Witamy na forum PC Format Zapraszamy do REJESTRACJI


Użytkownicy przeglądający ten wątek: 1 gości

Problem z laptopem, znacznie zwolnił. Prośba o sprawdzenie logów

#1
Problem z laptopem, znacznie zwolnił. Prośba o sprawdzenie logów
Jak w temacie. Laptop nie mój, ale zdołałem znaleźć jednego winowajce:
http://www.elektroda.pl/rtvforum/topic2589207.html <- to samo co w tym temacie, ale nie znam się na tyle, żeby ryzykować bawienie się samemu. Tym samym, proszę o pomoc Wesoły
Załączam logi

RSIT
log.txt

DDS
DDS.txt
attach.txt

OTS
OTL.txt
extras.txt

Z góry dziękuje za pomoc i pozdrawiam
Elaś
 System operacyjny: windows_xp_2003 Przeglądarka: chrome
#2
RE: Problem z laptopem, znacznie zwolnił. Prośba o sprawdzenie logów
Odinstaluj TeamViewer, DEMONTools

Wykonaj skrypt w OTL:

Kod:
:OTL

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10025&barid={ACBBCFAD-22A6-11E2-82CF-001BB1627FCA}
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
IE - HKU\S-1-5-21-3953819830-622224066-1830746929-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung.msn.com

IE - HKU\S-1-5-21-3953819830-622224066-1830746929-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?st=6&barid={ACBBCFAD-22A6-11E2-82CF-001BB1627FCA}
IE - HKU\S-1-5-21-3953819830-622224066-1830746929-1000\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKU\S-1-5-21-3953819830-622224066-1830746929-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=100474&mntrId=b8bdd4ad000000000000001bb14fb09a
IE - HKU\S-1-5-21-3953819830-622224066-1830746929-1000\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=BOO&o=19244&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=4G&apn_dtid=YYYYYYYYPL&apn_uid=312336F6-15DB-43F4-BF2D-CE50BB2491EA&apn_sauid=6CF0242B-665E-48AB-B9F2-8865D06B3DC3
IE - HKU\S-1-5-21-3953819830-622224066-1830746929-1000\..\SearchScopes\{327686CA-E0B4-4756-8300-D30F649351E7}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-3953819830-622224066-1830746929-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sear
IE - HKU\S-1-5-21-3953819830-622224066-1830746929-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10025&barid={ACBBCFAD-22A6-11E2-82CF-001BB1627FCA}
IE - HKU\S-1-5-21-3953819830-622224066-1830746929-1000\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "AOL Search"
FF - prefs.js..browser.search.defaulturl: "http://search.winamp.com/search/search?query={searchTerms}&invocationType=tb50ffwinamp&s_qt=sb&tb_uuid=20121122114517353&tb_oid=07-12-2010&tb_mrud=22-11-2012&query="
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..extensions.enabledAddons: %7BDDC359D1-844A-42a7-9AA1-88A850A938A8%7D:2.0.16
FF - prefs.js..extensions.enabledAddons: superstart%40enjoyfreeware.org:6.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..extensions.enabledItems: foxmarks@kei.com:3.8.7
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.7
FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.12.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&s_qt=ab&s_it=tb50ffwinamp&tb_uuid=20121122114517353&tb_oid=07-12-2010&tb_mrud=22-11-2012&q="
FF - prefs.js..network.proxy.ftp: "w3casche.tpnet.pl"
[2010/12/05 16:56:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mariola\AppData\Roaming\mozilla\Extensions
[2013/06/15 20:23:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mariola\AppData\Roaming\mozilla\Firefox\Profiles\dcy41xak.default\extensions
[2013/06/15 20:23:18 | 000,142,398 | ---- | M] () (No name found) -- C:\Users\Mariola\AppData\Roaming\mozilla\firefox\profiles\dcy41xak.default\extensions\tabscope@xuldev.org.xpi
[2013/06/06 21:48:18 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Mariola\AppData\Roaming\mozilla\firefox\profiles\dcy41xak.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/06/06 20:45:56 | 000,714,654 | ---- | M] () (No name found) -- C:\Users\Mariola\AppData\Roaming\mozilla\firefox\profiles\dcy41xak.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi

[2012/11/19 22:50:35 | 000,000,000 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2011/09/27 19:25:17 | 000,002,288 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
CHR - homepage: http://www.my-online-search.com/?babsrc=HP_ofln&mntrId=B8BD001BB14FB09A&cat=delta&dlb=2&affID=119357
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - Reg Error: Value error. File not found
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:[b]64bit:[/b] - HKU\S-1-5-21-3953819830-622224066-1830746929-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - Reg Error: Value error. File not found
O33 - MountPoints2\{3fce8a40-7b3e-11e0-8821-001bb1627fca}\Shell - "" = AutoRun
O33 - MountPoints2\{3fce8a40-7b3e-11e0-8821-001bb1627fca}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{3fce8a48-7b3e-11e0-8821-001bb1627fca}\Shell - "" = AutoRun
O33 - MountPoints2\{3fce8a48-7b3e-11e0-8821-001bb1627fca}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{4b255c80-ce3f-11e0-9df1-001bb1627fca}\Shell - "" = AutoRun
O33 - MountPoints2\{4b255c80-ce3f-11e0-9df1-001bb1627fca}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{4b255c90-ce3f-11e0-9df1-001bb1627fca}\Shell - "" = AutoRun
O33 - MountPoints2\{4b255c90-ce3f-11e0-9df1-001bb1627fca}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{72e32599-7c22-11e0-a768-001bb1627fca}\Shell - "" = AutoRun
O33 - MountPoints2\{72e32599-7c22-11e0-a768-001bb1627fca}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{72e325a2-7c22-11e0-a768-001bb1627fca}\Shell - "" = AutoRun
O33 - MountPoints2\{72e325a2-7c22-11e0-a768-001bb1627fca}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{b672b2d4-13fb-11e0-af72-001bb1627fca}\Shell - "" = AutoRun
O33 - MountPoints2\{b672b2d4-13fb-11e0-af72-001bb1627fca}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a
O33 - MountPoints2\{bdfecf5a-815f-11e0-8716-001bb1627fca}\Shell - "" = AutoRun
O33 - MountPoints2\{bdfecf5a-815f-11e0-8716-001bb1627fca}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{bdfecf5d-815f-11e0-8716-001bb1627fca}\Shell - "" = AutoRun
O33 - MountPoints2\{bdfecf5d-815f-11e0-8716-001bb1627fca}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{d34d7a09-f641-11e0-a9df-001bb1627fca}\Shell - "" = AutoRun
O33 - MountPoints2\{d34d7a09-f641-11e0-a9df-001bb1627fca}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{d549a9c0-2361-11e1-90a9-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{d549a9c0-2361-11e1-90a9-806e6f6e6963}\Shell\AutoRun\command - "" = G:\Setup.exe
O33 - MountPoints2\{f74853c1-82b3-11e0-9cb8-001bb1627fca}\Shell - "" = AutoRun
O33 - MountPoints2\{f74853c1-82b3-11e0-9cb8-001bb1627fca}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{f74853d9-82b3-11e0-9cb8-001bb1627fca}\Shell - "" = AutoRun
O33 - MountPoints2\{f74853d9-82b3-11e0-9cb8-001bb1627fca}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\autorun.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Setup.exe
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\Autorun.exe
[2013/05/18 21:34:03 | 000,000,000 | ---D | C] -- C:\Users\Mariola\Qtrax
[2013/05/18 21:34:03 | 000,000,000 | ---D | C] -- C:\Users\Mariola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QTRAX
[2013/05/18 21:31:10 | 000,000,000 | ---D | C] -- C:\Users\Mariola\AppData\Roaming\DSite
[2011/09/27 19:25:15 | 000,000,000 | ---D | M] -- C:\Users\Mariola\AppData\Roaming\Babylon
[2013/03/17 21:40:10 | 000,000,000 | ---D | M] -- C:\Users\Mariola\AppData\Roaming\DAEMON Tools Lite
[2013/05/18 21:31:10 | 000,000,000 | ---D | M] -- C:\Users\Mariola\AppData\Roaming\DSite


:files

C:\Windows\tasks\DSite.job
C:\Windows\tasks\DSite.job

:Commands
[emptytemp]
na koniec
Kliknij sprzątanie
 System operacyjny: windows_seven Przeglądarka: chrome
Programy: Polecane / Nowe / Inne




Podobne wątki (Problem z laptopem, znacznie zwolnił. Prośba o sprawdzenie logów)
Wątek: Autor Odpowiedzi: Wyświetleń: Ostatni post
  Prośba o sprawdzenie logów - podejrzane działanie systemu Azrael 1 269 07.11.2019, 10:33
Ostatni post: morderca
  LOGI - Prośba o sprawdzenie kamil1249 2 238 05.11.2019, 18:20
Ostatni post: kamil1249
  Wielka prośba o sprawdzenie logów (kradzież) bboygutass 3 635 10.10.2019, 13:38
Ostatni post: morderca

Skocz do:


Wybrane wątki (Problem z laptopem, znacznie zwolnił. Prośba o sprawdzenie logów)
Wątek: Autor Odpowiedzi: Wyświetleń: Ostatni post
  Skan FRST, potrzeba fixlisty Krakem 1 1847 13.07.2019 17:25
Ostatni post: broda99
  Analiza logów tedolf 3 1906 29.06.2019 06:22
Ostatni post: morderca
  Prośba o Analize logów Fifiek 2 1906 24.06.2019 19:14
Ostatni post: Fifiek
  Analiza logów frst baro990 1 1950 13.06.2019 11:16
Ostatni post: morderca
  Prośba o sprawdzenie logów SaltatorFight 2 2124 07.06.2019 21:50
Ostatni post: SaltatorFight
Ściana Czyszczenie Logami desant 8 4179 06.06.2019 14:09
Ostatni post: morderca
  Prośba o sprawdzenie logów SaltatorFight 0 1919 06.06.2019 01:09
Ostatni post: SaltatorFight
  Prośba o sprawdzenie loga ricardo59 2 2161 24.05.2019 14:10
Ostatni post: ricardo59
  Brontok - proszę o sprawdzenie logów krymeq 3 2480 10.05.2019 09:05
Ostatni post: morderca
  Proszę o sprawdzenie loga ricardo59 2 2432 05.05.2019 07:36
Ostatni post: ricardo59
  Proszę sprawdzić mi logi. www.hubaiitv.pl 2 2361 02.05.2019 08:17
Ostatni post: www.hubaiitv.pl
  Prośba o sprawdzenie logów. bartosz777 3 2385 01.05.2019 11:13
Ostatni post: morderca
  Kłopot z pocztą, prośba o sprawdzenie logów filefox 1 2104 27.04.2019 08:05
Ostatni post: morderca
  Prośba, sprawdzenie logów Christianooo 8 2436 11.04.2019 18:44
Ostatni post: Christianooo
  Prosze o sprawdzenie loga ricardo59 1 2177 28.03.2019 12:38
Ostatni post: morderca