Zablokowanie systemu przez UKASH

[StunterSTC]

Witam mam ten sam problem https://www.fixitpc.pl/topic/9332-ukash-blokada-komputera-szybka-pomoc/, dodaje załączniki ze skanu i co dalej począć?

Z góry dziękuję za pomoc.

OTL.Txt

Extras.Txt

[Landuss]

1. Wejdź w panel usuwania programów i odinstaluj śmieci: Ask Toolbar / Ask Toolbar Updater / Babylon toolbar on IE / toolplugin

 

2. Uruchom AdwCleaner z opcji Delete

 

3. Uruchom OTL i w oknie Własne opcje skanowania/Skrypt wklej następujący tekst:

 

:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http: //www.bigseekpro.com/hypercam/{6F0402B0-A2AE-47A5-A111-D70DED1AB1DF}
IE - HKLM\..\SearchScopes,DefaultScope = {AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
IE - HKLM\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http: //search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=GRxdm047YYPL&ptb=cyld0J1GZzUftW2kCi3bFg&ind=2011043017&ptnrS=GRxdm047YYPL&si=&n=77de14c9&psa=&st=sb&searchfor={searchTerms}
IE - HKLM\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = http: //search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2612669
IE - HKU\S-1-5-21-3768086176-527317304-1811456409-1001\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - No CLSID value found
IE - HKU\S-1-5-21-3768086176-527317304-1811456409-1001\..\URLSearchHook: {90b49673-5506-483e-b92b-ca0265bd9ca8} - No CLSID value found
IE - HKU\S-1-5-21-3768086176-527317304-1811456409-1001\..\SearchScopes,DefaultScope = {AC54F9CC-29DE-4448-8F36-61E3318D8DC4}
IE - HKU\S-1-5-21-3768086176-527317304-1811456409-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http: //findgala.com/?&uid=5687&q={searchTerms}
IE - HKU\S-1-5-21-3768086176-527317304-1811456409-1001\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http: //websearch.ask.com/redirect?client=ie&tb=ORJ&o=13757&src=crm&q={searchTerms}&locale=en_EU&apn_ptnrs=W3&apn_dtid=OSJ000&apn_uid=9304FB92-15D8-4072-B7D8-F7C194B99BAD&apn_sauid=ED587B7F-51A4-49E8-8A55-867D7AACCE86
IE - HKU\S-1-5-21-3768086176-527317304-1811456409-1001\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http: //search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=GRxdm047YYPL&ptb=cyld0J1GZzUftW2kCi3bFg&ind=2011043017&ptnrS=GRxdm047YYPL&si=&n=77de14c9&psa=&st=sb&searchfor={searchTerms}
IE - HKU\S-1-5-21-3768086176-527317304-1811456409-1001\..\SearchScopes\{89F4BF6C-5D9F-4B56-9918-37428B052231}: "URL" = http: //rover.ebay.com/rover/1/4908-44618-9400-8/4?satitle={searchTerms}
IE - HKU\S-1-5-21-3768086176-527317304-1811456409-1001\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = http: //www.bigseekpro.com/search/browser/hypercam/{6F0402B0-A2AE-47A5-A111-D70DED1AB1DF}?q={searchTerms}
IE - HKU\S-1-5-21-3768086176-527317304-1811456409-1001\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = http: //search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2612669
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Search the web"
FF - prefs.js..browser.search.defaultthis.engineName: "IMVU Inc Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2612669&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Search the web
FF - prefs.js..browser.search.selectedEngine: "Search the web"
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: m3ffxtbr@mywebsearch.com:1.1
FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.2.0
FF - user.js..browser.search.selectedEngine: "Search the web"
FF - user.js..browser.search.order.1: "Search the web"
FF - user.js..browser.search.defaultenginename: "Search the web"
[2012-06-09 16:45:03 | 000,000,000 | ---D | M] (IMVU Inc Community Toolbar) -- C:\Users\kylo\AppData\Roaming\mozilla\Firefox\Profiles\pmj7lnmf.default\extensions\{90b49673-5506-483e-b92b-ca0265bd9ca8}
[2012-06-08 18:43:13 | 000,000,000 | ---D | M] (Babylon-EnglishBB Community Toolbar) -- C:\Users\kylo\AppData\Roaming\mozilla\Firefox\Profiles\pmj7lnmf.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}
[2011-03-26 02:10:48 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\kylo\AppData\Roaming\mozilla\Firefox\Profiles\pmj7lnmf.default\extensions\engine@conduit.com
[2012-01-01 23:41:07 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\kylo\AppData\Roaming\mozilla\Firefox\Profiles\pmj7lnmf.default\extensions\ffxtlbr@babylon.com
[2010-08-16 03:46:54 | 000,000,000 | ---D | M] (Facemoods) -- C:\Users\kylo\AppData\Roaming\mozilla\Firefox\Profiles\pmj7lnmf.default\extensions\ffxtlbr@Facemoods.com
[2011-10-13 21:54:21 | 000,000,000 | ---D | M] (My Web Search) -- C:\Users\kylo\AppData\Roaming\mozilla\Firefox\Profiles\pmj7lnmf.default\extensions\m3ffxtbr@mywebsearch.com
[2012-04-25 10:13:05 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Users\kylo\AppData\Roaming\mozilla\Firefox\Profiles\pmj7lnmf.default\extensions\toolbar@ask.com
[2011-10-31 02:24:44 | 000,000,000 | ---D | M] (toolplugin) -- C:\Users\kylo\AppData\Roaming\mozilla\Firefox\Profiles\pmj7lnmf.default\extensions\welcome@toolmin.com
[2010-11-20 01:21:29 | 000,002,394 | ---- | M] () -- C:\Users\kylo\AppData\Roaming\Mozilla\Firefox\Profiles\pmj7lnmf.default\searchplugins\askcom.xml
[2011-08-29 17:47:04 | 000,000,919 | ---- | M] () -- C:\Users\kylo\AppData\Roaming\Mozilla\Firefox\Profiles\pmj7lnmf.default\searchplugins\conduit.xml
[2011-05-01 12:18:32 | 000,000,000 | ---- | M] () -- C:\Users\kylo\AppData\Roaming\Mozilla\Firefox\Profiles\pmj7lnmf.default\searchplugins\mywebsearch.xml
[2012-01-10 09:41:03 | 000,001,210 | ---- | M] () -- C:\Users\kylo\AppData\Roaming\Mozilla\Firefox\Profiles\pmj7lnmf.default\searchplugins\search.xml
[2012-01-01 23:40:43 | 000,002,310 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2011-10-31 02:24:44 | 000,000,158 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search the web.src
O3 - HKLM\..\Toolbar: (no name) - {005B8FC3-0F7E-45DD-8A2F-E352D67EDBFC} - No CLSID value found.
O3 - HKLM\..\Toolbar: (toolplugin) - {DFEFCDEE-CF1A-4FC8-89AF-189327213627} - C:\Users\kylo\AppData\Roaming\toolplugin\toolbar.dll File not found
O3 - HKU\S-1-5-21-3768086176-527317304-1811456409-1001\..\Toolbar\WebBrowser: (no name) - {005B8FC3-0F7E-45DD-8A2F-E352D67EDBFC} - No CLSID value found.
O4 - HKU\S-1-5-21-3768086176-527317304-1811456409-1001..\Run: [AdobeBridge]  File not found
O4 - HKU\S-1-5-21-3768086176-527317304-1811456409-1001..\Run: [termmgr] C:\Users\kylo\AppData\Local\Microsoft\Windows\2358\termmgr.exe ()
O4 - HKU\S-1-5-21-3768086176-527317304-1811456409-1001..\Run: [Wisdom-soft ScreenHunter 5.1 Pro] 0 File not found
 
:Files
C:\Users\kylo\AppData\Local\Temp*.html
C:\Users\kylo\AppData\Roaming\hellomoto
C:\Users\kylo\AppData\Local\Microsoft\Windows\2358
 
:Commands
[emptytemp]

 

Adnotacja dla innych czytających: skrypt unikatowy - dopasowany tylko i wyłącznie pod ten system, proszę nie stosować na swoich systemach.

 

Kliknij w Wykonaj skrypt. Zatwierdź restart komputera.

 

4. Uruchamiasz OTL ponownie, tym razem wywołujesz opcję Skanuj. Pokazujesz nowe logi z OTL

[StunterSTC]

Wykonane: drugie logi.

 

Słucham dalszych wskazówek.

OTL.Txt

[Landuss]

Przejdź do czynności końcowych:

 

1. Użyj opcji Sprzątanie z OTL.

 

2. Opróżnij folder przywracania systemu: KLIK

 

3. Zaktualizuj IE oraz Jave 32bit do najnowszej wersji: KLIK

 

4. Dla bezpieczeństwa zmień hasła logowania do serwisów w sieci.