Ten komputer został zablokowany zaplac ukash

[siola3213]

Witam.
Prosze o pomoc i pisanie wszystkiego krok po kroku co nalezy zrobic.
Z gory dziekuje za pomoc.

[defacto19]

Uruchom OTL i w sekcji (Własne opcje skanowania/Skrypt)wklej:

:OTL
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (zlportio)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Garena\safedrv.sys -- (GGSAFERDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\Użytkownik\Pulpit\Portable MediaCoder\Portable MediaCoder\SysInfo.sys -- (CrystalSysInfo)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\UYTKOW~1\USTAWI~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (ALSysIO)
IE - HKU\S-1-5-21-1123561945-1547161642-725345543-1002\..\SearchScopes\{A7C7ABE8-ECD5-4ED6-B736-7738B312F169}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
IE - HKU\S-1-5-21-1123561945-1547161642-725345543-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-1123561945-1547161642-725345543-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?ei=utf-8&fr=greentree_ff1&type=937811&ilc=12&p="
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [yeyprzzuipnvuwk] C:\Documents and Settings\All Users\Dane aplikacji\yeyprzzu.exe ()
O4 - HKU\S-1-5-21-1123561945-1547161642-725345543-1002..\Run: [yeyprzzuipnvuwk] C:\Documents and Settings\All Users\Dane aplikacji\yeyprzzu.exe ()
O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found
O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O33 - MountPoints2\{3becff12-97a1-11e0-a2bf-0025223e00e3}\Shell\AutoRun\command - "" = I:\w9.exe
O33 - MountPoints2\{3becff12-97a1-11e0-a2bf-0025223e00e3}\Shell\open\Command - "" = I:\w9.exe
O33 - MountPoints2\{5b6d29ee-fade-11df-a147-0025223e00e3}\Shell\AutoRun\command - "" = F:\w9.exe
O33 - MountPoints2\{5b6d29ee-fade-11df-a147-0025223e00e3}\Shell\open\Command - "" = F:\w9.exe
O33 - MountPoints2\{5d59bece-3130-11e0-a1cb-0025223e00e3}\Shell\AutoRun\command - "" = H:\w9.exe
O33 - MountPoints2\{5d59bece-3130-11e0-a1cb-0025223e00e3}\Shell\open\Command - "" = H:\w9.exe
O33 - MountPoints2\{5d59becf-3130-11e0-a1cb-0025223e00e3}\Shell\AutoRun\command - "" = H:\w9.exe
O33 - MountPoints2\{5d59becf-3130-11e0-a1cb-0025223e00e3}\Shell\open\Command - "" = H:\w9.exe
O33 - MountPoints2\{6886a356-f004-11df-a12a-0025223e00e3}\Shell\AutoRun\command - "" = H:\w9.exe
O33 - MountPoints2\{6886a356-f004-11df-a12a-0025223e00e3}\Shell\open\Command - "" = H:\w9.exe
O33 - MountPoints2\{ec770149-ed83-11df-a124-0025223e00e3}\Shell\AutoRun\command - "" = F:\w9.exe
O33 - MountPoints2\{ec770149-ed83-11df-a124-0025223e00e3}\Shell\open\Command - "" = F:\
@Alternate Data Stream - 1271 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\Microsoft:G0F1j2X3caCZvfLR1Jan
@Alternate Data Stream - 1209 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\Microsoft:Z5DDtJVaCqvq0CNB4df9Ck7
@Alternate Data Stream - 1101 bytes -> C:\Documents and Settings\Użytkownik\Cookies:zmL0Wpk56WMVgtSeFLZgb
@Alternate Data Stream - 1074 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\Microsoft:sze0mXiRopNcelxlkJWXjRQe9

:Files
C:\32788R22FWJFW
C:\Documents and Settings\All Users\Dane aplikacji\ajooovjdabpvatr
C:\Documents and Settings\All Users\Dane aplikacji\yeyprzzu.exe
C:\Documents and Settings\All Users\Dane aplikacji\trsxzqlyikgubsj
C:\Documents and Settings\Użytkownik\Ustawienia lokalne\Dane aplikacji\Geckofx
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1123561945-1547161642-725345543-1002.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1123561945-1547161642-725345543-1002.job
C:\Documents and Settings\Użytkownik\Dane aplikacji\facemoods.com
C:\Documents and Settings\Użytkownik\*.tmp

:Commands
[emptytemp]

Kliknij Wykonaj skrypt.Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie. Następnie uruchom OTL ponownie, i kliknij skanuj.
Pokaż nowy log OTL.txt oraz raport z usuwania.