Windows 7 Forum: konfiguracja, optymalizacja, porady, gadżety •
Prośba o sprawdzenie loga. - Wersja do druku

+- Windows 7 Forum: konfiguracja, optymalizacja, porady, gadżety • (https://windows7forum.pl)
+-- Dział: Pomoc i wsparcie, Windows 7 (/pomoc-i-wsparcie-windows-7-26-f)
+--- Dział: Bezpieczeństwo Windows 7 (/bezpieczenstwo-windows-7-15-f)
+---- Dział: Logi (/logi-54-f)
+---- Wątek: Prośba o sprawdzenie loga. (/prosba-o-sprawdzenie-loga-27235-t)

Prośba o sprawdzenie loga. - czekal - 07.10.2012 16:31

Witam. Mam chyba wirusa bo zżera mi strasznie pamiec, a komputer kiedy ja nic nie robie nad czymś "mysli",tzn przy kursorze myszki pojawia sie to kręcące kółeczko co jakis czas. Log w linku.

http://wklej.org/id/843047/

RE: Prośba o sprawdzenie loga. - Illidan - 08.10.2012 23:16

Witam
Uruchom "OTL" jako "Administrator" i w "Własne opcje skanowania/skrypt" wklej:

Kod:
: OTL
IE: [b]64bit: [/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE: [b]64bit: [/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}:  "URL" = http: //www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about: blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C: \Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about: blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}:  "URL" = http: //www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2419177932-1874758792-337991142-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about: blank
IE - HKU\S-1-5-21-2419177932-1874758792-337991142-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about: blank
IE - HKU\S-1-5-21-2419177932-1874758792-337991142-1000\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http: //www.internetscout.biz/google/?q={searchTerms}
IE - HKU\S-1-5-21-2419177932-1874758792-337991142-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http: //www.pagessyndication.com/google/iesearch.php
IE - HKU\S-1-5-21-2419177932-1874758792-337991142-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2419177932-1874758792-337991142-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}:  "URL" = http: //www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2419177932-1874758792-337991142-1000\..\SearchScopes\{7E393A76-B290-4911-9C41-B78C9344EC21}:  "URL" = http: //www.internetscout.biz/google/?q={searchTerms}
FF - user.js - File not found
FF: [b]64bit: [/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer:  C: \Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0:  C: \Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0:  C: \Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0:  C: \Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.96.0:  C: \Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:   File not found
O3 - HKU\S-1-5-21-2419177932-1874758792-337991142-1000\..\Toolbar\WebBrowser:  (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKU\S-1-5-21-2419177932-1874758792-337991142-1000..\Run:  [Desktop Media Player] "C: \Users\Marian\AppData\Desktop Media Player\taskbarplayer.exe" File not found
O4 - HKU\S-1-5-21-2419177932-1874758792-337991142-1000..\Run:  [Microsoft® Windows® Operating System] C: \Users\Marian\AppData\Roaming\Microsoft\Windows\Templates\msadrh10.exe File not found
O8: [b]64bit: [/b] - Extra context menu item:  Add to Google Photos Screensa&ver - res: //C: \Windows\system32\GPhotos.scr/200 File not found
O8: [b]64bit: [/b] - Extra context menu item:  E&xport to Microsoft Excel - res: //C: \PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8: [b]64bit: [/b] - Extra context menu item:  Se&nd to OneNote - res: //C: \PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item:  E&xport to Microsoft Excel - res: //C: \PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item:  Se&nd to OneNote - res: //C: \PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O13[b]64bit: [/b] - gopher Prefix:  missing
O13 - gopher Prefix:  missing
O18: [b]64bit: [/b] - Protocol\Handler\msdaipp - No CLSID value found
O18: [b]64bit: [/b] - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18: [b]64bit: [/b] - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18: [b]64bit: [/b] - Protocol\Handler\mso-offdap11 - No CLSID value found
O18: [b]64bit: [/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18: [b]64bit: [/b] - Protocol\Filter\text/xml - No CLSID value found

: Commands
[emptytemp]

Dalej "Wykonaj skrypt"/Po restarcie pokaż raport z usuwania. Proszę tez o pokazanie drugiego logu który wygenerował "OTL" (Extras).