Wirus ukash - pomocy!

[kleber]

Witam, mam problem jak w temacie zostałem nie mile przywitany dzisiaj okienkiem które pewnie już znacie ;p Pomożecie?!

OTL:http://wklej.org/id/872827/
Extres:http://wklej.org/id/872829/

[defacto19]

Uruchom OTL i w sekcji Własne opcje skanowania/Skrypt wklej:

:OTL
IE - HKLM\..\SearchScopes\{110a9ea2-8810-4c04-b916-cfd4e9427fec}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZXxdm022YYpl&ptb=F8D1F2AD-1D7C-4C0E-B4BC-F7070103614B&ind=2012010406&ptnrS=ZXxdm022YYpl&si=CL_uz4iHtq0CFS9ItAodn0_n8A&n=77ecd7a6&psa=&st=sb&searchfor={searchTerms}
IE - HKU\S-1-5-21-839522115-1035525444-682003330-1003\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=110823&babsrc=SP_ss&mntrId=745d099e000000000000001a4d9d3c56
IE - HKU\S-1-5-21-839522115-1035525444-682003330-1003\..\SearchScopes\{110a9ea2-8810-4c04-b916-cfd4e9427fec}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZXxdm022YYpl&ptb=F8D1F2AD-1D7C-4C0E-B4BC-F7070103614B&ind=2012010406&ptnrS=ZXxdm022YYpl&si=CL_uz4iHtq0CFS9ItAodn0_n8A&n=77ecd7a6&psa=&st=sb&searchfor={searchTerms}
IE - HKU\S-1-5-21-839522115-1035525444-682003330-1003\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={D1637286-0F16-4D41-AD75-F23EBB0D8FFA}&mid=036cbd8336924c93bdca620bc9c3f914-3dafd294c93ce465282fc5bb63608ae46c8a76e9&lang=pl&ds=ax011&pr=&d=2012-09-12 10:04:16&v=12.2.5.34&sap=dsp&q={searchTerms}
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..keyword.URL: "http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZXxdm022YYpl&ptnrS=ZXxdm022YYpl&si=CL_uz4iHtq0CFS9ItAodn0_n8A&ptb=F8D1F2AD-1D7C-4C0E-B4BC-F7070103614B&ind=2012010406&n=77ecd7a6&psa=&st=kwd&searchfor="
[2012-09-11 22:11:57 | 000,002,313 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
O2 - BHO: (Toolbar BHO) - {48909954-14fb-4971-a7b3-47e7af10b38a} - C:\Program Files\RadioRage_4j\bar\1.bin\4jbar.dll (MindSpark)
O2 - BHO: (Search Assistant BHO) - {5848763c-2668-44ca-adbe-2999a6ee2858} - C:\Program Files\RadioRage_4j\bar\1.bin\4jSrcAs.dll (MindSpark)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (RadioRage) - {78ba36c9-6036-482b-b48d-ecca6f964b84} - C:\Program Files\RadioRage_4j\bar\1.bin\4jbar.dll (MindSpark)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-839522115-1035525444-682003330-1003\..\Toolbar\WebBrowser: (RadioRage) - {78BA36C9-6036-482B-B48D-ECCA6F964B84} - C:\Program Files\RadioRage_4j\bar\1.bin\4jbar.dll (MindSpark)
O3 - HKU\S-1-5-21-839522115-1035525444-682003330-1003\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [RadioRage_4j Browser Plugin Loader] C:\Program Files\RadioRage_4j\bar\1.bin\4jbrmon.exe (VER_COMPANY_NAME)
O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found
O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found
O4 - HKU\S-1-5-19..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found
O4 - HKU\S-1-5-20..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found
O8 - Extra context menu item: &Search - http://tbedits.radiorage.com/one-toolbaredits/menusearch.jhtml?s=100000486&p=ZXxdm022YYpl&si=CL_uz4iHtq0CFS9ItAodn0_n8A&a=F8D1F2AD-1D7C-4C0E-B4BC-F7070103614B&n=2012010406&cv=1 File not found
[2012-11-14 19:36:19 | 000,001,056 | ---- | C] () -- C:\Documents and Settings\Czesiek\Menu Start\Programy\Autostart\ctfmon.lnk
[2012-11-14 19:36:11 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Dane aplikacji\lsass.exe
[2012-11-14 19:36:12 | 095,023,320 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\dsgsdgdsgdsgw.pad
[2011-11-29 22:53:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Czesiek\Dane aplikacji\Babylon
[2011-11-29 22:53:28 | 000,460,624 | ---- | C] () -- C:\Documents and Settings\Czesiek\Ustawienia lokalne\Dane aplikacji\promo.exe

:Files
C:\Documents and Settings\Czesiek\Dane aplikacji\Mozilla\Firefox\Profiles\4cbm7y69.default\extensions\toolbar@ask.com
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
C:\Program Files\Ask.com\Updater\Updater.exe

:Commands
[emptytemp]

Kliknij wykonaj skrypt. Zatwierdź restart komputera.

Uruchom AdwCleaner z opcji Delete.

Następnie Uruchom OTL ponownie i kliknij Skanuj. Przedstaw nowy log OTL.Txt oraz raport z Adwcleaner.