Jump to content

Проблем с отваряне на Facebook

nono
 Share

Препоръчан пост

s.feradov Новобранец

s.feradov

Публикувано
Публикувано

Изтеглете OTL и запазете файла на Вашия десктоп.

  • Стартирайте OTL с двоен клик върху иконата на програмата. Уверете се, че процесът на сканиране няма да бъде прекъснат.
  • В главния прозорец на програмата сложете отметка пред Scan All Users.
  • В полето Output изберете Minimal Output.
  • В полето Standart Registry изберете All.
  • Сложете отметки пред LOP Check и Purity Check.
  • От падащото меню File Age изберете 90 days.
  • Уверете се, че има отметкa пред Skip Microsoft Files.

В полето "Custom Scans/Fixes" поставете следния текст.

 

netsvcs
msconfig
safebootminimal
safebootnetwork
%SYSTEMDRIVE%*.*
%USERPROFILE%*.*
%USERPROFILE%AppDataLocal*.*
%USERPROFILE%AppDataRoaming*.*
%ProgramData%*.*
%CommonProgramFiles%*.*
%PROGRAMFILES%*.*
%systemroot%system32*.dll /lockedfiles
%systemroot%Tasks*.job /lockedfiles
%systemroot%system32drivers*.sys /90
%systemroot%system32drivers*.sys /lockedfiles
%systemroot%system32Spoolprtprocsw32x86*.dll
%systemroot%\*. /mp /s
/md5start
hlp.dat
winlogon.exe
wininit.exe
userinit.exe
explorer.exe
volsnap.sys
/md5stop

 

Копирайте кода точно както е даден. . Уверете се, че всяка от командите е на нов ред, както е в полето.

 

Натиснете бутона Run Scan. Ще започне сканиране, което няма да продължи дълго.Когато сканирането приключи автоматично ще се отворят два Notepad лог файла - OTL.txt и Extras.txt.

 

Моля прикачете тези два файла към следващия си коментар.

Link to comment
Сподели другаде
  • Отговори 180
  • Създадена
  • Последен отговор

ТОП потребители в тази тема

Популярни дни

ТОП потребители в тази тема

Популярни дни

Публикувани изображения

s.feradov Новобранец

s.feradov

Публикувано
Публикувано

Стартирайте отново OTL.exe. В полето "Custom Scans/Fixes" поставете следния текст:

 

:OTL
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3:[b]64bit:[/b] - HKU\S-1-5-21-2535554402-3959574016-232375437-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKU\S-1-5-21-2535554402-3959574016-232375437-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKU\S-1-5-21-2535554402-3959574016-232375437-1000..\Run: [ASRockIES]  File not found
O4 - HKU\S-1-5-21-2535554402-3959574016-232375437-1000..\Run: [ASRockOCTuner]  File not found
O4 - HKU\S-1-5-21-2535554402-3959574016-232375437-1000..\Run: [zASRockInstantBoot]  File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
:Files
C:\WINDOWS\*.tmp
C:\WINDOWS\System32\*.tmp
:Commands
[emptytemp]
[resethosts]
[reboot]

 

 

Копирайте кода точно както е даден. Уверете се, че не изтървате някое от двуеточията в началото. Уверете се също така, че всяка от командите е на нов ред, както е в полето.

 

След въвеждане на кода в полето "Custom Scans/Fixes", натиснете бутона Run Fix. Потвърдете с OK съобщението за рестартиране на системата.

 

След рестартирането на системата ще се появи текстов дневник/лог файл, намиращ се в C:\_OTL\Moved Files. Моля, прикачете съответния дневник/лог файл към следващия Ви коментар.

 

Като цял логът беше чист. Въпреки това забелязах няколко неща, които може би причиняват проблема. Виждам, че имате инсталиран софтуер, свързан със Skype и Facebook. Съветвам Ви да деинсталирате Facebook Video Calling 1.0.0.8953 и Skype Click to Call.

Link to comment
Сподели другаде
paro Новобранец

paro

Публикувано
Публикувано

Здравейте, така или иначе сме на тема Facebook, искам да споделя с вас един проблем, който съществува от известно време. Същността на проблема е следният: Влизам нормално в профила си във Фейсбук, обаче като кликна на една от иконите до надписа Facebook иконата побелява и никаква реакция (както се вижда от картинката). Също няма и никаква реакция когато кликна върху линк "Харесва ми" или "Сръчкай". Върху други линкове кликването работи нормално. Това се случва само с Opera. С други браузъри няма проблеми.

Opera - версия 11.52 с български интерфейс. ОС - Windows XP Pro Servise pack 3.

Не че е нещо кой знае какво, но ми е интересно защо става така.

Сканирах с MBAM, няма нищо.

Благодаря на всички предварително!

post-1722-0-70688500-1323104704_thumb.jpg

Link to comment
Сподели другаде
pavlinapas Новобранец

pavlinapas

Публикувано
Публикувано

Здравейте,

 

Извиняваме се за забавянето, но сме пропуснали поста ви.

Лог файла изглежда сравнително добре, с леки остатъци от бацила.

Изпълнете следващите стъпки за да ги почистите:

 

 

 

СТЪПКА 1

 

 

 

Cтартирайте пак OTL и с Copy/ Paste под колонката Custom Scans/Fixes въведете скриптовия текст от текстовото поле по-долу, като не забравяте да копирате скрипта 1 към 1, както и двете точки преди първия ред на скрипта!

:OTL
O2 - BHO: (no name) - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - No CLSID value found.
O2 - BHO: (no name) - {E1408919-4A2E-4163-83F9-AA72595ABCFC} - No CLSID value found.
O4 - HKLM..\Run: [tray_ico]  File not found
O4 - HKLM..\Run: [tray_ico0]  File not found
O4 - HKLM..\Run: [tray_ico1]  File not found
O4 - HKLM..\Run: [tray_ico2]  File not found
O4 - HKLM..\Run: [tray_ico3]  File not found
O4 - HKLM..\Run: [tray_ico4]  File not found
O4 - HKU\S-1-5-21-1614895754-1958367476-839522115-1003..\Run: []  File not found
[2011.08.23 12:44:13 | 000,246,272 | ---- | C] () -- C:\WINDOWS\unrar.exe
[2011.08.23 12:43:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\loader2.exe_ok
[2007.12.15 16:10:59 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll
[2007.12.15 16:10:57 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll
[2007.12.15 16:10:56 | 000,000,073 | ---- | C] () -- C:\WINDOWS\System32\ssprs.dll
[2007.12.15 16:10:54 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2007.12.15 16:10:52 | 000,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0CE7F3C9
@Alternate Data Stream - 12 bytes -> C:\Documents and Settings\Pavlina\My Documents:{726B6F7C-E889-4EFE-8CA3-AEF4943DBD38}
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:23FA878E
:files
C:\Documents and Settings\Pavlina\My Documents\Downloads\Flash-Player.exe
C:\WINDOWS\update.1\svchost.exe
C:\WINDOWS\update.2\svchost.exe
netsh winsock reset catalog /c
ipconfig /flushdns /c
:reg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Documents and Settings\Pavlina\My Documents\Downloads\Flash-Player.exe"=-
"C:\WINDOWS\update.1\svchost.exe"=-
"C:\WINDOWS\update.2\svchost.exe"=-
:commands
[resethosts]
[emptyflash]
[emptytemp]

След като въведете скрипта от цитата по-горе натиснете бутона, маркиран в червено: http://store.picbg.net/pubpic/31/0E/045f5994a44b310e.png

Ще се създаде лог файл. Публикувайте съдържанието му с Copy/Paste в следващия си коментар.

 

PS: Ако не се появи лог файл, отворете папката C:\_OTL\MovedFiles отворете лог файла и публикувайте съдържанието му в следващия си пост.

 

 

 

СТЪПКА 2

  • Изтеглете Malwarebytes' Anti-Malware оттук и я инсталирайте.
  • Стартирайте Malwarebytes' Anti-Malware и отидете на UPDATE и натиснете Check for updates.
  • След това се върнете на Scanner изберете Perform QUICK Scan, след това кликнете на Scan.
  • Сканирането ще отнеме малко време, затова моля бъдете търпеливи.
  • Когато сканирането завърши, кликнете на OK, след това Show Results, за да видите резултата.
  • Уверете се, че на всички редове има отметки, и кликнете Remove Selected.
  • Когато всичко бъде премахнато, логът ще бъде отворен в Notepad. Копирайте лога и го публикувайте в следващия си коментар в темата.

Забележка: Ако MalwareBytes' Anti-Malware се затрудни в премахването на откритите вируси/заплахи, той ще поиска да рестартира компютъра и по време на рестартирането да премахне проблемните вируси/заплахи. Ако бъдете попитани, потвърдете че желаете вашия компютър да бъде рестартиран.

 

Здравейте, благодаря за отзивчивостта Ви. ето файловете, и благодаря

12052011_221635---.txt

mbam-log-2011-12-05 (22-35-43).txt

Link to comment
Сподели другаде
  • 2 weeks later...
jordan23 Новобранец

jordan23

Публикувано
Публикувано

Здравейте !

 

Имам проблем с facebook просто не зарежда стои ми на бял екран и това е ако може да ми помогнете ще съм ви благодарен !Прочетох темата и сканирах с OLT и прикачих файловете.Моля помогнете :'( :'(

OTL.Txt

Extras.Txt

Link to comment
Сподели другаде
B-boy/StyLe/ Новобранец

B-boy/StyLe/

Публикувано
Публикувано

Здравейте, благодаря за отзивчивостта Ви. ето файловете, и благодаря

 

Пак не съм видял темата...Лог файловете изглеждат добре вече.

Деинсталирайте OTL

 

Стартирайте OTL още веднъж и натиснете бутона CleanUp.

 

http://i47.tinypic.com/35hfp21.jpg

Ако бъдете подканени да рестартирате, се съгласете.

 

Здравейте !

 

Имам проблем с facebook просто не зарежда стои ми на бял екран и това е ако може да ми помогнете ще съм ви благодарен !Прочетох темата и сканирах с OLT и прикачих файловете.Моля помогнете :'( :'(

 

С кой браузър се появява проблема ? Пробвахте ли с различни ? Почистихте ли и кеша (временните файлове) например с Disk Cleanup или CCleaner ?

В лог файловете не се виждат притеснителни неща породени от зловреден софтуер при бърз преглед:

  • Изтеглете DDS: от BleepingComputer.
  • След изтегляне на файла го запишете (бутон Save => Save as) DDS на вашия десктоп, снимка:
    http://i46.tinypic.com/2exprgh.jpg
  • След като изтеглите DDS на десктопа, иконката на програмата би трябвало да изглежда така: http://i49.tinypic.com/rvwlll.jpg
  • Прекратете временно работата на всички скрипт блокиращи приложения, ако има такива или разрешете изпълнението на dds.scr. След това стартирайте DDS с двоен клик на иконката, като потвърдите с Run.
  • След приключване на работата на DDS копирайте с Copy текста от двата файлови лога, които ще се появят в Notepad: DDS.txt и Attach.txt и ги запазете (бутон Save => Save as) на десктопа.

 

Копирайте и поставете съдържанието на DDS.txt и Attach.txt във вашата тема. Моля, не ги прикачвайте!

Link to comment
Сподели другаде
jordan23 Новобранец

jordan23

Публикувано
Публикувано

Здравейте!

 

Използвам CCleaner и забравих да спомена че не всеки път не може да зареди днеска например не ми е правило проблем вчера изобщо не можех да влезна иначе ето и съдържанието от dds.txt i Attach.txt.

 

DDS.txt

 

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_29

Run by Nasko at 19:21:54 on 2011-12-17

Microsoft Windows XP Professional 5.1.2600.3.1251.359.1033.18.1023.436 [GMT 2:00]

.

AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe

C:\Program Files\AVAST Software\Avast\avastUI.exe

C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\DivX\DivX Update\DivXUpdate.exe

C:\WINDOWS\system32\HPSIsvc.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\IoctlSvc.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

svchost.exe

C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\uTorrent\uTorrent.exe

C:\Program Files\Mozilla Firefox\firefox.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://home.sweetim.com

mStart Page = hxxp://home.sweetim.com

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Babylon toolbar helper: {2eecd738-5844-4a99-b4b6-146bf802613b} - c:\program files\babylontoolbar\babylontoolbar\1.5.3.17\bh\BabylonToolbar.dll

BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: Babylon Toolbar: {98889811-442d-49dd-99d7-dc866be87dbc} - c:\program files\babylontoolbar\babylontoolbar\1.5.3.17\BabylonToolbarTlbr.dll

TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

TB: {71B6ACF7-4F0F-4FD8-BB69-6D1A4D271CB7} - No File

TB: {EEE6C35B-6118-11DC-9C72-001320C79847} - No File

uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe

uRun: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"

uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background

uRun: [skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized

uRun: [speedUpMyPC] "c:\program files\uniblue\speedupmypc\launcher.exe" -d 20000

uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun

uRun: [Advanced SystemCare 4] "c:\program files\iobit\advanced systemcare 4\ASCTray.exe"

uRun: [Google Update] "c:\documents and settings\nasko\local settings\application data\google\update\GoogleUpdate.exe" /c

mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe

mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui

mRun: [NVMixerTray] "c:\program files\nvidia corporation\nvmixer\NVMixerTray.exe"

mRun: [HPUsageTrackingLEDM] "c:\program files\hp\hp ut ledm\bin\hppusg.exe" "c:\program files\hp\hp ut ledm\"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login

mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE

dRunOnce: [RunNarrator] Narrator.exe

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000

IE: Search the Web - c:\program files\sweetim\toolbars\internet explorer\resources\menuext.html

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - d:\pokerstars.net\PokerStarsUpdate.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

TCP: DhcpNameServer = 217.9.237.182 87.246.24.21

TCP: Interfaces\{D53C546B-6D77-4446-A9ED-493E8D118EA8} : DhcpNameServer = 217.9.237.182 87.246.24.21

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

LSA: Authentication Packages = msv1_0 nwprovau

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\nasko\application data\mozilla\firefox\profiles\j5xp97ls.default\

FF - prefs.js: browser.search.defaulturl -

FF - prefs.js: browser.search.selectedEngine - Yahoo

FF - prefs.js: browser.startup.homepage - hxxp://www.google.bg/

FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=382950&p=

FF - plugin: c:\documents and settings\nasko\local settings\application data\google\update\1.3.21.79\npGoogleUpdate3.dll

FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll

FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\google\picasa3\npPicasa3.dll

FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll

FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll

.

---- FIREFOX POLICIES ----

FF - user.js: network.protocol-handler.warn-external.dnupdate - false

FF - user.js: browser.sessionstore.resume_from_crash - false

FF - user.js: extensions.BabylonToolbar_i.id - 8c841f520000000000000011675a9c5e

FF - user.js: extensions.BabylonToolbar_i.hardId - 8c841f520000000000000011675a9c5e

FF - user.js: extensions.BabylonToolbar_i.instlDay - 15319

FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17

FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17

FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1714:14:45

FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon

FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar

FF - user.js: extensions.BabylonToolbar_i.aflt - babsst

FF - user.js: extensions.BabylonToolbar_i.smplGrp - none

FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9

FF - user.js: extensions.BabylonToolbar_i.newTab - false

FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=101292

FF - user.js: extensions.BabylonToolbar_i.babExt -

FF - user.js: extensions.BabylonToolbar_i.srcExt - ss

FF - user.js: extensions.BabylonToolbar_i.instlRef - sst

.

============= SERVICES / DRIVERS ===============

.

R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-6-20 435032]

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-6-20 314456]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-6-20 20568]

R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-6-20 44768]

R2 HP LaserJet Service;HP LaserJet Service;c:\program files\hp\hplaserjetservice\HPLaserJetService.exe [2009-6-24 136704]

R2 HPSIService;HP SI Service;c:\windows\system32\HPSIsvc.exe [2011-7-13 99896]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-12-16 366152]

R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia updatus\daemonu.exe [2011-6-20 2253120]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-16 22216]

R3 mvusbews;USB EWS Device;c:\windows\system32\drivers\mvusbews.sys [2011-7-13 17408]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 gupdate;Услуга на Google Актуализация (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-8-24 136176]

S3 GGSAFERDriver;GGSAFER Driver;\??\c:\program files\garena plus\room\safedrv.sys --> c:\program files\garena plus\room\safedrv.sys [?]

S3 gupdatem;Услуга на Google Актуализация (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-8-24 136176]

S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]

S3 RAMDiskXP;RAMDiskXP;c:\windows\system32\drivers\ramdiskxp.sys --> c:\windows\system32\drivers\RAMDiskXP.sys [?]

S3 Start BT in service;Start BT in service;d:\ivt corporation\bluesoleil\StartSkysolSvc.exe [2007-4-21 52080]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2011-12-16 18:58:15 -------- d-----w- C:\Fraps

2011-12-16 17:25:40 -------- d-----w- c:\documents and settings\nasko\application data\Malwarebytes

2011-12-16 17:25:24 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes

2011-12-16 17:25:21 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-12-16 17:25:20 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-12-16 17:21:51 111872 ----a-w- c:\windows\system32\drivers\TrueSight.sys

2011-12-11 13:02:43 -------- d-----w- c:\documents and settings\nasko\riotsGamesLogs

2011-12-11 13:00:15 -------- d-----w- c:\documents and settings\nasko\application data\LolClient

2011-12-11 12:41:00 -------- d-----w- C:\Riot Games

2011-12-11 12:18:21 -------- d-----w- c:\documents and settings\nasko\local settings\application data\PMB Files

2011-12-11 12:18:15 -------- d-----w- c:\documents and settings\all users\application data\PMB Files

2011-12-11 12:18:02 -------- d-----w- c:\program files\Pando Networks

2011-12-11 12:16:53 -------- d-----w- c:\documents and settings\nasko\application data\BabylonToolbar

2011-12-11 12:14:49 -------- d-----w- c:\program files\BabylonToolbar

2011-12-11 12:14:36 -------- d-----w- c:\documents and settings\nasko\local settings\application data\Babylon

2011-12-11 12:14:36 -------- d-----w- c:\documents and settings\nasko\application data\Babylon

2011-12-11 12:14:36 -------- d-----w- c:\documents and settings\all users\application data\Babylon

2011-12-10 16:50:51 -------- d-----w- c:\documents and settings\nasko\application data\NVIDIA

2011-12-10 15:58:58 -------- d-----w- c:\windows\system32\ReinstallBackups

2011-12-10 15:58:30 919872 ----a-w- c:\windows\system32\nvdispco32.dll

2011-12-10 15:58:30 877376 ----a-w- c:\windows\system32\nvgenco32.dll

2011-12-10 15:58:29 5595136 ----a-w- c:\windows\system32\nvcuda.dll

2011-12-10 15:54:38 -------- d-----w- c:\program files\SystemRequirementsLab

2011-12-07 17:05:30 -------- d-----w- c:\documents and settings\nasko\application data\GarenaPlus

2011-12-07 17:05:05 -------- d-----w- c:\program files\Garena Plus

2011-12-07 17:05:00 -------- d-----w- c:\documents and settings\all users\application data\GarenaMessenger

2011-12-06 17:27:12 -------- d-----w- c:\program files\common files\DivX Shared

2011-12-06 17:26:54 -------- d-----w- c:\program files\DivX

2011-12-06 17:25:58 -------- d-----w- c:\documents and settings\all users\application data\DivX

2011-12-06 15:51:56 -------- d-----w- c:\program files\RAMDisk

2011-12-01 18:48:10 98304 ----a-w- c:\windows\system32\CmdLineExt.dll

2011-11-25 12:58:26 1500160 ----a-w- c:\windows\system32\cc3260mt.dll

2011-11-25 12:58:25 499712 ----a-w- c:\windows\system32\msvcp71.dll

2011-11-24 18:02:22 -------- d-----w- c:\documents and settings\nasko\local settings\application data\Mirillis

2011-11-24 18:02:22 -------- d-----w- c:\documents and settings\nasko\application data\Mirillis

2011-11-24 18:02:22 -------- d-----w- c:\documents and settings\all users\application data\Mirillis

2011-11-24 17:52:17 -------- d-----w- c:\program files\Mirillis

2011-11-22 22:59:44 178432 ----a-w- c:\program files\mozilla firefox\firefoxportable\FirefoxPortable.exe

2011-11-21 11:28:20 265785 ----a-w- c:\windows\system32\pixomatic.dll

2011-11-21 11:28:20 161280 ----a-w- c:\windows\system32\fmod.dll

2011-11-21 11:28:19 565760 ----a-w- c:\windows\system32\temp.001

2011-11-21 11:28:19 54784 ----a-w- c:\windows\system32\msvci70.dll

2011-11-21 11:28:19 499712 ----a-w- c:\windows\system32\temp.000

2011-11-21 11:28:19 487424 ----a-w- c:\windows\system32\Msvcp70.dll

2011-11-21 11:28:19 22016 ----a-w- c:\windows\system32\borlndmm.dll

2011-11-21 11:28:19 188416 ----a-w- c:\windows\system32\eax.dll

2011-11-21 11:28:18 442368 ----a-w- c:\windows\system32\vp6vfw.dll

2011-11-21 01:04:06 2106216 ----a-w- c:\program files\mozilla firefox\firefoxportable\app\firefox\D3DCompiler_43.dll

2011-11-21 01:04:06 1998168 ----a-w- c:\program files\mozilla firefox\firefoxportable\app\firefox\d3dx9_43.dll

2011-11-19 19:01:15 -------- d-----w- c:\program files\IObit

2011-11-19 19:01:15 -------- d-----w- c:\documents and settings\all users\application data\IObit

.

==================== Find3M ====================

.

2011-12-16 17:46:46 285288 ----a-w- c:\windows\system32\nvdrsdb1.bin

2011-12-16 17:46:46 285288 ----a-w- c:\windows\system32\nvdrsdb0.bin

2011-12-16 17:46:46 1 ----a-w- c:\windows\system32\nvdrssel.bin

2011-11-30 14:29:09 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-11-28 18:01:25 41184 ----a-w- c:\windows\avastSS.scr

2011-11-28 17:53:53 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2011-11-16 15:51:02 73728 ----a-w- c:\windows\system32\javacpl.cpl

2011-11-16 15:51:01 472808 ----a-w- c:\windows\system32\deployJava1.dll

2011-10-22 11:05:08 65536 ----a-w- c:\windows\system32\frapsvid.dll

2011-10-20 23:26:22 94208 ----a-w- c:\windows\system32\dpl100.dll

2011-10-08 11:19:43 6144 ----a-w- c:\windows\system32\BReWErS.dll

.

============= FINISH: 19:22:35,76 ===============

 

 

Attach.txt

 

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 6/19/2011 7:40:00 PM

System Uptime: 12/17/2011 8:50:43 AM (11 hours ago)

.

Motherboard: | | NF-CK804

Processor: AMD Sempron Processor 2800+ | Socket 940 | 1607/200mhz

.

==== Disk Partitions =========================

.

A: is Removable

C: is FIXED (NTFS) - 20 GiB total, 4.053 GiB free.

D: is FIXED (NTFS) - 57 GiB total, 5.957 GiB free.

E: is CDROM ()

F: is CDROM ()

G: is CDROM ()

H: is CDROM ()

I: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP74: 12/8/2011 7:39:03 PM - System Checkpoint

RP75: 12/10/2011 11:06:23 AM - System Checkpoint

RP76: 12/11/2011 12:41:11 PM - System Checkpoint

RP77: 12/11/2011 12:44:35 PM - Removed GTA San Andreas

RP78: 12/11/2011 12:45:38 PM - Removed RAMDisk

RP79: 12/11/2011 12:46:39 PM - Removed SweetIM Toolbar for Internet Explorer 4.2

RP80: 12/11/2011 12:47:15 PM - Removed YouTube Downloader Toolbar v4.7.

RP81: 12/11/2011 12:48:19 PM - Removed Angry Birds Seasons

RP82: 12/11/2011 12:48:52 PM - Removed Counter-Strike 1.6

RP83: 12/11/2011 12:53:16 PM - Removed Nero Toolbar.

RP84: 12/11/2011 1:52:15 PM - Installed League of Legends

RP85: 12/11/2011 2:19:00 PM - Removed League of Legends

RP86: 12/11/2011 2:40:51 PM - Installed League of Legends

RP87: 12/12/2011 7:26:42 PM - Installed Microsoft Visual C++ 2005 Redistributable

RP88: 12/12/2011 7:29:54 PM - Removed Microsoft Visual C++ 2005 Redistributable

RP89: 12/13/2011 9:22:16 PM - System Checkpoint

RP90: 12/14/2011 4:20:48 PM - Installed Microsoft Visual C++ 2005 Redistributable

.

==== Installed Programs ======================

.

µTorrent

Acrobat.com

Adobe AIR

Adobe Flash Player 10 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader 9.4.6

ALCATEL PC Suite V6.3.28

AMX Mod X Installer 1.76d

Angry Birds Seasons

avast! Free Antivirus

Babylon toolbar on IE

BitPim 1.0.7.20080908

Bluesoleil3.2.2.8 Release 070421

BS.Player FREE

BulgarianPhonetic XP by G. Atanasov

CCleaner

DAEMON Tools Lite

DivX Setup

Download Updater (AOL LLC)

EVEREST Ultimate Edition v5.30

Fraps (remove only)

Free Audio Converter version 2.2.19.602

Garena 2010

Garena Plus

Google Chrome

Google Earth Plug-in

Google Update Helper

HP LaserJet Professional P1100-P1560-P1600 Series

hppLaserJetService

hppP1100P1560P1600SeriesLaserJetService

hppusgP1100P1560P1600Series

HPSSupply

Java Auto Updater

Java 6 Update 29

League of Legends

Malwarebytes' Anti-Malware version 1.51.2.1300

MarketResearch

Microsoft .NET Framework 2.0

Microsoft .NET Framework 3.0

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Games for Windows - LIVE

Microsoft Games for Windows - LIVE Redistributable

Microsoft Kernel-Mode Driver Framework Feature Pack 1.7

Microsoft Office 2003 Bulgarian User Interface Pack

Microsoft Office 2003 Proofing Tools

Microsoft Office Professional Edition 2003

Microsoft VC9 runtime libraries

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

Mozilla Firefox 8.0 (x86 bg)

MSN

MSXML 6.0 Parser (KB925673)

Nero 7 Premium

neroxml

NVIDIA Control Panel 285.58

NVIDIA Drivers

NVIDIA Graphics Driver 285.58

NVIDIA Install Application

NVIDIA nView 135.95

NVIDIA nView Desktop Manager

NVIDIA PhysX

NVIDIA PhysX System Software 9.11.0621

NVIDIA Update 1.5.20

NVIDIA Update Components

NvMixer

Pando Media Booster

Picasa 3

Skype Click to Call

Skype™ 5.5

Spelling Dictionaries Support For Adobe Reader 9

Splash PRO EX

System Requirements Lab

VC80CRTRedist - 8.0.50727.6195

Warcraft III: All Products

WebFldrs XP

Winamp

Winamp Detector Plug-in

Windows Communication Foundation

Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray

Windows Media Format Runtime

Windows Presentation Foundation

Windows Workflow Foundation

WinRAR 4.01 (32-битова версия)

XML Paper Specification Shared Components Pack 1.0

.

==== Event Viewer Messages From Past Week ========

.

12/16/2011 8:09:39 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.

12/16/2011 7:54:40 PM, error: Service Control Manager [7000] - The MBAMSwissArmy service failed to start due to the following error: The system cannot find the file specified.

12/14/2011 4:19:31 PM, error: Dhcp [1002] - The IP address lease 192.168.1.100 for the Network Card with network address 003018A30C93 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).

12/12/2011 3:59:10 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the HP LaserJet Service service to connect.

12/12/2011 3:59:10 PM, error: Service Control Manager [7000] - The HP LaserJet Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

12/11/2011 12:52:08 PM, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC80.ATL. Reference error message: The referenced assembly is not installed on your system. .

12/11/2011 12:52:08 PM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\DivX\DivX Transcode Engine\mtw178.ddc. Reference error message: The operation completed successfully. .

12/11/2011 12:52:08 PM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\DivX\DivX Transcode Engine\gzHF330.ddc. Reference error message: The operation completed successfully. .

12/11/2011 12:52:08 PM, error: SideBySide [32] - Dependent Assembly Microsoft.VC80.ATL could not be found and Last Error was The referenced assembly is not installed on your system.

.

==== End Of File ===========================

Link to comment
Сподели другаде
B-boy/StyLe/ Новобранец

B-boy/StyLe/

Публикувано
Публикувано

Лично аз не намирам проблеми свързани със зловреден код.

 

 

Изтеглете MiniToolBox.exe и го запазете на десктопа.

 

  • Сложете отметка пред всички обекти и натиснете Go.
  • Копирайте съдържанието на файла Result.txt в следващия си пост.

 

 

 

Моля изтеглете Farbar Service Scanner и я стартирайте.

  • Натиснете бутона "Scan".
  • Ще се създаде лог файл с името (FSS.txt) в папката откъдето стартирате инструмента.
  • Копирайте съдържанието на лог файла в следващия си пост.

 

Поздрави !

Link to comment
Сподели другаде
jordan23 Новобранец

jordan23

Публикувано
Публикувано

Здравейте !

 

Ето съдържанието от файла Result.txt

 

 

MiniToolBox by Farbar

Ran by Nasko (administrator) on 18-12-2011 at 12:19:24

Microsoft Windows XP Professional Service Pack 3 (X86)

 

***************************************************************************

 

========================= Flush DNS: ===================================

 

 

Windows IP Configuration

 

 

 

Successfully flushed the DNS Resolver Cache.

 

 

========================= IE Proxy Settings: ==============================

 

Proxy is not enabled.

No Proxy Server is set.

 

"Reset IE Proxy Settings": IE Proxy Settings were reset.

 

========================= FF Proxy Settings: ==============================

 

 

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

 

========================= Hosts content: =================================

 

127.0.0.1 localhost

127.0.0.1 localhost

 

========================= IP Configuration: ================================

 

NVIDIA nForce Networking Controller = Local Area Connection (Connected)

Bluetooth PAN Network Adapter = Local Area Connection 2 (Media disconnected)

 

 

# ----------------------------------

# Interface IP Configuration

# ----------------------------------

pushd interface ip

 

 

# Interface IP Configuration for "Local Area Connection"

 

set address name="Local Area Connection" source=dhcp

set dns name="Local Area Connection" source=dhcp register=PRIMARY

set wins name="Local Area Connection" source=dhcp

 

# Interface IP Configuration for "Local Area Connection 2"

 

set address name="Local Area Connection 2" source=dhcp

set dns name="Local Area Connection 2" source=dhcp register=PRIMARY

set wins name="Local Area Connection 2" source=dhcp

 

 

popd

# End of interface IP configuration

 

 

 

 

Windows IP Configuration

 

 

 

Host Name . . . . . . . . . . . . : home-438e8c2031

 

Primary Dns Suffix . . . . . . . :

 

Node Type . . . . . . . . . . . . : Unknown

 

IP Routing Enabled. . . . . . . . : No

 

WINS Proxy Enabled. . . . . . . . : Yes

 

DNS Suffix Search List. . . . . . : ddns-lan.pz.ekk.bg

 

 

 

Ethernet adapter Local Area Connection:

 

 

 

Connection-specific DNS Suffix . : ddns-lan.pz.ekk.bg

 

Description . . . . . . . . . . . : NVIDIA nForce Networking Controller

 

Physical Address. . . . . . . . . : 00-30-18-A3-0C-93

 

Dhcp Enabled. . . . . . . . . . . : Yes

 

Autoconfiguration Enabled . . . . : Yes

 

IP Address. . . . . . . . . . . . : 87.97.165.77

 

Subnet Mask . . . . . . . . . . . : 255.255.255.192

 

Default Gateway . . . . . . . . . : 87.97.165.65

 

DHCP Server . . . . . . . . . . . : 87.97.165.65

 

DNS Servers . . . . . . . . . . . : 217.9.237.182

 

87.246.24.21

 

NetBIOS over Tcpip. . . . . . . . : Disabled

 

Lease Obtained. . . . . . . . . . : 18 Декември 2011 г. 11:12:56

 

Lease Expires . . . . . . . . . . : 18 Декември 2011 г. 14:28:26

 

 

 

Ethernet adapter Local Area Connection 2:

 

 

 

Media State . . . . . . . . . . . : Media disconnected

 

Description . . . . . . . . . . . : Bluetooth PAN Network Adapter

 

Physical Address. . . . . . . . . : 00-11-67-5A-9C-5E

 

Server: unknown.interbgc.com

Address: 217.9.237.182

 

Name: google.com.pz.ekk.bg

Address: 217.18.240.147

 

 

 

Pinging google.com [173.194.69.104] with 32 bytes of data:

 

 

 

Reply from 173.194.69.104: bytes=32 time=49ms TTL=49

 

Reply from 173.194.69.104: bytes=32 time=47ms TTL=49

 

 

 

Ping statistics for 173.194.69.104:

 

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

 

Approximate round trip times in milli-seconds:

 

Minimum = 47ms, Maximum = 49ms, Average = 48ms

 

Server: unknown.interbgc.com

Address: 217.9.237.182

 

Name: yahoo.com.pz.ekk.bg

Address: 217.18.240.147

 

 

 

Pinging yahoo.com [72.30.2.43] with 32 bytes of data:

 

 

 

Reply from 72.30.2.43: bytes=32 time=202ms TTL=54

 

Reply from 72.30.2.43: bytes=32 time=208ms TTL=54

 

 

 

Ping statistics for 72.30.2.43:

 

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

 

Approximate round trip times in milli-seconds:

 

Minimum = 202ms, Maximum = 208ms, Average = 205ms

 

Server: unknown.interbgc.com

Address: 217.9.237.182

 

Name: bleepingcomputer.com.pz.ekk.bg

Address: 217.18.240.147

 

 

 

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

 

 

 

Reply from 208.43.87.2: Destination host unreachable.

 

Reply from 208.43.87.2: Destination host unreachable.

 

 

 

Ping statistics for 208.43.87.2:

 

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

 

Approximate round trip times in milli-seconds:

 

Minimum = 0ms, Maximum = 0ms, Average = 0ms

 

 

 

Pinging 127.0.0.1 with 32 bytes of data:

 

 

 

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

 

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

 

 

 

Ping statistics for 127.0.0.1:

 

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

 

Approximate round trip times in milli-seconds:

 

Minimum = 0ms, Maximum = 0ms, Average = 0ms

 

===========================================================================

Interface List

0x1 ........................... MS TCP Loopback interface

0x2 ...00 30 18 a3 0c 93 ...... NVIDIA nForce Networking Controller - Packet Scheduler Miniport

0x3 ...00 11 67 5a 9c 5e ...... Bluetooth PAN Network Adapter - Packet Scheduler Miniport

===========================================================================

===========================================================================

Active Routes:

Network Destination Netmask Gateway Interface Metric

0.0.0.0 0.0.0.0 87.97.165.65 87.97.165.77 20

87.97.165.64 255.255.255.192 87.97.165.77 87.97.165.77 20

87.97.165.77 255.255.255.255 127.0.0.1 127.0.0.1 20

87.255.255.255 255.255.255.255 87.97.165.77 87.97.165.77 20

127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1

224.0.0.0 240.0.0.0 87.97.165.77 87.97.165.77 20

255.255.255.255 255.255.255.255 87.97.165.77 87.97.165.77 1

255.255.255.255 255.255.255.255 87.97.165.77 3 1

Default Gateway: 87.97.165.65

===========================================================================

Persistent Routes:

None

========================= Winsock entries =====================================

 

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)

Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)

Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)

Catalog5 04 C:\Windows\System32\nwprovau.dll [142336] (Microsoft Corporation)

Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)

Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)

Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 20 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 21 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 22 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

 

========================= Event log errors: ===============================

 

Application errors:

==================

Error: (12/17/2011 04:08:44 PM) (Source: Application Error) (User: )

Description: Faulting application l2.exe, version 0.0.0.0, faulting module nwindow.dll, version 0.0.0.0, fault address 0x0045ac82.

Processing media-specific event for [l2.exe!ws!]

 

Error: (12/17/2011 00:09:37 AM) (Source: Application Error) (User: )

Description: Faulting application l2.exe, version 0.0.0.0, faulting module nwindow.dll, version 0.0.0.0, fault address 0x0045ac82.

Processing media-specific event for [l2.exe!ws!]

 

Error: (12/16/2011 11:24:42 PM) (Source: Application Error) (User: )

Description: Faulting application l2.exe, version 0.0.0.0, faulting module nwindow.dll, version 0.0.0.0, fault address 0x0045b372.

Processing media-specific event for [l2.exe!ws!]

 

Error: (12/16/2011 10:27:02 PM) (Source: Application Error) (User: )

Description: Faulting application l2.exe, version 0.0.0.0, faulting module nwindow.dll, version 0.0.0.0, fault address 0x0045ac82.

Processing media-specific event for [l2.exe!ws!]

 

Error: (12/15/2011 07:44:35 PM) (Source: Application Error) (User: )

Description: Faulting application l2.exe, version 0.0.0.0, faulting module nwindow.dll, version 0.0.0.0, fault address 0x0045ac82.

Processing media-specific event for [l2.exe!ws!]

 

Error: (12/13/2011 09:05:16 PM) (Source: Application Error) (User: )

Description: Faulting application l2.exe, version 0.0.0.0, faulting module nwindow.dll, version 0.0.0.0, fault address 0x0045ac82.

Processing media-specific event for [l2.exe!ws!]

 

Error: (12/13/2011 08:41:10 PM) (Source: Application Error) (User: )

Description: Faulting application l2.exe, version 0.0.0.0, faulting module nwindow.dll, version 0.0.0.0, fault address 0x0045ac82.

Processing media-specific event for [l2.exe!ws!]

 

Error: (12/11/2011 00:48:19 PM) (Source: MsiInstaller) (User: Nasko)Nasko

Description: Product: Angry Birds Seasons -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: AI_UPDATER_UNINSTALL, location: D:\Angry Birds Cracked Final Complete Pack-SenseMan\Angry.Birds.Seasons.v1.5.1.Cracked.GAME-ErES\updater.exe, command: /clean silent

 

Error: (12/08/2011 09:11:04 PM) (Source: Application Error) (User: )

Description: Faulting application war3.exe, version 1.26.0.6401, faulting module unknown, version 0.0.0.0, fault address 0x6d9ab2a0.

Processing media-specific event for [war3.exe!ws!]

 

Error: (12/08/2011 04:47:06 PM) (Source: Application Error) (User: )

Description: Faulting application divx plus player.exe, version 10.3.0.39, faulting module unknown, version 0.0.0.0, fault address 0x066e1ae6.

Processing media-specific event for [divx plus player.exe!ws!]

 

 

System errors:

=============

Error: (12/16/2011 08:09:39 PM) (Source: 0) (User: )

Description: 0xC0000001HarddiskVolume1

 

Error: (12/16/2011 08:08:02 PM) (Source: Service Control Manager) (User: )

Description: The MBAMSwissArmy service failed to start due to the following error:

%%2

 

Error: (12/16/2011 07:54:40 PM) (Source: Service Control Manager) (User: )

Description: The MBAMSwissArmy service failed to start due to the following error:

%%2

 

Error: (12/14/2011 04:19:31 PM) (Source: Dhcp) (User: )

Description: The IP address lease 192.168.1.100 for the Network Card with network address 003018A30C93 has been

denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).

 

Error: (12/12/2011 03:59:10 PM) (Source: Service Control Manager) (User: )

Description: The HP LaserJet Service service failed to start due to the following error:

%%1053

 

Error: (12/12/2011 03:59:10 PM) (Source: Service Control Manager) (User: )

Description: Timeout (30000 milliseconds) waiting for the HP LaserJet Service service to connect.

 

Error: (12/11/2011 00:52:08 PM) (Source: SideBySide) (User: )

Description: Generate Activation Context failed for C:\Program Files\DivX\DivX Transcode Engine\mtw178.ddc.

Reference error message: The operation completed successfully.

.

 

Error: (12/11/2011 00:52:08 PM) (Source: SideBySide) (User: )

Description: Resolve Partial Assembly failed for Microsoft.VC80.ATL.

Reference error message: The referenced assembly is not installed on your system.

.

 

Error: (12/11/2011 00:52:08 PM) (Source: SideBySide) (User: )

Description: Dependent Assembly Microsoft.VC80.ATL could not be found and Last Error was The referenced assembly is not installed on your system.

 

Error: (12/11/2011 00:52:08 PM) (Source: SideBySide) (User: )

Description: Generate Activation Context failed for C:\Program Files\DivX\DivX Transcode Engine\gzHF330.ddc.

Reference error message: The operation completed successfully.

.

 

 

Microsoft Office Sessions:

=========================

Error: (12/17/2011 04:08:44 PM) (Source: Application Error)(User: )

Description: l2.exe0.0.0.0nwindow.dll0.0.0.00045ac82

 

Error: (12/17/2011 00:09:37 AM) (Source: Application Error)(User: )

Description: l2.exe0.0.0.0nwindow.dll0.0.0.00045ac82

 

Error: (12/16/2011 11:24:42 PM) (Source: Application Error)(User: )

Description: l2.exe0.0.0.0nwindow.dll0.0.0.00045b372

 

Error: (12/16/2011 10:27:02 PM) (Source: Application Error)(User: )

Description: l2.exe0.0.0.0nwindow.dll0.0.0.00045ac82

 

Error: (12/15/2011 07:44:35 PM) (Source: Application Error)(User: )

Description: l2.exe0.0.0.0nwindow.dll0.0.0.00045ac82

 

Error: (12/13/2011 09:05:16 PM) (Source: Application Error)(User: )

Description: l2.exe0.0.0.0nwindow.dll0.0.0.00045ac82

 

Error: (12/13/2011 08:41:10 PM) (Source: Application Error)(User: )

Description: l2.exe0.0.0.0nwindow.dll0.0.0.00045ac82

 

Error: (12/11/2011 00:48:19 PM) (Source: MsiInstaller)(User: Nasko)Nasko

Description: Product: Angry Birds Seasons -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: AI_UPDATER_UNINSTALL, location: D:\Angry Birds Cracked Final Complete Pack-SenseMan\Angry.Birds.Seasons.v1.5.1.Cracked.GAME-ErES\updater.exe, command: /clean silent (NULL)(NULL)(NULL)

 

Error: (12/08/2011 09:11:04 PM) (Source: Application Error)(User: )

Description: war3.exe1.26.0.6401unknown0.0.0.06d9ab2a0

 

Error: (12/08/2011 04:47:06 PM) (Source: Application Error)(User: )

Description: divx plus player.exe10.3.0.39unknown0.0.0.0066e1ae6

 

 

=========================== Installed Programs ============================

 

µTorrent (Version: 2.2.1)

Acrobat.com (Version: 0.0.0)

Acrobat.com (Version: 1.1.377)

Adobe AIR (Version: 1.0.4990)

Adobe AIR (Version: 1.0.8.4990)

Adobe Flash Player 10 ActiveX (Version: 10.3.181.34)

Adobe Flash Player 11 Plugin (Version: 11.0.1.152)

Adobe Reader 9.4.6 (Version: 9.4.6)

ALCATEL PC Suite V6.3.28

AMX Mod X Installer 1.76d (Version: 1.76d)

Angry Birds Seasons (Version: 1.5.1)

avast! Free Antivirus (Version: 6.0.1367.0)

Babylon toolbar on IE

BitPim 1.0.7.20080908 (Version: 1.0.7.20080908)

Bluesoleil3.2.2.8 Release 070421 (Version: 3.2.2.8 Release 070421)

BS.Player FREE (Version: 2.55.1042)

BulgarianPhonetic XP by G. Atanasov

CCleaner (Version: 3.12)

DAEMON Tools Lite (Version: 4.40.2.0131)

DivX Setup (Version: 2.6.0.34)

Download Updater (AOL LLC)

EVEREST Ultimate Edition v5.30 (Version: 5.30)

Fraps (remove only)

Free Audio Converter version 2.2.19.602

Garena Plus (Version: 2011)

Google Earth Plug-in (Version: 6.1.0.5001)

Google Update Helper (Version: 1.3.21.79)

HP LaserJet Professional P1100-P1560-P1600 Series

hppLaserJetService (Version: 001.001.0.0)

hppP1100P1560P1600SeriesLaserJetService (Version: 001.001.0.0)

hppusgP1100P1560P1600Series (Version: 1.0.0.1)

HPSSupply (Version: 2.1.1.0000)

Java Auto Updater (Version: 2.0.6.1)

Java 6 Update 29 (Version: 6.0.290)

League of Legends (Version: 1.02.0000)

Malwarebytes' Anti-Malware version 1.51.2.1300 (Version: 1.51.2.1300)

MarketResearch (Version: 130.0.374.000)

Microsoft .NET Framework 2.0

Microsoft .NET Framework 2.0 (Version: 2.0.50727)

Microsoft .NET Framework 3.0

Microsoft .NET Framework 3.0 (Version: 3.0.04506.30)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)

Microsoft .NET Framework 4 Extended (Version: 4.0.30319)

Microsoft Games for Windows - LIVE (Version: 2.0.687.0)

Microsoft Games for Windows - LIVE Redistributable (Version: 2.0.687.0)

Microsoft Kernel-Mode Driver Framework Feature Pack 1.7

Microsoft Office 2003 Bulgarian User Interface Pack (Version: 11.0.5614.0)

Microsoft Office 2003 Proofing Tools (Version: 11.0.5614.0)

Microsoft Office Professional Edition 2003 (Version: 11.0.5614.0)

Microsoft VC9 runtime libraries (Version: 2.0.0)

Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)

Mozilla Firefox 8.0 (x86 bg) (Version: 8.0)

MSN

MSXML 6.0 Parser (KB925673) (Version: 6.00.3888.0)

Nero 7 Premium (Version: 7.03.1357)

neroxml (Version: 1.0.0)

NVIDIA Control Panel 285.58 (Version: 285.58)

NVIDIA Drivers

NVIDIA Graphics Driver 285.58 (Version: 285.58)

NVIDIA Install Application (Version: 2.1002.46.235)

NVIDIA nView 135.95 (Version: 135.95)

NVIDIA nView Desktop Manager (Version: 6.14.10.13585)

NVIDIA PhysX (Version: 9.11.0621)

NVIDIA PhysX System Software 9.11.0621 (Version: 9.11.0621)

NVIDIA Update 1.5.20 (Version: 1.5.20)

NVIDIA Update Components (Version: 1.5.20)

NvMixer

Pando Media Booster (Version: 2.6.0.1)

Picasa 3 (Version: 3.8)

Skype Click to Call (Version: 5.6.8442)

Skype™ 5.5 (Version: 5.5.124)

Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)

Splash PRO EX (Version: 1.12.1)

System Requirements Lab

VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)

WebFldrs XP (Version: 9.50.7523)

Winamp (Version: 5.622 )

Windows Communication Foundation (Version: 3.0.04506.30)

Windows Media Format Runtime

Windows Presentation Foundation (Version: 3.0.6920.0)

Windows Workflow Foundation (Version: 3.0.4203.2)

WinRAR 4.01 (32-битова версия) (Version: 4.01.0)

XML Paper Specification Shared Components Pack 1.0

 

========================= Devices: ================================

 

 

========================= Memory info: ===================================

 

Percentage of memory in use: 66%

Total physical RAM: 1023.48 MB

Available physical RAM: 343.68 MB

Total Pagefile: 2458.67 MB

Available Pagefile: 1954.67 MB

Total Virtual: 2047.88 MB

Available Virtual: 1979.29 MB

 

========================= Partitions: =====================================

 

2 Drive c: () (Fixed) (Total:20.07 GB) (Free:4.12 GB) NTFS

3 Drive d: () (Fixed) (Total:56.61 GB) (Free:14.7 GB) NTFS

 

========================= Users: ========================================

 

User accounts for \\HOME-438E8C2031

 

Admin Administrator ASPNET

Guest HelpAssistant Nasko

SUPPORT_388945a0 UpdatusUser

 

========================= Minidump Files ==================================

 

No minidump file found

 

**** End of log ****

 

 

И съдържанието от FSS.txt

 

 

Farbar Service Scanner

Ran by Nasko (administrator) on 18-12-2011 at 12:25:29

Microsoft Windows XP Professional Service Pack 3 (X86)

********************************************************

 

Service Check:

==============

 

File Check:

===========

C:\WINDOWS\system32\svchost.exe => MD5 is legit

C:\WINDOWS\system32\rpcss.dll

[2008-04-14 14:00] - [2008-04-14 14:00] - 0399360 ____A (Microsoft Corporation) 2589FE6015A316C0F5D5112B4DA7B509

 

C:\WINDOWS\system32\services.exe

[2008-04-14 14:00] - [2008-04-14 14:00] - 0108544 ____A (Microsoft Corporation) 0E776ED5F7CC9F94299E70461B7B8185

 

C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit

C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit

C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit

C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit

C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit

C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit

 

Connection Status:

==================

Localhost is accessible.

LAN connected.

Google IP is accessible.

Yahoo IP is accessible.

 

**** End of log ****

Link to comment
Сподели другаде
B-boy/StyLe/ Новобранец

B-boy/StyLe/

Публикувано
Публикувано

Лог файловете са нормални.

Освен причината да е във вашия интернет доставчик.

Почистете темп файловете, можете да почистите и DNS кеша (с командата => Start => Run => напишете CMD => натиснете Enter и в конзолата въведете ipconfig /flushdns => натиснете Enter). Рестартирайте машината.

Link to comment
Сподели другаде
  • 5 months later...
kalina ivanova Новобранец

kalina ivanova

Публикувано
Публикувано

Здравейте!

При мен facebook се отваря само като тескт, без всякакви логота, снимки, новини и изобщо цветови оформления, все едно съм влязла от някакъв стар бъгнат телефон. Текста е изцяло в лявата страна на монитора, останалата част е празна- бяла. Изчетох темата и също инсталирах OTL ето и моите OTL.Txt , Extras.Txt

OTL.Txt

Extras.Txt

Link to comment
Сподели другаде
Night_Raven Изследовател

Night_Raven

Публикувано
Публикувано

Изтегли OTL и го запази на работния плот:

- стартирай инструмента;

- постави отметка в горната част на Scan All Users;

- в поле Standard Registry избери All;

- от падащо меню File Age избери 90 Days;

- постави отметки още на: Skip Microsoft Files, LOP Check и Purity Check;

- в поле Custom Scans/Fixes (в долната част на програмата) постави следния текст (маркирай го, натисни Ctrl+C и после в полето на OTL натисни Ctrl+V):

netsvcs
msconfig
safebootminimal
safebootnetwork
"%WinDir%\$NtUninstallKB*$." /30
C:\Program Files\Common Files\ComObjects\*.* /s
%SYSTEMDRIVE%\*.*
%USERPROFILE%\*.*
%USERPROFILE%\Application Data\*.*
%USERPROFILE%\Local Settings\Application Data\*.*
%AllUsersProfile%\*.*
%AllUsersProfile%\Application Data\*.*
%USERPROFILE%\My Documents\*.*
%CommonProgramFiles%\*.*
%PROGRAMFILES%\*.*
%systemroot%\system32\config\systemprofile\*.*
%windir%\ServiceProfiles\LocalService\AppData\Local\Temp\*.*
%windir%\ServiceProfiles\NetworkService\AppData\Local\Temp\*.*
%windir%	emp*.*
%windir%\system32\*.
%Temp%\smtmp\1\*.*
%Temp%\smtmp\2\*.*
%Temp%\smtmp\3\*.*
%Temp%\smtmp\4\*.*
%systemroot%\system32\DBBK\*.* /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /90
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\Spool\prtprocs\w32x86\*.dll
%systemroot%\*. /rp /s
%systemroot%\assembly	mp\*.* /S /MD5
%systemroot%\assembly	emp\*.* /S /MD5
%systemroot%\assembly\GAC_32\*.* /S /MD5
%systemroot%\assembly\GAC_MSIL\*.* /S /MD5
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes /s
HKEY_CLASSES_ROOT\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} /s
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} /s
>C:\commands.txt echo list vol /raw /hide /c
/wait
>C:\DiskReport.txt diskpart /s C:\commands.txt /raw /hide /c
/wait
type c:\diskreport.txt /c
/wait
erase c:\commands.txt /hide /c
/wait
erase c:\diskreport.txt /hide /c
/md5start
smss.exe
winlogon.exe
services.exe
lsass.exe
svchost.exe
explorer.exe
userinit.exe
atapi.sys
iaStor.sys
serial.sys
disk.sys
volsnap.sys
redbook.sys
i8042prt.sys
afd.sys
netbt.sys
tcpip.sys
ipsec.sys
hlp.dat
/md5stop

- кликни бутон Run Scan;

Изчакай сканирането да приключи. След края на сканирането автоматично ще се отворят двата новосъздадени на работния плот файла: OTL.txt и Extras.txt.

 

Моля, прикачи тези два файла (поотделно или в архив) към следващия си коментар.

Link to comment
Сподели другаде

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Гост
Отговори на тази тема

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   Не можете да качите директно снимка. Качете или добавете изображението от линк (URL)

Loading...
×
 Share
Иди на предишната тема
×
×
  • Създай ново...