VIRY.CZ

Tak ještě jednou. Dočistíme podle Addition. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\ChromeHTML: -> <==== ATTENTION
ShellExecuteHooks: No Name - {7AD1C0F5-07A2-40E5-8608-C6EAA0FF362F} - -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
AlternateDataStreams: C:\ProgramData\TEMP:008D5C95 [390]
AlternateDataStreams: C:\Users\Iveta\Desktop:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\7zFM.exe.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\desktop (New).ini:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\download.jpg:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\FreeTranslator.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\HandBrake.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\home.mmw:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\HTTrack Website Copier.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\IrfanView Thumbnails.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\IrfanView.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\Iveta - Chrome.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\Microsoft Teams.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\Norton Installation Files.lnk:com.dropbox.attrs [13]
AlternateDataStreams: C:\Users\Iveta\Desktop\OmmWriter.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\pravitko.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\projekty_data.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\PSPad.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\Přehled nabídek.xlsx.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\Původní data aplikace Firefox:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\Reduce PDF Size.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\Screenshot Captor.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\SEO Tipy.docx:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\Sweet Home 3D.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\Total Commander 64 bit.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\Wunderlist.lnk:com.dropbox.attrs [54]
BHO: No Name -> {593DB3E3-B721-4AA2-BDFD-0085EB0119B8}' -> No File
BHO-x32: No Name -> {593DB3E3-B721-4AA2-BDFD-0085EB0119B8}' -> No File
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
FirewallRules: [{25C463FE-451F-4459-A5C5-5AC682E6F27F}] => (Allow) C:\ProgramData\Cupblue\Cupblue.exe => No File
FirewallRules: [{C2515308-4815-489D-827A-46DA8E6E8537}] => (Allow) C:\Program Files (x86)\Cupblue\Update\CupblueUpdate.exe => No File
FirewallRules: [{9DE14A4C-CADC-43FD-8A86-3FB7AD55FAAB}] => (Allow) C:\Users\Iveta\AppData\Local\Temp\KMSnano\qemu-system-i386.exe => No File
FirewallRules: [{A07B5737-CF28-4D12-A68C-6F365AD7ACFD}] => (Allow) C:\Users\Iveta\AppData\Local\Temp\KMSnano\qemu-system-i386.exe => No File
FirewallRules: [{2C3F2F65-C5E9-41E8-A45B-22BD35D25E0F}] => (Allow) C:\Users\Iveta\AppData\Local\Temp\KMSnano\qemu-system-i386.exe => No File
FirewallRules: [{EDD40949-0191-400C-88DC-7DD32FE78DE6}] => (Allow) C:\Users\Iveta\AppData\Local\Temp\KMSnano\qemu-system-i386.exe => No File
FirewallRules: [{2E9C9389-8F00-4658-9C1F-A04A6978113A}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe => No File
FirewallRules: [{356ABACE-1402-4DDA-AC13-0066626BFF67}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe => No File
FirewallRules: [{65B1D323-FFD2-4754-8AD7-8A0A31ABE758}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe => No File
FirewallRules: [{17C6EC45-5F73-49FA-9EAC-033EC394ABCA}] => (Allow) C:\Users\Iveta\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe => No File
FirewallRules: [{82677D6D-1AD7-449B-9249-42F4FF8F5E43}] => (Allow) C:\Users\Iveta\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe => No File

Hosts:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

tak tady je log:

Fix result of Farbar Recovery Scan Tool (x64) Version: 06-11-2020
Ran by Iveta (09-11-2020 22:05:56) Run:2
Running from C:\Users\Iveta\Desktop
Loaded Profiles: Iveta
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-920122311-1960361517-2308721413-1001\...\ChromeHTML: -> <==== ATTENTION
ShellExecuteHooks: No Name - {7AD1C0F5-07A2-40E5-8608-C6EAA0FF362F} - -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
AlternateDataStreams: C:\ProgramData\TEMP:008D5C95 [390]
AlternateDataStreams: C:\Users\Iveta\Desktop:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\7zFM.exe.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\desktop (New).ini:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\download.jpg:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\FreeTranslator.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\HandBrake.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\home.mmw:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\HTTrack Website Copier.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\IrfanView Thumbnails.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\IrfanView.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\Iveta - Chrome.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\Microsoft Teams.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\Norton Installation Files.lnk:com.dropbox.attrs [13]
AlternateDataStreams: C:\Users\Iveta\Desktop\OmmWriter.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\pravitko.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\projekty_data.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\PSPad.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\Přehled nabídek.xlsx.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\Původní data aplikace Firefox:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\Reduce PDF Size.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\Screenshot Captor.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\SEO Tipy.docx:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\Sweet Home 3D.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\Total Commander 64 bit.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Iveta\Desktop\Wunderlist.lnk:com.dropbox.attrs [54]
BHO: No Name -> {593DB3E3-B721-4AA2-BDFD-0085EB0119B8}' -> No File
BHO-x32: No Name -> {593DB3E3-B721-4AA2-BDFD-0085EB0119B8}' -> No File
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
FirewallRules: [{25C463FE-451F-4459-A5C5-5AC682E6F27F}] => (Allow) C:\ProgramData\Cupblue\Cupblue.exe => No File
FirewallRules: [{C2515308-4815-489D-827A-46DA8E6E8537}] => (Allow) C:\Program Files (x86)\Cupblue\Update\CupblueUpdate.exe => No File
FirewallRules: [{9DE14A4C-CADC-43FD-8A86-3FB7AD55FAAB}] => (Allow) C:\Users\Iveta\AppData\Local\Temp\KMSnano\qemu-system-i386.exe => No File
FirewallRules: [{A07B5737-CF28-4D12-A68C-6F365AD7ACFD}] => (Allow) C:\Users\Iveta\AppData\Local\Temp\KMSnano\qemu-system-i386.exe => No File
FirewallRules: [{2C3F2F65-C5E9-41E8-A45B-22BD35D25E0F}] => (Allow) C:\Users\Iveta\AppData\Local\Temp\KMSnano\qemu-system-i386.exe => No File
FirewallRules: [{EDD40949-0191-400C-88DC-7DD32FE78DE6}] => (Allow) C:\Users\Iveta\AppData\Local\Temp\KMSnano\qemu-system-i386.exe => No File
FirewallRules: [{2E9C9389-8F00-4658-9C1F-A04A6978113A}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe => No File
FirewallRules: [{356ABACE-1402-4DDA-AC13-0066626BFF67}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe => No File
FirewallRules: [{65B1D323-FFD2-4754-8AD7-8A0A31ABE758}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe => No File
FirewallRules: [{17C6EC45-5F73-49FA-9EAC-033EC394ABCA}] => (Allow) C:\Users\Iveta\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe => No File
FirewallRules: [{82677D6D-1AD7-449B-9249-42F4FF8F5E43}] => (Allow) C:\Users\Iveta\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe => No File

Hosts:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-920122311-1960361517-2308721413-1001_Classes\ChromeHTML => removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{7AD1C0F5-07A2-40E5-8608-C6EAA0FF362F}" => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avast => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
C:\ProgramData\Reprise => ":wupeogjxldtlfudivq`qsp`27hfm" ADS removed successfully
C:\ProgramData\TEMP => ":008D5C95" ADS removed successfully
C:\Users\Iveta\Desktop => ":com.dropbox.attrs" ADS could not remove.
C:\Users\Iveta\Desktop\7zFM.exe.lnk => ":com.dropbox.attrs" ADS removed successfully
C:\Users\Iveta\Desktop\desktop (New).ini => ":com.dropbox.attrs" ADS could not remove.
C:\Users\Iveta\Desktop\download.jpg => ":com.dropbox.attrs" ADS removed successfully
C:\Users\Iveta\Desktop\FreeTranslator.lnk => ":com.dropbox.attrs" ADS removed successfully
C:\Users\Iveta\Desktop\HandBrake.lnk => ":com.dropbox.attrs" ADS removed successfully
C:\Users\Iveta\Desktop\home.mmw => ":com.dropbox.attrs" ADS removed successfully
C:\Users\Iveta\Desktop\HTTrack Website Copier.lnk => ":com.dropbox.attrs" ADS removed successfully
C:\Users\Iveta\Desktop\IrfanView Thumbnails.lnk => ":com.dropbox.attrs" ADS removed successfully
C:\Users\Iveta\Desktop\IrfanView.lnk => ":com.dropbox.attrs" ADS removed successfully
C:\Users\Iveta\Desktop\Iveta - Chrome.lnk => ":com.dropbox.attrs" ADS removed successfully
C:\Users\Iveta\Desktop\Microsoft Teams.lnk => ":com.dropbox.attrs" ADS removed successfully
C:\Users\Iveta\Desktop\Norton Installation Files.lnk => ":com.dropbox.attrs" ADS removed successfully
C:\Users\Iveta\Desktop\OmmWriter.lnk => ":com.dropbox.attrs" ADS removed successfully
C:\Users\Iveta\Desktop\pravitko.lnk => ":com.dropbox.attrs" ADS removed successfully
C:\Users\Iveta\Desktop\projekty_data.lnk => ":com.dropbox.attrs" ADS removed successfully
C:\Users\Iveta\Desktop\PSPad.lnk => ":com.dropbox.attrs" ADS removed successfully
C:\Users\Iveta\Desktop\Přehled nabídek.xlsx.lnk => ":com.dropbox.attrs" ADS removed successfully
C:\Users\Iveta\Desktop\Původní data aplikace Firefox => ":com.dropbox.attrs" ADS removed successfully
C:\Users\Iveta\Desktop\Reduce PDF Size.lnk => ":com.dropbox.attrs" ADS removed successfully
C:\Users\Iveta\Desktop\Screenshot Captor.lnk => ":com.dropbox.attrs" ADS removed successfully
C:\Users\Iveta\Desktop\SEO Tipy.docx => ":com.dropbox.attrs" ADS removed successfully
C:\Users\Iveta\Desktop\Sweet Home 3D.lnk => ":com.dropbox.attrs" ADS removed successfully
C:\Users\Iveta\Desktop\Total Commander 64 bit.lnk => ":com.dropbox.attrs" ADS removed successfully
C:\Users\Iveta\Desktop\Wunderlist.lnk => ":com.dropbox.attrs" ADS removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DB3E3-B721-4AA2-BDFD-0085EB0119B8}' => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DB3E3-B721-4AA2-BDFD-0085EB0119B8}' => removed successfully
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{25C463FE-451F-4459-A5C5-5AC682E6F27F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C2515308-4815-489D-827A-46DA8E6E8537}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9DE14A4C-CADC-43FD-8A86-3FB7AD55FAAB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A07B5737-CF28-4D12-A68C-6F365AD7ACFD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2C3F2F65-C5E9-41E8-A45B-22BD35D25E0F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EDD40949-0191-400C-88DC-7DD32FE78DE6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2E9C9389-8F00-4658-9C1F-A04A6978113A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{356ABACE-1402-4DDA-AC13-0066626BFF67}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{65B1D323-FFD2-4754-8AD7-8A0A31ABE758}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{17C6EC45-5F73-49FA-9EAC-033EC394ABCA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{82677D6D-1AD7-449B-9249-42F4FF8F5E43}" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.


The system needed a reboot.

==== End of Fixlog 22:05:58 ====

Smazáno. Nastala nějaká změna?

ne, stále to zlobí a vše se mi vrací jak prohlížeč, tak okna v programech... bohužel

OK. Udělejte ještě sken AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 . Utilitu stáhněte, spusťte, nechte pracovat a po skončení akce smažte vše, co najde. Problém ale může způsobovat i systémová chyba.

tak právě dokončeno, smazáno 58 položek, první co jsem chtěla udělat, napsat zprávu sem a opět se mi prohlížeč vyzpětoval z příspěvku až na prázdnou stránku. Teď to píšu napočtvrté

Ještě zkusíme vyčistit prohlížeče. Spusťte postupně tyto utility:

1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: https://www.stahuj.cz/utility_a_ostatni ... oval-tool/
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

toto mi píše 404 stránka nenalezena http://download.bleepingcomputer.com/smeenk/zoek.exe je odkaz správně?

Fíha, ještě včera to fungovalo. Nemohu vám to poslat jeko přílohu, soubor je příliš velký a jinde jsem ho nenašel. Zkuste tedy alespoň Junkware.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64
Ran by Iveta (Administrator) on 11.11.2020 at 19:59:34,53
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 5

Successfully deleted: C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig (Folder)
Successfully deleted: C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd (Folder)
Successfully deleted: C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak (Folder)
Successfully deleted: C:\WINDOWS\system32\Tasks\Lenovo Power Management Driver PnP Task (Task)
Successfully deleted: C:\Program Files (x86)\phifackdujk (Folder)



Registry: 7

Successfully deleted: HKCU\Software\Google\Chrome\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig (Registry Key)
Successfully deleted: HKCU\Software\Google\Chrome\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd (Registry Key)
Successfully deleted: HKCU\Software\Google\Chrome\Extensions\olfeabkoenfaoljndfecamgilllcpiak (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_DD52DC0D6186026AFE712DB9D3450405 (Registry Value)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2DB1833C-0AC6-4F96-A1BC-3DD275AB7E37} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.11.2020 at 20:05:55,67
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

OK. Změnilo se něco?

bohužel ne

Už nezbude nic jiného, než obnova systému k datu, kdy korektně fungoval. S malware to nemá zřejmě nic společného.

Dobře, děkuji moc za pomoc a ochotu. Zkusím.

Rádo se stalo!