mozilla

[marvis]

proč mi s černalo pozadí na monitoru

[vyosek]

Noo, zkuste si jej nastavit, toto nejak si nevybavuji cim by mohlo byt, ale pokud by neslo nastavit, tak zabadame...

Problemy s mozilou zmizely?

[marvis]

Ano zmizely mooooc děkuji

[marvis]

šlo to změnit ale akorát se mi tam otevře okno s tímto PRAVDĚPODOBNĚ JSTE SE STAL OBĚTÍ SOFTWAROVÉ KRIMINALITY

[vyosek]

A jeje, takze to tam mame jeste nekde schovane, mrchu jednu...Samozrejme je to lez a je to podvod, jen aby z Vas vytahly penize...Pustime tam tedy poradny nastroj

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

[marvis]

PÍŠE TO ŽE MÁM VYPNOUT AVAST NEŽ KLIKNU NA OK

[vyosek]

Kliknete na Avast, ta jeho oranzova koule, pravym tlacitkem mysi - Ovladani stitu Avast - Pozastavit do restartu pocitace - potvrdte vypnuti

[marvis]

ComboFix 13-02-23.01 - PEPIK 24.02.2013 9:57.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1258 [GMT 1:00]
Spuštěný z: c:\documents and settings\PEPIK\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\PEPIK\WINDOWS
c:\windows\msmqinst.log
D:\install.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_MYWEBSEARCHSERVICE
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-24 do 2013-02-24 )))))))))))))))))))))))))))))))
.
.
2013-02-24 08:47 . 2013-02-24 08:47 -------- dc----w- c:\documents and settings\All Users\Oblíbené položky
2013-02-24 08:00 . 2013-02-24 08:00 -------- dc----w- C:\_OTL
2013-02-23 15:23 . 2013-02-24 07:24 -------- d-----w- c:\program files\trend micro
2013-02-23 15:23 . 2013-02-23 15:23 -------- dc----w- C:\rsit
2013-02-20 16:38 . 2013-02-20 16:38 -------- d-----w- c:\windows\system32\wbem\Repository
2013-02-18 17:19 . 2013-02-19 15:44 -------- d-----w- c:\documents and settings\PEPIK\Data aplikací\Ybsi
2013-02-18 17:19 . 2013-02-19 15:38 -------- d-----w- c:\documents and settings\PEPIK\Data aplikací\Wioma
2013-02-16 09:36 . 2013-02-16 09:36 -------- d-----w- c:\documents and settings\PEPIK\Data aplikací\PlusOfficeFREE
2013-02-16 09:34 . 2013-02-16 09:40 -------- d-----w- c:\program files\PlusOffice FREE 2009
2013-02-16 08:39 . 2013-02-16 08:39 -------- d-----w- c:\program files\IBM
2013-02-16 08:39 . 2013-02-16 08:39 -------- dc----w- c:\documents and settings\All Users\Data aplikací\{ABCF2613-B074-49B8-8A4C-5EA193A250F6}
2013-02-16 08:05 . 2013-02-16 08:06 -------- d-----w- c:\documents and settings\PEPIK\Local Settings\Data aplikací\Kingsoft
2013-02-16 08:04 . 2013-02-16 08:04 -------- d-----w- c:\documents and settings\PEPIK\Data aplikací\Kingsoft
2013-02-16 08:04 . 2013-02-16 08:04 -------- dc----w- c:\documents and settings\All Users\Data aplikací\Kingsoft
2013-02-16 08:03 . 2013-02-16 09:19 -------- d-----w- c:\program files\Kingsoft
2013-02-16 07:09 . 2013-02-16 07:14 -------- d-----w- c:\documents and settings\PEPIK\AbiSuite
2013-02-16 07:09 . 2013-02-16 07:13 -------- d-----w- c:\program files\AbiWord
2013-02-16 06:51 . 2013-02-16 06:51 -------- d-----w- c:\program files\Microsoft Synchronization Services
2013-02-16 06:51 . 2013-02-16 06:51 -------- d-----w- c:\program files\Microsoft Analysis Services
2013-02-16 06:51 . 2013-02-16 06:52 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2013-02-16 06:51 . 2013-02-16 06:51 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2013-02-16 06:51 . 2013-02-16 06:51 -------- dc----w- c:\documents and settings\All Users\Microsoft
2013-02-16 06:29 . 2013-02-16 06:29 -------- d-----w- c:\documents and settings\PEPIK\Data aplikací\LibreOffice
2013-02-16 06:27 . 2013-02-16 06:28 -------- d-----w- c:\program files\LibreOffice 4.0
2013-02-15 22:31 . 2013-02-15 22:31 186432 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2013-02-15 15:46 . 2013-02-16 06:49 -------- d-----w- c:\program files\Speeditup Free
2013-02-15 14:39 . 2010-02-28 00:13 49024 -c--a-w- c:\program files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
2013-02-15 14:39 . 2011-10-04 09:32 765312 -c--a-w- c:\program files\Common Files\Microsoft Shared\OFFICE14\MSPTLS.DLL
2013-02-15 14:39 . 2010-12-27 22:49 1366888 -c--a-w- c:\program files\Common Files\Microsoft Shared\OFFICE14\RICHED20.DLL
2013-02-15 14:39 . 2012-09-20 12:22 3429584 -c--a-w- c:\program files\Common Files\Microsoft Shared\OFFICE14\Csi.dll
2013-02-15 14:39 . 2010-10-28 14:33 1100152 -c--a-w- c:\program files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe
2013-02-15 14:39 . 2010-01-09 19:37 127232 -c--a-w- c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPC.DLL
2013-02-14 17:01 . 2013-02-14 17:03 -------- dc----w- c:\documents and settings\All Users\Data aplikací\SmartKid
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-08 15:50 . 2012-04-07 05:41 697712 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-08 15:50 . 2011-06-04 08:33 74096 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-26 03:55 . 2002-09-20 18:04 552448 ----a-w- c:\windows\system32\oleaut32.dll
2013-01-07 07:26 . 2002-09-20 17:12 2150912 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-07 07:26 . 2002-09-20 17:12 2029568 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-04 10:10 . 2002-09-20 17:41 1867264 ----a-w- c:\windows\system32\win32k.sys
2013-01-02 06:49 . 2009-04-06 15:13 148992 ----a-w- c:\windows\system32\mpg2splt.ax
2013-01-02 06:49 . 2005-08-30 07:26 1294848 ----a-w- c:\windows\system32\quartz.dll
2012-12-26 20:20 . 2006-06-23 11:27 916480 ----a-w- c:\windows\system32\wininet.dll
2012-12-26 20:19 . 2002-09-20 18:04 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-12-26 20:19 . 2002-09-20 18:05 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-12-24 06:40 . 2004-08-17 22:44 385024 ----a-w- c:\windows\system32\html.iec
2012-12-16 12:23 . 2001-10-25 14:00 290560 ----a-w- c:\windows\system32\atmfd.dll
2006-05-21 11:40 . 2006-05-21 11:40 266240 -c--a-w- c:\program files\samp.dll
2006-05-21 02:16 . 2006-05-21 02:16 370176 -c--a-w- c:\program files\samp.exe
2006-04-05 13:55 . 2006-04-05 13:55 147456 -c--a-w- c:\program files\samp_debug.exe
2006-03-24 17:04 . 2006-03-24 17:04 49152 -c--a-w- c:\program files\rcon.exe
2013-02-16 00:34 . 2013-02-20 16:58 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-01-30 16116224]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"GamerOSD"="c:\program files\ASUS\GamerOSD\GamerOSD.exe" [2007-02-14 380928]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2008-09-17 13574144]
"nwiz"="nwiz.exe" [2008-09-17 1657376]
"NvMediaCenter"="c:\windows\System32\NvMcTray.dll" [2008-09-17 86016]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]
"SMail"="c:\program files\Seznam\Postak\Postak.exe" [2008-02-21 453936]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2004-03-10 406016]
"PCLEPCI"="c:\progra~1\PINNAC~1\PPE\PPE.EXE" [2003-09-23 32768]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"EEventManager"="c:\program files\Epson Software\Event Manager\EEventManager.exe" [2010-08-30 979328]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\LocalService\Nabídka Start\Programy\Po spuštění\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [N/A]
.
c:\documents and settings\LocalService\Nabídka Start\Programy\Po spuštění\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [N/A]
.
c:\documents and settings\LocalService\Nabídka Start\Programy\Po spuštění\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [N/A]
.
c:\documents and settings\LocalService\Nabídka Start\Programy\Po spuštění\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [N/A]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Metin2_CZ\\metin2.bin"=
"c:\\Program Files\\Metin2_CZ\\metin2client.bin"=
"c:\\Program Files\\concept design\\onlineTV 5\\onlineTV.exe"=
"c:\documents and settings\PEPIK\Data aplikací\Facebook\facebook.exe"= c:\documents and settings\PEPIK\Data aplikací\Facebook\facebook.exe:127.0.0.1/255.255.255.255:Enabled:Facebook
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"=
"c:\\Documents and Settings\\PEPIK\\Local Settings\\Data aplikací\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"=
"c:\\Program Files\\Epson Software\\Event Manager\\EEventManager.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\IBM\\Lotus\\Symphony\\framework\\rcp\\eclipse\\plugins\\com.ibm.rcp.jcl.desktop.win32.x86_6.2.0.200805061024\\jre\\bin\\expeditorw.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"57306:TCP"= 57306:TCP:Pando Media Booster
"57306:UDP"= 57306:UDP:Pando Media Booster
"58062:TCP"= 58062:TCP:Pando Media Booster
"58062:UDP"= 58062:UDP:Pando Media Booster
"59098:TCP"= 59098:TCP:Pando Media Booster
"59098:UDP"= 59098:UDP:Pando Media Booster
"58090:TCP"= 58090:TCP:Pando Media Booster
"58090:UDP"= 58090:UDP:Pando Media Booster
"1542:TCP"= 1542:TCP:Realtek WPS TCP Prot
"1542:UDP"= 1542:UDP:Realtek WPS UDP Prot
"53:UDP"= 53:UDP:Realtek AP UDP Prot
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [19.2.2012 15:41 738504]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [19.2.2012 15:41 361032]
R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [14.5.2009 17:07 759048]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [19.2.2012 15:41 21256]
R2 ezGOSvc;Easybits GO Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [25.10.2001 15:00 14336]
R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [16.11.2009 17:33 50704]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [22.3.2011 6:34 583640]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [9.11.2012 12:21 160944]
S3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [6.4.2009 16:21 945920]
S3 AR9271;Wireless Network Adapter Service;c:\windows\system32\drivers\athuw.sys [3.9.2010 15:58 1668352]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192su.sys [24.12.2011 11:40 583552]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezGOSvc
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uDefault_Search_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\documents and settings\PEPIK\Data aplikací\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Search the Web - c:\program files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
TCP: DhcpNameServer = 10.10.100.1
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Bombarďáci - c:\documents and settings\PEPIK\Plocha\uninstall.exe
AddRemove-McAfee Security Scan - c:\program files\McAfee Security Scan\uninstall.exe
AddRemove-{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A} - c:\program files\McAfee\SiteAdvisor\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-02-24 10:07
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(2108)
c:\program files\ScanSoft\OmniPageSE4\OpHookSE4.dll
c:\windows\system32\msi.dll
c:\progra~1\MICROS~2\Office14\1029\GrooveIntlResource.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\WgaTray.exe
c:\program files\Canon\IJPLM\IJPLMSVC.EXE
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\System32\nvsvc32.exe
c:\windows\System32\wbem\wmiapsrv.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\RUNDLL32.EXE
.
**************************************************************************
.
Celkový čas: 2013-02-24 10:12:53 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-02-24 09:12
.
Před spuštěním: 65195814912
Po spuštění: 65047396352
.
- - End Of File - - 83B42DDA306EC77A859F41D914271B39

[vyosek]

Jde Vam to skvele

Spustte znovu OTL

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  :reg
  [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
  "57306:TCP"=-
  "57306:UDP"=-
  "58062:TCP"=-
  "58062:UDP"=-
  "59098:TCP"=-
  "59098:UDP"=-
  "58090:TCP"=-
  "58090:UDP"=-
  [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
  "c:\documents and settings\PEPIK\Data aplikací\Facebook\facebook.exe"=-
  
  :files
  c:\documents and settings\PEPIK\Data aplikací\Ybsi
  c:\documents and settings\PEPIK\Data aplikací\Wioma
  c:\documents and settings\LocalService\Nabídka Start\Programy\Po spuštění\McA*.lnk
  %windir%\system32\*.tmp.dll /s
  %windir%\system32\SET*.tmp /s
  %windir%\*.tmp
  
  :commands
  [RESETHOSTS]
  [EMPTYTEMP]
  [EMPTYFLASH]
  [EMPTYJAVA]

• Nasledne kliknete na Opravit
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Napiste ci hlaska o kriminalite stale vyskakuje

[marvis]

All processes killed
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List not found.
Registry key HKEY_LOCAL_MACHINE\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List not found.
Registry key HKEY_LOCAL_MACHINE\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List not found.
Registry key HKEY_LOCAL_MACHINE\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List not found.
Registry key HKEY_LOCAL_MACHINE\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List not found.
Registry key HKEY_LOCAL_MACHINE\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List not found.
Registry key HKEY_LOCAL_MACHINE\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List not found.
Registry key HKEY_LOCAL_MACHINE\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List not found.
Registry key HKEY_LOCAL_MACHINE\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List not found.
========== FILES ==========
c:\documents and settings\PEPIK\Data aplikací\Ybsi folder moved successfully.
c:\documents and settings\PEPIK\Data aplikací\Wioma folder moved successfully.
c:\documents and settings\LocalService\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk moved successfully.
File/Folder C:\windows\system32\*.tmp.dll not found.
File/Folder C:\windows\system32\SET*.tmp not found.
File/Folder C:\windows\*.tmp not found.
========== COMMANDS ==========
C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default User
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 65536 bytes
->Temporary Internet Files folder emptied: 32835 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32835 bytes

User: PEPIK
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 6965551 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 574 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 7.00 mb


[EMPTYFLASH]

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: PEPIK
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb


[EMPTYJAVA]

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: PEPIK
->Java cache emptied: 0 bytes

Total Java Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 02242013_102359

Files\Folders moved on Reboot...
File move failed. C:\windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[marvis]

Naskakuje tam tohle Pravděbodobně jste se stal obětí softwarové kriminality tato kopie Windows nesplnuje podmínky ověření pravosti

[vyosek]

Aha, tak to neni primo ten vir co jsem mel na mysli, tohle je overeni pravosti (legalnosti) systemu windows - Pokud mate windows zakoupeny, tak jak to ma byt, tak kontaktujte podporu microsoftu, tam Vam poradi co dale...pokud nejsou legalni, tak s tim neudelame nic, nezbyde nez si licenci koupit...

[marvis]

aha a to se nedá nějak vypnout? dřív to tam nebylo a kolik to stojí myslím ten windows XP tedy jestli můžete poradir

[vyosek]

Vypnutim byste porusil zakon (autorska prava, licencni podminky - jelikoz ty jasne hovori, ze licenci musite mit zakoupenou - windows nejsou zdarma)...Nevim jestli v dnesni dobe jde licenci na XP koupit - je to hodne stary system jiz...
Info napr. zde http://www.zlegalizuj.cz/poradna-pro-wi ... ndows.html

Spise bych ale zauvazoval nad koupit noveho windows8 jehoz cena je temer stejna...

[marvis]

To máte pravdu, jenže kdo to nainstaluje to otázka, vůbec bych nevěděl jak to udělat.