Agiko92
(Agnex)
13 Maj 2012 11:14
#1
Pomimo wielu tematów na forum nadal nie mogę rozwiązać problemu z FB…Przeskanowałam kilkakrotnie komputer i nie znalazłam wirusów. FB nie działa mi na żadnej przeglądarce…w porywach tak ale to tylko logowanie a potem nic i tak nie da się zrobić. Używałam wielu przeglądarek : Opera, Mozilla, IE, Safari, Google Chrome, jedynie po wyczyszczeniu danych przeglądarek można było przez kilka minut popracować na FB.Podobno potrzebne są Log z OTL
LOG Z OTL : http://www.wklej.org/id/751741/
Extras: http://www.wklej.org/id/751742/
Nie wiem jak się tym posługiwać więc prosze o dokładne informacje na ten temat.
Z góry przepraszam za błędy na wątku ale jestem tu pierwszy raz i niezbyt wiem jak się tu odnaleźć
Leon1
(Leon$)
13 Maj 2012 11:35
#2
odinstaluj
OTL w oknie Custom Scans-Fixes (własne opcje skanowania/skrypt)wklej następujący skrypt:
:OTL PRC - [2011-03-23 23:55:26 | 000,028,762 | ---- | M] (MyWebSearch.com ) – C:\PROGRA~2\MYWEBS~1\bar\3.bin\mwssvc.exe SRV - [2011-03-26 17:30:07 | 000,008,192 | ---- | M] () [Auto | Stopped] – C:\Windows\SysWOW64\srvany.exe – (KMService) SRV - [2011-03-23 23:55:26 | 000,028,762 | ---- | M] (MyWebSearch.com ) [Auto | Running] – C:\PROGRA~2\MYWEBS~1\bar\3.bin\mwssvc.exe – (MyWebSearchService) IE - HKLM…\SearchScopes{56256A51-B582-467e-B8D4-7786EDA79AE0}: “URL” = http://search.mywebsearch.com/mywebsear … searchfor={searchTerms} IE - HKLM…\SearchScopes{afdbddaa-5d3f-42ee-b79c-185a7020515b}: “URL” = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3031607 IE - HKU.DEFAULT…\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found IE - HKU\S-1-5-18…\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found IE - HKU\S-1-5-21-3316444486-3805150963-2814429223-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.funmoods.com/?f=1&a=nv1 IE - HKU\S-1-5-21-3316444486-3805150963-2814429223-1000…\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - No CLSID value found IE - HKU\S-1-5-21-3316444486-3805150963-2814429223-1000…\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - SOFTWARE\Classes\CLSID{00A6FAF6-072E-44cf-8957-5838F569A31D}\InprocServer32 File not found IE - HKU\S-1-5-21-3316444486-3805150963-2814429223-1000…\URLSearchHook: {08d6b0b4-c132-470d-a8e2-aa2e9c3851c9} - C:\Program Files (x86)\SFT_eng7\prxtbSFT_.dll (Conduit Ltd.) IE - HKU\S-1-5-21-3316444486-3805150963-2814429223-1000…\URLSearchHook: {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Program Files (x86)\BrotherSoft_Extreme\tbBrot.dll (Conduit Ltd.) IE - HKU\S-1-5-21-3316444486-3805150963-2814429223-1000…\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found IE - HKU\S-1-5-21-3316444486-3805150963-2814429223-1000…\URLSearchHook: {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files (x86)\Veoh_Web_Player\prxtbVeoh.dll (Conduit Ltd.) IE - HKU\S-1-5-21-3316444486-3805150963-2814429223-1000…\SearchScopes,DefaultScope = {B4D848AA-2B04-45D7-81D7-3576868074DA} IE - HKU\S-1-5-21-3316444486-3805150963-2814429223-1000…\SearchScopes{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: “URL” = http://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=101067&mntrId=364f1e8d00000000000002262d8392ba IE - HKU\S-1-5-21-3316444486-3805150963-2814429223-1000…\SearchScopes{39BC1ADE-44A2-4EDB-9BA6-74E0DC7E7228}: “URL” = http://websearch.ask.com/redirect?clien … src=crm&q={searchTerms}&locale=&apn_ptnrs=2U&apn_dtid=YYYYYYYYPL&apn_uid=e6e9f112-0e71-4f1f-ab11-fb45198e26ba&apn_sauid=67601C7A-9B1B-4D68-9423-77FA5232618B IE - HKU\S-1-5-21-3316444486-3805150963-2814429223-1000…\SearchScopes{56256A51-B582-467e-B8D4-7786EDA79AE0}: “URL” = http://search.mywebsearch.com/mywebsear … searchfor={searchTerms} IE - HKU\S-1-5-21-3316444486-3805150963-2814429223-1000…\SearchScopes{afdbddaa-5d3f-42ee-b79c-185a7020515b}: “URL” = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3031607 IE - HKU\S-1-5-21-3316444486-3805150963-2814429223-1000…\SearchScopes{B4D848AA-2B04-45D7-81D7-3576868074DA}: “URL” = http://start.funmoods.com/results.php?f=4&a=nv1&q={searchTerms} FF - prefs.js…browser.startup.homepage: “http://start.funmoods.com/?f=1&a=nv1 ” FF - HKLM\Software\MozillaPlugins@mywebsearch.com/Plugin: C:\Program Files (x86)\MyWebSearch\bar\3.bin\NPMyWebS.dll File not found FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\m3ffxtbr@mywebsearch.com: C:\Program Files (x86)\MyWebSearch\bar\3.bin [2012-05-12 22:10:10 | 000,000,000 | —D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\{3C5F0F00-683D-4847-89C8-E7AF64FD1CFB}: C:\Program Files (x86)\RelevantKnowledge [2012-05-12 22:32:42 | 000,000,000 | —D | M] [2012-01-25 18:33:00 | 000,000,000 | —D | M] (Babylon) – C:\Users\Agusia\AppData\Roaming\mozilla\Firefox\Profiles\s00b0g6d.default\extensions\ffxtlbr@babylon.com [2012-02-20 23:42:42 | 000,000,000 | —D | M] (Funmoods.com ) – C:\Users\Agusia\AppData\Roaming\mozilla\Firefox\Profiles\s00b0g6d.default\extensions\ffxtlbr@funmoods.com [2012-02-20 23:17:06 | 000,001,797 | ---- | M] () – C:\Users\Agusia\AppData\Roaming\Mozilla\Firefox\Profiles\s00b0g6d.default\searchplugins\funmoods.xml [2012-01-25 17:48:32 | 000,002,288 | ---- | M] () – C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml O2 - BHO: (SFT_eng7 Toolbar) - {08d6b0b4-c132-470d-a8e2-aa2e9c3851c9} - C:\Program Files (x86)\SFT_eng7\prxtbSFT_.dll (Conduit Ltd.) O2 - BHO: (I Want This) - {11111111-1111-1111-1111-110011221158} - C:\Program Files (x86)\I Want This\I Want This.dll File not found O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O2 - BHO: (BrotherSoft Extreme Toolbar) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Program Files (x86)\BrotherSoft_Extreme\tbBrot.dll (Conduit Ltd.) O2 - BHO: (Veoh Web Player Toolbar) - {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files (x86)\Veoh_Web_Player\prxtbVeoh.dll (Conduit Ltd.) O3:64bit: - HKLM…\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM…\Toolbar: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files (x86)\MyWebSearch\bar\3.bin\MWSBAR.DLL File not found O3 - HKLM…\Toolbar: (SFT_eng7 Toolbar) - {08d6b0b4-c132-470d-a8e2-aa2e9c3851c9} - C:\Program Files (x86)\SFT_eng7\prxtbSFT_.dll (Conduit Ltd.) O3 - HKLM…\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O3 - HKLM…\Toolbar: (Veoh Web Player Toolbar) - {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files (x86)\Veoh_Web_Player\prxtbVeoh.dll (Conduit Ltd.) O3 - HKLM…\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-3316444486-3805150963-2814429223-1000…\Toolbar\WebBrowser: (SFT_eng7 Toolbar) - {08D6B0B4-C132-470D-A8E2-AA2E9C3851C9} - C:\Program Files (x86)\SFT_eng7\prxtbSFT_.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-3316444486-3805150963-2814429223-1000…\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-3316444486-3805150963-2814429223-1000…\Toolbar\WebBrowser: (BrotherSoft Extreme Toolbar) - {51A86BB3-6602-4C85-92A5-130EE4864F13} - C:\Program Files (x86)\BrotherSoft_Extreme\tbBrot.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-3316444486-3805150963-2814429223-1000…\Toolbar\WebBrowser: (Veoh Web Player Toolbar) - {CD90BF73-20F6-44EF-993D-BB920303BD2E} - C:\Program Files (x86)\Veoh_Web_Player\prxtbVeoh.dll (Conduit Ltd.) O4 - HKLM…\Run: [.] C:\Program Files (x86)\windowsUpdate\server.exe File not found O4 - HKLM…\Run: [ApnUpdater] “C:\Program Files (x86)\Ask.com \Updater\Updater.exe” File not found O4 - HKLM…\Run: [ROC_roc_dec12] “C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe” /PROMPT /CMPID=roc_dec12 File not found O4 - HKU\S-1-5-19…\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20…\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found O8:64bit: - Extra context menu item: Crawler Search - tbr:iemenu File not found O8:64bit: - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html File not found O8:64bit: - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Wyślij &do programu OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Crawler Search - tbr:iemenu File not found O8 - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html File not found O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Wyślij &do programu OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found O9 - Extra Button: ClickPotato - {B58926D6-CFB0-45d2-9C28-4B5A0F0368AE} - Reg Error: Key error. File not found O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) [2012-05-12 21:03:41 | 000,000,000 | —D | C] – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge [2012-05-13 12:46:02 | 000,000,932 | ---- | M] () – C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3316444486-3805150963-2814429223-1000UA.job [2012-05-13 12:27:00 | 000,000,930 | ---- | M] () – C:\Windows\tasks\Adobe Flash Player Updater.job [2012-05-13 12:23:21 | 000,000,324 | ---- | M] () – C:\Windows\tasks\GlaryInitialize.job [2012-05-13 12:16:02 | 000,001,062 | ---- | M] () – C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3316444486-3805150963-2814429223-1000UA.job [2012-05-12 21:46:06 | 000,000,910 | ---- | M] () – C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3316444486-3805150963-2814429223-1000Core.job [2012-05-12 21:16:03 | 000,001,010 | ---- | M] () – C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3316444486-3805150963-2814429223-1000Core.job :Reg [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2] :Commands [RESETHOSTS] [emptytemp]
Kliknij w Run Fix (Wykonaj scrypt). Zatwierdź restart komputera.
Pokaż log z usuwania.
potem nowy log OTL robiony opcją Run Scan (Skanuj)
Agiko92
(Agnex)
13 Maj 2012 12:00
#3
Leon1
(Leon$)
13 Maj 2012 12:26
#4
Pobierz CCleaner http://www.filehippo.com/download_ccleaner/
przeskanuj nim i wyczyść rejestr.
W OTL kilknij CleanUp (Sprzątanie)
przeskanuj
Dr.WEB CureIt! http://www.dobreprogramy.pl/DrWEB-CureI … 12976.html