Oto one :
Dodano Dzisiaj, 18:42:
Niema nikt zadnych pomyslow ???
Aktualizacje na programosy.pl:
TubeDigger • Eusing Free Registry Cleaner • Syncovery • Free YouTube to MP3 Converter • Argente Utilities • Chromium • Kaspersky Rescue Disk • Vim • reaConverter Lite
-
- Ogłoszenie:
Ukash zablokowany komputer
2 posty(ów) • Strona 1 z 1
Ukash zablokowany komputer
przez misiek161 09 Sie 2012, 16:46
Oto one :
Dodano Dzisiaj, 18:42:
Niema nikt zadnych pomyslow ???
- Załączniki
-
OTL.Txt- (234.17 KiB) Ściągnięto 39 razy
-
- Extras.Txt
- (87.75 KiB) Ściągnięto 32 razy
Ukash zablokowany komputer
przez defacto19 10 Sie 2012, 11:29
Odinstaluj:
Zastosuj Adwcleaner -> http://general-changelog-team.fr/en/tools/15-adwcleaner z opcji Delete.
Pokaż raport z niego C:\AdwCleaner[S1].txt
Uruchom OTL i w sekcji (Własne opcje skanowania/Skrypt) wklej:
Kliknij Wykonaj skrypt. Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie. Następnie uruchom OTL ponownie, i kliknij skanuj.
Pokaż nowy log OTL.txt oraz raporty z usuwania.
SearchYa Toolbar on IE and Chrome
free-downloads.net Toolbar
DAEMON Tools Toolbar
Funmoods Web Search
Contribute Toolbar
Facemoods Toolbar
Reganam Toolbar
Winamp Toolbar
Skype Toolbars
Zastosuj Adwcleaner -> http://general-changelog-team.fr/en/tools/15-adwcleaner z opcji Delete.
Pokaż raport z niego C:\AdwCleaner[S1].txt
Uruchom OTL i w sekcji (Własne opcje skanowania/Skrypt) wklej:
:OTL
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.funmoods.com/?f=1&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1QzuyB0AyBzytDyDyEyDzz0AtCzy0EyCzytAtN0D0Tzu0StBtCyDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1543338681
IE:64bit: - HKLM\..\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}: "URL" = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1QzuyB0AyBzytDyDyEyDzz0AtCzy0EyCzytAtN0D0Tzu0StBtCyDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1543338681
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.funmoods.com/?f=1&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1QzuyB0AyBzytDyDyEyDzz0AtCzy0EyCzytAtN0D0Tzu0StBtCyDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1543338681
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchya.com/?chnl=dcom-100&s=1&cr=914423506&cd=2XzutAtN2Y1L1QzutN0D0TzutBtDtCtBtDyCtDtC&q=
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKLM\..\URLSearchHook: {db9d7a78-a76c-4bf2-97c6-258925ee1542} - C:\Program Files (x86)\Reganam\tbRega.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files (x86)\free-downloads.net\tbfree.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1098640
IE - HKLM\..\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}: "URL" = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1QzuyB0AyBzytDyDyEyDzz0AtCzy0EyCzytAtN0D0Tzu0StBtCyDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1543338681
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.funmoods.com/?f=1&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1QzuyB0AyBzytDyDyEyDzz0AtCzy0EyCzytAtN0D0Tzu0StBtCyDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1543338681
IE - HKCU\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKCU\..\URLSearchHook: {db9d7a78-a76c-4bf2-97c6-258925ee1542} - C:\Program Files (x86)\Reganam\tbRega.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files (x86)\free-downloads.net\tbfree.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=bf2&s={searchTerms}&f=4
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=113480&babsrc=SP_ss_cr&mntrId=9e77e693000000000000002185948066
IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1098640
IE - HKCU\..\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}: "URL" = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1QzuyB0AyBzytDyDyEyDzz0AtCzy0EyCzytAtN0D0Tzu0StBtCyDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1543338681
IE - HKCU\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
IE - HKCU\..\SearchScopes\94A2AE90-7B04-4CE9-92A8-E74303397600: "URL" = http://searchya.com/?chnl=dcom-100&s=1&cr=914423506&cd=2XzutAtN2Y1L1QzutN0D0TzutBtDtCtBtDyCtDtC&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
O2 - BHO: (I Want This) - {11111111-1111-1111-1111-110011221158} - C:\Program Files (x86)\I Want This\I Want This.dll (215 Apps)
O2 - BHO: (ShoppingReport2) - {258C9770-1713-4021-8D7E-1F184A2BD754} - C:\Program Files (x86)\ShoppingReport2\Bin\2.7.37\ShoppingReport.dll (SmartShopper Networks)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4:64bit: - HKLM..\Run: [EmpoweringTechnology] C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe boot File not found
O4 - HKLM..\Run: [HDD Regenerator] "C:\Program Files (x86)\HDD Regenerator\HDD Regenerator.exe" File not found
O4 - HKCU..\Run: [BitComet] "C:\Program Files (x86)\BitComet\BitComet.exe" /tray File not found
O4 - HKCU..\Run: [RGSC] D:\Gry\GTA\Grand Theft Auto IV\Rockstar Games Social Club\RGSCLauncher.exe /silent File not found
O4 - HKCU..\Run: [sqlncli] C:\Users\operator\AppData\Local\Microsoft\Windows\2675\sqlncli.exe ()
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O4 - Startup: C:\Users\operator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Media Player.lnk = C:\Program Files (x86)\Adobe Media Player\Adobe Media Player.exe ()
O4 - Startup: C:\Users\operator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\The Matrix_ Path of Neo Registration.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O8:64bit: - Extra context menu item: Pobierz z &BitSpirit - C:\Program Files (x86)\BitSpirit\bsurl.htm ()
O8 - Extra context menu item: Pobierz z &BitSpirit - C:\Program Files (x86)\BitSpirit\bsurl.htm ()
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O33 - MountPoints2\{49412f5e-d270-11e1-baea-c58e886601e1}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\WoauRud.exE
O33 - MountPoints2\{a14f471e-50f6-11df-8f66-002185948066}\Shell\AutoRun\command - "" = L:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\system32.exe
O33 - MountPoints2\{a14f471e-50f6-11df-8f66-002185948066}\Shell\open\command - "" = L:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\system32.exe
O33 - MountPoints2\{a14f4722-50f6-11df-8f66-002185948066}\Shell\AutoRun\command - "" = M:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\system32.exe
O33 - MountPoints2\{a14f4722-50f6-11df-8f66-002185948066}\Shell\open\command - "" = M:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\system32.exe
O33 - MountPoints2\{c0ab0b1b-789f-11df-945d-002185948066}\Shell\AutoRun\command - "" = L:\EXPLORER.EXE
O33 - MountPoints2\{c0ab0b1b-789f-11df-945d-002185948066}\Shell\explore\Command - "" = L:\EXPLORER.EXE
O33 - MountPoints2\{c0ab0b1b-789f-11df-945d-002185948066}\Shell\open\Command - "" = L:\EXPLORER.EXE
O33 - MountPoints2\{cae5e740-0468-11e1-bfce-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{cae5e740-0468-11e1-bfce-806e6f6e6963}\Shell\AutoRun\command - "" = K:\Autorun.exe
O33 - MountPoints2\{cae5e741-0468-11e1-bfce-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{cae5e741-0468-11e1-bfce-806e6f6e6963}\Shell\AutoRun\command - "" = M:\Autorun.exe
O33 - MountPoints2\{d9a95639-322e-11e0-86a0-002185948066}\Shell\AutoRun\command - "" = L:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\system32.exe
O33 - MountPoints2\{d9a95639-322e-11e0-86a0-002185948066}\Shell\open\command - "" = L:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\system32.exe
O33 - MountPoints2\{ffedfb20-42ff-11df-8dee-002185948066}\Shell - "" = AutoRun
O33 - MountPoints2\{ffedfb20-42ff-11df-8dee-002185948066}\Shell\AutoRun\command - "" = K:\autorun.exe
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:B755D674
:Files
C:\Users\operator\AppData\Local\Microsoft\Windows\2675
C:\Users\operator\AppData\Roaming\hellomoto
C:\Users\operator\AppData\Local\Temp*.html
C:\Windows\bthservsdp.dat
:Commands
[emptytemp]
Kliknij Wykonaj skrypt. Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie. Następnie uruchom OTL ponownie, i kliknij skanuj.
Pokaż nowy log OTL.txt oraz raporty z usuwania.
- defacto19
- ~user
- Posty: 205
- Dołączenie: 23 Cze 2012, 11:51
- Pochwały: 42
2 posty(ów) • Strona 1 z 1
Kto jest na forum
Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 12 gości