Theo13
21 Sierpień 2011 20:29
#1
Witam.
Mam następujący problem: z komputera znajomej nie można otworzyć strony facebooka – otwiera się pusta biała strona. System Windows XP sprawdzony dwoma programami antywirusowymi, nie ma trojanów. Ping do http://www.facebook.com pokazuje połączenie z 127.0.0.1. Poniżej zamieszczam logi z programu OTL:
OTL: http://3paste.com/s/2766
Extras: http://3paste.com/s/2767
Z góry dziękuję za pomoc!
Leon1
21 Sierpień 2011 21:40
#2
OTL w oknie Custom Scans-Fixes (własne opcje skanowania/skrypt)wklej następujący skrypt:
:OTL IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://vshare.toolbarhome.com/?hp=df [binary data] FF - prefs.js…extensions.enabledItems: toolbar@ask.com:3.12.2.100006 FF - prefs.js…extensions.enabledItems: vshare@toolbar:1.0.0 FF - prefs.js…extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.7.0190 [2011-06-30 18:34:10 | 000,000,000 | —D | M] (“DAEMON Tools Toolbar”) – C:\Documents and Settings\USER\Dane aplikacji\Mozilla\Firefox\Profiles\xw75e4op.default\extensions\DTToolbar@toolbarnet.com [2011-02-06 20:08:17 | 000,000,000 | —D | M] (vShare) – C:\Documents and Settings\USER\Dane aplikacji\Mozilla\Firefox\Profiles\xw75e4op.default\extensions\vshare@toolbar [2009-09-02 14:52:02 | 000,002,257 | ---- | M] () – C:\Documents and Settings\USER\Dane aplikacji\Mozilla\Firefox\Profiles\xw75e4op.default\searchplugins\askcom.xml O2 - BHO: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com \GenericAskToolbar.dll (Ask) O3 - HKLM…\Toolbar: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll () O3 - HKLM…\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O2 - BHO: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll () O3 - HKLM…\Toolbar: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com \GenericAskToolbar.dll (Ask) O3 - HKCU…\Toolbar\WebBrowser: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll () O3 - HKCU…\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKCU…\Toolbar\WebBrowser: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com \GenericAskToolbar.dll (Ask) O4 - HKLM…\Run: [] File not found O4 - HKLM…\Run: [egui] File not found O4 - HKCU…\Run: [iPLA!] File not found O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files\vShare\vshare_toolbar.dll () [2011-07-22 17:29:49 | 000,000,000 | —D | C] – C:\WINDOWS\ufa [2011-07-22 17:29:49 | 000,000,000 | —D | C] – C:\WINDOWS\rpcminer [2011-07-22 17:29:49 | 000,000,000 | —D | C] – C:\WINDOWS\phoenix [2011-07-22 17:28:35 | 000,000,000 | -H-D | C] – C:\WINDOWS\update.2 [2011-07-22 17:28:06 | 000,000,000 | -H-D | C] – C:\WINDOWS\update.5.0 [2011-07-22 17:23:27 | 000,000,000 | -H-D | C] – C:\WINDOWS\update.1 [2011-07-22 17:23:23 | 000,000,000 | -H-D | C] – C:\WINDOWS\update.tray-2-0-lnk [2011-07-22 17:23:23 | 000,000,000 | -H-D | C] – C:\WINDOWS\update.tray-2-0 [2011-07-24 15:43:03 | 000,000,734 | ---- | M] () – C:\WINDOWS\System32\drivers\etc\hîsts [2011-07-24 09:20:38 | 000,000,177 | ---- | M] () – C:\WINDOWS\info1 [2011-07-22 17:29:48 | 005,589,370 | ---- | M] () – C:\WINDOWS\phoenix.rar [2011-07-22 17:29:48 | 000,246,272 | ---- | M] () – C:\WINDOWS\unrar.exe [2011-07-22 17:29:46 | 001,075,284 | ---- | M] () – C:\WINDOWS\rpcminer.rar [2011-07-22 17:27:11 | 000,904,792 | ---- | M] () – C:\WINDOWS\geoiplist.rar [2011-07-22 17:26:50 | 000,000,000 | ---- | M] () – C:\WINDOWS\loader2.exe_ok [2011-07-22 17:27:13 | 004,636,907 | ---- | C] () – C:\WINDOWS\geoiplist :Reg [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2] :Commands [CLEARALLRESTOREPOINTS] [RESETHOSTS] [emptytemp]
Kliknij w Run Fix (Wykonaj scrypt). Zatwierdź restart komputera.
Pokaż log z usuwania.
potem nowy log OTL robiony opcją Run Scan (Skanuj)
