VIRY.CZ

Dobrý večer,

mám potíže s hrou WarThunder. Program nelze odstranit, prý se takto chová vir, to mě jen utvrzuje v tom, že jej chci pryč z počítače. Potíže s jeho odstraněním mají lidé po celém světě, jejich rady mi nepomohly. Zakázala jsem mu sice aktualizace, při spuštění PC se ale někdy spustí i program, načež se mi kvůli stahování dlouhých aktualizací zpomalí a zaseká počítač. Děkuji za jakoukoliv radu.

Log z FRST a Addition přiloženy.

Nikol

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

Rudy píše:Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner 7.0.3.1 - Logfile created on Fri Oct 20 13:53:38 2017
# Updated on 2017/29/09 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\Users\Nikol\AppData\Local\SweetLabs App Platform
Deleted: C:\ProgramData\Pokki
Deleted: C:\Users\Administrator.HORSIK\AppData\Local\Pokki
Deleted: C:\Users\All Users\Pokki
Deleted: C:\Users\Default\AppData\Local\Pokki
Deleted: C:\Users\Default User\AppData\Local\Pokki
Deleted: C:\Users\Public\Pokki
Deleted: C:\Program Files\Booking.com


***** [ Files ] *****

Deleted: C:\Users\Nikol\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Pokki Start Menu.lnk
Deleted: C:\Users\Nikol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk
Deleted: C:\END
Deleted: C:\Users\Nikol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk


***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted: SweetLabs App Platform


***** [ Registry ] *****

Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\utop.it
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\foxi69.tlscdn.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\slunecnice.cz
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\tlscdn.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.slunecnice.cz
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\akcniceny.cz
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.akcniceny.cz
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\akcniceny.cz
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.akcniceny.cz
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|Start Page [https:\\gosearch.me\?u=7919ba5bfc9d3e6fba47d11c291f46d7&c=DP3221&src=hp&inst=1443333253]
Deleted: [Key] - HKU\S-1-5-21-3211153150-2829371404-3218829257-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
Deleted: [Key] - HKU\S-1-5-21-3211153150-2829371404-3218829257-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{7BCA6879-A9F8-47DE-AE05-F5CE7EA3A474}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{ADF1FA2A-6EAA-4A97-A55F-3C8B92843EF5}
Deleted: [Key] - HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Deleted: [Key] - HKCU\Software\Classes\Directory\shell\pokki
Deleted: [Key] - HKCU\Software\Classes\Drive\shell\pokki
Deleted: [Key] - HKCU\Software\Classes\lnkfile\shell\pokki
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\OverlayIcon.DLL
Deleted: [Key] - HKLM\SOFTWARE\Conduit
Deleted: [Key] - HKU\S-1-5-21-3211153150-2829371404-3218829257-1001\Software\Conduit
Deleted: [Key] - HKCU\Software\Conduit
Deleted: [Key] - HKU\S-1-5-21-3211153150-2829371404-3218829257-1001\Software\SweetLabs App Platform
Deleted: [Key] - HKCU\Software\SweetLabs App Platform
Deleted: [Key] - HKLM\SOFTWARE\Auslogics
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_d298ec1c4f6bd59b865864f8d2d7745685fc172c


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

SearchProvider deleted: Slunečnice - slunecnice.cz
Startpage deleted: http://search.conduit.com/?ctid=ct31350 ... hSource=55
Startpage deleted: https://gosearch.me/?u=7919ba5bfc9d3e6f ... 1443333253
Startpage deleted: http://search.conduit.com/?ctid=ct31350 ... hSource=55
Startpage deleted: https://gosearch.me/?u=7919ba5bfc9d3e6f ... 1443333253


*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [5705 B] - [2017/10/20 13:46:36]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

Dejte nový log FRST.

Rudy píše:Dejte nový log FRST.

Dobrý večer, přikládám v archivu log i addition.

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-3211153150-2829371404-3218829257-1001\...\Run: [] => [X]
HKU\S-1-5-21-3211153150-2829371404-3218829257-1001\...\MountPoints2: {74a520e0-77be-11e7-82ef-f0761c77aa94} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3211153150-2829371404-3218829257-1001\...\MountPoints2: {cb372c8d-af5e-11e7-82f9-f0761c77aa94} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3211153150-2829371404-3218829257-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKLM-x32 -> DefaultScope {20B9D1AE-AD1A-38B4-87FE-AF278DA9861D} URL = hxxps://gosearch.me/?q={searchTerms}&u=7919ba5bfc9d3e6fba47d11c291f46d7&c=DP3221&src=srch&inst=1443333253
SearchScopes: HKLM-x32 -> {20B9D1AE-AD1A-38B4-87FE-AF278DA9861D} URL = hxxps://gosearch.me/?q={searchTerms}&u=7919ba5bfc9d3e6fba47d11c291f46d7&c=DP3221&src=srch&inst=1443333253
SearchScopes: HKU\S-1-5-21-3211153150-2829371404-3218829257-1001 -> DefaultScope {20B9D1AE-AD1A-38B4-87FE-AF278DA9861D} URL = hxxps://gosearch.me/?q={searchTerms}&u=7919ba5bfc9d3e6fba47d11c291f46d7&c=DP3221&src=srch&inst=1443333253
SearchScopes: HKU\S-1-5-21-3211153150-2829371404-3218829257-1001 -> {20B9D1AE-AD1A-38B4-87FE-AF278DA9861D} URL = hxxps://gosearch.me/?q={searchTerms}&u=7919ba5bfc9d3e6fba47d11c291f46d7&c=DP3221&src=srch&inst=1443333253
SearchScopes: HKU\S-1-5-21-3211153150-2829371404-3218829257-1001 -> {69A642A9-1343-4A60-98C1-A1C60595709C} URL =
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
C:\WINDOWS\LastGood.Tmp
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3211153150-2829371404-3218829257-1001Core
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3211153150-2829371404-3218829257-1001Core1d257e882149e47
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
C:\ProgramData\DP45977C.lfl
Task: {2D3EF084-DB1B-456D-92FB-5EE8589DF9DE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {3CE571FB-4266-4D3B-A348-09D5DF89230F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {51C9402B-8774-4050-A960-D9FBDCB69F08} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {5FA955E6-9426-4EE3-ABDF-5CD822F49561} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {79F9A9D5-728C-4751-B194-A53492B64DFC} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {82EA55AB-C28A-4816-A634-3050A9147CD1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {93B8B180-FA5A-48B4-A9E5-02BB772D537D} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {9CA93B98-CD48-42B6-AB01-38D15605CCD4} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {A44FCF72-146D-4F24-9000-F73E04AC6F13} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {B3E296CA-6794-4597-AC44-C63939A4366D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {CCAB5E41-AF8E-417F-A21C-074724D4FDFC} - \WPD\SqmUpload_S-1-5-21-3211153150-2829371404-3218829257-1001 -> No File <==== ATTENTION
Task: {EAE21CC6-74BB-4F4E-B1CC-3044386FA6D2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3211153150-2829371404-3218829257-1001Core.job => C:\Users\Nikol\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3211153150-2829371404-3218829257-1001UA.job => C:\Users\Nikol\AppData\Local\Google\Update\GoogleUpdate.exe
HKU\S-1-5-21-3211153150-2829371404-3218829257-1001\...\StartupApproved\Run: => "WarThunderLauncher"

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 21-10-2017
Ran by Nikol (22-10-2017 06:58:05) Run:1
Running from C:\Users\Nikol\Desktop
Loaded Profiles: Nikol (Available Profiles: Nikol & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-3211153150-2829371404-3218829257-1001\...\Run: [] => [X]
HKU\S-1-5-21-3211153150-2829371404-3218829257-1001\...\MountPoints2: {74a520e0-77be-11e7-82ef-f0761c77aa94} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3211153150-2829371404-3218829257-1001\...\MountPoints2: {cb372c8d-af5e-11e7-82f9-f0761c77aa94} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3211153150-2829371404-3218829257-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKLM-x32 -> DefaultScope {20B9D1AE-AD1A-38B4-87FE-AF278DA9861D} URL = hxxps://gosearch.me/?q={searchTerms}&u=7919ba5bfc9d3e6fba47d11c291f46d7&c=DP3221&src=srch&inst=1443333253
SearchScopes: HKLM-x32 -> {20B9D1AE-AD1A-38B4-87FE-AF278DA9861D} URL = hxxps://gosearch.me/?q={searchTerms}&u=7919ba5bfc9d3e6fba47d11c291f46d7&c=DP3221&src=srch&inst=1443333253
SearchScopes: HKU\S-1-5-21-3211153150-2829371404-3218829257-1001 -> DefaultScope {20B9D1AE-AD1A-38B4-87FE-AF278DA9861D} URL = hxxps://gosearch.me/?q={searchTerms}&u=7919ba5bfc9d3e6fba47d11c291f46d7&c=DP3221&src=srch&inst=1443333253
SearchScopes: HKU\S-1-5-21-3211153150-2829371404-3218829257-1001 -> {20B9D1AE-AD1A-38B4-87FE-AF278DA9861D} URL = hxxps://gosearch.me/?q={searchTerms}&u=7919ba5bfc9d3e6fba47d11c291f46d7&c=DP3221&src=srch&inst=1443333253
SearchScopes: HKU\S-1-5-21-3211153150-2829371404-3218829257-1001 -> {69A642A9-1343-4A60-98C1-A1C60595709C} URL =
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
C:\WINDOWS\LastGood.Tmp
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3211153150-2829371404-3218829257-1001Core
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3211153150-2829371404-3218829257-1001Core1d257e882149e47
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
C:\ProgramData\DP45977C.lfl
Task: {2D3EF084-DB1B-456D-92FB-5EE8589DF9DE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {3CE571FB-4266-4D3B-A348-09D5DF89230F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {51C9402B-8774-4050-A960-D9FBDCB69F08} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {5FA955E6-9426-4EE3-ABDF-5CD822F49561} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {79F9A9D5-728C-4751-B194-A53492B64DFC} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {82EA55AB-C28A-4816-A634-3050A9147CD1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {93B8B180-FA5A-48B4-A9E5-02BB772D537D} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {9CA93B98-CD48-42B6-AB01-38D15605CCD4} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {A44FCF72-146D-4F24-9000-F73E04AC6F13} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {B3E296CA-6794-4597-AC44-C63939A4366D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {CCAB5E41-AF8E-417F-A21C-074724D4FDFC} - \WPD\SqmUpload_S-1-5-21-3211153150-2829371404-3218829257-1001 -> No File <==== ATTENTION
Task: {EAE21CC6-74BB-4F4E-B1CC-3044386FA6D2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3211153150-2829371404-3218829257-1001Core.job => C:\Users\Nikol\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3211153150-2829371404-3218829257-1001UA.job => C:\Users\Nikol\AppData\Local\Google\Update\GoogleUpdate.exe
HKU\S-1-5-21-3211153150-2829371404-3218829257-1001\...\StartupApproved\Run: => "WarThunderLauncher"

EmptyTemp:
End
*****************

HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
HKU\S-1-5-21-3211153150-2829371404-3218829257-1001\Software\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKU\S-1-5-21-3211153150-2829371404-3218829257-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{74a520e0-77be-11e7-82ef-f0761c77aa94} => key removed successfully
HKLM\Software\Classes\CLSID\{74a520e0-77be-11e7-82ef-f0761c77aa94} => key not found.
HKU\S-1-5-21-3211153150-2829371404-3218829257-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cb372c8d-af5e-11e7-82f9-f0761c77aa94} => key removed successfully
HKLM\Software\Classes\CLSID\{cb372c8d-af5e-11e7-82f9-f0761c77aa94} => key not found.
HKU\S-1-5-21-3211153150-2829371404-3218829257-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{20B9D1AE-AD1A-38B4-87FE-AF278DA9861D} => key removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{20B9D1AE-AD1A-38B4-87FE-AF278DA9861D} => key not found.
HKU\S-1-5-21-3211153150-2829371404-3218829257-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-3211153150-2829371404-3218829257-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{20B9D1AE-AD1A-38B4-87FE-AF278DA9861D} => key removed successfully
HKLM\Software\Classes\CLSID\{20B9D1AE-AD1A-38B4-87FE-AF278DA9861D} => key not found.
HKU\S-1-5-21-3211153150-2829371404-3218829257-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{69A642A9-1343-4A60-98C1-A1C60595709C} => key removed successfully
HKLM\Software\Classes\CLSID\{69A642A9-1343-4A60-98C1-A1C60595709C} => key not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => key removed successfully
C:\WINDOWS\LastGood.Tmp => moved successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3211153150-2829371404-3218829257-1001Core => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3211153150-2829371404-3218829257-1001Core1d257e882149e47 => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2D3EF084-DB1B-456D-92FB-5EE8589DF9DE} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2D3EF084-DB1B-456D-92FB-5EE8589DF9DE} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3CE571FB-4266-4D3B-A348-09D5DF89230F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3CE571FB-4266-4D3B-A348-09D5DF89230F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{51C9402B-8774-4050-A960-D9FBDCB69F08} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{51C9402B-8774-4050-A960-D9FBDCB69F08} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5FA955E6-9426-4EE3-ABDF-5CD822F49561} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5FA955E6-9426-4EE3-ABDF-5CD822F49561} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{79F9A9D5-728C-4751-B194-A53492B64DFC} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{79F9A9D5-728C-4751-B194-A53492B64DFC} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{82EA55AB-C28A-4816-A634-3050A9147CD1} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{82EA55AB-C28A-4816-A634-3050A9147CD1} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{93B8B180-FA5A-48B4-A9E5-02BB772D537D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{93B8B180-FA5A-48B4-A9E5-02BB772D537D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9CA93B98-CD48-42B6-AB01-38D15605CCD4} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9CA93B98-CD48-42B6-AB01-38D15605CCD4} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A44FCF72-146D-4F24-9000-F73E04AC6F13} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A44FCF72-146D-4F24-9000-F73E04AC6F13} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B3E296CA-6794-4597-AC44-C63939A4366D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B3E296CA-6794-4597-AC44-C63939A4366D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CCAB5E41-AF8E-417F-A21C-074724D4FDFC} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCAB5E41-AF8E-417F-A21C-074724D4FDFC} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-3211153150-2829371404-3218829257-1001 => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EAE21CC6-74BB-4F4E-B1CC-3044386FA6D2} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EAE21CC6-74BB-4F4E-B1CC-3044386FA6D2} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key removed successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3211153150-2829371404-3218829257-1001Core.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3211153150-2829371404-3218829257-1001UA.job => moved successfully
HKU\S-1-5-21-3211153150-2829371404-3218829257-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\WarThunderLauncher => value removed successfully
HKU\S-1-5-21-3211153150-2829371404-3218829257-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\WarThunderLauncher => value not found.

=========== EmptyTemp: ==========

BITS transfer queue => 6053888 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 82220703 B
Java, Flash, Steam htmlcache => 318723477 B
Windows/system/drivers => 50962 B
Edge => 31485327 B
Chrome => 901773294 B
Firefox => 6422130 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6948 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 818 B
NetworkService => 39597336 B
Nikol => 48616061 B
Administrator.HORSIK => 24842198 B

RecycleBin => 0 B
EmptyTemp: => 1.4 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 06:59:16 ====

Smazáno. Nastala nějaká změna?

Rudy píše:Smazáno. Nastala nějaká změna?

Stále se mi spouští launcher co mám na ploše, tedy jen zástupce toho programu, a když napíšu do hledání "warthunder", v počítači se stále nachází složka taktéž se zástupcem (umístění: Tento počítač --> Acer (C:) --> Users --> Nikol --> AppData --> Roaming --> microsoft --> Windows --> Start Menu --> Programs --> WarThunder).

+ Když jdu do Tento počítač --> Acer (C:) tak je zde stále složka WarThunder, kde je i původní launcher, tedy ne zástupce. Celkově mi zabírá vše, co v té složce je 23,6 GB na disku!

Z WarThunder byla v logách pouze 1 položka a tu jsme odstranili. Pokud to tam drží Steam (mimochodem tolerovaný šmejd, který nemám rád, bohužel pařani na něm trvají), potom to asi bude problém z PC vyhodit. Podle návodu: https://translate.google.cz/translate?h ... rev=search by měl být odinstalátor přístupný z ovl. panelů>programy.

Rudy píše:Z WarThunder byla v logách pouze 1 položka a tu jsme odstranili. Pokud to tam drží Steam (mimochodem tolerovaný šmejd, který nemám rád, bohužel pařani na něm trvají), potom to asi bude problém z PC vyhodit. Podle návodu: https://translate.google.cz/translate?h ... rev=search by měl být odinstalátor přístupný z ovl. panelů>programy.

Přes Steam mám sice většinu her a WarThunder by teď opravdu měl být i jím podporován, nicméně já si jej do PC nainstalovala ještě dříve, než jej Steam zahrnoval, tam podle mě tedy ukotvený v tomto případě nebude. Odinstalovat popsanou cestou bohužel nejde, mezi programy v ovládacích panelech, ale ani třeba v CCleaneru vůbec není k nalezení.

Potom už zbývá jen smazat jeho složku a z registry vyházet ručně podle návodu: https://forum.viry.cz/viewtopic.php?f=46&t=2791 Jiná možnost není.

Rudy píše:Potom už zbývá jen smazat jeho složku a z registry vyházet ručně podle návodu: https://forum.viry.cz/viewtopic.php?f=46&t=2791 Jiná možnost není.

To jste mě moc nepotěšil. Poprosím kdyžtak někoho z okolí, kdo se v tom umí hrabat, na tohle už si netroufnu. Každopádně jsem se smířila tak jako tak s reinstalací systému, aspoň by se software vyčistil a prý by to pomohlo i k delší životnosti. Každopádně, moc vám děkuji za ochotu a pomoc!

S přáním příjemného startu do pracovního týdne

Nikol

Pokud to není jak odinstalovat, nic jiného nezbude. Ledaže by existoval nějaký odinstalátor (nevím, nejsem pařan), nebo byl odinstalační soubor někde v adresáři té hry.
Děkuji za přání, vám přeji totéž a nemáte zač!