Prośba o sprawdzenie logów

[karolekarolcia]

Dostępne tylko dla zarejestrowanych użytkowników


Regulamin bezpieczeństwa

Proszę nie korzystać z tagów QUOTE oraz CODE
Do wrzucania logów korzystamy tylko i jedynie z serwisu Dostępne tylko dla zarejestrowanych użytkowników

Proszę zastosować się do regulaminu/przeczytać, opisać z czym masz problem,
jakie kroki zostały podjęte itd.
XMan.

[kominekl]

"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = IB Updater 2.0.0.574
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.03
"{0C43FE6B-E881-4AFC-B384-4AEBC90047E8}" = SweetPacks bundle uninstaller
"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = BrowserProtect
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{A0C9DF2B-89B5-4483-8983-18A68200F1B4}" = SweetIM for Messenger 3.7
"{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}" = Internet Explorer Toolbar 4.6 by SweetPacks
"{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1}" = Babylon Chrome Toolbar
"AVG Secure Search" = AVG Security Toolbar
"AVS Screen Capture_is1" = AVS Screen Capture version 2.0.2
"AVS Update Manager_is1" = AVS Update Manager 1.0
"1ClickDownload" = FTDownloader
"BabylonToolbar" = Babylon toolbar
"Battlelog Web Plugins" = Battlelog Web Plugins
"delta" = Delta toolbar
"Delta Chrome Toolbar" = Delta Chrome Toolbar
"UnityWebPlayer" = Unity Web Player
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater
"WNLT" = IB Updater Service
"Softonic" = Softonic toolbar on IE
"TUTO4PC_is1" = TUTO4PC
"tuto4pc_pl_6_is1" = tuto4pc_pl_6
"incredibar" = Incredibar Toolbar on IE
"Zune" = Zune

Odinstaluj to oprogramowanie (Zune tylko w przypadku, gdy nie używasz).

CHR - homepage: Dostępne tylko dla zarejestrowanych użytkowników

Dostępne tylko dla zarejestrowanych użytkowników.

Logi.

Uruchom OTL -> w oknie Własne opcje skanowania/skrypt wklej:

:OTL

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Dostępne tylko dla zarejestrowanych użytkowników{CA61CAAE-46B5-11E2-A37E-3085A993D0FD}
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&crg=3.1010000.10002&barid={CA61CAAE-46B5-11E2-A37E-3085A993D0FD}
IE - HKU\S-1-5-21-1386151057-253573524-3365237324-1000\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = Dostępne tylko dla zarejestrowanych użytkowników
IE - HKU\S-1-5-21-1386151057-253573524-3365237324-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Dostępne tylko dla zarejestrowanych użytkowników
IE - HKU\S-1-5-21-1386151057-253573524-3365237324-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-1386151057-253573524-3365237324-1000\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKU\S-1-5-21-1386151057-253573524-3365237324-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-1386151057-253573524-3365237324-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-1386151057-253573524-3365237324-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&affID=119535&babsrc=SP_ss&mntrId=C0113085A993D0FD
IE - HKU\S-1-5-21-1386151057-253573524-3365237324-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searc}
IE - HKU\S-1-5-21-1386151057-253573524-3365237324-1000\..\SearchScopes\{8BA2B24B-A816-4DBD-BA2D-E4161FCA25D3}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000
IE - HKU\S-1-5-21-1386151057-253573524-3365237324-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{C93156D6-ABA9-4772-B3D6-DCAA109FCD22}&mid=b82ccdcacce94a29a609a34236037b29-9186f0ae508a778003fb77779a8951c9d5528274&lang=pl&ds=ax011&pr=&d=2012-12-12 22:02:47&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-1386151057-253573524-3365237324-1000\..\SearchScopes\{B4A7470E-810F-4A8A-9658-B4560319E0B2}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-1386151057-253573524-3365237324-1000\..\SearchScopes\{B50579C4-D6B4-4361-9665-A8FDFC07A21E}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&SearchSource=4&cc=&r=429
IE - HKU\S-1-5-21-1386151057-253573524-3365237324-1000\..\SearchScopes\{C5572294-8F71-4B39-8491-AA321D5BCF85}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&src=IE-SearchBox
IE - HKU\S-1-5-21-1386151057-253573524-3365237324-1000\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&loc=IB_DS&a=6PQTh60GCG&i=26
IE - HKU\S-1-5-21-1386151057-253573524-3365237324-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&crg=3.1010000.10002&barid={CA61CAAE-46B5-11E2-A37E-3085A993D0FD}
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.3: C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\ja\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\IB UPDATER\FIREFOX [2013-02-27 19:19:08 | 000,000,000 | ---D | M]
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}: C:\PROGRAM FILES\IB UPDATER\FIREFOX [2013-02-27 19:19:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\14.2.0.1 [2013-02-19 07:33:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\IB Updater\Firefox [2013-02-27 19:19:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}: C:\Program Files\IB Updater\Firefox [2013-02-27 19:19:08 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{0F827075-B026-42F3-885D-98981EE7B1AE}: C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension [2013-04-12 16:47:55 | 000,000,000 | ---D | M]
CHR - Extension: No name found = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: No name found = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh\5.0.203.0_0\
CHR - Extension: No name found = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\
CHR - Extension: No name found = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnicibfhgjnjneeglhmpcaadoidafldl\1.0_0\
CHR - Extension: No name found = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.11_0\
CHR - Extension: No name found = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.574_0\
CHR - Extension: No name found = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.1_0\
CHR - Extension: No name found = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgfdfcbeamjnjdejakdidpniblllnbpg\1.0.0.0_0\
CHR - Extension: No name found = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkjoindjjcmbdpbfppabdgflnkgbbcli\1.0_0\
CHR - Extension: No name found = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.2.0.0_0\
CHR - Extension: No name found = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\14.2.0.1_0\
CHR - Extension: No name found = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhbmpilemgmpbdaniehhmodkkppkelec\7_0\
CHR - Extension: No name found = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.2_0\
CHR - Extension: No name found = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\opjonmehjfmkejjifhhknofdnacklmjk\2_0\
CHR - Extension: No name found = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\
CHR - Extension: No name found = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: No name found = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: No name found = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh\5.0.203.0_0\
CHR - Extension: No name found = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\
CHR - Extension: No name found = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnicibfhgjnjneeglhmpcaadoidafldl\1.0_0\
CHR - Extension: No name found = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.11_0\
CHR - Extension: No name found = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.574_0\
CHR - Extension: No name found = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.1_0\
CHR - Extension: No name found = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgfdfcbeamjnjdejakdidpniblllnbpg\1.0.0.0_0\
CHR - Extension: No name found = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkjoindjjcmbdpbfppabdgflnkgbbcli\1.0_0\
CHR - Extension: No name found = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.2.0.0_0\
CHR - Extension: No name found = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\14.2.0.1_0\
CHR - Extension: No name found = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhbmpilemgmpbdaniehhmodkkppkelec\7_0\
CHR - Extension: No name found = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.2_0\
CHR - Extension: No name found = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\opjonmehjfmkejjifhhknofdnacklmjk\2_0\
CHR - Extension: No name found = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\
CHR - Extension: No name found = C:\Users\ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O3 - HKLM\..\Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKU\S-1-5-21-1386151057-253573524-3365237324-1000..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent File not found
O4 - HKU\S-1-5-21-1386151057-253573524-3365237324-1000..\Run: [MSConfig] C:\Users\ja\ckme.exe ()
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-1386151057-253573524-3365237324-1001..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\ja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
[2013-04-12 16:48:02 | 000,000,000 | ---D | C] -- C:\Users\ja\AppData\Roaming\Systweak
[2013-04-12 16:48:00 | 000,019,896 | ---- | C] (Systweak Inc., (Dostępne tylko dla zarejestrowanych użytkowników)) -- C:\Windows\SysNative\roboot64.exe
[2013-04-12 16:48:00 | 000,000,000 | ---D | C] -- C:\Users\ja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect
[2013-04-12 16:47:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Delta
[2013-04-12 16:47:43 | 000,000,000 | ---D | C] -- C:\Users\ja\AppData\Roaming\Delta
[2013-04-10 17:58:10 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\jmdp
[2013-04-10 17:58:10 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ARFC
[2012-12-18 18:51:31 | 000,000,000 | ---D | M] -- C:\Users\ja\AppData\Roaming\Babylon
[2013-04-12 16:47:43 | 000,000,000 | ---D | M] -- C:\Users\ja\AppData\Roaming\Delta

:Services
gupdate
gupdatem

:Files
C:\Program Files (x86)\Google\Update
C:\Windows\tasks\*.*
C:\Users\ja\AppData\Roaming\BabMaint.exe

:Reg
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

:Commands
[clearallrestorepoints]
[emptytemp]

Klikasz Wykonaj skrypt. Dajesz log z usuwania. Następnie podaj log z Dostępne tylko dla zarejestrowanych użytkowników (z opcji Delete) + log z TDSSKiller + nowe logi z OTL.