Naruszenie prawa-Ukash

[Benio70]

Witam. Posiadam znany wam problem, otóż mam blokadę ukash na jednym z systemów(zainstalowałem sobie drugi), moje systemy to windows xp 32bit. Proszę o odpowiedź.

OTL.Txt

Extras.Txt

[picasso]

1. Uruchom OTL i w sekcji Własne opcje skanowania / skrypt wklej:

 

:OTL
O4 - HKLM..\Run: [TabbtnEx] C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\3565\TabbtnEx.exe ()
 
:Files
C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\3565
C:\Documents and Settings\Admin\Dane aplikacji\hellomoto
C:\Program Files\mozilla firefox\searchplugins\v9.xml
 
:Reg
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=-
"Start Page"="about:blank"
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}]
 
:Commands
[emptytemp]

 

Adnotacja dla innych czytających: skrypt unikatowy - dopasowany tylko i wyłącznie pod ten system, proszę nie stosować na swoich systemach.

 

Klik w Wykonaj skrypt. System zostanie zrestartowany i otrzymasz log z wynikami usuwania.

 

2. Przejdź do Panelu sterowania i odinstaluj adware: TheBflix + uTorrentControl2 Toolbar + V9 HomeTool. Powtórz usuwanie w menedżerze dodatków Firefox.

 

3. Zastosuj AdwCleaner z opcji Delete. Na dysku C powstanie log.

 

4. Wygeneruj nowy log OTL z opcji Skanuj (już bez Extras). Dołącz logi z usuwania OTL i AdwCleaner.

 

 

 

.

[Benio70]

Logi:

 

Log z kasowanego wirusa:

 

All processes killed

========== OTL ==========

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\TabbtnEx deleted successfully.

C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\3565\TabbtnEx.exe moved successfully.

========== FILES ==========

C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\3565 folder moved successfully.

C:\Documents and Settings\Admin\Dane aplikacji\hellomoto folder moved successfully.

C:\Program Files\mozilla firefox\searchplugins\v9.xml moved successfully.

========== REGISTRY ==========

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL deleted successfully.

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\"Start Page"|"about:blank" /E : value set successfully!

Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: Admin

- Temp folder emptied: 1484221786 bytes

- Temporary Internet Files folder emptied: 20080031 bytes

- Java cache emptied: 456689 bytes

- FireFox cache emptied: 56126124 bytes

- Flash cache emptied: 43259 bytes

 

User: All Users

 

User: Default User

- Temp folder emptied: 0 bytes

- Temporary Internet Files folder emptied: 33170 bytes

- Flash cache emptied: 56475 bytes

 

User: LocalService

- Temp folder emptied: 0 bytes

- Temporary Internet Files folder emptied: 35274 bytes

 

User: NetworkService

- Temp folder emptied: 0 bytes

- Temporary Internet Files folder emptied: 33237 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 2148726 bytes

%systemroot%\System32 .tmp files removed: 2596 bytes

%systemroot%\System32\dllcache .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 12160 bytes

Windows Temp folder emptied: 2497076 bytes

RecycleBin emptied: 15204963 bytes

 

Total Files Cleaned = 1 508,00 mb

 

 

OTL by OldTimer - Version 3.2.53.1 log created on 07062012_190951

 

Files\Folders moved on Reboot...

 

PendingFileRenameOperations files...

 

Registry entries deleted on Reboot...

 

 

Log z adwcleaner:

 

# AdwCleaner v1.701 - Logfile created 07/06/2012 at 19:32:28

# Updated 02/07/2012 by Xplode

# Operating system : Microsoft Windows XP Dodatek Service Pack 3 (32 bits)

# User : Admin - ADMIN-3E7A6A705

# Running from : C:\Documents and Settings\Admin\Moje dokumenty\Pobieranie\adwcleaner.exe

# Option [Delete]

 

 

***** [services] *****

 

 

***** [Files / Folders] *****

 

Folder Deleted : C:\Program Files\Conduit

 

***** [Registry] *****

• Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3072253

  Key Deleted : HKCU\Software\AppDataLow\Software\Conduit

  Key Deleted : HKCU\Software\Conduit

  Key Deleted : HKCU\Software\ConduitSearchScopes

  Key Deleted : HKCU\Software\Softonic

  Key Deleted : HKLM\SOFTWARE\Conduit

   

  ***** [Registre - GUID] *****

   

  Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{38EE5CEE-4B62-11D3-854F-00A0C9C898E7}

  Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

  Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8D670533-270B-4549-B19B-414FB9C6EBDB}

  Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A3F2A195-0D11-463b-96BB-D2FF1B7490A1}

  Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ECD0ECC6-DCA4-4013-A915-12355AB70999}

   

  ***** [internet Browsers] *****

   

  -\\ Internet Explorer v8.0.6001.18702

   

  [OK] Registry is clean.

   

  *************************

   

  AdwCleaner[R1].txt - [1411 octets] - [06/07/2012 19:31:16]

  AdwCleaner[s1].txt - [1366 octets] - [06/07/2012 19:32:28]

   

  ########## EOF - C:\AdwCleaner[s1].txt - [1494 octets] #######

   

   

  Skan z OTL po wszystkim:

   

  EDYCJA od picasso: log urwany. Usuwam, proszę dodać poprawny raport.

[picasso]

Co to za sieczka? Log z OTL urwany w połowie. Proszę zrobić nowy skan, poprawić post powyżej i wstawić OTL jako załączniki posta.

Edytowane 27 Sierpnia 2012 przez picasso
27.08.2012 - Temat zostaje zamknięty z powodu braku odpowiedzi. //picasso