čínský šmejd iqiyi - Sodajki

Zpráva

#16 Příspěvek od **vyosek** » 12 črc 2015 21:42

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2015-02-05] (NVIDIA Corporation)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-4085587860-529455309-3535085027-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-4085587860-529455309-3535085027-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll No File
FF Plugin: @iqiyi.com/npclient -> C:\IQIYI Video\LStyle\npclient.dll No File
FF Plugin: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll No File
FF Plugin-x32: @iqiyi.com/npclient -> C:\IQIYI Video\LStyle\npclient.dll No File
FF Plugin-x32: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll No File
FF Plugin HKU\S-1-5-21-4085587860-529455309-3535085027-1000: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll No File

S3 BEService; "C:\Program Files (x86)\Common Files\BattlEye\BEService.exe" [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

2015-07-12 22:20 - 2015-07-12 22:20 - 00013910 _____ C:\Users\Jiří\Desktop\FRST.txt
2015-07-12 22:17 - 2015-07-12 22:17 - 00112640 _____ (forum.viry.cz) C:\Users\Jiří\Desktop\FRSTLauncher.exe
2015-07-12 22:02 - 2015-07-12 21:50 - 00024064 _____ C:\Windows\zoek-delete.exe
2015-07-12 21:50 - 2015-07-12 22:04 - 00006640 _____ C:\zoek-results.log
2015-07-12 21:50 - 2015-07-12 22:00 - 00000000 ____D C:\zoek_backup
2015-07-12 21:41 - 2015-07-12 22:04 - 00000220 _____ C:\ProgramData\lxeascan.log
2015-07-12 21:37 - 2015-07-12 21:39 - 00000000 ____D C:\AdwCleaner
2015-07-12 21:29 - 2015-07-12 21:29 - 00025917 _____ C:\ComboFix.txt
2015-07-12 21:24 - 2015-07-12 22:04 - 00006056 _____ C:\Windows\PFRO.log
2015-07-12 18:33 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-07-12 18:33 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-07-12 18:33 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-07-12 18:33 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-07-12 18:33 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-07-12 18:33 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-07-12 18:33 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-07-12 18:33 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-07-12 18:32 - 2015-07-12 21:29 - 00000000 ____D C:\Qoobox
2015-07-12 18:31 - 2015-07-12 21:23 - 00000000 ____D C:\Windows\erdnt
2015-07-12 18:09 - 2015-07-12 18:09 - 00003312 _____ C:\Windows\System32\Tasks\RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380}
2015-07-12 17:55 - 2014-07-30 04:44 - 00091928 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\SysWOW64\vpatch.dll
2015-07-12 17:54 - 2015-07-12 18:00 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
2015-07-12 17:45 - 2015-07-12 17:49 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\爱奇艺
2015-07-12 17:45 - 2015-07-12 17:45 - 00001014 _____ C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\爱奇艺万能播放器.lnk
2015-07-12 17:22 - 2015-07-12 17:22 - 00000000 ____D C:\Users\Jiří\AppData\Local\SysassistByHotWheel
2015-07-12 21:23 - 2009-07-14 04:34 - 72089600 _____ C:\Windows\system32\config\SOFTWARE.bak
2015-07-12 21:23 - 2009-07-14 04:34 - 18874368 _____ C:\Windows\system32\config\SYSTEM.bak
2015-07-12 21:23 - 2009-07-14 04:34 - 00524288 _____ C:\Windows\system32\config\DEFAULT.bak
2015-07-12 21:23 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2015-07-12 21:23 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\SAM.bak

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {825DFA72-60FA-4865-B1CF-54F168A6D9FC} - System32\Tasks\RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380} => C:\Program Files (x86)\Rising\RAV\rsdelaylauncher.exe

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com

FirewallRules: [{9C8363FE-D725-4E46-899A-67207506A40B}] => (Allow) C:\IQIYI Video\GeePlayer\GeePlayer.exe
FirewallRules: [{3D5BF444-1E79-4FCA-B9E0-2A06F2F0999F}] => (Allow) C:\Users\Jiří\AppData\Roaming\IQIYI Video\LStyle\QyUpdate.exe
FirewallRules: [{2A832C8A-7097-492B-8E16-9B1E72282083}] => (Allow) C:\IQIYI Video\LStyle\QyClient.exe
FirewallRules: [{0EEA1D84-372E-4BC2-9468-79B8DB71EF52}] => (Allow) C:\IQIYI Video\LStyle\QyWebPlayer.exe
FirewallRules: [{3E368962-331B-4E40-A9AF-0C6730480809}] => (Allow) C:\IQIYI Video\Common\QyKernel.exe
FirewallRules: [{63DBEEDA-BBD4-4859-8F23-D18B7AFC6EF8}] => (Allow) C:\IQIYI Video\LStyle\QyPlayer.exe
FirewallRules: [{35A84E9F-D418-4EB3-99F7-BF43E6826DD4}] => (Allow) C:\Users\Jiří\AppData\Roaming\IQIYI Video\LStyle\GpUpdate.exe
FirewallRules: [{A1C5F807-D8D5-4CC6-8C0D-CF02263CB967}] => (Allow) C:\IQIYI Video\GeePlayer\GeePlayer\GeePlayer.exe
FirewallRules: [{688AA9F9-BAB9-4FDC-B14E-02838F217160}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe
FirewallRules: [{A9CBF228-56ED-4625-B863-723B5D579E2B}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe

Hosts:
EmptyTemp:
Reboot:
End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Sodajki · #17 Příspěvek od **Sodajki** » 13 črc 2015 15:17

Fix result of Farbar Recovery Scan Tool (x64) Version:12-07-2015
Ran by Jiří at 2015-07-13 15:58:06 Run:1
Running from C:\Users\Jiří\Desktop
Loaded Profiles: Jiří (Available Profiles: Jiří)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2015-02-05] (NVIDIA Corporation)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-4085587860-529455309-3535085027-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-4085587860-529455309-3535085027-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll No File
FF Plugin: @iqiyi.com/npclient -> C:\IQIYI Video\LStyle\npclient.dll No File
FF Plugin: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll No File
FF Plugin-x32: @iqiyi.com/npclient -> C:\IQIYI Video\LStyle\npclient.dll No File
FF Plugin-x32: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll No File
FF Plugin HKU\S-1-5-21-4085587860-529455309-3535085027-1000: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll No File

S3 BEService; "C:\Program Files (x86)\Common Files\BattlEye\BEService.exe" [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

2015-07-12 22:20 - 2015-07-12 22:20 - 00013910 _____ C:\Users\Jiří\Desktop\FRST.txt
2015-07-12 22:17 - 2015-07-12 22:17 - 00112640 _____ (forum.viry.cz) C:\Users\Jiří\Desktop\FRSTLauncher.exe
2015-07-12 22:02 - 2015-07-12 21:50 - 00024064 _____ C:\Windows\zoek-delete.exe
2015-07-12 21:50 - 2015-07-12 22:04 - 00006640 _____ C:\zoek-results.log
2015-07-12 21:50 - 2015-07-12 22:00 - 00000000 ____D C:\zoek_backup
2015-07-12 21:41 - 2015-07-12 22:04 - 00000220 _____ C:\ProgramData\lxeascan.log
2015-07-12 21:37 - 2015-07-12 21:39 - 00000000 ____D C:\AdwCleaner
2015-07-12 21:29 - 2015-07-12 21:29 - 00025917 _____ C:\ComboFix.txt
2015-07-12 21:24 - 2015-07-12 22:04 - 00006056 _____ C:\Windows\PFRO.log
2015-07-12 18:33 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-07-12 18:33 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-07-12 18:33 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-07-12 18:33 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-07-12 18:33 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-07-12 18:33 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-07-12 18:33 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-07-12 18:33 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-07-12 18:32 - 2015-07-12 21:29 - 00000000 ____D C:\Qoobox
2015-07-12 18:31 - 2015-07-12 21:23 - 00000000 ____D C:\Windows\erdnt
2015-07-12 18:09 - 2015-07-12 18:09 - 00003312 _____ C:\Windows\System32\Tasks\RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380}
2015-07-12 17:55 - 2014-07-30 04:44 - 00091928 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\SysWOW64\vpatch.dll
2015-07-12 17:54 - 2015-07-12 18:00 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????
2015-07-12 17:45 - 2015-07-12 17:49 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\???
2015-07-12 17:45 - 2015-07-12 17:45 - 00001014 _____ C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????????.lnk
2015-07-12 17:22 - 2015-07-12 17:22 - 00000000 ____D C:\Users\Jiří\AppData\Local\SysassistByHotWheel
2015-07-12 21:23 - 2009-07-14 04:34 - 72089600 _____ C:\Windows\system32\config\SOFTWARE.bak
2015-07-12 21:23 - 2009-07-14 04:34 - 18874368 _____ C:\Windows\system32\config\SYSTEM.bak
2015-07-12 21:23 - 2009-07-14 04:34 - 00524288 _____ C:\Windows\system32\config\DEFAULT.bak
2015-07-12 21:23 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2015-07-12 21:23 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\SAM.bak

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {825DFA72-60FA-4865-B1CF-54F168A6D9FC} - System32\Tasks\RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380} => C:\Program Files (x86)\Rising\RAV\rsdelaylauncher.exe

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com

FirewallRules: [{9C8363FE-D725-4E46-899A-67207506A40B}] => (Allow) C:\IQIYI Video\GeePlayer\GeePlayer.exe
FirewallRules: [{3D5BF444-1E79-4FCA-B9E0-2A06F2F0999F}] => (Allow) C:\Users\Jiří\AppData\Roaming\IQIYI Video\LStyle\QyUpdate.exe
FirewallRules: [{2A832C8A-7097-492B-8E16-9B1E72282083}] => (Allow) C:\IQIYI Video\LStyle\QyClient.exe
FirewallRules: [{0EEA1D84-372E-4BC2-9468-79B8DB71EF52}] => (Allow) C:\IQIYI Video\LStyle\QyWebPlayer.exe
FirewallRules: [{3E368962-331B-4E40-A9AF-0C6730480809}] => (Allow) C:\IQIYI Video\Common\QyKernel.exe
FirewallRules: [{63DBEEDA-BBD4-4859-8F23-D18B7AFC6EF8}] => (Allow) C:\IQIYI Video\LStyle\QyPlayer.exe
FirewallRules: [{35A84E9F-D418-4EB3-99F7-BF43E6826DD4}] => (Allow) C:\Users\Jiří\AppData\Roaming\IQIYI Video\LStyle\GpUpdate.exe
FirewallRules: [{A1C5F807-D8D5-4CC6-8C0D-CF02263CB967}] => (Allow) C:\IQIYI Video\GeePlayer\GeePlayer\GeePlayer.exe
FirewallRules: [{688AA9F9-BAB9-4FDC-B14E-02838F217160}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe
FirewallRules: [{A9CBF228-56ED-4625-B863-723B5D579E2B}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NvBackend => value removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-4085587860-529455309-3535085027-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Page => value removed successfully
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value removed successfully
HKU\S-1-5-21-4085587860-529455309-3535085027-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.5.0" => key removed successfully
"HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.5.1" => key removed successfully
"HKLM\Software\MozillaPlugins\@iqiyi.com/npclient" => key removed successfully
"HKLM\Software\MozillaPlugins\@iqiyi.com/npWebPlayer" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.4.0" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.5.1" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@iqiyi.com/npclient" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@iqiyi.com/npWebPlayer" => key removed successfully
"HKU\S-1-5-21-4085587860-529455309-3535085027-1000\Software\MozillaPlugins\@iqiyi.com/npWebPlayer" => key removed successfully
C:\IQIYI Video\LStyle\npWebPlayer.dll not found.
BEService => Service removed successfully
catchme => Service removed successfully
lmimirr => Service removed successfully
VGPU => Service removed successfully
"C:\Users\Jiří\Desktop\FRST.txt" => File/Folder not found.
C:\Users\Jiří\Desktop\FRSTLauncher.exe => moved successfully.
C:\Windows\zoek-delete.exe => moved successfully.
C:\zoek-results.log => moved successfully.
C:\zoek_backup => moved successfully.
C:\ProgramData\lxeascan.log => moved successfully.
C:\AdwCleaner => moved successfully.
C:\ComboFix.txt => moved successfully.
C:\Windows\PFRO.log => moved successfully.
C:\Windows\PEV.exe => moved successfully.
C:\Windows\MBR.exe => moved successfully.
C:\Windows\NIRCMD.exe => moved successfully.
C:\Windows\SWREG.exe => moved successfully.
C:\Windows\SWSC.exe => moved successfully.
C:\Windows\sed.exe => moved successfully.
C:\Windows\grep.exe => moved successfully.
C:\Windows\zip.exe => moved successfully.
C:\Qoobox => moved successfully.
C:\Windows\erdnt => moved successfully.
C:\Windows\System32\Tasks\RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380} => moved successfully.
C:\Windows\SysWOW64\vpatch.dll => moved successfully.

"C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????" folder move:

Could not move "C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????" folder => Scheduled to move on reboot.

"C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\???" folder move:

Could not move "C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\???" folder => Scheduled to move on reboot.

Could not move "C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????????.lnk" => Scheduled to move on reboot.
C:\Users\Jiří\AppData\Local\SysassistByHotWheel => moved successfully.
C:\Windows\system32\config\SOFTWARE.bak => moved successfully.
C:\Windows\system32\config\SYSTEM.bak => moved successfully.
C:\Windows\system32\config\DEFAULT.bak => moved successfully.
C:\Windows\system32\config\SECURITY.bak => moved successfully.
C:\Windows\system32\config\SAM.bak => moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{825DFA72-60FA-4865-B1CF-54F168A6D9FC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{825DFA72-60FA-4865-B1CF-54F168A6D9FC}" => key removed successfully
C:\Windows\System32\Tasks\RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380} not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380}" => key removed successfully
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com" => key removed successfully
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com" => key removed successfully
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com" => key removed successfully
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com" => key removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9C8363FE-D725-4E46-899A-67207506A40B} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3D5BF444-1E79-4FCA-B9E0-2A06F2F0999F} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2A832C8A-7097-492B-8E16-9B1E72282083} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0EEA1D84-372E-4BC2-9468-79B8DB71EF52} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3E368962-331B-4E40-A9AF-0C6730480809} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{63DBEEDA-BBD4-4859-8F23-D18B7AFC6EF8} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{35A84E9F-D418-4EB3-99F7-BF43E6826DD4} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A1C5F807-D8D5-4CC6-8C0D-CF02263CB967} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{688AA9F9-BAB9-4FDC-B14E-02838F217160} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A9CBF228-56ED-4625-B863-723B5D579E2B} => value removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
EmptyTemp: => 619.1 MB temporary data Removed.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-07-13 16:11:02)<=

"C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????" => Could not move
"C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\???" => Could not move
"C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????????.lnk" => Could not move

==== End of Fixlog 16:11:02 ====

#18 Příspěvek od **vyosek** » 14 črc 2015 11:00

Jak se chova PC??

Sodajki · #19 Příspěvek od **Sodajki** » 14 črc 2015 15:37

Vypadá to že je vše v pořádku, velice děkuji za ochotu pomoct mi a rychlé odpovědi

.

#20 Příspěvek od **vyosek** » 15 črc 2015 05:06

Tak jeste uklidime

DelFix https://toolslib.net/downloads/finish/2/

Stahnete a spustte
Ponechte zatrzitkou pouze u volby Remove disinfection tools
Kliknete na Run

Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standard
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

Sodajki · #21 Příspěvek od **Sodajki** » 17 črc 2015 18:34

Už jsem myslel že je vše v pořádku, tak jsem sem už nešel, až dnes když jsem při kliknutí pravým tlačítkem myši klikl na .srt soubor a v nabídce byli čínské znaky, šel jsem hned sem... Ale vaše poslední zpráva kterou jsem před tím už nečet mi to vyřešila, takže ještě jednou velice děkuji

.

#22 Příspěvek od **vyosek** » 17 črc 2015 19:39

Nemate zac, rad jsem pomohl

Zase nekdy

A na zaklade Pravidla o zamykani temat

VIRY.CZ

čínský šmejd iqiyi - Sodajki

Re: čínský šmejd iqiyi - Sodajki

Re: čínský šmejd iqiyi - Sodajki

Re: čínský šmejd iqiyi - Sodajki

Re: čínský šmejd iqiyi - Sodajki

Re: čínský šmejd iqiyi - Sodajki

Re: čínský šmejd iqiyi - Sodajki

Re: čínský šmejd iqiyi - Sodajki