Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek dla www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Zamulony laptop - Lapek brata wolno działa

31 Sie 2013 22:58 1503 2
  • Poziom 7  
    Mój brat, jako że dużego doświadczenia z internetami nie ma, zamulił sobie komputer wirusami, wydajność sprzętu spadła.

    Link
    Link

    Będę wdzięczny za każdą możliwą pomoc.
    I wskazówki, które mógłbym przekazać bratu w jego internetowych podbojach
  • Spec od komputerów
    Odinstaluj:
    Yontoo 1.10.03
    SweetPacks bundle uninstaller
    BrowserProtect
    SweetIM for Messenger 3.7
    Update Manager for SweetPacks 1.1
    DefaultTab
    Delta toolbar
    Delta Chrome Toolbar
    Hola Chrome Toolbar
    holasearch toolbar
    Qtrax Player
    Akamai NetSession Interface
    Qtrax Connection Manager
    McAfee

    Uzyj AdwCleaner, opcja Scan i Clean:
    http://www.bleepingcomputer.com/download/adwcleaner/

    Zrob pelny skan przy pomocy Mbam i usun to co wykryje:
    http://www.bleepingcomputer.com/download/malwarebytes-anti-malware/

    Wykonaj skrypt w OTL:

    :OTL
    PRC - [2013-07-26 12:11:20 | 002,847,696 | ---- | M] () -- C:\ProgramData\BrowserProtect\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
    PRC - [2013-07-22 14:30:36 | 000,107,520 | ---- | M] () -- C:\Users\gomezio\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
    PRC - [2012-08-15 20:08:34 | 000,231,768 | ---- | M] (SweetIM Technologies Ltd.) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
    SRV - [2013-07-26 12:11:20 | 002,847,696 | ---- | M] () [Auto | Running] -- C:\ProgramData\BrowserProtect\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe -- (BrowserProtect)
    SRV - [2013-07-22 14:30:36 | 000,107,520 | ---- | M] () [Auto | Running] -- C:\Users\gomezio\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe -- (DefaultTabUpdate)
    SRV - [2013-02-11 09:42:26 | 000,572,928 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe -- (DefaultTabSearch)
    IE - HKU\S-1-5-21-421443868-2832138093-2708976445-1002\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www1.delta-search.com/?babsrc=HP_ss&mntrId=9CC494DBC99ABC00&affID=119357&tsp=4952
    IE - HKU\S-1-5-21-421443868-2832138093-2708976445-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www1.delta-search.com/?babsrc=HP_ss&mntrId=9CC494DBC99ABC00&affID=119357&tsp=4952
    IE - HKU\S-1-5-21-421443868-2832138093-2708976445-1002\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
    IE - HKU\S-1-5-21-421443868-2832138093-2708976445-1002\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
    IE - HKU\S-1-5-21-421443868-2832138093-2708976445-1002\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=121962&babsrc=SP_ss_bay2g&mntrId=9CC43085A90E3D77
    IE - HKU\S-1-5-21-421443868-2832138093-2708976445-1002\..\SearchScopes\{78DC38EA-FDF6-4F1E-9E56-3397D77A2B51}: "URL" = http://www.mysearchresults.com/search?c=2402&t=15&q={searchTerms}
    O2 - BHO: (SelectionLinks) - {7825CFB6-490A-436B-9F26-4A7B5CFC01A9} - C:\Program Files (x86)\OApps\SelectionLinks.dll (SelectionLinks)
    O2 - BHO: (DefaultTab Browser Helper) - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\gomezio\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll (Search Results LLC.)
    O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll (Delta-search.com)
    O2 - BHO: (holasearch Helper Object) - {DFF9B2DA-EF99-4B26-83CB-7058299999D8} - C:\Program Files (x86)\holasearch\holasearch\1.8.16.16\bh\holasearch.dll (holasearch.com)
    O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
    O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
    O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll (Delta-search.com)
    O3 - HKLM\..\Toolbar: (Holasearch Toolbar) - {C510DFFB-0AFE-484C-BA40-CED5B74C4EEF} - C:\Program Files (x86)\holasearch\holasearch\1.8.16.16\holasearchTlbr.dll (holasearch.com)
    O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O4 - HKLM..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
    O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
    O4 - HKU\S-1-5-21-421443868-2832138093-2708976445-1002..\Run: [QtraxNotification] C:\Users\gomezio\Qtrax\Player\Notification.exe ()
    O20 - AppInit_DLLs: (c:\progra~3\browse~1\261519~1.190\{c16c1~1\browse~1.dll) - c:\ProgramData\BrowserProtect\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll ()
    [2013-08-19 16:35:34 | 000,002,359 | ---- | M] () -- C:\Users\gomezio\Desktop\Qtrax Player.lnk
    [2013-03-30 17:11:38 | 000,114,176 | ---- | C] () -- C:\Users\gomezio\AppData\Roaming\BabMaint.exe
    [2013-03-18 09:25:27 | 000,000,000 | ---D | M] -- C:\Users\gomezio\AppData\Roaming\BabSolution
    [2012-12-03 21:49:31 | 000,000,000 | ---D | M] -- C:\Users\gomezio\AppData\Roaming\Babylon
    [2013-07-22 14:30:35 | 000,000,000 | ---D | M] -- C:\Users\gomezio\AppData\Roaming\DefaultTab
    [2013-03-18 09:25:22 | 000,000,000 | ---D | M] -- C:\Users\gomezio\AppData\Roaming\Delta
    [2013-04-03 18:55:24 | 000,000,000 | ---D | M] -- C:\Users\gomezio\AppData\Roaming\File Scout
    [2013-04-03 18:55:32 | 000,000,000 | ---D | M] -- C:\Users\gomezio\AppData\Roaming\holasearch
    [2012-12-03 22:56:16 | 000,000,000 | ---D | M] -- C:\Users\gomezio\AppData\Roaming\OpenCandy

    :Commands
    [emptytemp]

    Po wykonaniu daj nowy log z OTL, ze skanowania.
  • Poziom 10  
    Po zrobieniu tego, co napisał kolega wyżej, niech spróbuje defragmentację zrobić.