Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Chrome - Wtyczka HOLA VPN i google captcha

marinhos 03 Lip 2015 07:07 1695 6
  • #1 03 Lip 2015 07:07
    marinhos
    Poziom 6  

    Witam jakiś czas temu zainstalowałem wtyczkę HOLA dla przeglądarki Chrome. Użyłem jej tylko raz i odinstalowałem zaraz po tym jak dowiedziałem się, że HOLA może być wykorzystywana do działań hackerskich. Niestety od tamtej pory dość często podczas wyszukiwania w google przekierowywuje mnie na stronę ipv4.google abym wpisał kod Captcha. Jest to strasznie irytujące, gdyż dość często korzystam z wyszukiwarki. Proszę o pomoc jak poradzić sobie z tym problemem.

    0 6
  • #3 03 Lip 2015 16:03
    marinhos
    Poziom 6  

    Tak znam te programy, ale dla pewności przeskanowałem ponownie i MalwareBytes jak i ADWcleaner nic nie znalazły.

    Wklejam logi:

    Spoiler:
    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-06-2015 01
    Ran by Marcin (administrator) on SAMSUNG on 03-07-2015 15:54:14
    Running from C:\Users\Marcin\Downloads
    Loaded Profiles: Marcin & postgres (Available Profiles: Marcin & postgres)
    Platform: Windows 8.1 (X64) OS Language: Polski (Polska)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-f...utorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (AMD) C:\Windows\System32\atiesrxx.exe
    (AMD) C:\Windows\System32\atieclxx.exe
    (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
    (Fork Ltd.) C:\Prey\platform\windows\cronsvc.exe
    (Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
    (Microsoft Corporation) C:\Windows\System32\dasHost.exe
    (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
    (PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.0\bin\pg_ctl.exe
    (PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.0\bin\postgres.exe
    (PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.0\bin\postgres.exe
    (PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.0\bin\postgres.exe
    (PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.0\bin\postgres.exe
    (PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.0\bin\postgres.exe
    (PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.0\bin\postgres.exe
    (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17246_none_fa4ae8e99b1f603c\TiWorker.exe
    () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe\livecomm.exe
    (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
    (Intel Corporation) C:\Windows\System32\igfxext.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
    (Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe
    (Intel Corporation) C:\Windows\System32\igfxsrvc.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
    (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    () C:\Program Files (x86)\Plus Internet\Plus Internet.exe
    (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
    (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    (random) C:\Program Files (x86)\PacificPoker\bin\poker.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191824 2012-08-10] (Realtek Semiconductor)
    HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [766080 2012-10-31] (Qualcomm Atheros)
    HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-10-31] (Atheros Communications)
    HKLM\...\Run: [Windows Mobile-based device management] => %windir%\WindowsMobile\wmdcBase.exe
    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2917688 2012-10-16] (Synaptics Incorporated)
    HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation)
    HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
    HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)
    HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-06-24] (Avast Software s.r.o.)
    HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
    HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
    HKLM-x32\...\Run: [Plus Internet] => C:\Program Files (x86)\Plus Internet\PlusInternetChecker.exe [645040 2012-09-28] ()
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
    Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
    HKU\S-1-5-21-1577275202-546194520-1271563289-1001\...\Run: [DAEMON Tools Lite] => "E:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
    HKU\S-1-5-21-1577275202-546194520-1271563289-1001\...\Run: [Facebook Update] => C:\Users\Marcin\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-06-10] (Facebook Inc.)
    HKU\S-1-5-21-1577275202-546194520-1271563289-1001\...\Run: [Steam] => "E:\Steam\steam.exe" -silent
    HKU\S-1-5-21-1577275202-546194520-1271563289-1001\...\Run: [CPN Notifier] => C:\Program Files (x86)\UvsPoker\PokerNotifier.exe
    HKU\S-1-5-21-1577275202-546194520-1271563289-1001\...\MountPoints2: {00a2b69f-dad3-11e3-bf03-50b7c3e164a9} - "G:\AutoRun.exe"
    HKU\S-1-5-21-1577275202-546194520-1271563289-1001\...\MountPoints2: {18e6be27-d0cb-11e4-bf54-00a0c6000000} - "G:\AutoRun.exe"
    HKU\S-1-5-21-1577275202-546194520-1271563289-1001\...\MountPoints2: {4f6e08cd-c2f4-11e2-be93-50b7c3e164aa} - "G:\AutoRun.exe"
    HKU\S-1-5-21-1577275202-546194520-1271563289-1001\...\MountPoints2: {4f6e09c0-c2f4-11e2-be93-50b7c3e164aa} - "I:\AutoRun.exe"
    HKU\S-1-5-21-1577275202-546194520-1271563289-1002\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-06-24] (Avast Software s.r.o.)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKU\S-1-5-21-1577275202-546194520-1271563289-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://samsung13.msn.com/
    HKU\S-1-5-21-1577275202-546194520-1271563289-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung13.msn.com
    URLSearchHook: [S-1-5-21-1577275202-546194520-1271563289-1002] ATTENTION ==> Default URLSearchHook is missing
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-1577275202-546194520-1271563289-1001 -> {255F6B65-DB46-4392-A798-6749D0F7F98F} URL =
    BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-10-31] (Qualcomm Atheros Commnucations)
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-06-24] (Avast Software s.r.o.)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-07-01] (Oracle Corporation)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-06-24] (Avast Software s.r.o.)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-01] (Oracle Corporation)
    Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
    Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
    Tcpip\..\Interfaces\{77B99754-0C1A-44A2-91CE-425112E04856}: [NameServer] 8.8.8.8,8.8.4.4
    Tcpip\..\Interfaces\{77B99754-0C1A-44A2-91CE-425112E04856}: [DhcpNameServer] 10.5.51.1 192.168.2.1 194.204.159.1
    Tcpip\..\Interfaces\{957770F2-4A64-4D33-90F9-51BFC76BA464}: [NameServer] 212.2.96.51 212.2.96.52

    FireFox:
    ========
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll [2015-02-04] ()
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll [2015-02-04] ()
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
    FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-07-01] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-01] (Oracle Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-27] (Microsoft Corporation)
    FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
    FF Plugin HKU\S-1-5-21-1577275202-546194520-1271563289-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Marcin\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
    FF Plugin HKU\S-1-5-21-1577275202-546194520-1271563289-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
    FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-06-09]

    Chrome:
    =======
    CHR Profile: C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Slides) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-25]
    CHR Extension: (Google Docs) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-04-14]
    CHR Extension: (Google Drive) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-04-14]
    CHR Extension: (YouTube) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-04-14]
    CHR Extension: (Google Search) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-04-14]
    CHR Extension: (Google Sheets) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-25]
    CHR Extension: (Avast Online Security) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-04]
    CHR Extension: (Google Wallet) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
    CHR Extension: (Gmail) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-04-14]
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-24]

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [231040 2012-10-31] (Qualcomm Atheros Commnucations) [File not signed]
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-06-24] (Avast Software s.r.o.)
    S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-06-24] (Avast Software)
    R2 CronService; C:\Prey\platform\windows\cronsvc.exe [23552 2013-03-26] (Fork Ltd.) [File not signed]
    R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593976 2012-09-05] (Samsung Electronics CO., LTD.)
    S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [175136 2014-10-02] (EasyAntiCheat Ltd)
    R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
    S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
    R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
    S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
    R2 postgresql-x64-9.0; C:\Program Files (x86)\PostgreSQL\9.0\bin\pg_ctl.exe [111104 2012-09-21] (PostgreSQL Global Development Group) [File not signed]
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
    S3 Origin Client Service; E:\Origin\OriginClientService.exe [X]

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-12-13] (Advanced Micro Devices, Inc.)
    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-06-24] ()
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-06-24] (Avast Software s.r.o.)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-06-24] (Avast Software s.r.o.)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-06-24] ()
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-06-24] (Avast Software s.r.o.)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-27] (Avast Software s.r.o.)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-06-24] (Avast Software s.r.o.)
    S3 aswTap; C:\Windows\system32\DRIVERS\aswTap.sys [44640 2014-08-04] (The OpenVPN Project)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-06-24] ()
    R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-11-21] ()
    S3 BTATH_HID; C:\Windows\system32\DRIVERS\btath_hid.sys [222360 2012-10-31] (Qualcomm Atheros)
    S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-10-31] (Qualcomm Atheros)
    S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
    S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
    S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
    R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-04-15] (DT Soft Ltd)
    S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45112 2014-12-13] (LogMeIn Inc.)
    R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-11-21] ()
    R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
    S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
    R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
    R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-06-24] (Avast Software)
    S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
    S3 XFDriver64; \??\C:\Program Files (x86)\Xfire2\XFDriver64.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-07-03 15:54 - 2015-07-03 15:54 - 00019228 _____ C:\Users\Marcin\Downloads\FRST.txt
    2015-07-03 15:54 - 2015-07-03 15:54 - 00000000 ____D C:\FRST
    2015-07-03 15:53 - 2015-07-03 15:53 - 02112512 _____ (Farbar) C:\Users\Marcin\Downloads\FRST64.exe
    2015-07-03 15:41 - 2015-07-03 15:49 - 00000000 ____D C:\AdwCleaner
    2015-07-03 15:39 - 2015-07-03 15:40 - 02244096 _____ C:\Users\Marcin\Downloads\adwcleaner_4.207.exe
    2015-07-02 20:02 - 2015-07-02 20:02 - 00001704 _____ C:\Users\Marcin\Desktop\KQ vs Q2 kurestwo jebane.txt
    2015-07-02 17:49 - 2015-07-02 17:49 - 00001526 _____ C:\Users\Marcin\Desktop\AK vs KJo dowod.txt
    2015-07-01 17:38 - 2015-07-01 17:38 - 00001667 _____ C:\Users\Marcin\Desktop\jj vs j3o !! dowod.txt
    2015-07-01 15:06 - 2015-07-01 15:06 - 00001340 _____ C:\Users\Marcin\Desktop\55 vs 34.txt
    2015-07-01 15:05 - 2015-07-01 15:05 - 00562784 _____ (Oracle Corporation) C:\Users\Marcin\Downloads\jre-8u45-windows-i586-iftw.exe
    2015-07-01 03:18 - 2015-07-01 03:20 - 67299240 _____ C:\Users\Marcin\Downloads\PT-Install-v4.13.5.exe
    2015-06-30 20:56 - 2015-06-30 20:56 - 00034259 _____ C:\Users\Marcin\Downloads\the_crucible_n24_pl_57391.zip
    2015-06-30 19:40 - 2015-06-30 19:40 - 00002651 _____ C:\Users\Marcin\Desktop\TT vs AJ nierealny dowod na bota!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!.txt
    2015-06-30 16:02 - 2015-06-30 16:02 - 00000000 _____ C:\Users\Marcin\Desktop\ak vs aj (2).txt
    2015-06-28 19:22 - 2015-06-28 19:23 - 00001288 _____ C:\Users\Marcin\Desktop\a9 vs q6o!!!.txt
    2015-06-28 00:42 - 2015-06-28 00:42 - 00001632 _____ C:\Users\Marcin\Desktop\KJ vs QT dowód!!!!!!!!!!!!!.txt
    2015-06-27 22:47 - 2015-06-27 22:47 - 00001467 _____ C:\Users\Marcin\Desktop\ak vs aj.txt
    2015-06-27 00:06 - 2015-06-27 00:07 - 00001216 _____ C:\Users\Marcin\Desktop\AJ vs TJo snap semi ft.txt
    2015-06-25 02:13 - 2015-06-25 02:13 - 00002283 _____ C:\Users\Marcin\Desktop\Google Chrome.lnk
    2015-06-25 00:29 - 2015-06-25 00:29 - 00000000 _____ C:\Users\Marcin\Desktop\blablacar ostroleka.txt
    2015-06-24 22:09 - 2015-06-24 22:09 - 00000043 _____ C:\Users\Marcin\Desktop\przypowieść o gołębiach.txt
    2015-06-24 02:20 - 2015-06-24 02:20 - 00364472 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\aswBoot.exe
    2015-06-24 02:20 - 2015-06-24 02:20 - 00043112 _____ (Avast Software s.r.o.) C:\WINDOWS\avastSS.scr
    2015-06-24 01:39 - 2015-06-24 01:39 - 00001365 _____ C:\Users\Marcin\Desktop\109 highrollers buble.txt
    2015-06-20 16:17 - 2015-06-20 16:17 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
    2015-06-20 16:17 - 2015-06-20 16:17 - 00000000 ____D C:\ProgramData\Battle.net
    2015-06-20 13:24 - 2015-06-20 13:26 - 00002623 _____ C:\Users\Marcin\Desktop\QJ vs K7 kurestwo oszukanstwo jebane ogromny dowod na bota.txt
    2015-06-18 14:43 - 2015-06-18 14:43 - 00001302 _____ C:\Users\Marcin\Desktop\qq vs AT ogromny dowod na bta.txt
    2015-06-18 05:14 - 2015-06-18 05:15 - 67376720 _____ C:\Users\Marcin\Downloads\PT-Install-v4.13.4.exe
    2015-06-17 05:35 - 2015-06-17 05:35 - 00001764 _____ C:\Users\Marcin\Desktop\qq vs aj.txt
    2015-06-16 12:05 - 2015-06-16 12:10 - 00000000 ____D C:\Users\Marcin\Documents\Orcs Must Die
    2015-06-16 06:37 - 2015-06-16 06:37 - 00000000 ____D C:\Users\Marcin\AppData\Local\2DBoy
    2015-06-16 06:37 - 2015-06-16 06:37 - 00000000 ____D C:\ProgramData\2DBoy
    2015-06-16 02:53 - 2015-06-16 02:53 - 00001844 _____ C:\Users\Marcin\Desktop\JJ vs a7.txt
    2015-06-14 08:17 - 2015-06-14 08:17 - 00000000 _____ C:\Users\Marcin\Desktop\you cant kill yourself before you get publish.txt
    2015-06-14 02:48 - 2015-06-14 02:50 - 00002692 _____ C:\Users\Marcin\Desktop\JT vs A9 semi ft!!! dowod na bota.txt
    2015-06-13 23:38 - 2015-06-13 23:38 - 00001582 _____ C:\Users\Marcin\Desktop\KK vs A% dowod.txt
    2015-06-13 07:26 - 2015-06-13 07:26 - 00039917 _____ C:\Users\Marcin\Downloads\redacted.(2007).eng.1cd.(3248040).zip
    2015-06-13 07:14 - 2015-06-13 07:15 - 00001278 _____ C:\Users\Marcin\Desktop\AK vs QJ SNAP FT DOWOD!!!!.txt
    2015-06-13 00:32 - 2015-06-13 00:32 - 00001755 _____ C:\Users\Marcin\Desktop\K9 vs Q6 wiedzial w snapie.txt
    2015-06-12 23:13 - 2015-06-12 23:13 - 00000000 _____ C:\Users\Marcin\Desktop\pieniadz nie ma wartosci, gdy ludzie sie zorientuja bedzie koniec, ale wiekszosc jest tak glupia.txt
    2015-06-11 04:13 - 2015-06-14 17:32 - 00000000 ____D C:\Users\Marcin\Desktop\soundtracks
    2015-06-11 02:46 - 2015-06-11 02:46 - 00001193 _____ C:\Users\Marcin\Desktop\FT a2 Vs TT KURWA MAC.txt
    2015-06-11 02:20 - 2015-06-11 02:21 - 00001712 _____ C:\Users\Marcin\Desktop\snap ft nierealny smiec.txt
    2015-06-10 07:40 - 2015-06-10 07:40 - 00000000 _____ C:\Users\Marcin\Desktop\Batman™ Arkham Origins DLC.txt
    2015-06-10 07:39 - 2015-06-10 07:39 - 00000017 _____ C:\Users\Marcin\Desktop\company of heroes key.txt
    2015-06-10 07:28 - 2015-06-10 07:35 - 00000366 _____ C:\Users\Marcin\Desktop\meditation soundtrack bundle download!.txt
    2015-06-10 00:21 - 2015-06-10 00:21 - 00000000 ____D C:\Users\Marcin\Desktop\gothic 3 ini
    2015-06-09 21:38 - 2015-06-09 21:39 - 00001458 _____ C:\Users\Marcin\Desktop\aqs vs 97o Semi ft!.txt
    2015-06-09 00:35 - 2015-06-09 00:36 - 00001491 _____ C:\Users\Marcin\Desktop\77 vs Q( snap.txt
    2015-06-08 06:37 - 2015-06-08 06:37 - 00001781 _____ C:\Users\Marcin\Desktop\AJ vs 72o!!!! turek za 5RA prawdziwy dowod na bot.txt
    2015-06-08 00:10 - 2015-06-08 00:10 - 00002275 _____ C:\Users\Public\Desktop\PokerStrategy.com Equilab.lnk
    2015-06-08 00:10 - 2015-06-08 00:10 - 00000000 ____D C:\Users\Marcin\AppData\Local\Equilab
    2015-06-08 00:10 - 2015-06-08 00:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStrategy.com
    2015-06-08 00:09 - 2015-06-08 00:09 - 00000000 ____D C:\Program Files (x86)\PokerStrategy.com
    2015-06-08 00:04 - 2015-06-08 00:04 - 10592148 _____ (PokerStrategy.com ) C:\Users\Marcin\Downloads\equilab.exe
    2015-06-07 06:50 - 2015-06-07 06:50 - 00001114 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2015-06-05 03:18 - 2015-06-05 03:18 - 00001490 _____ C:\Users\Marcin\Desktop\KK vs 33 AJ.txt

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-07-03 15:52 - 2012-11-26 06:06 - 00000000 ____D C:\ProgramData\WinClon
    2015-07-03 15:51 - 2014-02-12 02:39 - 01352817 _____ C:\WINDOWS\WindowsUpdate.log
    2015-07-03 15:50 - 2014-02-12 02:50 - 00000000 __RDO C:\Users\Marcin\SkyDrive
    2015-07-03 15:50 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2015-07-03 15:50 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
    2015-07-03 15:50 - 2013-04-14 08:47 - 00001068 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
    2015-07-03 15:50 - 2012-11-26 05:57 - 00000868 _____ C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
    2015-07-03 15:30 - 2015-02-04 19:24 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
    2015-07-03 15:12 - 2013-04-09 16:46 - 00000000 ____D C:\Users\Marcin\AppData\Local\PokerTracker 4
    2015-07-03 15:12 - 2013-04-09 16:46 - 00000000 ____D C:\Program Files (x86)\PokerTracker 4
    2015-07-03 15:10 - 2013-11-14 09:33 - 01855638 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2015-07-03 15:10 - 2013-11-14 09:13 - 00817424 _____ C:\WINDOWS\system32\perfh015.dat
    2015-07-03 15:10 - 2013-11-14 09:13 - 00169170 _____ C:\WINDOWS\system32\perfc015.dat
    2015-07-03 15:10 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
    2015-07-03 15:10 - 2013-04-09 16:43 - 00000000 ____D C:\Users\Marcin\Documents\888poker
    2015-07-03 08:18 - 2013-06-10 23:13 - 00000948 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1577275202-546194520-1271563289-1001UA.job
    2015-07-03 08:02 - 2013-04-14 08:47 - 00001072 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
    2015-07-02 23:18 - 2013-06-10 23:13 - 00000926 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1577275202-546194520-1271563289-1001Core.job
    2015-07-02 20:14 - 2013-04-09 19:31 - 00000000 ____D C:\Users\Marcin\AppData\Roaming\BitTorrent
    2015-07-02 16:51 - 2014-02-12 02:33 - 00000000 ____D C:\Users\Marcin
    2015-07-01 21:18 - 2013-11-21 02:09 - 00000000 ____D C:\Users\Marcin\AppData\Roaming\Skype
    2015-07-01 20:52 - 2013-04-09 16:36 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1577275202-546194520-1271563289-1001
    2015-07-01 15:09 - 2015-03-25 03:05 - 00000000 ____D C:\ProgramData\Oracle
    2015-07-01 15:09 - 2015-03-25 03:05 - 00000000 ____D C:\Program Files (x86)\Java
    2015-07-01 15:08 - 2015-03-25 03:06 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
    2015-07-01 14:58 - 2014-02-12 02:33 - 00000000 ____D C:\Users\postgres
    2015-07-01 03:21 - 2014-02-02 14:30 - 00001096 _____ C:\Users\Marcin\Desktop\PokerTracker 4.lnk
    2015-07-01 03:21 - 2013-06-06 01:27 - 00001096 _____ C:\Users\postgres\Desktop\PokerTracker 4.lnk
    2015-06-28 13:19 - 2014-11-20 19:12 - 00000000 ____D C:\Users\Marcin\Documents\My Games
    2015-06-28 13:19 - 2013-04-15 09:29 - 00667072 _____ C:\WINDOWS\DirectX.log
    2015-06-27 17:44 - 2014-01-19 12:21 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
    2015-06-27 02:20 - 2013-06-09 14:32 - 00442264 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswsp.sys
    2015-06-25 02:12 - 2013-11-14 00:22 - 00066348 _____ C:\WINDOWS\PFRO.log
    2015-06-24 16:46 - 2013-04-09 17:01 - 00000000 ____D C:\Users\Marcin\AppData\Local\Google
    2015-06-24 02:20 - 2014-08-04 16:46 - 00029168 _____ C:\WINDOWS\system32\Drivers\aswHwid.sys
    2015-06-24 02:20 - 2014-01-19 12:21 - 00137288 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswStm.sys
    2015-06-24 02:20 - 2013-06-09 14:32 - 01047320 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSnx.sys
    2015-06-24 02:20 - 2013-06-09 14:32 - 00272248 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
    2015-06-24 02:20 - 2013-06-09 14:32 - 00093528 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswRdr2.sys
    2015-06-24 02:20 - 2013-06-09 14:32 - 00089944 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
    2015-06-24 02:20 - 2013-06-09 14:32 - 00065736 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys
    2015-06-23 08:48 - 2015-03-31 03:39 - 00000000 ____D C:\Users\Marcin\AppData\Local\Soul Gambler
    2015-06-21 11:11 - 2012-11-26 05:57 - 00000870 _____ C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
    2015-06-20 16:18 - 2013-12-10 20:48 - 00000000 ____D C:\Users\Marcin\AppData\Local\Battle.net
    2015-06-17 05:43 - 2013-04-17 23:03 - 00000000 ____D C:\Users\Marcin\AppData\Local\PokerStars.EU
    2015-06-16 01:54 - 2014-07-08 20:22 - 00000000 ____D C:\Users\Marcin\Desktop\dokumenta
    2015-06-11 01:05 - 2013-04-17 23:03 - 00000000 ____D C:\Program Files (x86)\PokerStars.EU
    2015-06-09 07:43 - 2013-04-14 14:22 - 00000000 ____D C:\Users\Marcin\AppData\Roaming\EurekaLog
    2015-06-08 11:15 - 2014-12-07 14:41 - 00000000 ____D C:\Users\Marcin\Documents\gothic3
    2015-06-08 06:08 - 2015-01-11 17:01 - 00000000 ____D C:\Users\Marcin\Desktop\boty dowody
    2015-06-08 00:04 - 2013-12-12 01:41 - 00000000 ____D C:\Users\Marcin\AppData\Local\Downloaded Installations
    2015-06-07 06:50 - 2014-04-27 22:51 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
    2015-06-07 06:50 - 2014-04-27 22:50 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
    2015-06-07 05:24 - 2013-06-09 14:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive

    ==================== Files in the root of some directories =======

    2014-07-10 03:41 - 2014-09-19 01:42 - 0051984 _____ () C:\Users\Marcin\AppData\Roaming\crashdump.dmp
    2013-12-12 12:28 - 2013-12-12 12:28 - 0000094 _____ () C:\Users\Marcin\AppData\Local\fusioncache.dat
    2014-04-01 21:52 - 2014-04-01 21:52 - 0000000 ___SH () C:\Users\Marcin\AppData\Local\LumaEmu
    2013-04-12 03:37 - 2013-04-12 03:37 - 0000017 _____ () C:\Users\Marcin\AppData\Local\resmon.resmoncfg
    2013-04-09 16:46 - 2013-04-09 16:46 - 0005100 _____ () C:\ProgramData\flwjycbm.bab
    2015-05-20 20:34 - 2015-05-20 20:34 - 0005071 _____ () C:\ProgramData\kmytnfun.aqy
    2012-11-26 06:14 - 2012-08-08 06:07 - 2258432 _____ (Samsung Electronics) C:\ProgramData\MakeMarkerFile.exe
    2012-11-26 06:14 - 2012-08-07 12:11 - 0003196 _____ () C:\ProgramData\MakeMarkerFile.xml
    2015-05-20 20:34 - 2015-05-20 20:34 - 0000016 _____ () C:\ProgramData\mntemp

    Files to move or delete:
    ====================
    C:\ProgramData\MakeMarkerFile.exe
    C:\Users\EasySurvey\EasySurvey.exe


    Some files in TEMP:
    ====================
    C:\Users\Marcin\AppData\Local\Temp\drm_dyndata_7400009.dll
    C:\Users\Marcin\AppData\Local\Temp\jre-8u45-windows-au.exe
    C:\Users\Marcin\AppData\Local\Temp\Quarantine.exe
    C:\Users\Marcin\AppData\Local\Temp\setup.exe
    C:\Users\Marcin\AppData\Local\Temp\SkypeSetup.exe
    C:\Users\Marcin\AppData\Local\Temp\sqlite3.dll


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-07-02 17:12

    ==================== End of log ============================



    Czy ktoś kto zna ten problem może pomóc?

    0
  • Pomocny post
    #4 03 Lip 2015 21:21
    Domino_2
    Pomocny dla użytkowników

    Dołącz jeszcze Addition.txt.

    1
  • Pomocny post
    #6 05 Lip 2015 16:02
    Acorus 20
    Spec od komputerów

    Otwórz notatnik systemowy i wklej:

    Cytat:
    Task: {1E2DD7DD-15D9-49B4-84FA-60E5B4156F6F} - System32\Tasks\{689082A1-6BC4-4A69-8C7B-CC2404561F6A} => Chrome.exe http://www.skype.com/go/downloading?source=li...taller&ver=6.18.0.106&LastError=12002
    Task: {48794453-AA22-455A-9B4A-862925055E17} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1577275202-546194520-1271563289-1001Core => C:\Users\Marcin\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-10] (Facebook Inc.)
    Task: {961E1C0E-6DD2-4BE9-97E5-A015F83502A5} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1577275202-546194520-1271563289-1001UA => C:\Users\Marcin\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-10] (Facebook Inc.)
    Task: {A1B33B7D-AF36-4808-AA01-52AF17EA6C25} - System32\Tasks\{1EDBB294-9AA3-4538-878E-9FE11B1539A2} => Chrome.exe http://ui.skype.com/ui/0/6.11.0.102/pl/abandoninstall?source=lightinstaller&page=tsMain
    Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1577275202-546194520-1271563289-1001Core.job => C:\Users\Marcin\AppData\Local\Facebook\Update\FacebookUpdate.exe
    Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1577275202-546194520-1271563289-1001UA.job => C:\Users\Marcin\AppData\Local\Facebook\Update\FacebookUpdate.exe
    HKU\S-1-5-21-1577275202-546194520-1271563289-1001\...\Run: [Facebook Update] => C:\Users\Marcin\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-06-10] (Facebook Inc.)
    URLSearchHook: [S-1-5-21-1577275202-546194520-1271563289-1002] ATTENTION ==> Default URLSearchHook is missing
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-1577275202-546194520-1271563289-1001 -> {255F6B65-DB46-4392-A798-6749D0F7F98F} URL =
    Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
    Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
    S3 Origin Client Service; E:\Origin\OriginClientService.exe [X]
    S3 XFDriver64; \??\C:\Program Files (x86)\Xfire2\XFDriver64.sys [X]
    2015-07-03 15:41 - 2015-07-03 15:49 - 00000000 ____D C:\AdwCleaner
    2015-06-09 07:43 - 2013-04-14 14:22 - 00000000 ____D C:\Users\Marcin\AppData\Roaming\EurekaLog
    C:\ProgramData\MakeMarkerFile.exe
    C:\Users\EasySurvey\EasySurvey.exe
    Emptytemp:


    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom jako administrator FRST i kliknij w Fix. Reset Chrome: https://support.google.com/chrome/answer/3296214?hl=pl

    1
  • #7 14 Lip 2015 10:10
    marinhos
    Poziom 6  

    Acorus 20: dzięki szefie.
    Możesz wyjaśnić, co zrobiłeś? Problem chyba zniknął. Ciekawi mnie co to było?

    0