Prosze o sprawdzenie loga z OTL

[Dejwido]

Witam. Proszę o sprawdzenie loga z OTL.
Extras Dostępne tylko dla zarejestrowanych użytkowników
OTL Dostępne tylko dla zarejestrowanych użytkowników

[kominekl]

Witam. Proszę o sprawdzenie loga z OTL.
Extras Dostępne tylko dla zarejestrowanych użytkowników
OTL Dostępne tylko dla zarejestrowanych użytkowników

Każdy ma mieć własny temat. Proszę wydzielić.

"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Click to Call with Skype
"UnityWebPlayer" = Unity Web Player
"Rejestracja użytkownika drukarki Canon MP140 series" = Rejestracja użytkownika drukarki Canon MP140 series

Odinstaluj.

Logi.

Uruchom OTL -> w oknie Własne opcje skanowania/skrypt wklej:

:OTL

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = agoogle.pl
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Dawid\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Dawid\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Dawid\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
O4 - Startup: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk = C:\Users\Dawid\AppData\Local\Facebook\Messenger\2.1.4590.0\FacebookMessenger.exe (Facebook)
F3:64bit: - HKCU WinNT: Load - (C:\Users\Dawid\LOCALS~1\Temp\msubiey.bat) - File not found
F3 - HKCU WinNT: Load - (C:\Users\Dawid\LOCALS~1\Temp\msubiey.bat) - File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O8:64bit: - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} Dostępne tylko dla zarejestrowanych użytkowników (Reg Error: Key error.)
[2013-03-27 21:14:09 | 000,000,000 | ---D | C] -- C:\Users\Dawid\AppData\Roaming\Systweak
[2013-03-14 21:59:39 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2013-03-14 21:59:09 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2013-03-26 21:44:00 | 035,689,360 | ---- | C] () -- C:\Users\Dawid\Desktop\Eu1roTru1ckSi1mulator2_1_1_1_patch.exe
[2012-09-15 10:42:07 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\AVG
[2012-11-13 18:51:50 | 000,000,000 | RHSD | M] -- C:\Users\Dawid\AppData\Roaming\System32
[2013-03-27 21:54:41 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Systweak
[2013-02-01 21:44:13 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\TuneUp Software
[2011-09-18 19:55:58 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Unity

:Files
C:\Program Files (x86)\Google\Update
C:\Users\Dawid\AppData\Local\Google\Update
C:\Users\Dawid\AppData\Local\Facebook

:Reg
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

:Commands
[clearallrestorepoints]
[emptytemp]

Klikasz Wykonaj skrypt. Dajesz log z usuwania. Następnie podaj log z TDSSKiller + log z Dostępne tylko dla zarejestrowanych użytkowników (z opcji Delete) + nowe logi z OTL.

[Dejwido]

Log z usuwania:
All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0\ deleted successfully.
c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
File C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll not found.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
C:\Users\Dawid\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll moved successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
File C:\Users\Dawid\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll not found.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0\ not found.
File C:\Users\Dawid\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll not found.
C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk moved successfully.
C:\Users\Dawid\AppData\Local\Facebook\Messenger\2.1.4590.0\FacebookMessenger.exe moved successfully.
64bit-Registry delete failed. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\Load:C:\Users\Dawid\LOCALS~1\Temp\msubiey.bat scheduled to be deleted on reboot.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\Load:C:\Users\Dawid\LOCALS~1\Temp\msubiey.bat deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&ksportuj do programu Microsoft Excel\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&ksportuj do programu Microsoft Excel\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ not found.
File C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ not found.
File C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\Windows\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
C:\Users\Dawid\AppData\Roaming\Systweak folder moved successfully.
Folder move failed. C:\ProgramData\TuneUp Software\TuneUp Utilities 2013 scheduled to be moved on reboot.
C:\ProgramData\TuneUp Software\TuneUp Utilities\Program Statistics folder moved successfully.
C:\ProgramData\TuneUp Software\TuneUp Utilities folder moved successfully.
C:\ProgramData\TuneUp Software\TU2013 folder moved successfully.
Folder move failed. C:\ProgramData\TuneUp Software scheduled to be moved on reboot.
C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} folder moved successfully.
C:\Users\Dawid\Desktop\Eu1roTru1ckSi1mulator2_1_1_1_patch.exe moved successfully.
C:\Users\Dawid\AppData\Roaming\AVG\AWL2012\TuningIndex folder moved successfully.
C:\Users\Dawid\AppData\Roaming\AVG\AWL2012\StartUp Manager folder moved successfully.
C:\Users\Dawid\AppData\Roaming\AVG\AWL2012\Speed Optimizer folder moved successfully.
C:\Users\Dawid\AppData\Roaming\AVG\AWL2012\Dashboard folder moved successfully.
C:\Users\Dawid\AppData\Roaming\AVG\AWL2012\Backups folder moved successfully.
C:\Users\Dawid\AppData\Roaming\AVG\AWL2012 folder moved successfully.
C:\Users\Dawid\AppData\Roaming\AVG folder moved successfully.
C:\Users\Dawid\AppData\Roaming\System32 folder moved successfully.
Folder C:\Users\Dawid\AppData\Roaming\Systweak\ not found.
C:\Users\Dawid\AppData\Roaming\TuneUp Software\TU2012\Backups folder moved successfully.
C:\Users\Dawid\AppData\Roaming\TuneUp Software\TU2012 folder moved successfully.
C:\Users\Dawid\AppData\Roaming\TuneUp Software\AWL2012\Backups folder moved successfully.
C:\Users\Dawid\AppData\Roaming\TuneUp Software\AWL2012 folder moved successfully.
C:\Users\Dawid\AppData\Roaming\TuneUp Software folder moved successfully.
C:\Users\Dawid\AppData\Roaming\Unity\WebPlayerPrefs\www_2enplay_2ecom folder moved successfully.
C:\Users\Dawid\AppData\Roaming\Unity\WebPlayerPrefs\cloud_2enplay_2ecom folder moved successfully.
C:\Users\Dawid\AppData\Roaming\Unity\WebPlayerPrefs folder moved successfully.
C:\Users\Dawid\AppData\Roaming\Unity folder moved successfully.
========== FILES ==========
C:\Program Files (x86)\Google\Update\Offline\{31CAEF16-AE6F-4477-BAD7-3DDBDE00BD95} folder moved successfully.
C:\Program Files (x86)\Google\Update\Offline folder moved successfully.
C:\Program Files (x86)\Google\Update\Install folder moved successfully.
C:\Program Files (x86)\Google\Update\Download\{74AF07D8-FB8F-4D51-8AC7-927721D56EBB}\0.0.0.0 folder moved successfully.
C:\Program Files (x86)\Google\Update\Download\{74AF07D8-FB8F-4D51-8AC7-927721D56EBB} folder moved successfully.
C:\Program Files (x86)\Google\Update\Download folder moved successfully.
C:\Program Files (x86)\Google\Update\1.3.21.124 folder moved successfully.
C:\Program Files (x86)\Google\Update folder moved successfully.
C:\Users\Dawid\AppData\Local\Google\Update\Install folder moved successfully.
C:\Users\Dawid\AppData\Local\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96} folder moved successfully.
C:\Users\Dawid\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\24.0.1312.57 folder moved successfully.
C:\Users\Dawid\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D} folder moved successfully.
C:\Users\Dawid\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D} folder moved successfully.
C:\Users\Dawid\AppData\Local\Google\Update\Download folder moved successfully.
C:\Users\Dawid\AppData\Local\Google\Update\1.3.21.135 folder moved successfully.
C:\Users\Dawid\AppData\Local\Google\Update folder moved successfully.
C:\Users\Dawid\AppData\Local\Facebook\Messenger\fbmessenger.cache\Local Storage folder moved successfully.
C:\Users\Dawid\AppData\Local\Facebook\Messenger\fbmessenger.cache folder moved successfully.
C:\Users\Dawid\AppData\Local\Facebook\Messenger\2.1.4590.0\locales folder moved successfully.
C:\Users\Dawid\AppData\Local\Facebook\Messenger\2.1.4590.0 folder moved successfully.
C:\Users\Dawid\AppData\Local\Facebook\Messenger folder moved successfully.
C:\Users\Dawid\AppData\Local\Facebook\CrashReports folder moved successfully.
C:\Users\Dawid\AppData\Local\Facebook folder moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\ not found.
========== COMMANDS ==========
Restore point Set: OTL Restore Point

[EMPTYTEMP]

User: All Users

User: Dawid
->Temp folder emptied: 174007375 bytes
->Temporary Internet Files folder emptied: 2612137 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 180734785 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 1122 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 57616 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Gosia
->Temp folder emptied: 6218991 bytes
->Temporary Internet Files folder emptied: 131514725 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 386304986 bytes
->Flash cache emptied: 58675 bytes

User: Gość
->Temp folder emptied: 19700246 bytes
->Temporary Internet Files folder emptied: 485725913 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 4853 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 444654 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 68032 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1 323,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 03302013_143616

Files\Folders moved on Reboot...
Folder move failed. C:\ProgramData\TuneUp Software\TuneUp Utilities 2013 scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\TuneUp Software\TuneUp Utilities 2013 scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\TuneUp Software scheduled to be moved on reboot.
C:\Users\Dawid\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
64bit-Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\Load:C:\Users\Dawid\LOCALS~1\Temp\msubiey.bat deleted successfully.

[kominekl]

Log z usuwania:
All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0\ deleted successfully.
c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
File C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll not found.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
C:\Users\Dawid\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll moved successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
File C:\Users\Dawid\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll not found.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0\ not found.
File C:\Users\Dawid\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll not found.
C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk moved successfully.
C:\Users\Dawid\AppData\Local\Facebook\Messenger\2.1.4590.0\FacebookMessenger.exe moved successfully.
64bit-Registry delete failed. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\Load:C:\Users\Dawid\LOCALS~1\Temp\msubiey.bat scheduled to be deleted on reboot.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\Load:C:\Users\Dawid\LOCALS~1\Temp\msubiey.bat deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&ksportuj do programu Microsoft Excel\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&ksportuj do programu Microsoft Excel\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ not found.
File C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ not found.
File C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\Windows\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
C:\Users\Dawid\AppData\Roaming\Systweak folder moved successfully.
Folder move failed. C:\ProgramData\TuneUp Software\TuneUp Utilities 2013 scheduled to be moved on reboot.
C:\ProgramData\TuneUp Software\TuneUp Utilities\Program Statistics folder moved successfully.
C:\ProgramData\TuneUp Software\TuneUp Utilities folder moved successfully.
C:\ProgramData\TuneUp Software\TU2013 folder moved successfully.
Folder move failed. C:\ProgramData\TuneUp Software scheduled to be moved on reboot.
C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} folder moved successfully.
C:\Users\Dawid\Desktop\Eu1roTru1ckSi1mulator2_1_1_1_patch.exe moved successfully.
C:\Users\Dawid\AppData\Roaming\AVG\AWL2012\TuningIndex folder moved successfully.
C:\Users\Dawid\AppData\Roaming\AVG\AWL2012\StartUp Manager folder moved successfully.
C:\Users\Dawid\AppData\Roaming\AVG\AWL2012\Speed Optimizer folder moved successfully.
C:\Users\Dawid\AppData\Roaming\AVG\AWL2012\Dashboard folder moved successfully.
C:\Users\Dawid\AppData\Roaming\AVG\AWL2012\Backups folder moved successfully.
C:\Users\Dawid\AppData\Roaming\AVG\AWL2012 folder moved successfully.
C:\Users\Dawid\AppData\Roaming\AVG folder moved successfully.
C:\Users\Dawid\AppData\Roaming\System32 folder moved successfully.
Folder C:\Users\Dawid\AppData\Roaming\Systweak\ not found.
C:\Users\Dawid\AppData\Roaming\TuneUp Software\TU2012\Backups folder moved successfully.
C:\Users\Dawid\AppData\Roaming\TuneUp Software\TU2012 folder moved successfully.
C:\Users\Dawid\AppData\Roaming\TuneUp Software\AWL2012\Backups folder moved successfully.
C:\Users\Dawid\AppData\Roaming\TuneUp Software\AWL2012 folder moved successfully.
C:\Users\Dawid\AppData\Roaming\TuneUp Software folder moved successfully.
C:\Users\Dawid\AppData\Roaming\Unity\WebPlayerPrefs\www_2enplay_2ecom folder moved successfully.
C:\Users\Dawid\AppData\Roaming\Unity\WebPlayerPrefs\cloud_2enplay_2ecom folder moved successfully.
C:\Users\Dawid\AppData\Roaming\Unity\WebPlayerPrefs folder moved successfully.
C:\Users\Dawid\AppData\Roaming\Unity folder moved successfully.
========== FILES ==========
C:\Program Files (x86)\Google\Update\Offline\{31CAEF16-AE6F-4477-BAD7-3DDBDE00BD95} folder moved successfully.
C:\Program Files (x86)\Google\Update\Offline folder moved successfully.
C:\Program Files (x86)\Google\Update\Install folder moved successfully.
C:\Program Files (x86)\Google\Update\Download\{74AF07D8-FB8F-4D51-8AC7-927721D56EBB}\0.0.0.0 folder moved successfully.
C:\Program Files (x86)\Google\Update\Download\{74AF07D8-FB8F-4D51-8AC7-927721D56EBB} folder moved successfully.
C:\Program Files (x86)\Google\Update\Download folder moved successfully.
C:\Program Files (x86)\Google\Update\1.3.21.124 folder moved successfully.
C:\Program Files (x86)\Google\Update folder moved successfully.
C:\Users\Dawid\AppData\Local\Google\Update\Install folder moved successfully.
C:\Users\Dawid\AppData\Local\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96} folder moved successfully.
C:\Users\Dawid\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\24.0.1312.57 folder moved successfully.
C:\Users\Dawid\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D} folder moved successfully.
C:\Users\Dawid\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D} folder moved successfully.
C:\Users\Dawid\AppData\Local\Google\Update\Download folder moved successfully.
C:\Users\Dawid\AppData\Local\Google\Update\1.3.21.135 folder moved successfully.
C:\Users\Dawid\AppData\Local\Google\Update folder moved successfully.
C:\Users\Dawid\AppData\Local\Facebook\Messenger\fbmessenger.cache\Local Storage folder moved successfully.
C:\Users\Dawid\AppData\Local\Facebook\Messenger\fbmessenger.cache folder moved successfully.
C:\Users\Dawid\AppData\Local\Facebook\Messenger\2.1.4590.0\locales folder moved successfully.
C:\Users\Dawid\AppData\Local\Facebook\Messenger\2.1.4590.0 folder moved successfully.
C:\Users\Dawid\AppData\Local\Facebook\Messenger folder moved successfully.
C:\Users\Dawid\AppData\Local\Facebook\CrashReports folder moved successfully.
C:\Users\Dawid\AppData\Local\Facebook folder moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\ not found.
========== COMMANDS ==========
Restore point Set: OTL Restore Point

[EMPTYTEMP]

User: All Users

User: Dawid
->Temp folder emptied: 174007375 bytes
->Temporary Internet Files folder emptied: 2612137 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 180734785 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 1122 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 57616 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Gosia
->Temp folder emptied: 6218991 bytes
->Temporary Internet Files folder emptied: 131514725 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 386304986 bytes
->Flash cache emptied: 58675 bytes

User: Gość
->Temp folder emptied: 19700246 bytes
->Temporary Internet Files folder emptied: 485725913 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 4853 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 444654 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 68032 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1 323,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 03302013_143616

Files\Folders moved on Reboot...
Folder move failed. C:\ProgramData\TuneUp Software\TuneUp Utilities 2013 scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\TuneUp Software\TuneUp Utilities 2013 scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\TuneUp Software scheduled to be moved on reboot.
C:\Users\Dawid\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
64bit-Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\Load:C:\Users\Dawid\LOCALS~1\Temp\msubiey.bat deleted successfully.

OK. Wykonaj resztę instrukcji.

[Dejwido]

log z ADWCleaner (z opcji delete):
# AdwCleaner v2.115 - Log utworzony 30/03/2013 o 17:52:07
# Aktualizacja 17/03/2013 przez Xplode
# System operacyjny : Windows 7 Home Premium Service Pack 1 (64 bits)
# Użytkownik : Dawid - GOSIA-KOMPUTER
# Tryb uruchomienia : Normalny
# Ścieżka : C:\Users\Dawid\Desktop\adwcleaner.exe
# Opcja [Usuń]


***** [Usługi] *****


***** [Pliki / Foldery] *****


***** [Rejestr] *****

Klucz Usunięto : HKCU\Software\Softonic

***** [Przeglądarki Internetowe] *****

-\\ Internet Explorer v9.0.8112.16470

[OK] Rejestr w porządku.

-\\ Google Chrome v24.0.1312.57

Plik : C:\Users\Gosia\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Plik w porządku.

Plik : C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Preferences

Usunięto [l.51] : keyword = "babylon.com",
Usunięto [l.54] : search_url = "hxxp://search.babylon.com/?q={searchTerms}&affID=112060&tt=120812_bandext_3312_[...]

-\\ Opera v [Nie udało się określić wersji]

Plik : C:\Users\Dawid\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] Plik w porządku.

*************************

AdwCleaner[R1].txt - [10377 octets] - [27/03/2013 20:14:24]
AdwCleaner[R2].txt - [1436 octets] - [27/03/2013 20:34:11]
AdwCleaner[S1].txt - [374 octets] - [27/03/2013 20:22:35]
AdwCleaner[S2].txt - [9941 octets] - [27/03/2013 20:23:20]
AdwCleaner[S3].txt - [1439 octets] - [27/03/2013 20:35:51]
AdwCleaner[S4].txt - [1411 octets] - [30/03/2013 17:52:07]

########## EOF - C:\AdwCleaner[S4].txt - [1471 octets] ##########

[kominekl]

log z ADWCleaner (z opcji delete):
# AdwCleaner v2.115 - Log utworzony 30/03/2013 o 17:52:07
# Aktualizacja 17/03/2013 przez Xplode
# System operacyjny : Windows 7 Home Premium Service Pack 1 (64 bits)
# Użytkownik : Dawid - GOSIA-KOMPUTER
# Tryb uruchomienia : Normalny
# Ścieżka : C:\Users\Dawid\Desktop\adwcleaner.exe
# Opcja [Usuń]


***** [Usługi] *****


***** [Pliki / Foldery] *****


***** [Rejestr] *****

Klucz Usunięto : HKCU\Software\Softonic

***** [Przeglądarki Internetowe] *****

-\\ Internet Explorer v9.0.8112.16470

[OK] Rejestr w porządku.

-\\ Google Chrome v24.0.1312.57

Plik : C:\Users\Gosia\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Plik w porządku.

Plik : C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Preferences

Usunięto [l.51] : keyword = "babylon.com",
Usunięto [l.54] : search_url = "hxxp://search.babylon.com/?q={searchTerms}&affID=112060&tt=120812_bandext_3312_[...]

-\\ Opera v [Nie udało się określić wersji]

Plik : C:\Users\Dawid\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] Plik w porządku.

*************************

AdwCleaner[R1].txt - [10377 octets] - [27/03/2013 20:14:24]
AdwCleaner[R2].txt - [1436 octets] - [27/03/2013 20:34:11]
AdwCleaner[S1].txt - [374 octets] - [27/03/2013 20:22:35]
AdwCleaner[S2].txt - [9941 octets] - [27/03/2013 20:23:20]
AdwCleaner[S3].txt - [1439 octets] - [27/03/2013 20:35:51]
AdwCleaner[S4].txt - [1411 octets] - [30/03/2013 17:52:07]

########## EOF - C:\AdwCleaner[S4].txt - [1471 octets] ##########

W ADWCleaner -> Odinstaluj.

Komentarz.

Logi podajemy na Dostępne tylko dla zarejestrowanych użytkowników, a w temacie podawaj tylko link do swojego loga.

[Dejwido]

Log z TDSSKiller:
Dostępne tylko dla zarejestrowanych użytkowników

-- 30 mar 2013, 19:33 --

Log z OTL:
Dostępne tylko dla zarejestrowanych użytkowników

[kominekl]

Logi.

Uruchom OTL -> w oknie Własne opcje skanowania/skrypt wklej:

:OTL

O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
[2013-03-28 21:11:10 | 544,087,432 | -H-- | C] (SCS Software ) -- C:\Users\Dawid\Desktop\EuroTruckSimulator2_setup.exe

:Commands
[clearallrestorepoints]
[emptytemp]

Klikasz Wykonaj skrypt. Dajesz log z usuwania. Następnie podaj log z Autoruns.

[Dejwido]

Log z usuwania:
Dostępne tylko dla zarejestrowanych użytkowników

[kominekl]

Log z usuwania:
Dostępne tylko dla zarejestrowanych użytkowników

OK. Czekamy na Autoruns.

[Dejwido]

OK.

[kominekl]

OK.

Jak już go zrobisz to pamiętaj, że ma być w formie pliku .ARN, wrzucony na hosting .

[Dejwido]

Mam małe pytanko jeszcze. Jak stworzyć log w Autoruns? I jak go wrzucić na hosting. Sorki że robię takie problemy, ale nigdy jeszcze tego nie robiłem . Więc jakbyś mógł to wytłumacz mi

[kominekl]

Mam małe pytanko jeszcze. Jak stworzyć log w Autoruns? I jak go wrzucić na hosting. Sorki że robię takie problemy, ale nigdy jeszcze tego nie robiłem . Więc jakbyś mógł to wytłumacz mi

Tam podałem instrukcję . W Autoruns wybierasz File -> Save, a dalej to na powiedzmy -> Dostępne tylko dla zarejestrowanych użytkowników .

[Dejwido]

Ej wrzuciłem już go na hosting i co dalej? O.o

-- 01 kwi 2013, 20:20 --

Pomożesz??

-- 01 kwi 2013, 20:36 --

Dostępne tylko dla zarejestrowanych użytkowników]AutoRuns.arn