"Twój komputer został zablokowany"- UKASH- PROSZĘ O POMOC

Kod:

:Processes

killallprocesses



:OTL

FF - prefs.js..browser.search.defaultengine: "Web Search"

FF - prefs.js..browser.search.defaultenginename: "WebSearch"

FF - prefs.js..browser.search.defaultenginename,S: S", "WebSearch"

FF - prefs.js..browser.search.defaultthis.engineName: "BitTorrentBar Customized Web Search"

FF - prefs.js..browser.search.defaulturl: "http://websearch.mocaflix.com/?l=1&q="

FF - prefs.js..browser.search.order.1: "WebSearch"

FF - prefs.js..browser.search.order.1,S: S", "WebSearch"

FF - prefs.js..extensions.enabledItems: [email protected]:1.1.4.0024

FF - prefs.js..keyword.URL: "http://websearch.mocaflix.com/?l=1&q="

[2002-01-09 20:07:28 | 000,002,059 | ---- | M] () -- C:\Documents and Settings\lolek.787F84AB93E84C4\Dane aplikacji\Mozilla\Firefox\Profiles\66bygi26.default\searchplugins\daemon-search.xml

[2012-11-11 17:52:23 | 000,002,353 | ---- | M] () -- C:\Documents and Settings\lolek.787F84AB93E84C4\Dane aplikacji\Mozilla\Firefox\Profiles\66bygi26.default\searchplugins\Funmoods.xml

[2012-06-03 19:35:54 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\lolek.787F84AB93E84C4\Dane aplikacji\Mozilla\Firefox\Profiles\66bygi26.default\searchplugins\startsear.xml

[2012-11-13 21:38:13 | 000,000,544 | ---- | M] () -- C:\Documents and Settings\lolek.787F84AB93E84C4\Dane aplikacji\Mozilla\Firefox\Profiles\66bygi26.default\searchplugins\WebSearch.xml

O4 - HKU\S-1-5-21-1417001333-1965331169-682003330-1003..\Run: [MSIDLL] C:\WINDOWS1\System32\msiixh32.dll ()



:Files

C:\WINDOWS1\system32\msdmo.dll

C:\WINDOWS1\system32\drivers\jqxqiadz.sys

C:\WINDOWS1\System32\mgking*.dll

C:\Documents and Settings\lolek\Dane aplikacji\Toolbar4

C:\WINDOWS1\system32\28463

C:\WINDOWS1\system32\mgking.exe

C:\WINDOWS1\svchost.exe

C:\Documents and Settings\lolek.787F84AB93E84C4\Menu Start\Programy\Autostart\winfirewall.exe



:Reg

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GLKQ Agent]

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\king_mg]

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\svchost]

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^lolek.787F84AB93E84C4^Menu Start^Programy^Autostart^winfirewall.exe]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"C:\WINDOWS1\svchost.exe"=-



:Services

jqxqiadz



:Commands

[emptytemp]

[emptyflash]

[Reboot]

Kod:

:Files

C:\Documents and Settings\lolek.787F84AB93E84C4\Dane aplikacji\Ask.com

C:\Documents and Settings\lolek.787F84AB93E84C4\Dane aplikacji\Babylon

C:\Documents and Settings\lolek.787F84AB93E84C4\Dane aplikacji\Toolbar4

C:\Program Files\eType Toolbar



:Reg

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eTypeToolbarHelper]

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^lolek.787F84AB93E84C4^Menu Start^Programy^Autostart^runctf.lnk]