Премини към съдържанието
svetlio`

Не мога да отварям facebook [ПРИКЛЮЧЕНА ПО ЖЕЛАНИЕ НА ПОТРЕБИТЕЛЯ]

    Препоръчан отговор


    Не мога да отварям facebook от какъвто и да било браузър! Всички други страници ги отварям, но този сайт не мога, знаете ли как да го оправя? Може би нещо блокира сайта?Изчистих кеша но не стана...

    Редактирано от svetlio` (преглед на промените)

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Здравейте,

    Възможно е да имате запис в hosts файла, който да е отговорен за това положение.

    Следвайте инструкциите от тази тема

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Чакайте сега ще дам лог Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:58:46 ч., on 22.7.2011 г. Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16800) Boot mode: Normal Running processes: C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1399.0\mswinext.exe C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe C:\Program Files (x86)\Winamp\winampa.exe C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe C:\Users\Desi\AppData\Local\Temp\TeamViewer\Version6\TeamViewer.exe C:\hijackthis\Trend Micro\HiJackThis\post.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:57778 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll (file missing) O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.4.12.6.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20101212084139.dll (file missing) O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (file missing) O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1399.0\npwinext.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (file missing) O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1399.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1399.0\npwinext.dll O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [NBAgent] "c:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe" /WinStart O4 - HKLM\..\Run: [bing Bar] "C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1399.0\mswinext.exe" O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume O4 - HKLM\..\Run: [sVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL O4 - HKLM\..\Run: [KeNotify] "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe" LPCM O4 - HKLM\..\Run: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" O4 - HKLM\..\Run: [MobileBroadband] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent O4 - HKLM\..\Run: [sweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [Google Update] "C:\Users\Desi\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'Default user') O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user') O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.4.12.6.dll/206 (file missing) O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{6DF42170-BB63-411F-802B-94F9ADE23C36}: NameServer = 10.250.238.3 10.250.238.4 O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (file missing) O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (file missing) O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avira FireWall (AntiVirFirewallService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - www.BitComet.com - C:\Program Files (x86)\BitComet\tools\BitCometService.exe O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (file missing) O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - Unknown owner - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (file missing) O23 - Service: McAfee Services (mcmscsvc) - Unknown owner - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (file missing) O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - Unknown owner - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (file missing) O23 - Service: McAfee Network Agent (McNASvc) - Unknown owner - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (file missing) O23 - Service: McAfee Scanner (McODS) - Unknown owner - C:\Program Files\mcafee\VirusScan\mcods.exe (file missing) O23 - Service: McAfee Proxy Service (McProxy) - Unknown owner - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (file missing) O23 - Service: McShield - Unknown owner - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe (file missing) O23 - Service: McAfee Firewall Core Service (mfefire) - Unknown owner - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe (file missing) O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: McAfee Anti-Spam Service (MSK80Service) - Unknown owner - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing) O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: Услугата Vodafone Mobile Broadband (VmbService) - Vodafone - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 15719 bytes Айде помагайте

    Редактирано от svetlio` (преглед на промените)

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Момент...кой Ви е искал лог от HijackThis ? В темата която съм посочил се изисква лог от DDS. И какво значи "Хайде помагайте" - да не сме на заплати случайно...без препиране моля. :) Очаквам лог от DDS за да видя с какво си имаме работа за да знам как да процедираме.

    • Харесва ми 5

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Това са логовете от DDS скрипта

    DDS.txt

    DDS (Ver_11-05-19.01) - NTFSx86

    Internet Explorer: 8.0.7600.16385

    Run by Desi at 20:28:42 on 2011-07-22

    .

    ============== Running Processes ===============

    .

    C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

    C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe

    C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

    C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe

    C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

    c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

    C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

    C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe

    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

    C:\Program Files (x86)\Skype\Phone\Skype.exe

    C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe

    C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1399.0\mswinext.exe

    C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe

    C:\Program Files (x86)\Winamp\winampa.exe

    C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe

    C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe

    C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

    C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe

    C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe

    C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE

    C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe

    C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe

    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

    C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

    C:\Users\Desi\Desktop\dds.scr

    .

    ============== Pseudo HJT Report ===============

    .

    uSearch Page =

    uStart Page = about:blank

    uInternet Settings,ProxyServer = http=127.0.0.1:57778

    uSearchAssistant = hxxp://www.google.com/ie

    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

    mSearchAssistant =

    mWinlogon: Userinit=userinit.exe,

    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll

    BHO: BitComet Helper: {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.4.12.6.dll

    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

    BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

    BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20101212084139.dll

    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

    BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

    BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1399.0\npwinext.dll

    BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

    BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

    BHO: TOSHIBA Media Controller Plug-in: {f3c88694-effa-4d78-b409-54b7b2535b14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll

    TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

    TB: @C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1399.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1399.0\npwinext.dll

    TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

    TB: {EEE6C35B-6118-11DC-9C72-001320C79847} - No File

    uRun: [Google Update] "C:\Users\Desi\AppData\Local\Google\Update\GoogleUpdate.exe" /c

    uRun: [msnmsgr] ~"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

    uRun: [DriverMax]

    uRun: [DriverMax_RESTART]

    uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized

    mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

    mRun: [NBAgent] "c:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe" /WinStart

    mRun: [bing Bar] "C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1399.0\mswinext.exe"

    mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

    mRun: [sVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL

    mRun: [KeNotify] "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe" LPCM

    mRun: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun

    mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60

    mRun: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"

    mRun: [MobileBroadband] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent

    mRun: [sweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe

    mRun: [<NO NAME>]

    mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"

    mRun: [tray_ico]

    mRun: [tray_ico2]

    mRun: [tray_ico3]

    mRun: [tray_ico4]

    mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min

    mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

    mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

    dRun: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe

    mPolicies-explorer: NoActiveDesktop = 1 (0x1)

    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

    mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

    mPolicies-system: EnableLUA = 0 (0x0)

    mPolicies-system: EnableSecureUIAPaths = 0 (0x0)

    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

    mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

    mPolicies-system: EnableLinkedConnections = 1 (0x1)

    IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.4.12.6.dll/206

    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

    LSP: C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll

    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

    DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

    TCP: {6DF42170-BB63-411F-802B-94F9ADE23C36} = 10.250.238.3 10.250.238.4

    Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -

    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -

    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

    BHO-X64: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL

    BHO-X64: McAfee Phishing Filter - No File

    BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20101212084139.dll

    BHO-X64: scriptproxy - No File

    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll

    TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll

    TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

    TB-X64: {EEE6C35B-6118-11DC-9C72-001320C79847} - No File

    mRun-x64: [TosNC] %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe

    mRun-x64: [TosReelTimeMonitor] %ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe

    mRun-x64: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe

    mRun-x64: [igfxTray] C:\Windows\system32\igfxtray.exe

    mRun-x64: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

    mRun-x64: [Persistence] C:\Windows\system32\igfxpers.exe

    mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

    mRun-x64: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3

    mRun-x64: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE

    mRun-x64: [smoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe

    mRun-x64: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe

    mRun-x64: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

    mRun-x64: [smartFaceVWatcher] %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe

    mRun-x64: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe

    mRun-x64: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe

    mRun-x64: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaReminder.exe

    .

    ================= FIREFOX ===================

    .

    FF - ProfilePath - C:\Users\Desi\AppData\Roaming\Mozilla\Firefox\Profiles\ad5xg23a.default\

    FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q=

    FF - prefs.js: browser.search.selectedEngine - Ask.com

    FF - prefs.js: browser.startup.homepage - about:home

    FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=2200819f00000000000000a0c6000000&tlver=1.4.19.19&instlRef=sst&affID=17160&q=

    FF - prefs.js: network.proxy.http - 127.0.0.1

    FF - prefs.js: network.proxy.http_port - 57778

    FF - prefs.js: network.proxy.type - 0

    FF - component: C:\Users\Desi\AppData\Roaming\Mozilla\Firefox\Profiles\ad5xg23a.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll

    FF - component: C:\Users\Desi\AppData\Roaming\Mozilla\Firefox\Profiles\ad5xg23a.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll

    FF - component: C:\Users\Desi\AppData\Roaming\Mozilla\Firefox\Profiles\ad5xg23a.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\RadioWMPCoreGecko19.dll

    FF - component: C:\Users\Desi\AppData\Roaming\Mozilla\Firefox\Profiles\ad5xg23a.default\extensions\ffxtlbr@babylon.com\components\FFHst.dll

    FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL

    FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

    FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

    FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrlui.dll

    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll

    FF - plugin: C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1399.0\npwinext.dll

    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

    FF - plugin: C:\Users\Desi\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll

    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

    .

    ============= SERVICES / DRIVERS ===============

    .

    R? BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service

    R? cfwids;McAfee Inc. cfwids

    R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86

    R? clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64

    R? massfilter;MBB Mass Storage Filter Driver

    R? McAfee SiteAdvisor Service;McAfee SiteAdvisor Service

    R? McMPFSvc;McAfee Personal Firewall Service

    R? McNaiAnn;McAfee VirusScan Announcer

    R? McOobeSv;McAfee OOBE Service

    R? McProxy;McAfee Proxy Service

    R? McShield;McShield

    R? mfefire;McAfee Firewall Core Service

    R? mferkdet;McAfee Inc. mferkdet

    R? mfevtp;McAfee Validation Trust Protection Service

    R? osppsvc;Office Software Protection Platform

    R? RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader

    R? TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO)

    R? WatAdminSvc;Windows Activation Technologies Service

    S? AntiVirFirewallService;Avira FireWall

    S? AntiVirMailService;Avira AntiVir MailGuard

    S? AntiVirSchedulerService;Avira AntiVir Scheduler

    S? AntiVirService;Avira AntiVir Guard

    S? AntiVirWebService;Avira AntiVir WebGuard

    S? avfwim;AvFw Packet Filter Miniport

    S? avfwot;avfwot

    S? avgntflt;avgntflt

    S? CeKbFilter;CeKbFilter

    S? cfWiMAXService;ConfigFree WiMAX Service

    S? ConfigFree Service;ConfigFree Service

    S? cvhsvc;Client Virtualization Handler

    S? HECIx64;Intel® Management Engine Interface

    S? IconMan_R;IconMan_R

    S? Impcd;Impcd

    S? MBAMProtector;MBAMProtector

    S? MBAMService;MBAMService

    S? mfeavfk;McAfee Inc. mfeavfk

    S? mfefirek;McAfee Inc. mfefirek

    S? mfehidk;McAfee Inc. mfehidk

    S? mfenlfk;McAfee NDIS Light Filter

    S? mfewfpk;McAfee Inc. mfewfpk

    S? PGEffect;Pangu effect driver

    S? RTL8167;Realtek 8167 NT Driver

    S? RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver

    S? Sftfs;Sftfs

    S? sftlist;Application Virtualization Client

    S? Sftplay;Sftplay

    S? Sftredir;Sftredir

    S? Sftvol;Sftvol

    S? sftvsa;Application Virtualization Service Agent

    S? TMachInfo;TMachInfo

    S? TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service

    S? UNS;Intel® Management & Security Application User Notification Service

    S? VmbService;“б«гЈ в  Vodafone Mobile Broadband

    S? vodafone_K3805-z_dc_enum;vodafone_K3805-z_dc_enum

    S? vwififlt;Virtual WiFi Filter Driver

    S? ZTEusbvoice;ZTE VoUSB Port

    S? ZTEusbwwan;ZTE MBN Miniport

    .

    =============== Created Last 30 ================

    .

    2011-07-22 16:58:24 388096 ----a-r- C:\Users\Desi\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

    2011-07-22 16:55:25 -------- d-----w- C:\Users\Desi\AppData\Roaming\TeamViewer

    2011-07-22 16:50:54 3248416 ----a-w- C:\TeamViewer_Setup_bg.exe

    2011-07-22 16:32:23 -------- d-----w- C:\hijackthis

    2011-07-22 16:30:29 -------- d-----w- C:\Program Files (x86)\Trend Micro

    2011-07-20 10:50:39 -------- d-----w- C:\Users\Desi\AppData\Local\Opera

    2011-07-20 10:43:00 714216 ----a-w- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe

    2011-07-20 10:43:00 265176 ----a-w- C:\Program Files (x86)\Mozilla Firefox\updater.exe

    2011-07-20 10:43:00 19416 ----a-w- C:\Program Files (x86)\Mozilla Firefox\xpcom.dll

    2011-07-20 10:43:00 166872 ----a-w- C:\Program Files (x86)\Mozilla Firefox\softokn3.dll

    2011-07-20 10:43:00 14232536 ----a-w- C:\Program Files (x86)\Mozilla Firefox\xul.dll

    2011-07-20 10:43:00 142296 ----a-w- C:\Program Files (x86)\Mozilla Firefox\ssl3.dll

    2011-07-20 10:43:00 142296 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll

    2011-07-20 10:43:00 105432 ----a-w- C:\Program Files (x86)\Mozilla Firefox\smime3.dll

    2011-07-20 10:14:47 -------- d-----w- C:\Users\Desi\AppData\Roaming\Avira

    2011-07-20 10:08:46 131336 ----a-w- C:\Windows\SysWow64\drivers\avfwot.sys

    2011-07-20 10:08:40 -------- d-----w- C:\ProgramData\Avira

    2011-07-20 03:29:08 -------- d-----w- C:\Users\Desi\AppData\Roaming\Malwarebytes

    2011-07-20 03:29:03 41272 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

    2011-07-20 03:29:03 -------- d-----w- C:\ProgramData\Malwarebytes

    2011-07-20 03:29:00 25912 ----a-w- C:\Windows\System32\drivers\mbam.sys

    2011-07-20 03:29:00 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

    2011-07-20 03:00:10 131336 ----a-w- C:\Windows\System32\drivers\avfwot.sys

    2011-07-20 03:00:10 101984 ----a-w- C:\Windows\System32\drivers\avfwim.sys

    2011-07-20 03:00:05 -------- d-----w- C:\Program Files (x86)\Avira

    2011-07-20 02:44:55 -------- d--h--w- C:\Windows\update.tray-8-0-lnk

    2011-07-20 02:44:55 -------- d--h--w- C:\Windows\update.tray-8-0

    2011-07-20 02:39:34 88288 ----a-w- C:\Windows\System32\drivers\avgntflt.sys

    2011-07-20 02:03:24 -------- d-----w- C:\Users\Desi\AppData\Local\Innovative Solutions

    2011-07-20 02:03:24 -------- d-----w- C:\ProgramData\Innovative Solutions

    2011-07-20 02:03:19 -------- d-----w- C:\Program Files (x86)\Innovative Solutions

    2011-07-19 23:24:48 -------- d---a-w- C:\Kaspersky Rescue Disk 10.0

    2011-07-18 18:38:04 -------- d-----w- C:\Windows\ufa

    2011-07-18 18:38:04 -------- d-----w- C:\Windows\phoenix

    2011-07-18 18:38:03 246272 ----a-w- C:\Windows\unrar.exe

    2011-07-17 21:36:10 -------- d--h--w- C:\Windows\update.2

    2011-07-17 21:31:13 -------- d--h--w- C:\Windows\update.5.0

    2011-07-17 17:42:12 -------- d-----w- C:\Windows\av_ico

    2011-07-17 17:39:51 -------- d--h--w- C:\Windows\update.1

    2011-07-17 17:39:32 -------- d--h--w- C:\Windows\update.tray-9-0-lnk

    2011-07-17 17:39:32 -------- d--h--w- C:\Windows\update.tray-9-0

    2011-07-13 08:35:22 3134464 ----a-w- C:\Windows\System32\win32k.sys

    2011-07-13 08:35:03 362496 ----a-w- C:\Windows\System32\wow64win.dll

    2011-07-13 08:35:02 338944 ----a-w- C:\Windows\System32\conhost.exe

    2011-07-13 08:35:02 25600 ----a-w- C:\Windows\SysWow64\setup16.exe

    2011-07-13 08:35:02 243200 ----a-w- C:\Windows\System32\wow64.dll

    2011-07-13 08:35:02 214528 ----a-w- C:\Windows\System32\winsrv.dll

    2011-07-13 08:35:02 16384 ----a-w- C:\Windows\System32\ntvdm64.dll

    2011-07-13 08:35:02 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll

    2011-07-13 08:35:01 7680 ----a-w- C:\Windows\SysWow64\instnm.exe

    2011-07-13 08:35:01 5120 ----a-w- C:\Windows\SysWow64\wow32.dll

    2011-07-13 08:35:01 13312 ----a-w- C:\Windows\System32\wow64cpu.dll

    2011-07-13 08:34:56 2048 ----a-w- C:\Windows\SysWow64\user.exe

    2011-06-29 10:12:02 404992 ----a-w- C:\Windows\System32\umpnpmgr.dll

    2011-06-29 10:12:01 64512 ----a-w- C:\Windows\SysWow64\devobj.dll

    2011-06-29 10:12:01 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll

    2011-06-29 10:12:01 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe

    2011-06-29 10:12:01 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll

    .

    ==================== Find3M ====================

    .

    2011-06-02 06:39:54 422400 ----a-w- C:\Windows\System32\KernelBase.dll

    2011-06-02 05:56:28 44032 ----a-w- C:\Windows\apppatch\acwow64.dll

    2011-06-02 05:54:50 272384 ----a-w- C:\Windows\SysWow64\KernelBase.dll

    2011-06-02 03:45:49 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll

    2011-06-02 03:45:49 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll

    2011-06-02 03:45:49 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll

    2011-06-02 03:45:49 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll

    2011-05-28 03:25:16 1638912 ----a-w- C:\Windows\System32\mshtml.tlb

    2011-05-28 03:00:02 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb

    2011-05-04 05:30:38 2326016 ----a-w- C:\Windows\System32\tquery.dll

    2011-05-04 05:28:07 779264 ----a-w- C:\Windows\System32\mssvp.dll

    2011-05-04 05:28:07 2228224 ----a-w- C:\Windows\System32\mssrch.dll

    2011-05-04 05:28:06 75264 ----a-w- C:\Windows\System32\msscntrs.dll

    2011-05-04 05:28:06 491520 ----a-w- C:\Windows\System32\mssph.dll

    2011-05-04 05:28:06 288256 ----a-w- C:\Windows\System32\mssphtb.dll

    2011-05-04 05:24:09 593408 ----a-w- C:\Windows\System32\SearchIndexer.exe

    2011-05-04 05:24:09 249856 ----a-w- C:\Windows\System32\SearchProtocolHost.exe

    2011-05-04 05:24:09 113664 ----a-w- C:\Windows\System32\SearchFilterHost.exe

    2011-05-04 04:53:10 1553920 ----a-w- C:\Windows\SysWow64\tquery.dll

    2011-05-04 04:52:59 666624 ----a-w- C:\Windows\SysWow64\mssvp.dll

    2011-05-04 04:52:59 59392 ----a-w- C:\Windows\SysWow64\msscntrs.dll

    2011-05-04 04:52:59 337408 ----a-w- C:\Windows\SysWow64\mssph.dll

    2011-05-04 04:52:59 197120 ----a-w- C:\Windows\SysWow64\mssphtb.dll

    2011-05-04 04:52:59 1401856 ----a-w- C:\Windows\SysWow64\mssrch.dll

    2011-05-04 04:52:12 86528 ----a-w- C:\Windows\SysWow64\SearchFilterHost.exe

    2011-05-04 04:52:12 428032 ----a-w- C:\Windows\SysWow64\SearchIndexer.exe

    2011-05-04 04:52:12 164352 ----a-w- C:\Windows\SysWow64\SearchProtocolHost.exe

    2011-05-04 02:51:08 287744 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys

    2011-05-04 02:51:08 157696 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys

    2011-05-04 02:51:05 126464 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys

    2011-05-03 05:21:22 976896 ----a-w- C:\Windows\System32\inetcomm.dll

    2011-05-03 04:50:29 740864 ----a-w- C:\Windows\SysWow64\inetcomm.dll

    2011-04-29 03:13:10 461312 ----a-w- C:\Windows\System32\drivers\srv.sys

    2011-04-29 03:12:54 399872 ----a-w- C:\Windows\System32\drivers\srv2.sys

    2011-04-29 03:12:37 161792 ----a-w- C:\Windows\System32\drivers\srvnet.sys

    2011-04-27 02:57:40 102400 ----a-w- C:\Windows\System32\drivers\dfsc.sys

    2011-04-25 05:32:22 1896832 ----a-w- C:\Windows\System32\drivers\tcpip.sys

    2011-04-25 02:44:02 499712 ----a-w- C:\Windows\System32\drivers\afd.sys

    .

    ============= FINISH: 20:30:05,81 ===============

    ......

    Attach.txt

    ==== Installed Programs ======================

    .

    Adobe AIR

    Adobe Flash Player 10 ActiveX

    Adobe Flash Player 10 Plugin

    Adobe Reader 9.4.5

    Advertising Center

    Ask Toolbar

    Avira Premium Security Suite

    Bejeweled 2 Deluxe

    Bing Bar

    Bing Bar Platform

    BitComet 1.26

    BS.Player FREE

    Chuzzle Deluxe

    Diner Dash 2 Restaurant Rescue

    DriverMax 5

    eBay

    FATE

    Google Chrome

    HiJackThis

    ImagXpress

    Intel® Graphics Media Accelerator Driver

    Intel® Management Engine Components

    Intel® Rapid Storage Technology

    Java Auto Updater

    Java 6 Update 20

    Jewel Quest II

    Junk Mail filter update

    Malwarebytes' Anti-Malware version 1.51.1.1800

    Microsoft Choice Guard

    Microsoft Default Manager

    Microsoft Office 2010

    Microsoft Office Click-to-Run 2010

    Microsoft Office Starter 2010 - English

    Microsoft Search Enhancement Pack

    Microsoft Silverlight

    Microsoft SQL Server 2005 Compact Edition [ENU]

    Microsoft Visual C++ 2005 Redistributable

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

    Mozilla Firefox 5.0.1 (x86 bg)

    MSVCRT

    MSXML 4.0 SP2 (KB954430)

    MSXML 4.0 SP2 (KB973688)

    Nero 9 Essentials

    Nero BackItUp

    Nero BackItUp and Burn

    Nero BurnRights

    Nero BurnRights Help

    Nero ControlCenter

    Nero DiscSpeed

    Nero DiscSpeed Help

    Nero DriveSpeed

    Nero DriveSpeed Help

    Nero Express

    Nero Express Help

    Nero InfoTool

    Nero InfoTool Help

    Nero Installer

    Nero Online Upgrade

    Nero RescueAgent

    Nero StartSmart

    Nero StartSmart Help

    NeroExpress

    neroxml

    Opera 11.11

    Penguins!

    Photo Service - powered by myphotobook

    PhotoScape

    Picasa 3

    Plants vs. Zombies

    Polar Bowler

    PrettyMay Call Recorder for Skype - Professional 3.0.5.18

    Realtek Ethernet Controller Driver For Windows 7

    Realtek High Definition Audio Driver

    Realtek USB 2.0 Card Reader

    Realtek WLAN Driver

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

    Skype Toolbars

    Skype™ 5.3

    SweetIM for Messenger 3.3

    TOSHIBA Assist

    TOSHIBA Bulletin Board

    TOSHIBA ConfigFree

    TOSHIBA Face Recognition

    TOSHIBA Flash Cards Support Utility

    TOSHIBA Hardware Setup

    TOSHIBA HDD/SSD Alert

    Toshiba Manuals

    TOSHIBA Media Controller

    TOSHIBA Media Controller Plug-in

    TOSHIBA Online Product Information

    TOSHIBA Recovery Media Creator Reminder

    TOSHIBA ReelTime

    TOSHIBA Service Station

    TOSHIBA Supervisor Password

    Toshiba TEMPRO

    TOSHIBA Value Added Package

    TOSHIBA Web Camera Application

    TRORMCLauncher

    Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

    UseNeXT

    Utility Common Driver

    Vodafone Mobile Broadband Lite

    WildTangent Games

    WildTangent ORB Game Console

    Winamp

    Winamp Detector Plug-in

    Windows Live Call

    Windows Live Communications Platform

    Windows Live Essentials

    Windows Live Mail

    Windows Live Messenger

    Windows Live Movie Maker

    Windows Live Photo Gallery

    Windows Live Sync

    Windows Live Upload Tool

    Windows Live Writer

    Zuma Deluxe

    .

    ==== End Of File ===========================

    Момент...кой Ви е искал лог от HijackThis ?

    В темата която съм посочил се изисква лог от DDS.

    И какво значи "Хайде помагайте" - да не сме на заплати случайно...без препиране моля. :)

    Очаквам лог от DDS за да видя с какво си имаме работа за да знам как да процедираме.

    Ами преди беше така и затова :blink:

    Хайде помагайте трябваше да звучи като молба, извинявам се ако има нещо :beer:


    • Харесва ми 1

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Така е по-добре...имате същия вариант като при последните няколко потребители.

    Ще се наложи да използваме допълнителни инструменти:

    Следвайте следната инструкция за работа с OTL:

    • Изтеглете OTL.exe и го запазете на десктопа.
    • Стартирайте файла Публикувано изображение с двукратен клик на мишката.
    • Сложете отметка пред Scan All Users Публикувано изображение
    • Под менюто File Age => изберете 90 days
    • Под менюто Standard Registry => променете на ALL
    • Сложете отметки пред LOP и Purity Check

    • Под Публикувано изображение с Copy/ Paste въведете изцяло следната текстова информация (само това, което е поставено в карето):
    netsvcs
    msconfig
    %SYSTEMDRIVE%\*.*
    %USERPROFILE%\*.*
    %USERPROFILE%\AppData\Local\*.*
    %USERPROFILE%\AppData\Roaming\*.*
    %ProgramData%\*.*
    %CommonProgramFiles%\*.*
    %PROGRAMFILES%\*.*
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /90
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\system32\Spool\prtprocs\w32x86\*.dll
    /md5start
    hlp.dat
    winlogon.exe
    wininit.exe
    userinit.exe
    explorer.exe
    volsnap.sys
    /md5stop
    
    • Натиснете маркираният в синьо бутон: Публикувано изображение.
    • Като приключи проверката, ще се създадат два файла - OTL.Txt и Extras.Txt. Прикачете тези два файла в следващия си коментар (погледнете опцията "прикачени файлове", когато публикувате мнение).
    • Харесва ми 3

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Преди да пристъпим към действие имам въпрос. Има остатъци от McAfee в лог файла...деинсталирана ли е, за да знам дали да премахна остатъците ? Ако не е деинсталирана е добре да бъде деинсталирана, защото имата и Avira, а наличието на две антивирусни е НЕДОПУСТИМО. :rolleyes:

    • Харесва ми 1

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Ами mcafee не работеше както трябва дадох деинсталация и инсталирах авира

    Редактирано от svetlio` (преглед на промените)

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Докато нашиша скрипта изтеглете този инструмент и премахнете остатъците от McAFee...

    Спокойно...ще оправим hosts файла.

    • Харесва ми 2

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Cтартирайте пак OTL и с Copy/ Paste под колонката Custom Scans/Fixes въведете скриптовия текст от текстовото поле по-долу, като не забравяте да копирате скрипта 1 към 1, както и двете точки преди първия ред на скрипта!

    :OTL
    DRV:[b]64bit:[/b] - [2010/10/13 23:28:54 | 000,529,128 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
    DRV:[b]64bit:[/b] - [2010/10/13 23:28:54 | 000,441,328 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
    DRV:[b]64bit:[/b] - [2010/10/13 23:28:54 | 000,283,360 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
    DRV:[b]64bit:[/b] - [2010/10/13 23:28:54 | 000,190,136 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
    DRV:[b]64bit:[/b] - [2010/10/13 23:28:54 | 000,121,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
    DRV:[b]64bit:[/b] - [2010/10/13 23:28:54 | 000,094,864 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
    DRV:[b]64bit:[/b] - [2010/10/13 23:28:54 | 000,075,032 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
    DRV:[b]64bit:[/b] - [2010/10/13 23:28:54 | 000,062,800 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:55657
    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:55657
    IE - HKU\S-1-5-21-2563417192-3813248855-1680157474-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:57778
    FF - prefs.js..browser.search.defaultengine: "Ask.com"
    FF - prefs.js..browser.search.defaultenginename: "Ask.com"
    FF - prefs.js..browser.search.defaulturl: "http://search.sweetim.com/search.asp?src=2&q="
    FF - prefs.js..browser.search.order.1: "Ask.com"
    FF - prefs.js..browser.search.selectedEngine: "Ask.com"
    FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.9.1.100005
    FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.1.0.2
    FF - prefs.js..network.proxy.http: "127.0.0.1"
    FF - prefs.js..network.proxy.http_port: 57778
    FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Ask.com"
    FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=3&q={searchTerms}"
    FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Ask.com"
    FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=STC&o=15570&locale=en_EU&apn_uid=4CDF5CD5-63D6-4EED-9044-148453F0FD33&apn_ptnrs=IP&apn_sauid=8E20B315-E183-488F-88E1-BBAB60B570FB&apn_dtid=YYYYYYYYBG&q="
    FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    [2011/05/27 02:01:36 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Users\Desi\AppData\Roaming\Mozilla\Firefox\Profiles\ad5xg23a.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
    [2011/06/02 21:48:11 | 000,000,000 | ---D | M] ("@@toolbarname@@") -- C:\Users\Desi\AppData\Roaming\Mozilla\Firefox\Profiles\ad5xg23a.default\extensions\toolbar@ask.com
    [2011/05/31 22:23:41 | 000,002,395 | ---- | M] () -- C:\Users\Desi\AppData\Roaming\Mozilla\Firefox\Profiles\ad5xg23a.default\searchplugins\askcom.xml
    [2010/11/23 14:02:32 | 000,000,921 | ---- | M] () -- C:\Users\Desi\AppData\Roaming\Mozilla\Firefox\Profiles\ad5xg23a.default\searchplugins\conduit.xml
    [2011/05/27 02:01:33 | 000,003,915 | ---- | M] () -- C:\Users\Desi\AppData\Roaming\Mozilla\Firefox\Profiles\ad5xg23a.default\searchplugins\sweetim.xml
    O2:[b]64bit:[/b] - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} -  File not found
    O2:[b]64bit:[/b] - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -  File not found
    O2:[b]64bit:[/b] - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -  File not found
    O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} -  File not found
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -  File not found
    O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -  File not found
    O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
    O3:[b]64bit:[/b] - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} -  File not found
    O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} -  File not found
    O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKU\S-1-5-21-2563417192-3813248855-1680157474-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
    O4 - HKLM..\Run: []  File not found
    O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
    O4 - HKLM..\Run: [mcui_exe]  File not found
    O4 - HKLM..\Run: [tray_ico]  File not found
    O4 - HKLM..\Run: [tray_ico2]  File not found
    O4 - HKLM..\Run: [tray_ico3]  File not found
    O4 - HKLM..\Run: [tray_ico4]  File not found
    O4 - HKU\S-1-5-21-2563417192-3813248855-1680157474-1000..\Run: [DriverMax]  File not found
    O4 - HKU\S-1-5-21-2563417192-3813248855-1680157474-1000..\Run: [DriverMax_RESTART]  File not found
    O31 - SafeBoot: AlternateShell - services32.exe
    [2011/07/20 05:44:55 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-8-0-lnk
    [2011/07/20 05:44:55 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-8-0
    [2011/07/18 21:38:04 | 000,000,000 | ---D | C] -- C:\Windows\ufa
    [2011/07/18 21:38:04 | 000,000,000 | ---D | C] -- C:\Windows\phoenix
    [2011/07/18 00:36:10 | 000,000,000 | -H-D | C] -- C:\Windows\update.2
    [2011/07/18 00:31:13 | 000,000,000 | -H-D | C] -- C:\Windows\update.5.0
    [2011/07/17 20:42:12 | 000,000,000 | ---D | C] -- C:\Windows\av_ico
    [2011/07/17 20:39:51 | 000,000,000 | -H-D | C] -- C:\Windows\update.1
    [2011/07/17 20:39:32 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-9-0-lnk
    [2011/07/17 20:39:32 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-9-0
    [2011/07/18 21:39:31 | 000,904,792 | ---- | M] () -- C:\Windows\geoiplist.rar
    [2011/07/18 21:39:31 | 000,246,272 | ---- | M] () -- C:\Windows\unrar.exe
    [2011/07/18 21:38:03 | 005,589,370 | ---- | M] () -- C:\Windows\phoenix.rar
    [2011/07/18 21:38:03 | 001,075,284 | ---- | M] () -- C:\Windows\rpcminer.rar
    [2011/07/18 21:38:03 | 000,182,617 | ---- | M] () -- C:\Windows\ufa.rar
    [2011/07/17 21:00:57 | 000,000,000 | ---- | M] () -- C:\Windows\loader2.exe_ok
    [2011/07/19 22:22:34 | 000,000,180 | ---- | M] () -- C:\Windows\info1
    [2011/07/17 03:24:20 | 004,636,907 | ---- | M] () -- C:\Windows\geoiplist
    [2011/05/27 02:01:27 | 000,000,000 | ---D | C] -- C:\ProgramData\SweetIM
    [2011/05/27 02:01:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SweetIM
    [2011/07/20 05:22:03 | 000,005,396 | ---- | M] () -- C:\Users\Desi\AppData\Roaming\2C3C.AED
    :reg
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "FirewallOverride"=dword:00000000
    "DisableThumbnailCache"=dword:00000000
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall"=dword:00000001
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall"=dword:00000001
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "EnableFirewall"=dword:00000001
    :commands
    [resethosts]
    [emptytemp]
    
    След като въведете скрипта от цитата по-горе натиснете бутона, маркиран в червено: Публикувано изображение

    Ще се създаде лог файл. Публикувайте съдържанието му с Copy/Paste в следващия си коментар.

    PS: Ако не се появи лог файл, отворете папката C:\_OTL\MovedFiles отворете лог файла и публикувайте съдържанието му в следващия си пост.

    • Харесва ми 3

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Лаптоп-а се изключи, това нормално ли е? Ами папките в са C:\_OTL\MovedFiles\07222011_220139 и вътре няма лог файл а лаптоп-а преди това се изключи

    Редактирано от svetlio` (преглед на промените)

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Ами незнам доколко е нормално...скрипта е правилен. Освен да опитате със скрипта отново...да не би лаптопа да е прегрял нещо ? Преди да повторите скрипта спрете Avira и Malwarebytes' Anti-Malware за да пречат на изпълнението на скрипта. Отивам да пия една бира и ще пиша след 1 час.

    • Харесва ми 2

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Добре пак ще пробрам, надявам се да не се изключи.Ще чакам да пишете.

    Редактирано от svetlio` (преглед на промените)

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Какво стана ? :biggrin: Ако пак има проблеми ще се наложи да използваме по хард методики.

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Изпълни ли се скрипта и ако да, очаквам лог файл...не ме дръжте в неведение. :) Да не би да не виждате, че има втора страница отдолу и затова да не пишете ?

    • Харесва ми 2

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Изключил се е отново http://www.kaldata.com/forums/public/style_emoticons/<#EMO_DIR#>/sad.gif

    Да не бях видял че има втора страница, чак сега забелязах :P

    Редактирано от svetlio` (преглед на промените)

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Ок, за радост Combofix вече е съвместим с x64 Операционни Системи.

    Направете следното:

    1. Изтеглете ComboFix от BleepingComputer

    и го запазете (бутон Save -> Save as) ComboFix на вашия десктоп:

    Публикувано изображение

    След приключване на изтеглянето на ComboFix, иконката на програмата би трябвало да изглежда така:

    Публикувано изображение

    2. Затворете всички работещи приложения, отворени прозорци и програми работещи във фонов режим. Спрете временно защитата в реално време на антивирусната програма и на другите програми за сигурност, ако има такива. За целта може да прегледате информацията от този линк: How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs.

    3. Стартирайте с двоен клик Combofix.exe. Изберете YES, за да се съгласите с условията за използване на програмата. Важно: По време на работата на ComboFix не бива да се движи мишката и да се натискат клавиши от клавиатурата. Просто търпеливо оставете ComboFix да си свърши работата, без да използвате компютъра за други цели.

    4. ComboFix ще провери дали Windows Recovery Console e инсталиранa.

    *Ако Windows Recovery Console е инсталирана, ComboFix ще продължи работата си.

    *Ако Windows Recovery Console не е инсталирана, ще е необходимо да използвате YES за инсталация на Windows Recovery Console Публикувано изображение

    Забележка: Необходимо е да сте свързани към Интернет за да може Windows Recovery Console да се изтегли.

    След инсталация на Windows Recovery Console потвърдете с YES, за да продължите напред. Снимка:

    Публикувано изображение

    5. ComboFix ще спре временно Интернет връзката, но след като приключи работата на програмата тази връзка ще бъде възстановена автоматично. ComboFix ще сканира за проблеми и за заразени файлове, като това може да отнеме известно време. Моля да бъдете търпеливи. Ако има проблем с Интернет връзката след приключване на работата на Combofix, моля да прочетете това: Manually restoring the Internet connection section.

    Забележка: При проблеми с ComboFix копирайте с (Copy) и поставете с (Paste) съдържанието на C:\BUG.txt в следващия си коментар.

    6. Когато работата на ComboFix приключи, ще се появи текстов документ (log) в Notepad:

    Публикувано изображение

    Копирайте с (Copy) и поставете с (Paste) съдържанието на лога в следващия си коментар.

    • Харесва ми 2

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Вече нямам проблеми с отварянето на фейсбоок-а, може би с кода който ми дадохте, когато се изключи е фикснал нещо и за сега няма проблеми.Благодаря Ви много!! :):):)

    Редактирано от svetlio` (преглед на промените)

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Всичко е много добре, но аз без да видя логове не мога да гарнатирам, че сме оправили проблема...липсата на симптоми не означава, че всичко е наред. Наистина ли няма лог файл в папката C:\_OTL\MovedFiles и сканирахте ли с Combofix (ако не сте го направете)? Tова е досадна гадина и както сте се уверили след прочетa на останалите подобнки теми в раздела не се маха толкова бързо, а изисква писането на куп скриптове и сканирането с редица специализирани приложения. Ако желаете да продължим ми кажете, ако ли не отговорността и решението са си ваши! Поздрави !

    • Харесва ми 2

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Не, няма логове в папката.Нека спрем за сега, ако се появят отново пак ще дотичам тук :) и ще започнем от където сме спрели :).Благодаря Ви отново!

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Решението си е ваше, но аз гарантирам, че системата все още не е чиста... Лека вечер !

    • Харесва ми 3

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Регистрирайте се или влезете в профила си за да коментирате

    Трябва да имате регистрация за да може да коментирате това

    Регистрирайте се

    Създайте нова регистрация в нашия форум. Лесно е!

    Нова регистрация

    Вход

    Имате регистрация? Влезте от тук.

    Вход


    ×

    Информация

    Този сайт използва бисквитки (cookies), за най-доброто потребителско изживяване. С използването му, вие приемате нашите Условия за ползване.