13:06 276480 ----a-w- c:\windows\system32\invagent.dll
2016-06-13 08:45 . 2016-05-27 13:06 265216 ----a-w- c:\windows\system32\centel.dll
2016-06-13 08:45 . 2016-05-22 13:06 76800 ----a-w- c:\windows\system32\acmigration.dll
2016-06-07 13:46 . 2016-06-13 08:41 -------- d-----w- C:\AdwCleaner
2016-06-06 14:42 . 2016-06-14 13:56 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-06-06 14:42 . 2016-06-06 14:42 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2016-06-06 14:42 . 2016-06-06 14:42 -------- d-----w- c:\programdata\Malwarebytes
2016-06-06 14:42 . 2016-03-10 12:09 64896 ----a-w- c:\windows\system32\drivers\mwac.sys
2016-06-06 14:42 . 2016-03-10 12:08 140672 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2016-06-06 14:42 . 2016-03-10 12:08 27008 ----a-w- c:\windows\system32\drivers\mbam.sys
2016-06-06 11:27 . 2016-06-06 11:27 -------- d-----w- c:\programdata\GridinSoft
2016-06-06 04:48 . 2016-06-06 04:48 -------- d-----w- c:\program files (x86)\ESET
2016-06-02 17:18 . 2016-06-06 10:23 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2016-06-02 11:48 . 2016-06-02 11:48 1423512 ----a-w- c:\windows\system32\iglhsip64.dll
2016-06-02 11:48 . 2016-06-02 11:48 1420384 ----a-w- c:\windows\SysWow64\iglhsip32.dll
2016-06-02 11:48 . 2016-06-02 11:48 231320 ----a-w- c:\windows\system32\iglhcp64.dll
2016-06-02 11:48 . 2016-06-02 11:48 194872 ----a-w- c:\windows\SysWow64\iglhcp32.dll
2016-06-02 11:48 . 2016-06-02 11:48 219296 ----a-w- c:\windows\system32\igfxcmrt64.dll
2016-06-02 11:48 . 2016-06-02 11:48 185992 ----a-w- c:\windows\SysWow64\igfxcmrt32.dll
2016-06-02 11:48 . 2016-06-02 11:48 25148104 ----a-w- c:\windows\system32\igdumdim64.dll
2016-06-02 11:47 . 2016-06-02 11:47 1502024 ----a-w- c:\windows\system32\igdmd64.dll
2016-06-02 11:47 . 2016-06-02 11:47 1154400 ----a-w- c:\windows\SysWow64\igdmd32.dll
2016-06-02 11:47 . 2016-06-02 11:47 18046528 ----a-w- c:\windows\system32\igd11dxva64.dll
2016-06-02 11:46 . 2016-06-02 11:46 17566536 ----a-w- c:\windows\SysWow64\igd11dxva32.dll
2016-06-02 11:46 . 2016-06-02 11:46 8818088 ----a-w- c:\windows\SysWow64\igd10iumd32.dll
2016-06-02 11:45 . 2016-06-02 11:45 294048 ----a-w- c:\windows\system32\igd10idpp64.dll
2016-06-02 11:45 . 2016-06-02 11:45 273776 ----a-w- c:\windows\SysWow64\igd10idpp32.dll
2016-06-02 11:40 . 2016-06-02 11:40 617976 ----a-w- c:\windows\system32\MetroIntelGenericUIFramework.dll
2016-06-02 11:38 . 2016-06-02 11:38 323560 ----a-w- c:\windows\system32\igfxEM.exe
2016-06-02 11:37 . 2016-06-02 11:37 10863608 ----a-w- c:\windows\SysWow64\igdfcl32.dll
2016-06-02 11:37 . 2016-06-02 11:37 200696 ----a-w- c:\windows\system32\igdde64.dll
2016-06-02 11:37 . 2016-06-02 11:37 161784 ----a-w- c:\windows\SysWow64\igdde32.dll
2016-06-02 11:37 . 2016-06-02 11:37 434176 ----a-w- c:\windows\system32\igdbcl64.dll
2016-06-02 11:37 . 2016-06-02 11:37 384504 ----a-w- c:\windows\SysWow64\igdbcl32.dll
2016-06-02 11:37 . 2016-06-02 11:37 182776 ----a-w- c:\windows\system32\igdail64.dll
2016-06-02 11:37 . 2016-06-02 11:37 163840 ----a-w- c:\windows\SysWow64\igdail32.dll
2016-06-02 11:37 . 2016-06-02 11:37 7506432 ----a-w- c:\windows\SysWow64\ig8icd32.dll
2016-06-02 11:36 . 2016-06-02 11:36 1050088 ----a-w- c:\windows\system32\Gfxv4_0.exe
2016-06-02 11:36 . 2016-06-02 11:36 1046504 ----a-w- c:\windows\system32\Gfxv2_0.exe
2016-06-02 11:36 . 2016-06-02 11:36 458216 ----a-w- c:\windows\system32\GfxUIEx.exe
2016-06-02 11:36 . 2016-06-02 11:36 348648 ----a-w- c:\windows\system32\DPTopologyAppv2_0.exe
2016-06-02 11:36 . 2016-06-02 11:36 1139704 ----a-w- c:\windows\system32\GfxResources.dll
2016-06-02 11:35 . 2016-06-02 11:35 349160 ----a-w- c:\windows\system32\DPTopologyApp.exe
2016-06-02 11:35 . 2016-06-02 11:35 166376 ----a-w- c:\windows\system32\difx64.exe
2016-06-02 11:32 . 2016-06-02 11:32 9516024 ----a-w- c:\windows\system32\ig8icd64.dll
2016-06-02 11:32 . 2016-06-02 11:32 102904 ----a-w- c:\windows\system32\IccLibDll_x64.dll
2016-06-02 11:11 . 2016-06-02 11:11 6725162 ----a-w- c:\windows\system32\igdclbif.bin
2016-05-30 11:38 . 2016-05-30 11:38 -------- d-----w- c:\users\JAG\AppData\Roaming\IrfanView
2016-05-30 11:38 . 2016-05-30 11:38 -------- d-----w- c:\program files\IrfanView
2016-05-24 13:00 . 2016-05-24 13:00 -------- d-----w- c:\users\JAG\AppData\Roaming\ACD Systems
2016-05-24 13:00 . 2016-05-26 12:00 -------- d-----w- c:\users\JAG\AppData\Local\ACD Systems
2016-05-24 13:00 . 2005-07-22 17:59 3807440 ----a-w- c:\windows\system32\d3dx9_27.dll
2016-05-24 12:59 . 2016-05-24 12:59 -------- d-----w- c:\programdata\ACD Systems
2016-05-24 12:59 . 2016-05-24 12:59 -------- d-----w- c:\users\JAG\AppData\Local\Downloaded Installations
2016-05-22 09:49 . 2016-05-11 11:32 1167568 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{75EC2DD9-A936-47C9-A5DC-80F705D47168}\gapaengine.dll
2016-05-16 08:05 . 2016-04-09 03:52 1424896 ----a-w- c:\windows\system32\WindowsCodecs.dll
2016-05-16 08:05 . 2016-04-09 04:20 1230848 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-06-02 11:48 . 2015-08-29 12:50 45952 ----a-w- c:\windows\system32\igfxexps.dll
2016-06-02 11:48 . 2015-08-29 12:50 6258544 ----a-w- c:\windows\system32\igdusc64.dll
2016-06-02 11:48 . 2015-09-24 11:48 4932264 ----a-w- c:\windows\SysWow64\igdusc32.dll
2016-06-02 11:47 . 2015-09-24 11:47 24344400 ----a-w- c:\windows\SysWow64\igdumdim32.dll
2016-06-02 11:46 . 2015-08-29 12:50 9624800 ----a-w- c:\windows\system32\igd10iumd64.dll
2016-06-02 11:39 . 2015-08-29 12:50 95232 ----a-w- c:\windows\SysWow64\OpenCL.DLL
2016-06-02 11:39 . 2015-08-29 12:50 91136 ----a-w- c:\windows\system32\OpenCL.DLL
2016-06-02 11:38 . 2015-08-29 12:50 354280 ----a-w- c:\windows\system32\igfxCUIService.exe
2016-05-16 08:07 . 2015-12-10 21:53 139319312 ----a-w- c:\windows\system32\MRT.exe
2016-05-11 11:32 . 2016-04-26 14:10 1167568 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2016-04-22 08:24 . 2016-04-22 08:24 88064 ----a-w- c:\windows\system32\ibmpmctl.exe
2016-04-22 08:24 . 2016-04-22 08:24 82240 ----a-w- c:\windows\system32\drivers\ibmpmdrv.sys
2016-04-22 08:24 . 2016-04-22 08:24 710144 ----a-w- c:\windows\system32\LPlatSvc.exe
2016-04-22 08:24 . 2016-04-22 08:24 57856 ----a-w- c:\windows\system32\tpinspm.dll
2016-04-22 08:24 . 2016-04-22 08:24 180736 ----a-w- c:\windows\system32\ibmpmsvc.exe
2016-04-22 07:57 . 2010-11-21 03:27 453288 ------w- c:\windows\system32\MpSigStub.exe
2016-04-20 10:03 . 2016-03-17 17:44 97856 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2016-04-14 04:08 . 2015-08-29 13:00 29512 ----a-w- c:\windows\system32\drivers\DZHDD64.SYS
2016-04-14 04:08 . 2015-08-29 13:00 29008 ----a-w- c:\windows\system32\drivers\TPPWR64V.SYS
2016-04-14 04:08 . 2015-08-29 13:00 2872488 ----a-w- c:\windows\system32\PWMCP64V.cpl
2016-04-14 04:08 . 2015-08-29 13:00 2692776 ------w- c:\windows\PWMBTHLV.EXE
2016-04-12 01:20 . 2016-05-26 11:41 344064 ----a-w- c:\windows\system32\schannel.dll
2016-04-12 01:20 . 2016-05-26 11:41 190464 ----a-w- c:\windows\system32\rpchttp.dll
2016-04-12 01:02 . 2016-05-26 11:41 251392 ----a-w- c:\windows\SysWow64\schannel.dll
2016-04-12 01:02 . 2016-05-26 11:41 141312 ----a-w- c:\windows\SysWow64\rpchttp.dll
2016-04-09 06:54 . 2016-05-16 08:06 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2016-03-23 14:02 . 2016-04-10 17:40 215040 ----a-w- c:\windows\system32\aepic.dll
2016-03-17 22:56 . 2016-04-18 14:51 2084864 ----a-w- c:\windows\system32\ole32.dll
2016-03-17 22:28 . 2016-04-18 14:51 1414144 ----a-w- c:\windows\SysWow64\ole32.dll
2016-03-17 01:45 . 2016-04-22 18:26 11686560 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{65FA54B9-AF26-45FC-970C-48694FA5EAAD}\mpengine.dll
2016-03-16 18:50 . 2016-04-18 14:51 156672 ----a-w- c:\windows\system32\mtxoci.dll
2016-03-16 18:28 . 2016-04-18 14:51 111616 ----a-w- c:\windows\SysWow64\mtxoci.dll
2016-03-16 18:28 . 2016-04-18 14:51 176128 ----a-w- c:\windows\SysWow64\msorcl32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2016-05-17 53123712]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2016-05-17 23496872]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2016-04-15 8698584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2014-10-10 136992]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2014-12-02 296208]
.
c:\users\JAG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2015-10-13 228552]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 ndisrd;Intel(R) Technology Access Filter Driver;c:\windows\system32\DRIVERS\ndisrfl.sys;c:\windows\SYSNATIVE\DRIVERS\ndisrfl.sys [x]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
R2 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 iBtSiva;Intel Bluetooth Service;c:\program files (x86)\Intel\Bluetooth\ibtsiva.exe;c:\program files (x86)\Intel\Bluetooth\ibtsiva.exe [x]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
R2 lnvDiscoveryWinSvc;lnvDiscoveryWinSvc;c:\program files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe;c:\program files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe [x]
R2 LPlatSvc;Lenovo Platform Service;c:\windows\system32\LPlatSvc.exe;c:\windows\SYSNATIVE\LPlatSvc.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 QuickControlMasterSvc;Lenovo QuickControl Master Service;c:\program files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe;c:\program files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 DozeSvc;Lenovo Doze Mode Service;c:\program files (x86)\ThinkPad\Utilities\DZSVC64.EXE;c:\program files (x86)\ThinkPad\Utilities\DZSVC64.EXE [x]
R3 FlashUSB;FlashUSB;c:\windows\system32\DRIVERS\FlashUSB.sys;c:\windows\SYSNATIVE\DRIVERS\FlashUSB.sys [x]
R3 HPEWSFXBULK;HPEWSFXBULK;c:\windows\system32\drivers\hpfx64bulk.sys;c:\windows\SYSNATIVE\drivers\hpfx64bulk.sys [x]
R3 ibtusb;Intel(R) Wireless Bluetooth(R);c:\windows\system32\DRIVERS\ibtusb.sys;c:\windows\SYSNATIVE\DRIVERS\ibtusb.sys [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 iumsvc;Intel(R) Update Manager;c:\program files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe;c:\program files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [x]
R3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot;c:\program files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe;c:\program files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [x]
R3 LenovoProdRegManager;PowerENGAGE Maintenance Service;c:\program files (x86)\Lenovo Registration\EngageService.exe;c:\program files (x86)\Lenovo Registration\EngageService.exe [x]
R3 LSC.Services.SystemService;Lenovo Solution Center System Service;c:\program files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe;c:\program files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 phidmice;USB Mouse Low Filter WU Driver;c:\windows\system32\DRIVERS\phidmice.sys;c:\windows\SYSNATIVE\DRIVERS\phidmice.sys [x]
R3 pmouself;Mouse Suite WU Driver;c:\windows\system32\DRIVERS\pmouself.sys;c:\windows\SYSNATIVE\DRIVERS\pmouself.sys [x]
R3 Power Manager DBC Service;Power Manager Service;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [x]
R3 pvendrlf;Mouse Suite I/O WU Driver;c:\windows\system32\DRIVERS\pvendrlf.sys;c:\windows\SYSNATIVE\DRIVERS\pvendrlf.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ShareItSvc;ShareItSvc;c:\program files (x86)\Lenovo\SHAREit\Shareit.Service.exe;c:\program files (x86)\Lenovo\SHAREit\Shareit.Service.exe [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 usbrndis6;Adaptér USB RNDIS6;c:\windows\system32\DRIVERS\usb80236.sys;c:\windows\SYSNATIVE\DRIVERS\usb80236.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 DzHDD64;DzHDD64;c:\windows\System32\DRIVERS\DzHDD64.sys;c:\windows\SYSNATIVE\DRIVERS\DzHDD64.sys [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM64.sys;c:\windows\SYSNATIVE\DRIVERS\ApsHM64.sys [x]
S1 OMNISMI;OMNISMI;c:\windows\SysWOW64\drivers\omnismi.sys;c:\windows\SysWOW64\drivers\omnismi.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 DisplayLinkService;DisplayLinkManager;c:\program files\DisplayLink Core Software\DisplayLinkManager.exe;c:\program files\DisplayLink Core Software\DisplayLinkManager.exe [x]
S2 FirmwareUpdaterService;Firmware Updater Service;c:\program files (x86)\Sierra Wireless Inc\LENOVO MBIM Toolkit\firmwareupdaterservice.exe;c:\program files (x86)\Sierra Wireless Inc\LENOVO MBIM Toolkit\firmwareupdaterservice.exe [x]
S2 HP LaserJet Service;HP LaserJet Service;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [x]
S2 IntelModemAuthenticator;IntelModemAuthenticator;c:\program files (x86)\Intel Mobile Communications\ModemAuthenticator\IntelModemAuthenticator.exe;c:\program files (x86)\Intel Mobile Communications\ModemAuthenticator\IntelModemAuthenticator.exe [x]
S2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe [x]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [x]
S2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe [x]
S2 LENOVO.TVTVCAM;Lenovo Virtual Camera Controller;c:\program files\Lenovo\Communications Utility\vcamsvc.exe;c:\program files\Lenovo\Communications Utility\vcamsvc.exe [x]
S2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe [x]
S2 PelService;Session Launcher Service;c:\program files\Lenovo\Lenovo Mouse Suite\Service\PelService.exe;c:\program files\Lenovo\Lenovo Mouse Suite\Service\PelService.exe [x]
S2 SwiService;Sierra Wireless Service;c:\program files (x86)\Sierra Wireless Inc\Utils\SwiService.exe;c:\program files (x86)\Sierra Wireless Inc\Utils\SwiService.exe [x]
S2 TPHKLOAD;Lenovo Hotkey Client Loader;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe [x]
S2 TPHKSVC;On Screen Display;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [x]
S2 valWBFPolicyService;Synaptics FP WBF Policy Service;c:\windows\system32\valWBFPolicyService.exe;c:\windows\SYSNATIVE\valWBFPolicyService.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;c:\windows\system32\DRIVERS\e1d62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1d62x64.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys;c:\windows\SYSNATIVE\DRIVERS\iwdbus.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBIMSS;MBIM Selective Suspend 01;c:\windows\system32\Drivers\swinbus01.sys;c:\windows\SYSNATIVE\Drivers\swinbus01.sys [x]
S3 MBIMSSfilter;MBIM Selective Suspend Filter 01;c:\windows\system32\Drivers\swinbus01f.sys;c:\windows\SYSNATIVE\Drivers\swinbus01f.sys [x]
S3 QuickControlService;Lenovo QuickControl Service;c:\program files (x86)\Lenovo\QuickControl\QuickControlService.exe;c:\program files (x86)\Lenovo\QuickControl\QuickControlService.exe [x]
S3 RTSPER;Realtek PCIE Card Reader - PER;c:\windows\system32\DRIVERS\RtsPer.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPer.sys [x]
S3 rtsuvc;Integrated Camera;c:\windows\system32\DRIVERS\rtsuvc.sys;c:\windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 SWMBIM;Sierra Wireless MBIM Service 01;c:\windows\system32\DRIVERS\SWMBIM01.sys;c:\windows\SYSNATIVE\DRIVERS\SWMBIM01.sys [x]
S3 SzCCID;USB SmartCard Reader Driver;c:\windows\system32\DRIVERS\SzCCID.sys;c:\windows\SYSNATIVE\DRIVERS\SzCCID.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-06-10 05:55 1245848 ----a-w- c:\program files (x86)\Google\Chrome\Application\51.0.2704.84\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2016-06-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-12-10 21:37]
.
2016-06-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-12-10 21:37]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ GoogleDriveBlacklisted]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2016-05-17 11:26 775064 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ GoogleDriveSynced]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2016-05-17 11:26 775064 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ GoogleDriveSyncing]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2016-05-17 11:26 775064 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TpShocks"="TpShocks.exe" [2015-09-24 555688]
"LENOVO.TPKNRRES"="c:\program files\Lenovo\Communications Utility\TPKNRRES.exe" [2015-09-29 296648]
"AcWin7Hlpr"="c:\program files (x86)\Lenovo\Access Connections\AcTBenabler.exe" [2016-02-19 63656]
"PasswordManager"="c:\program files\Lenovo\Password Manager\password_manager.exe" [2014-10-21 1792800]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2016-01-29 1340192]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-HPPQVideo - c:\program files (x86)\HP\ScheduledLaunch\HP Color LaserJet CM1312 MFP Series\bin\hppschlnch.exe -r SOFTWARE\Hewlett-Packard\ScheduledLaunch\CLJ_CM1312_MFP_Series -f PQOptimizerVideo.xml
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-{050d4fc8-5d48-4b8f-8972-47c82c46020f} - c:\programdata\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe
AddRemove-{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} - c:\programdata\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe
AddRemove-{95716cce-fc71-413f-8ad5-56c2892d4b3a} - c:\programdata\Package Cache\{95716cce-fc71-413f-8ad5-56c2892d4b3a}\vcredist_x86.exe
AddRemove-{a1909659-0a08-4554-8af1-2175904903a1} - c:\programdata\Package Cache\{a1909659-0a08-4554-8af1-2175904903a1}\vcredist_x64.exe
AddRemove-{d5572863-793c-4ec8-872a-43cccc68b948} - c:\programdata\Package Cache\{d5572863-793c-4ec8-872a-43cccc68b948}\Setup.exe
AddRemove-{f5d71765-7cd1-4e68-998f-5b379e725da3} - c:\programdata\Package Cache\{f5d71765-7cd1-4e68-998f-5b379e725da3}\SetupChipset.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Lenovo\Access Connections\AcSvc.exe
c:\program files (x86)\Sierra Wireless Inc\LENOVO MBIM Toolkit\FirmwareApp.exe
c:\program files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
c:\progra~1\Lenovo\HOTKEY\TPONSCR.EXE
c:\program files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
c:\program files (x86)\Lenovo\QuickControl\QuickControl.exe
c:\program files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
c:\program files\Lenovo\Lenovo Solution Center\LSCNotify.exe
c:\program files (x86)\Lenovo\message center plus\mcplaunch.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
.
**************************************************************************
.
Celkový čas: 2016-06-14 18:04:46 - počítač byl restartován
ComboFix-quarantined-files.txt 2016-06-14 16:04
.
Před spuštěním: Volných bajtů: 152 905 510 912
Po spuštění: Volných bajtů: 152 508 014 592
.
- - End Of File - - E1461A3A3FF249B7DE2C09FBAC0256FC
303B1EB094A6B732B37F438A04A34D8F

Stav: po restartu, kdy zůstal vypnutý antivir i firewall se okna v Chromu otvírala samovolně zvesela dál, až jsem z toho byl dost otrávenej, protože tolik se proto udělalo a nic, ale po zapnutí antiviru a firewalu to vypadá, že problém se samovolným otvíráním oken je vyřešen. Je to tak možný?
Jedině co zůstalo je dlouhý nástup OS po restartu, půl minuty než se objeví účet a možnost vložit heslo při přihlašování do sedmiček. (SSD disk)

[jaro3]

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::
KillAll::
File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\program files (x86)\ESET
c:\program files (x86)\Google\Update

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.