VIRY.CZ

Ještě než se do toho dám malá otázka nastavení OTL mám nechat základní ?

Ano, s nastavenim OTL neni treba nic delat. To nastaveni ma vliv na skenovani, nikoli na opravy

All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{72DC1050-D691-42CC-9A42-FF0EC097214A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72DC1050-D691-42CC-9A42-FF0EC097214A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d43b3890-80c7-4010-a95d-1e77b5924dc3}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{72DC1050-D691-42CC-9A42-FF0EC097214A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72DC1050-D691-42CC-9A42-FF0EC097214A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d43b3890-80c7-4010-a95d-1e77b5924dc3}\ not found.
HKU\S-1-5-21-3424782441-3329749989-1727220065-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_USERS\S-1-5-21-3424782441-3329749989-1727220065-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-3424782441-3329749989-1727220065-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-3424782441-3329749989-1727220065-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_USERS\S-1-5-21-3424782441-3329749989-1727220065-1000\Software\Microsoft\Internet Explorer\SearchScopes\{72DC1050-D691-42CC-9A42-FF0EC097214A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72DC1050-D691-42CC-9A42-FF0EC097214A}\ not found.
Registry key HKEY_USERS\S-1-5-21-3424782441-3329749989-1727220065-1000\Software\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d43b3890-80c7-4010-a95d-1e77b5924dc3}\ not found.
Prefs.js: "iSearch" removed from browser.search.defaultenginename
Prefs.js: "iSearch" removed from browser.search.order.1
Prefs.js: "iSearch" removed from browser.search.selectedEngine
Prefs.js: "http://isearch.babylon.com/?affID=11393 ... b70dd9d821" removed from browser.startup.homepage
Prefs.js: plugin@yontoo.com:1.20.00 removed from extensions.enabledAddons
Prefs.js: "http://isearch.babylon.com/?affID=11393 ... dd9d821&q=" removed from keyword.URL
File C:\Program Files (x86)\mozilla firefox\searchplugins\babylon. not found.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to change the HomePage.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ deleted successfully.
C:\Program Files (x86)\Yontoo\YontooIEClient.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-3424782441-3329749989-1727220065-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3424782441-3329749989-1727220065-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3424782441-3329749989-1727220065-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3424782441-3329749989-1727220065-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS\ deleted successfully.
File Protocol\Handler\grooveLocalGWS - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
File Protocol\Handler\wlmailhtml - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
File Protocol\Handler\wlpg - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Users\Vojtěch\AppData\Local\{C3F20ABA-C353-44A2-A14E-2CA9F504A62B} folder moved successfully.
C:\Users\Vojtěch\AppData\Local\{A5F817EF-5482-40B4-91C4-2D0ECAA01BBC} folder moved successfully.
C:\Users\Vojtěch\AppData\Roaming\QL5H60YACVHK5Rbat.bat moved successfully.
C:\Users\Vojtěch\AppData\Roaming\XZWXXFGY2PVBMHbat.bat moved successfully.
C:\Users\Vojtěch\AppData\Roaming\T7PRICVORY79bat.bat moved successfully.
C:\Users\Vojtěch\AppData\Roaming\WVB6PVbat.bat moved successfully.
C:\Users\Vojtěch\AppData\Roaming\invis.vbs moved successfully.
C:\Users\Vojtěch\AppData\Roaming\Babylon folder moved successfully.
C:\Windows\msdownld.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP119C.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP84E7.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP379.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP428B.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6B8E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPB5E6.tmp\System.Data.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPB5E6.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPCA0.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\Installer\MSI7830.tmp deleted successfully.
C:\Windows\Installer\MSI866B.tmp deleted successfully.
C:\Users\Vojtěch\AppData\Roaming\Adobe64\bat.exe moved successfully.
C:\Users\Vojtěch\AppData\Roaming\Adobe64\winucs.exe moved successfully.
C:\Users\Vojtěch\AppData\Roaming\Adobex86\bat.exe moved successfully.
C:\Users\Vojtěch\AppData\Roaming\Adobex86\windef.exe moved successfully.
C:\Users\Vojtěch\AppData\Roaming\Free Media Pack\FreeMediaPack.exe moved successfully.
C:\Users\Vojtěch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blaiz Enterprises\Image Tools\Text Effects.EXE moved successfully.
C:\Users\Vojtěch\AppData\Roaming\OpenCandy\95DC8376729C441A82048200B372F629\pcspeedup_oc.exe moved successfully.
C:\Users\Vojtěch\AppData\Roaming\WildTangent\WildTangent Games\App\DPConfig\InstallTouchpoints-hp.exe_filedata moved successfully.
C:\Users\Vojtěch\AppData\Roaming\WildTangent\WildTangent Games\App\Update\Updater.exe moved successfully.
C:\Windows\Tasks\HPCeeScheduleForHP-PAVILION95$.job moved successfully.
C:\Windows\Tasks\HPCeeScheduleForVojtìch.job moved successfully.
ADS \Program Files (x86)\Steam\steamapps\common\PlanetSide 2\LaunchPad.libs\wws_crashreport_uploader.exe:crc deleted successfully.
ADS \Program Files (x86)\Steam\steamapps\common\PlanetSide 2\APEX_Loader_x86.dll:crc deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Steam deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Media Finder not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Skype deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeUpdate not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\HP Software Update deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\PDF Complete deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\LogMeIn Hamachi Ui deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS5.5ServiceManager deleted successfully.
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56502 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: Vojtech

User: Vojtěch
->Temp folder emptied: 73445 bytes
->Temporary Internet Files folder emptied: 44861074 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 140406088 bytes
->Google Chrome cache emptied: 372296387 bytes
->Flash cache emptied: 17447 bytes

User: VojtŘch
->Temp folder emptied: 0 bytes

User: Vojt죨
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 41167 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50574 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 532.00 mb

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

User: Vojtech

User: Vojtěch
->Flash cache emptied: 0 bytes

User: VojtŘch

User: Vojt죨

Total Flash Files Cleaned = 0.00 mb

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Public

User: Vojtech

User: Vojtěch
->Java cache emptied: 0 bytes

User: VojtŘch

User: Vojt죨

Total Java Files Cleaned = 0.00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 04062013_131405

Files\Folders moved on Reboot...
C:\Users\Vojtěch\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

OTL nam udelalo co melo, jak se chova PC

Počítač se chová normálně procesor se drží v klidu na 4 - 5 %

Tak jeste uklidime

Odinstalujte Combofix

Prejmenujte ComboFix na Uninstall
Spustte jej
Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel èistiè

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

Ok du na to možná ještě pak budu mít pár otázek po dokončení procesu.

No hned u odinstalování combofixu mám problém mám to přejmenovat na Uninstall nebo Combofix Uninstall jen při uninstall pracoval normálně, ale měl jsem zapnutý antivir takže přerušil proces, nešlo by to odinstalovat přes přidat a odebrat programy ?

CF prejmenujte na Uninstall, tim se spusti jeho samoodinstalace. Pres Pridat/Odebrat programy to nelze...

při průběhu nabízí combofix novější verzi souhlasit či nesouhlasit ?

Program napsal že byl úspěšně odinstalován i když soubor zůstal na ploše doufám že jsem to odinstaloval správně ?

Aaano, pokracujte dalsimi kroky, oni jej pripadne docisti

Po použití utilitu smažte - ? nevím co to znamená jak ten program TFC co jsem použil mám pak smazat ?
a zálohu registru jak udělám ?

TFC normalne smazete

Zalohu registru Vam nabidne CCleaner, normalni ji jen ulozite

Myslím že jsem vše udělal na ploše mě zůstala ikonka bombofixu RIST a složka rkill můžu to nyní smazat ?

VIRY.CZ

Problem - windef.exe *32

Re: Problem - windef.exe *32

Re: Problem - windef.exe *32

Re: Problem - windef.exe *32

Re: Problem - windef.exe *32

Re: Problem - windef.exe *32

Re: Problem - windef.exe *32

Re: Problem - windef.exe *32

Re: Problem - windef.exe *32

Re: Problem - windef.exe *32

Re: Problem - windef.exe *32

Re: Problem - windef.exe *32

Re: Problem - windef.exe *32

Re: Problem - windef.exe *32

Re: Problem - windef.exe *32

Re: Problem - windef.exe *32