Премини към съдържанието
svetlio`

Не мога да отварям facebook [ПРИКЛЮЧЕНА ПО ЖЕЛАНИЕ НА ПОТРЕБИТЕЛЯ]

Препоръчан отговор

публикувано (редактирано)

Не мога да отварям facebook от какъвто и да било браузър! Всички други страници ги отварям, но този сайт не мога, знаете ли как да го оправя? Може би нещо блокира сайта?Изчистих кеша но не стана...

Редактирано от svetlio` (преглед на промените)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте,

Възможно е да имате запис в hosts файла, който да е отговорен за това положение.

Следвайте инструкциите от тази тема

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
публикувано (редактирано)

Чакайте сега ще дам лог Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:58:46 ч., on 22.7.2011 г. Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16800) Boot mode: Normal Running processes: C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1399.0\mswinext.exe C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe C:\Program Files (x86)\Winamp\winampa.exe C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe C:\Users\Desi\AppData\Local\Temp\TeamViewer\Version6\TeamViewer.exe C:\hijackthis\Trend Micro\HiJackThis\post.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:57778 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll (file missing) O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.4.12.6.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20101212084139.dll (file missing) O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (file missing) O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1399.0\npwinext.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (file missing) O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1399.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1399.0\npwinext.dll O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [NBAgent] "c:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe" /WinStart O4 - HKLM\..\Run: [bing Bar] "C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1399.0\mswinext.exe" O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume O4 - HKLM\..\Run: [sVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL O4 - HKLM\..\Run: [KeNotify] "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe" LPCM O4 - HKLM\..\Run: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" O4 - HKLM\..\Run: [MobileBroadband] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent O4 - HKLM\..\Run: [sweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [Google Update] "C:\Users\Desi\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'Default user') O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user') O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.4.12.6.dll/206 (file missing) O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{6DF42170-BB63-411F-802B-94F9ADE23C36}: NameServer = 10.250.238.3 10.250.238.4 O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (file missing) O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (file missing) O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avira FireWall (AntiVirFirewallService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - www.BitComet.com - C:\Program Files (x86)\BitComet\tools\BitCometService.exe O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (file missing) O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - Unknown owner - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (file missing) O23 - Service: McAfee Services (mcmscsvc) - Unknown owner - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (file missing) O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - Unknown owner - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (file missing) O23 - Service: McAfee Network Agent (McNASvc) - Unknown owner - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (file missing) O23 - Service: McAfee Scanner (McODS) - Unknown owner - C:\Program Files\mcafee\VirusScan\mcods.exe (file missing) O23 - Service: McAfee Proxy Service (McProxy) - Unknown owner - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (file missing) O23 - Service: McShield - Unknown owner - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe (file missing) O23 - Service: McAfee Firewall Core Service (mfefire) - Unknown owner - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe (file missing) O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: McAfee Anti-Spam Service (MSK80Service) - Unknown owner - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing) O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: Услугата Vodafone Mobile Broadband (VmbService) - Vodafone - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 15719 bytes Айде помагайте

Редактирано от svetlio` (преглед на промените)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Момент...кой Ви е искал лог от HijackThis ? В темата която съм посочил се изисква лог от DDS. И какво значи "Хайде помагайте" - да не сме на заплати случайно...без препиране моля. :) Очаквам лог от DDS за да видя с какво си имаме работа за да знам как да процедираме.

  • Харесва ми 5

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Това са логовете от DDS скрипта

DDS.txt

DDS (Ver_11-05-19.01) - NTFSx86

Internet Explorer: 8.0.7600.16385

Run by Desi at 20:28:42 on 2011-07-22

.

============== Running Processes ===============

.

C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe

C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1399.0\mswinext.exe

C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe

C:\Program Files (x86)\Winamp\winampa.exe

C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe

C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE

C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe

C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Users\Desi\Desktop\dds.scr

.

============== Pseudo HJT Report ===============

.

uSearch Page =

uStart Page = about:blank

uInternet Settings,ProxyServer = http=127.0.0.1:57778

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

mSearchAssistant =

mWinlogon: Userinit=userinit.exe,

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll

BHO: BitComet Helper: {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.4.12.6.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20101212084139.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1399.0\npwinext.dll

BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: TOSHIBA Media Controller Plug-in: {f3c88694-effa-4d78-b409-54b7b2535b14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll

TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

TB: @C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1399.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1399.0\npwinext.dll

TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

TB: {EEE6C35B-6118-11DC-9C72-001320C79847} - No File

uRun: [Google Update] "C:\Users\Desi\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [msnmsgr] ~"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

uRun: [DriverMax]

uRun: [DriverMax_RESTART]

uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized

mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

mRun: [NBAgent] "c:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe" /WinStart

mRun: [bing Bar] "C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1399.0\mswinext.exe"

mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

mRun: [sVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL

mRun: [KeNotify] "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe" LPCM

mRun: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun

mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60

mRun: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"

mRun: [MobileBroadband] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent

mRun: [sweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe

mRun: [<NO NAME>]

mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"

mRun: [tray_ico]

mRun: [tray_ico2]

mRun: [tray_ico3]

mRun: [tray_ico4]

mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

dRun: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableSecureUIAPaths = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

mPolicies-system: EnableLinkedConnections = 1 (0x1)

IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.4.12.6.dll/206

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

LSP: C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

TCP: {6DF42170-BB63-411F-802B-94F9ADE23C36} = 10.250.238.3 10.250.238.4

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO-X64: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL

BHO-X64: McAfee Phishing Filter - No File

BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20101212084139.dll

BHO-X64: scriptproxy - No File

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll

TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll

TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

TB-X64: {EEE6C35B-6118-11DC-9C72-001320C79847} - No File

mRun-x64: [TosNC] %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe

mRun-x64: [TosReelTimeMonitor] %ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe

mRun-x64: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe

mRun-x64: [igfxTray] C:\Windows\system32\igfxtray.exe

mRun-x64: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

mRun-x64: [Persistence] C:\Windows\system32\igfxpers.exe

mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

mRun-x64: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3

mRun-x64: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE

mRun-x64: [smoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe

mRun-x64: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe

mRun-x64: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

mRun-x64: [smartFaceVWatcher] %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe

mRun-x64: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe

mRun-x64: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe

mRun-x64: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaReminder.exe

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Desi\AppData\Roaming\Mozilla\Firefox\Profiles\ad5xg23a.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q=

FF - prefs.js: browser.search.selectedEngine - Ask.com

FF - prefs.js: browser.startup.homepage - about:home

FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=2200819f00000000000000a0c6000000&tlver=1.4.19.19&instlRef=sst&affID=17160&q=

FF - prefs.js: network.proxy.http - 127.0.0.1

FF - prefs.js: network.proxy.http_port - 57778

FF - prefs.js: network.proxy.type - 0

FF - component: C:\Users\Desi\AppData\Roaming\Mozilla\Firefox\Profiles\ad5xg23a.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll

FF - component: C:\Users\Desi\AppData\Roaming\Mozilla\Firefox\Profiles\ad5xg23a.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll

FF - component: C:\Users\Desi\AppData\Roaming\Mozilla\Firefox\Profiles\ad5xg23a.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\RadioWMPCoreGecko19.dll

FF - component: C:\Users\Desi\AppData\Roaming\Mozilla\Firefox\Profiles\ad5xg23a.default\extensions\ffxtlbr@babylon.com\components\FFHst.dll

FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll

FF - plugin: C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1399.0\npwinext.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\Desi\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

.

============= SERVICES / DRIVERS ===============

.

R? BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service

R? cfwids;McAfee Inc. cfwids

R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86

R? clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64

R? massfilter;MBB Mass Storage Filter Driver

R? McAfee SiteAdvisor Service;McAfee SiteAdvisor Service

R? McMPFSvc;McAfee Personal Firewall Service

R? McNaiAnn;McAfee VirusScan Announcer

R? McOobeSv;McAfee OOBE Service

R? McProxy;McAfee Proxy Service

R? McShield;McShield

R? mfefire;McAfee Firewall Core Service

R? mferkdet;McAfee Inc. mferkdet

R? mfevtp;McAfee Validation Trust Protection Service

R? osppsvc;Office Software Protection Platform

R? RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader

R? TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO)

R? WatAdminSvc;Windows Activation Technologies Service

S? AntiVirFirewallService;Avira FireWall

S? AntiVirMailService;Avira AntiVir MailGuard

S? AntiVirSchedulerService;Avira AntiVir Scheduler

S? AntiVirService;Avira AntiVir Guard

S? AntiVirWebService;Avira AntiVir WebGuard

S? avfwim;AvFw Packet Filter Miniport

S? avfwot;avfwot

S? avgntflt;avgntflt

S? CeKbFilter;CeKbFilter

S? cfWiMAXService;ConfigFree WiMAX Service

S? ConfigFree Service;ConfigFree Service

S? cvhsvc;Client Virtualization Handler

S? HECIx64;Intel® Management Engine Interface

S? IconMan_R;IconMan_R

S? Impcd;Impcd

S? MBAMProtector;MBAMProtector

S? MBAMService;MBAMService

S? mfeavfk;McAfee Inc. mfeavfk

S? mfefirek;McAfee Inc. mfefirek

S? mfehidk;McAfee Inc. mfehidk

S? mfenlfk;McAfee NDIS Light Filter

S? mfewfpk;McAfee Inc. mfewfpk

S? PGEffect;Pangu effect driver

S? RTL8167;Realtek 8167 NT Driver

S? RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver

S? Sftfs;Sftfs

S? sftlist;Application Virtualization Client

S? Sftplay;Sftplay

S? Sftredir;Sftredir

S? Sftvol;Sftvol

S? sftvsa;Application Virtualization Service Agent

S? TMachInfo;TMachInfo

S? TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service

S? UNS;Intel® Management & Security Application User Notification Service

S? VmbService;“б«гЈ в  Vodafone Mobile Broadband

S? vodafone_K3805-z_dc_enum;vodafone_K3805-z_dc_enum

S? vwififlt;Virtual WiFi Filter Driver

S? ZTEusbvoice;ZTE VoUSB Port

S? ZTEusbwwan;ZTE MBN Miniport

.

=============== Created Last 30 ================

.

2011-07-22 16:58:24 388096 ----a-r- C:\Users\Desi\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2011-07-22 16:55:25 -------- d-----w- C:\Users\Desi\AppData\Roaming\TeamViewer

2011-07-22 16:50:54 3248416 ----a-w- C:\TeamViewer_Setup_bg.exe

2011-07-22 16:32:23 -------- d-----w- C:\hijackthis

2011-07-22 16:30:29 -------- d-----w- C:\Program Files (x86)\Trend Micro

2011-07-20 10:50:39 -------- d-----w- C:\Users\Desi\AppData\Local\Opera

2011-07-20 10:43:00 714216 ----a-w- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe

2011-07-20 10:43:00 265176 ----a-w- C:\Program Files (x86)\Mozilla Firefox\updater.exe

2011-07-20 10:43:00 19416 ----a-w- C:\Program Files (x86)\Mozilla Firefox\xpcom.dll

2011-07-20 10:43:00 166872 ----a-w- C:\Program Files (x86)\Mozilla Firefox\softokn3.dll

2011-07-20 10:43:00 14232536 ----a-w- C:\Program Files (x86)\Mozilla Firefox\xul.dll

2011-07-20 10:43:00 142296 ----a-w- C:\Program Files (x86)\Mozilla Firefox\ssl3.dll

2011-07-20 10:43:00 142296 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll

2011-07-20 10:43:00 105432 ----a-w- C:\Program Files (x86)\Mozilla Firefox\smime3.dll

2011-07-20 10:14:47 -------- d-----w- C:\Users\Desi\AppData\Roaming\Avira

2011-07-20 10:08:46 131336 ----a-w- C:\Windows\SysWow64\drivers\avfwot.sys

2011-07-20 10:08:40 -------- d-----w- C:\ProgramData\Avira

2011-07-20 03:29:08 -------- d-----w- C:\Users\Desi\AppData\Roaming\Malwarebytes

2011-07-20 03:29:03 41272 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

2011-07-20 03:29:03 -------- d-----w- C:\ProgramData\Malwarebytes

2011-07-20 03:29:00 25912 ----a-w- C:\Windows\System32\drivers\mbam.sys

2011-07-20 03:29:00 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2011-07-20 03:00:10 131336 ----a-w- C:\Windows\System32\drivers\avfwot.sys

2011-07-20 03:00:10 101984 ----a-w- C:\Windows\System32\drivers\avfwim.sys

2011-07-20 03:00:05 -------- d-----w- C:\Program Files (x86)\Avira

2011-07-20 02:44:55 -------- d--h--w- C:\Windows\update.tray-8-0-lnk

2011-07-20 02:44:55 -------- d--h--w- C:\Windows\update.tray-8-0

2011-07-20 02:39:34 88288 ----a-w- C:\Windows\System32\drivers\avgntflt.sys

2011-07-20 02:03:24 -------- d-----w- C:\Users\Desi\AppData\Local\Innovative Solutions

2011-07-20 02:03:24 -------- d-----w- C:\ProgramData\Innovative Solutions

2011-07-20 02:03:19 -------- d-----w- C:\Program Files (x86)\Innovative Solutions

2011-07-19 23:24:48 -------- d---a-w- C:\Kaspersky Rescue Disk 10.0

2011-07-18 18:38:04 -------- d-----w- C:\Windows\ufa

2011-07-18 18:38:04 -------- d-----w- C:\Windows\phoenix

2011-07-18 18:38:03 246272 ----a-w- C:\Windows\unrar.exe

2011-07-17 21:36:10 -------- d--h--w- C:\Windows\update.2

2011-07-17 21:31:13 -------- d--h--w- C:\Windows\update.5.0

2011-07-17 17:42:12 -------- d-----w- C:\Windows\av_ico

2011-07-17 17:39:51 -------- d--h--w- C:\Windows\update.1

2011-07-17 17:39:32 -------- d--h--w- C:\Windows\update.tray-9-0-lnk

2011-07-17 17:39:32 -------- d--h--w- C:\Windows\update.tray-9-0

2011-07-13 08:35:22 3134464 ----a-w- C:\Windows\System32\win32k.sys

2011-07-13 08:35:03 362496 ----a-w- C:\Windows\System32\wow64win.dll

2011-07-13 08:35:02 338944 ----a-w- C:\Windows\System32\conhost.exe

2011-07-13 08:35:02 25600 ----a-w- C:\Windows\SysWow64\setup16.exe

2011-07-13 08:35:02 243200 ----a-w- C:\Windows\System32\wow64.dll

2011-07-13 08:35:02 214528 ----a-w- C:\Windows\System32\winsrv.dll

2011-07-13 08:35:02 16384 ----a-w- C:\Windows\System32\ntvdm64.dll

2011-07-13 08:35:02 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll

2011-07-13 08:35:01 7680 ----a-w- C:\Windows\SysWow64\instnm.exe

2011-07-13 08:35:01 5120 ----a-w- C:\Windows\SysWow64\wow32.dll

2011-07-13 08:35:01 13312 ----a-w- C:\Windows\System32\wow64cpu.dll

2011-07-13 08:34:56 2048 ----a-w- C:\Windows\SysWow64\user.exe

2011-06-29 10:12:02 404992 ----a-w- C:\Windows\System32\umpnpmgr.dll

2011-06-29 10:12:01 64512 ----a-w- C:\Windows\SysWow64\devobj.dll

2011-06-29 10:12:01 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll

2011-06-29 10:12:01 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe

2011-06-29 10:12:01 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll

.

==================== Find3M ====================

.

2011-06-02 06:39:54 422400 ----a-w- C:\Windows\System32\KernelBase.dll

2011-06-02 05:56:28 44032 ----a-w- C:\Windows\apppatch\acwow64.dll

2011-06-02 05:54:50 272384 ----a-w- C:\Windows\SysWow64\KernelBase.dll

2011-06-02 03:45:49 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll

2011-06-02 03:45:49 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll

2011-06-02 03:45:49 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll

2011-06-02 03:45:49 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll

2011-05-28 03:25:16 1638912 ----a-w- C:\Windows\System32\mshtml.tlb

2011-05-28 03:00:02 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2011-05-04 05:30:38 2326016 ----a-w- C:\Windows\System32\tquery.dll

2011-05-04 05:28:07 779264 ----a-w- C:\Windows\System32\mssvp.dll

2011-05-04 05:28:07 2228224 ----a-w- C:\Windows\System32\mssrch.dll

2011-05-04 05:28:06 75264 ----a-w- C:\Windows\System32\msscntrs.dll

2011-05-04 05:28:06 491520 ----a-w- C:\Windows\System32\mssph.dll

2011-05-04 05:28:06 288256 ----a-w- C:\Windows\System32\mssphtb.dll

2011-05-04 05:24:09 593408 ----a-w- C:\Windows\System32\SearchIndexer.exe

2011-05-04 05:24:09 249856 ----a-w- C:\Windows\System32\SearchProtocolHost.exe

2011-05-04 05:24:09 113664 ----a-w- C:\Windows\System32\SearchFilterHost.exe

2011-05-04 04:53:10 1553920 ----a-w- C:\Windows\SysWow64\tquery.dll

2011-05-04 04:52:59 666624 ----a-w- C:\Windows\SysWow64\mssvp.dll

2011-05-04 04:52:59 59392 ----a-w- C:\Windows\SysWow64\msscntrs.dll

2011-05-04 04:52:59 337408 ----a-w- C:\Windows\SysWow64\mssph.dll

2011-05-04 04:52:59 197120 ----a-w- C:\Windows\SysWow64\mssphtb.dll

2011-05-04 04:52:59 1401856 ----a-w- C:\Windows\SysWow64\mssrch.dll

2011-05-04 04:52:12 86528 ----a-w- C:\Windows\SysWow64\SearchFilterHost.exe

2011-05-04 04:52:12 428032 ----a-w- C:\Windows\SysWow64\SearchIndexer.exe

2011-05-04 04:52:12 164352 ----a-w- C:\Windows\SysWow64\SearchProtocolHost.exe

2011-05-04 02:51:08 287744 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys

2011-05-04 02:51:08 157696 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys

2011-05-04 02:51:05 126464 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys

2011-05-03 05:21:22 976896 ----a-w- C:\Windows\System32\inetcomm.dll

2011-05-03 04:50:29 740864 ----a-w- C:\Windows\SysWow64\inetcomm.dll

2011-04-29 03:13:10 461312 ----a-w- C:\Windows\System32\drivers\srv.sys

2011-04-29 03:12:54 399872 ----a-w- C:\Windows\System32\drivers\srv2.sys

2011-04-29 03:12:37 161792 ----a-w- C:\Windows\System32\drivers\srvnet.sys

2011-04-27 02:57:40 102400 ----a-w- C:\Windows\System32\drivers\dfsc.sys

2011-04-25 05:32:22 1896832 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2011-04-25 02:44:02 499712 ----a-w- C:\Windows\System32\drivers\afd.sys

.

============= FINISH: 20:30:05,81 ===============

......

Attach.txt

==== Installed Programs ======================

.

Adobe AIR

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Reader 9.4.5

Advertising Center

Ask Toolbar

Avira Premium Security Suite

Bejeweled 2 Deluxe

Bing Bar

Bing Bar Platform

BitComet 1.26

BS.Player FREE

Chuzzle Deluxe

Diner Dash 2 Restaurant Rescue

DriverMax 5

eBay

FATE

Google Chrome

HiJackThis

ImagXpress

Intel® Graphics Media Accelerator Driver

Intel® Management Engine Components

Intel® Rapid Storage Technology

Java Auto Updater

Java 6 Update 20

Jewel Quest II

Junk Mail filter update

Malwarebytes' Anti-Malware version 1.51.1.1800

Microsoft Choice Guard

Microsoft Default Manager

Microsoft Office 2010

Microsoft Office Click-to-Run 2010

Microsoft Office Starter 2010 - English

Microsoft Search Enhancement Pack

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Mozilla Firefox 5.0.1 (x86 bg)

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Nero 9 Essentials

Nero BackItUp

Nero BackItUp and Burn

Nero BurnRights

Nero BurnRights Help

Nero ControlCenter

Nero DiscSpeed

Nero DiscSpeed Help

Nero DriveSpeed

Nero DriveSpeed Help

Nero Express

Nero Express Help

Nero InfoTool

Nero InfoTool Help

Nero Installer

Nero Online Upgrade

Nero RescueAgent

Nero StartSmart

Nero StartSmart Help

NeroExpress

neroxml

Opera 11.11

Penguins!

Photo Service - powered by myphotobook

PhotoScape

Picasa 3

Plants vs. Zombies

Polar Bowler

PrettyMay Call Recorder for Skype - Professional 3.0.5.18

Realtek Ethernet Controller Driver For Windows 7

Realtek High Definition Audio Driver

Realtek USB 2.0 Card Reader

Realtek WLAN Driver

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Skype Toolbars

Skype™ 5.3

SweetIM for Messenger 3.3

TOSHIBA Assist

TOSHIBA Bulletin Board

TOSHIBA ConfigFree

TOSHIBA Face Recognition

TOSHIBA Flash Cards Support Utility

TOSHIBA Hardware Setup

TOSHIBA HDD/SSD Alert

Toshiba Manuals

TOSHIBA Media Controller

TOSHIBA Media Controller Plug-in

TOSHIBA Online Product Information

TOSHIBA Recovery Media Creator Reminder

TOSHIBA ReelTime

TOSHIBA Service Station

TOSHIBA Supervisor Password

Toshiba TEMPRO

TOSHIBA Value Added Package

TOSHIBA Web Camera Application

TRORMCLauncher

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

UseNeXT

Utility Common Driver

Vodafone Mobile Broadband Lite

WildTangent Games

WildTangent ORB Game Console

Winamp

Winamp Detector Plug-in

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Mail

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Gallery

Windows Live Sync

Windows Live Upload Tool

Windows Live Writer

Zuma Deluxe

.

==== End Of File ===========================

Момент...кой Ви е искал лог от HijackThis ?

В темата която съм посочил се изисква лог от DDS.

И какво значи "Хайде помагайте" - да не сме на заплати случайно...без препиране моля. :)

Очаквам лог от DDS за да видя с какво си имаме работа за да знам как да процедираме.

Ами преди беше така и затова :blink:

Хайде помагайте трябваше да звучи като молба, извинявам се ако има нещо :beer:


  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Така е по-добре...имате същия вариант като при последните няколко потребители.

Ще се наложи да използваме допълнителни инструменти:

Следвайте следната инструкция за работа с OTL:

  • Изтеглете OTL.exe и го запазете на десктопа.
  • Стартирайте файла Публикувано изображение с двукратен клик на мишката.
  • Сложете отметка пред Scan All Users Публикувано изображение
  • Под менюто File Age => изберете 90 days
  • Под менюто Standard Registry => променете на ALL
  • Сложете отметки пред LOP и Purity Check

  • Под Публикувано изображение с Copy/ Paste въведете изцяло следната текстова информация (само това, което е поставено в карето):
netsvcs
msconfig
%SYSTEMDRIVE%\*.*
%USERPROFILE%\*.*
%USERPROFILE%\AppData\Local\*.*
%USERPROFILE%\AppData\Roaming\*.*
%ProgramData%\*.*
%CommonProgramFiles%\*.*
%PROGRAMFILES%\*.*
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /90
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\Spool\prtprocs\w32x86\*.dll
/md5start
hlp.dat
winlogon.exe
wininit.exe
userinit.exe
explorer.exe
volsnap.sys
/md5stop
  • Натиснете маркираният в синьо бутон: Публикувано изображение.
  • Като приключи проверката, ще се създадат два файла - OTL.Txt и Extras.Txt. Прикачете тези два файла в следващия си коментар (погледнете опцията "прикачени файлове", когато публикувате мнение).
  • Харесва ми 3

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Преди да пристъпим към действие имам въпрос. Има остатъци от McAfee в лог файла...деинсталирана ли е, за да знам дали да премахна остатъците ? Ако не е деинсталирана е добре да бъде деинсталирана, защото имата и Avira, а наличието на две антивирусни е НЕДОПУСТИМО. :rolleyes:

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
публикувано (редактирано)

Ами mcafee не работеше както трябва дадох деинсталация и инсталирах авира

Редактирано от svetlio` (преглед на промените)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Докато нашиша скрипта изтеглете този инструмент и премахнете остатъците от McAFee...

Спокойно...ще оправим hosts файла.

  • Харесва ми 2

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Cтартирайте пак OTL и с Copy/ Paste под колонката Custom Scans/Fixes въведете скриптовия текст от текстовото поле по-долу, като не забравяте да копирате скрипта 1 към 1, както и двете точки преди първия ред на скрипта!

:OTL
DRV:[b]64bit:[/b] - [2010/10/13 23:28:54 | 000,529,128 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:[b]64bit:[/b] - [2010/10/13 23:28:54 | 000,441,328 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:[b]64bit:[/b] - [2010/10/13 23:28:54 | 000,283,360 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:[b]64bit:[/b] - [2010/10/13 23:28:54 | 000,190,136 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:[b]64bit:[/b] - [2010/10/13 23:28:54 | 000,121,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:[b]64bit:[/b] - [2010/10/13 23:28:54 | 000,094,864 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:[b]64bit:[/b] - [2010/10/13 23:28:54 | 000,075,032 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:[b]64bit:[/b] - [2010/10/13 23:28:54 | 000,062,800 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:55657
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:55657
IE - HKU\S-1-5-21-2563417192-3813248855-1680157474-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:57778
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaulturl: "http://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.9.1.100005
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.1.0.2
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 57778
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Ask.com"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=3&q={searchTerms}"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Ask.com"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=STC&o=15570&locale=en_EU&apn_uid=4CDF5CD5-63D6-4EED-9044-148453F0FD33&apn_ptnrs=IP&apn_sauid=8E20B315-E183-488F-88E1-BBAB60B570FB&apn_dtid=YYYYYYYYBG&q="
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
[2011/05/27 02:01:36 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Users\Desi\AppData\Roaming\Mozilla\Firefox\Profiles\ad5xg23a.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2011/06/02 21:48:11 | 000,000,000 | ---D | M] ("@@toolbarname@@") -- C:\Users\Desi\AppData\Roaming\Mozilla\Firefox\Profiles\ad5xg23a.default\extensions\toolbar@ask.com
[2011/05/31 22:23:41 | 000,002,395 | ---- | M] () -- C:\Users\Desi\AppData\Roaming\Mozilla\Firefox\Profiles\ad5xg23a.default\searchplugins\askcom.xml
[2010/11/23 14:02:32 | 000,000,921 | ---- | M] () -- C:\Users\Desi\AppData\Roaming\Mozilla\Firefox\Profiles\ad5xg23a.default\searchplugins\conduit.xml
[2011/05/27 02:01:33 | 000,003,915 | ---- | M] () -- C:\Users\Desi\AppData\Roaming\Mozilla\Firefox\Profiles\ad5xg23a.default\searchplugins\sweetim.xml
O2:[b]64bit:[/b] - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} -  File not found
O2:[b]64bit:[/b] - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -  File not found
O2:[b]64bit:[/b] - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -  File not found
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} -  File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -  File not found
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -  File not found
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} -  File not found
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} -  File not found
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-2563417192-3813248855-1680157474-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [mcui_exe]  File not found
O4 - HKLM..\Run: [tray_ico]  File not found
O4 - HKLM..\Run: [tray_ico2]  File not found
O4 - HKLM..\Run: [tray_ico3]  File not found
O4 - HKLM..\Run: [tray_ico4]  File not found
O4 - HKU\S-1-5-21-2563417192-3813248855-1680157474-1000..\Run: [DriverMax]  File not found
O4 - HKU\S-1-5-21-2563417192-3813248855-1680157474-1000..\Run: [DriverMax_RESTART]  File not found
O31 - SafeBoot: AlternateShell - services32.exe
[2011/07/20 05:44:55 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-8-0-lnk
[2011/07/20 05:44:55 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-8-0
[2011/07/18 21:38:04 | 000,000,000 | ---D | C] -- C:\Windows\ufa
[2011/07/18 21:38:04 | 000,000,000 | ---D | C] -- C:\Windows\phoenix
[2011/07/18 00:36:10 | 000,000,000 | -H-D | C] -- C:\Windows\update.2
[2011/07/18 00:31:13 | 000,000,000 | -H-D | C] -- C:\Windows\update.5.0
[2011/07/17 20:42:12 | 000,000,000 | ---D | C] -- C:\Windows\av_ico
[2011/07/17 20:39:51 | 000,000,000 | -H-D | C] -- C:\Windows\update.1
[2011/07/17 20:39:32 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-9-0-lnk
[2011/07/17 20:39:32 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-9-0
[2011/07/18 21:39:31 | 000,904,792 | ---- | M] () -- C:\Windows\geoiplist.rar
[2011/07/18 21:39:31 | 000,246,272 | ---- | M] () -- C:\Windows\unrar.exe
[2011/07/18 21:38:03 | 005,589,370 | ---- | M] () -- C:\Windows\phoenix.rar
[2011/07/18 21:38:03 | 001,075,284 | ---- | M] () -- C:\Windows\rpcminer.rar
[2011/07/18 21:38:03 | 000,182,617 | ---- | M] () -- C:\Windows\ufa.rar
[2011/07/17 21:00:57 | 000,000,000 | ---- | M] () -- C:\Windows\loader2.exe_ok
[2011/07/19 22:22:34 | 000,000,180 | ---- | M] () -- C:\Windows\info1
[2011/07/17 03:24:20 | 004,636,907 | ---- | M] () -- C:\Windows\geoiplist
[2011/05/27 02:01:27 | 000,000,000 | ---D | C] -- C:\ProgramData\SweetIM
[2011/05/27 02:01:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SweetIM
[2011/07/20 05:22:03 | 000,005,396 | ---- | M] () -- C:\Users\Desi\AppData\Roaming\2C3C.AED
:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallOverride"=dword:00000000
"DisableThumbnailCache"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall"=dword:00000001
:commands
[resethosts]
[emptytemp]
След като въведете скрипта от цитата по-горе натиснете бутона, маркиран в червено: Публикувано изображение

Ще се създаде лог файл. Публикувайте съдържанието му с Copy/Paste в следващия си коментар.

PS: Ако не се появи лог файл, отворете папката C:\_OTL\MovedFiles отворете лог файла и публикувайте съдържанието му в следващия си пост.

  • Харесва ми 3

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
публикувано (редактирано)

Лаптоп-а се изключи, това нормално ли е? Ами папките в са C:\_OTL\MovedFiles\07222011_220139 и вътре няма лог файл а лаптоп-а преди това се изключи

Редактирано от svetlio` (преглед на промените)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Ами незнам доколко е нормално...скрипта е правилен. Освен да опитате със скрипта отново...да не би лаптопа да е прегрял нещо ? Преди да повторите скрипта спрете Avira и Malwarebytes' Anti-Malware за да пречат на изпълнението на скрипта. Отивам да пия една бира и ще пиша след 1 час.

  • Харесва ми 2

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Какво стана ? :biggrin: Ако пак има проблеми ще се наложи да използваме по хард методики.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Изпълни ли се скрипта и ако да, очаквам лог файл...не ме дръжте в неведение. :) Да не би да не виждате, че има втора страница отдолу и затова да не пишете ?

  • Харесва ми 2

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
публикувано (редактирано)

Изключил се е отново http://www.kaldata.com/forums/public/style_emoticons/<#EMO_DIR#>/sad.gif

Да не бях видял че има втора страница, чак сега забелязах :P

Редактирано от svetlio` (преглед на промените)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Ок, за радост Combofix вече е съвместим с x64 Операционни Системи.

Направете следното:

1. Изтеглете ComboFix от BleepingComputer

и го запазете (бутон Save -> Save as) ComboFix на вашия десктоп:

Публикувано изображение

След приключване на изтеглянето на ComboFix, иконката на програмата би трябвало да изглежда така:

Публикувано изображение

2. Затворете всички работещи приложения, отворени прозорци и програми работещи във фонов режим. Спрете временно защитата в реално време на антивирусната програма и на другите програми за сигурност, ако има такива. За целта може да прегледате информацията от този линк: How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs.

3. Стартирайте с двоен клик Combofix.exe. Изберете YES, за да се съгласите с условията за използване на програмата. Важно: По време на работата на ComboFix не бива да се движи мишката и да се натискат клавиши от клавиатурата. Просто търпеливо оставете ComboFix да си свърши работата, без да използвате компютъра за други цели.

4. ComboFix ще провери дали Windows Recovery Console e инсталиранa.

*Ако Windows Recovery Console е инсталирана, ComboFix ще продължи работата си.

*Ако Windows Recovery Console не е инсталирана, ще е необходимо да използвате YES за инсталация на Windows Recovery Console Публикувано изображение

Забележка: Необходимо е да сте свързани към Интернет за да може Windows Recovery Console да се изтегли.

След инсталация на Windows Recovery Console потвърдете с YES, за да продължите напред. Снимка:

Публикувано изображение

5. ComboFix ще спре временно Интернет връзката, но след като приключи работата на програмата тази връзка ще бъде възстановена автоматично. ComboFix ще сканира за проблеми и за заразени файлове, като това може да отнеме известно време. Моля да бъдете търпеливи. Ако има проблем с Интернет връзката след приключване на работата на Combofix, моля да прочетете това: Manually restoring the Internet connection section.

Забележка: При проблеми с ComboFix копирайте с (Copy) и поставете с (Paste) съдържанието на C:\BUG.txt в следващия си коментар.

6. Когато работата на ComboFix приключи, ще се появи текстов документ (log) в Notepad:

Публикувано изображение

Копирайте с (Copy) и поставете с (Paste) съдържанието на лога в следващия си коментар.

  • Харесва ми 2

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
публикувано (редактирано)

Вече нямам проблеми с отварянето на фейсбоок-а, може би с кода който ми дадохте, когато се изключи е фикснал нещо и за сега няма проблеми.Благодаря Ви много!! :):):)

Редактирано от svetlio` (преглед на промените)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Всичко е много добре, но аз без да видя логове не мога да гарнатирам, че сме оправили проблема...липсата на симптоми не означава, че всичко е наред. Наистина ли няма лог файл в папката C:\_OTL\MovedFiles и сканирахте ли с Combofix (ако не сте го направете)? Tова е досадна гадина и както сте се уверили след прочетa на останалите подобнки теми в раздела не се маха толкова бързо, а изисква писането на куп скриптове и сканирането с редица специализирани приложения. Ако желаете да продължим ми кажете, ако ли не отговорността и решението са си ваши! Поздрави !

  • Харесва ми 2

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Не, няма логове в папката.Нека спрем за сега, ако се появят отново пак ще дотичам тук :) и ще започнем от където сме спрели :).Благодаря Ви отново!

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Решението си е ваше, но аз гарантирам, че системата все още не е чиста... Лека вечер !

  • Харесва ми 3

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Регистрирайте се или влезете в профила си за да коментирате

Трябва да имате регистрация за да може да коментирате това

Регистрирайте се

Създайте нова регистрация в нашия форум. Лесно е!

Нова регистрация

Вход

Имате регистрация? Влезте от тук.

Вход

×

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите условия за ползване.