Elektroda.pl
Elektroda.pl
X
CControls
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Duże ilości malware - skany z FRST.

krpk 29 Sty 2016 19:20 513 1
  • CControls
  • #2 29 Sty 2016 22:39
    Kolobos
    Spec od komputerów

    Odinstaluj:
    ace race (HKLM\...\ace race) (Version: 2015.01.25.152342 - ace race) <==== UWAGA
    AnyProtect (HKLM-x32\...\AnyProtect) (Version: 1.0.0.4 - CMI Limited) <==== UWAGA
    Gameo (HKU\S-1-5-21-2208908654-1141546653-3324333620-1001\...\Gameo) (Version: 0.14.1 - IronSource Ltd.) <==== UWAGA
    GoHD (HKLM-x32\...\GoHD) (Version: 1.36.01.22 - InstallMoon) <==== UWAGA
    HomeTab 7.5 (HKLM-x32\...\{022fe25e-40c2-4e87-8883-fcfd89e411ee}_is1) (Version: 7.5 - One Floor App) <==== UWAGA
    McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.266.3 - McAfee, Inc.)
    Quick Ref 1.10.0.12 (HKLM-x32\...\QuickRef_1.10.0.12) (Version: 1.10.0.12 - Quick Ref) <==== UWAGA
    RegClean-Pro (HKLM-x32\...\RegClean-Pro_is1) (Version: 6.21 - sys tweak) <==== UWAGA
    Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - ) <==== UWAGA
    shoppilation (HKLM-x32\...\{37476589-E48E-439E-A706-56189E2ED4C4}_is1) (Version: - shoppilation) <==== UWAGA

    Uzyj AdwCleaner, opcja Scan i Clean/Szukaj i Usun: http://www.bleepingcomputer.com/download/adwcleaner/

    Obok frst.exe utworz plik fixlist.txt z zawartoscia:
    CustomCLSID: HKU\S-1-5-21-2208908654-1141546653-3324333620-1001_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\bogdan\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll => Brak pliku
    Task: {00AFCBBF-34D0-4C3D-A2D8-4D68941819EC} - System32\Tasks\SystemSockets\SystemSockets => C:\Program Files (x86)\HomeTab\WConnectorSockets.exe <==== UWAGA
    Task: {07F98884-FBE0-49A9-BA5B-33D00B5C000F} - System32\Tasks\snf => C:\ProgramData\Lightzap\Lightzap.exe <==== UWAGA
    Task: {172354F8-C774-44AB-9A1B-E57A1A1AAFAD} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [2015-12-10] (Lenovo)
    Task: {294A13BD-F8C5-4D09-A4D4-C529D3BBE893} - System32\Tasks\Optscan => c:\programdata\{7f4ff48b-d52d-bacd-7f4f-ff48bd52d22f}\hqghumeaylnlf.exe <==== UWAGA
    Task: {37C80ECF-334B-4026-98B1-FE77C17C8D84} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files (x86)\RCP\RegCleanPro.exe [2015-07-02] () <==== UWAGA
    Task: {4D37FC95-B9F9-4E5C-AB1E-715D2F514372} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [2015-12-10] (Lenovo)
    Task: {54A16448-0CBF-4E13-AC07-DA0D5A31021D} - System32\Tasks\2ebcb731-8793-4c5a-bf96-b1beb9f80864-5 => C:\Program Files (x86)\PlusHD Cinema 2.1cV25.01\2ebcb731-8793-4c5a-bf96-b1beb9f80864-5.exe <==== UWAGA
    Task: {554B9514-8C10-409D-AC03-EF960CEE0FF4} - System32\Tasks\snp => C:\ProgramData\Lightzap\Lightzap.exe <==== UWAGA
    Task: {58F6FCF9-2796-43C3-9F2C-AE1A1ED76333} - System32\Tasks\2ebcb731-8793-4c5a-bf96-b1beb9f80864-11 => C:\Program Files (x86)\PlusHD Cinema 2.1cV25.01\2ebcb731-8793-4c5a-bf96-b1beb9f80864-11.exe <==== UWAGA




    Task: {595C9086-D98E-47C4-AABD-B1CB879D2035} - System32\Tasks\2ebcb731-8793-4c5a-bf96-b1beb9f80864-5_user => C:\Program Files (x86)\PlusHD Cinema 2.1cV25.01\2ebcb731-8793-4c5a-bf96-b1beb9f80864-5.exe <==== UWAGA
    Task: {5DC48B78-D431-4F44-A811-2F8467FCA4A4} - System32\Tasks\Opera scheduled Autoupdate 1420659417 => C:\Program Files (x86)\Opera\launcher.exe [2016-01-08] (Opera Software)
    Task: {70E18B45-D978-494C-B18F-2F27F6E88149} - System32\Tasks\Super Optimizer Schedule => C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe <==== UWAGA
    Task: {7EFB92F0-027A-45A0-9931-E4295221B92A} - System32\Tasks\SweetLabs App Platform => C:\Users\bogdan\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe
    Task: {8FE42281-0AB5-4465-ADA4-2D97A36C7858} - System32\Tasks\DriverFinder => C:\Program Files (x86)\DriverFinder\DriverFinder.exe [2014-09-18] ()
    Task: {A4139C5D-0C49-4C64-B7AB-B77DB7FCC7FC} - System32\Tasks\ProtectedSearch\Protected Search => C:\Program Files (x86)\HomeTab\WHomepageProtect.exe <==== UWAGA
    Task: {B8A9DCB8-F86F-46AE-885C-C76D75AFDB55} - System32\Tasks\Yahoo! Search Updater => C:\WINDOWS\system32\wscript.exe [2014-10-29] (Microsoft Corporation) <==== UWAGA
    Task: {BEB16BFD-A5E1-4F8B-B956-73840F5229E4} - System32\Tasks\2ebcb731-8793-4c5a-bf96-b1beb9f80864-1 => C:\Program Files (x86)\PlusHD Cinema 2.1cV25.01\PlusHD Cinema 2.1cV25.01-codedownloader.exe <==== UWAGA
    Task: {CC8598DC-9D61-4485-82BD-180CA8F2C749} - System32\Tasks\Browser Updater\Browser Updater => C:\Program Files (x86)\HomeTab\WRemoteUpdate.exe <==== UWAGA
    Task: {D7D740F8-7AAE-4BF1-A2A4-541732ADD3D7} - System32\Tasks\12bba012-4970-483b-91ec-0f2801ae17e5-10_user => C:\Program Files (x86)\GoHD\12bba012-4970-483b-91ec-0f2801ae17e5-10.exe <==== UWAGA
    Task: {E034F39D-DC7B-4EB1-8B8D-F43DED75D271} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files (x86)\RCP\RegCleanPro.exe [2015-07-02] () <==== UWAGA
    Task: {E1D6C641-907E-47E9-9010-7728AF0E96CC} - System32\Tasks\RegClean Pro => C:\Program Files (x86)\RCP\RegCleanPro.exe [2015-07-02] () <==== UWAGA
    Task: {F276F79D-05D9-4B9B-8FF0-0C98B3296DCE} - System32\Tasks\{057F0847-0579-7A7E-7E11-79790C08110A} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand
    Task: C:\WINDOWS\Tasks\12bba012-4970-483b-91ec-0f2801ae17e5-10_user.job => C:\Program Files (x86)\GoHD\12bba012-4970-483b-91ec-0f2801ae17e5-10.exe <==== UWAGA
    Task: C:\WINDOWS\Tasks\2ebcb731-8793-4c5a-bf96-b1beb9f80864-1.job => C:\Program Files (x86)\PlusHD Cinema 2.1cV25.01\PlusHD Cinema 2.1cV25.01-codedownloader.exe <==== UWAGA
    Task: C:\WINDOWS\Tasks\2ebcb731-8793-4c5a-bf96-b1beb9f80864-11.job => C:\Program Files (x86)\PlusHD Cinema 2.1cV25.01\2ebcb731-8793-4c5a-bf96-b1beb9f80864-11.exe <==== UWAGA
    Task: C:\WINDOWS\Tasks\2ebcb731-8793-4c5a-bf96-b1beb9f80864-5.job => C:\Program Files (x86)\PlusHD Cinema 2.1cV25.01\2ebcb731-8793-4c5a-bf96-b1beb9f80864-5.exe <==== UWAGA
    Task: C:\WINDOWS\Tasks\2ebcb731-8793-4c5a-bf96-b1beb9f80864-5_user.job => C:\Program Files (x86)\PlusHD Cinema 2.1cV25.01\2ebcb731-8793-4c5a-bf96-b1beb9f80864-5.exe <==== UWAGA
    Task: C:\WINDOWS\Tasks\Optscan.job => c:\programdata\{7f4ff48b-d52d-bacd-7f4f-ff48bd52d22f}\hqghumeaylnlf.exe <==== UWAGA
    Task: C:\WINDOWS\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files (x86)\RCP\RegCleanPro.exe <==== UWAGA
    Task: C:\WINDOWS\Tasks\RegClean Pro_UPDATES.job => C:\Program Files (x86)\RCP\RegCleanPro.exe <==== UWAGA
    ShortcutWithArgument: C:\Users\bogdan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://mmotraffic.com/catalog/goplay/1000932/MTE3NjYvLy8xMDAwOTMy/ --start-fullscreen
    ShortcutWithArgument: C:\Users\bogdan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://mmotraffic.com/catalog/goplay/1000932/MTE3NjYvLy8xMDAwOTMy/ --start-fullscreen
    C:\WINDOWS\System32\Tasks\psv_Newnimfix
    C:\WINDOWS\System32\Tasks\psv_RonTough
    C:\WINDOWS\System32\Tasks\psv_Techdox
    (Quick Ref) C:\Program Files (x86)\QuickRef_1.10.0.12\Service\qrsvc.exe
    () C:\Users\bogdan\AppData\Local\ConvertAd\CASrv.exe
    () C:\Program Files (x86)\ace race\updateacerace.exe
    () C:\Program Files (x86)\ace race\bin\utilacerace.exe
    () C:\Program Files (x86)\Przyspiesz Komputer\PCSUNotifier.exe
    () C:\Users\bogdan\AppData\Roaming\Gameo\gameo.exe
    (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe
    (Lenovo) C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe
    (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    () C:\Users\bogdan\AppData\Roaming\Gameo\gameo.exe
    () C:\Users\bogdan\AppData\Roaming\Gameo\gameo.exe
    () C:\Users\bogdan\AppData\Roaming\Gameo\gameo.exe
    HKLM-x32\...\Run: [rec_pl_97] => [X]
    HKLM-x32\...\Run: [rec_pl_137] => [X]
    HKLM-x32\...\Run: [rec_pl_145] => "C:\Program Files (x86)\rec_pl_145\rec_pl_145.exe"
    HKLM-x32\...\Run: [rec_pl_150] => [X]
    HKLM-x32\...\Run: [gmsd_pl_18] => [X]
    HKU\S-1-5-21-2208908654-1141546653-3324333620-1001\...\Run: [PCSpeedUp] => C:\Program Files (x86)\Przyspiesz Komputer\PCSUNotifier.exe [342472 2014-12-10] ()
    HKU\S-1-5-21-2208908654-1141546653-3324333620-1001\...\Run: [Super Optimizer] => C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe
    HKU\S-1-5-21-2208908654-1141546653-3324333620-1001\...\Run: [Gameo] => C:\Users\bogdan\AppData\Roaming\Gameo\gameo.exe [42482176 2015-07-04] ()
    HKU\S-1-5-21-2208908654-1141546653-3324333620-1001\...\RunOnce: [Application Restart #4] => C:\Users\bogdan\AppData\Local\Pokki\Engine\HostAppService.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-cl (dane wartości zawierają 551 znaków więcej).
    HKU\S-1-5-21-2208908654-1141546653-3324333620-1001\...\MountPoints2: {4423d27d-8587-11e5-8277-f0761c0c4511} - "F:\AutoRun.exe"
    HKU\S-1-5-21-2208908654-1141546653-3324333620-1001\...\MountPoints2: {60e32ae3-d46e-11e4-8264-f0761c0c4511} - "F:\AutoRun.exe"
    HKU\S-1-5-21-2208908654-1141546653-3324333620-1001\...\MountPoints2: {7b89ee1a-9693-11e4-8259-38b1db20e6e6} - "F:\AutoRun.exe"
    HKU\S-1-5-21-2208908654-1141546653-3324333620-1001\...\MountPoints2: {7b89ee4f-9693-11e4-8259-38b1db20e6e6} - "F:\AutoRun.exe"
    HKU\S-1-5-21-2208908654-1141546653-3324333620-1001\...\MountPoints2: {be1ed92b-b15b-11e4-825e-f0761c0c4511} - "F:\AutoRun.exe"
    AppInit_DLLs: C:\ProgramData\Lightzap\S-lam.dll => Brak pliku
    AppInit_DLLs-x32: C:\ProgramData\Lightzap\Issailcore.dll => Brak pliku
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-12-15]
    ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe (McAfee, Inc.)
    GroupPolicy: Ograniczenia - Chrome <======= UWAGA
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    Hosts:
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://isearch.omiga-plus.com/web/?type=ds&am...ST500LT012-1DG142_W3P8CQEZXXXXW3P8CQEZ&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.certified-toolbar.com?si=85023&...96BBDFD6FB54323B7F293988&st=chrome&q=
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://isearch.omiga-plus.com/?type=hp&ts...mp;uid=ST500LT012-1DG142_W3P8CQEZXXXXW3P8CQEZ
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://isearch.omiga-plus.com/?type=hp&ts...mp;uid=ST500LT012-1DG142_W3P8CQEZXXXXW3P8CQEZ
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://isearch.omiga-plus.com/web/?type=ds&am...ST500LT012-1DG142_W3P8CQEZXXXXW3P8CQEZ&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=85023&...96BBDFD6FB54323B7F293988&st=chrome&q=
    HKU\S-1-5-21-2208908654-1141546653-3324333620-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...J-EmnxQwhXPjJY0Eamk3EIshhTzA78nxOzeA,,&q={searchTerms}
    HKU\S-1-5-21-2208908654-1141546653-3324333620-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910...amp;GUID=71AD40BC-3C18-4082-B2AB-AF4A6B903988
    HKU\S-1-5-21-2208908654-1141546653-3324333620-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://isearch.omiga-plus.com/?type=hp&ts...mp;uid=ST500LT012-1DG142_W3P8CQEZXXXXW3P8CQEZ
    HKU\S-1-5-21-2208908654-1141546653-3324333620-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
    HKU\S-1-5-21-2208908654-1141546653-3324333620-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=85023&...96BBDFD6FB54323B7F293988&st=chrome&q=
    HKU\S-1-5-21-2208908654-1141546653-3324333620-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...J-EmnxQwhXPjJY0Eamk3EIshhTzA78nxOzeA,,&q={searchTerms}
    HKU\S-1-5-21-2208908654-1141546653-3324333620-1001\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...J-EmnxQwhXPjJY0Eamk3EIshhTzA78nxOzeA,,&q={searchTerms}
    SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
    SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
    SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...J-EmnxQwhXPjJY0Eamk3EIshhTzA78nxOzeA,,&q={searchTerms}
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=ds&am...ST500LT012-1DG142_W3P8CQEZXXXXW3P8CQEZ&q={searchTerms}
    SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
    SearchScopes: HKU\S-1-5-21-2208908654-1141546653-3324333620-1001 -> DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
    SearchScopes: HKU\S-1-5-21-2208908654-1141546653-3324333620-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=ds&am...ST500LT012-1DG142_W3P8CQEZXXXXW3P8CQEZ&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2208908654-1141546653-3324333620-1001 -> {64C747B1-0381-44EA-850D-2986DAFBB44C} URL = hxxp://searchsimple-a.akamaihd.net/?affID=mt-is&q={searchTerms}&r=92
    SearchScopes: HKU\S-1-5-21-2208908654-1141546653-3324333620-1001 -> {86A146D3-3192-4D32-A280-0298C7974FB5} URL = hxxp://www.search.ask.com/web?tpid=ORJ-SPE&o=APN11406&pf=V7&p2=^BBE^OSJ000^YY^PL&gct=&itbv=12.23.0.15&apn_uid=C5E9BDFB-C876-4F08-939D-AC756F3B1321&apn_ptnrs=BBE&apn_dtid=^OSJ000^YY^PL&apn_dbr=ie_11.0.9600.17416&doi=2015-01-07&trgb=IE&q={searchTerms}&psv=&pt=tb
    SearchScopes: HKU\S-1-5-21-2208908654-1141546653-3324333620-1001 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
    SearchScopes: HKU\S-1-5-21-2208908654-1141546653-3324333620-1001 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...J-EmnxQwhXPjJY0Eamk3EIshhTzA78nxOzeA,,&q={searchTerms}
    BHO: PlusHD Cinema 2.1cV25.01 -> {11111111-1111-1111-1111-110611901165} -> C:\Program Files (x86)\PlusHD Cinema 2.1cV25.01\PlusHD Cinema 2.1cV25.01-bho64.dll [2015-01-26] (Plus HDV25.01)
    BHO: HomeTab -> {56e32636-e2b8-4b04-9a97-60581dd90f51} -> C:\Program Files\HomeTab\IE\HomeTab.dll => Brak pliku
    BHO-x32: PlusHD Cinema 2.1cV25.01 -> {11111111-1111-1111-1111-110611901165} -> C:\Program Files (x86)\PlusHD Cinema 2.1cV25.01\PlusHD Cinema 2.1cV25.01-bho.dll [2015-01-26] (Plus HDV25.01)
    BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\XTab\SupTab.dll => Brak pliku
    BHO-x32: HomeTab -> {56e32636-e2b8-4b04-9a97-60581dd90f51} -> C:\Program Files (x86)\HomeTab\IE\HomeTab.dll => Brak pliku
    BHO-x32: ace race 1.0.0.7 -> {68182220-3c75-49d9-a9c4-4093d3986279} -> C:\Program Files (x86)\ace race\aceraceBHO.dll [2015-01-28] (ace race)
    Toolbar: HKLM - HomeTab - {56e32636-e2b8-4b04-9a97-60581dd90f51} - C:\Program Files\HomeTab\IE\HomeTab.dll Brak pliku
    Toolbar: HKLM-x32 - HomeTab - {56e32636-e2b8-4b04-9a97-60581dd90f51} - C:\Program Files (x86)\HomeTab\IE\HomeTab.dll Brak pliku
    CHR Extension: (Google Docs) - C:\Users\bogdan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA
    CHR Extension: (Google Drive) - C:\Users\bogdan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-04] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA
    CHR Extension: (bhmmomiinigofkjcapegjjndpbikblnp) - C:\Users\bogdan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-01-30] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA
    CHR Extension: (Hao123 Speed Dial) - C:\Users\bogdan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmgknaemoiakmnafpgmbglmkdfagljpd [2015-03-29] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA
    CHR Extension: (Epic Soccer Barcelona) - C:\Users\bogdan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kacgddpcndpmmpoepbdklplpfhlcgikn [2015-03-28] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA
    CHR Extension: (NewTab Connect Homepage) - C:\Users\bogdan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmedakdfngfmagjlndeckcbfcmidlbio [2015-03-27] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA
    CHR Extension: (CommentBlocker) - C:\Users\bogdan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhkjhnbkeibefoijmacgnnkddlkkmjaf [2015-05-01] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA
    CHR Extension: (Smart QrCode Generator) - C:\Users\bogdan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfnbjbobhhoaekejilcmdkfomkndikho [2015-03-29] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA
    CHR Extension: (Google Wallet) - C:\Users\bogdan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-27] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA
    CHR Extension: (Cricwaves) - C:\Users\bogdan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogkedgpbfenekaceibcobmmgdbokmndm [2015-05-10] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA
    CHR HKLM\...\Chrome\Extension: [coljhboelhlkbgaaolcngflenaggpeao] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM\...\Chrome\Extension: [fcljdicbcnmfhekdcaobgbpjjifniemh] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM\...\Chrome\Extension: [kmedakdfngfmagjlndeckcbfcmidlbio] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [coljhboelhlkbgaaolcngflenaggpeao] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [fcljdicbcnmfhekdcaobgbpjjifniemh] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [fdjkhamgopgokjmllcmpkiijndjeidcl] - C:\Users\bogdan\AppData\Local\Temp\twsfiles\trustedshopper.crx [2014-02-25]
    CHR HKLM-x32\...\Chrome\Extension: [kmedakdfngfmagjlndeckcbfcmidlbio] - hxxps://clients2.google.com/service/update2/crx
    OPR Extension: (PlusHD Cinema 2.1cV25.01) - C:\Users\bogdan\AppData\Roaming\Opera Software\Opera Stable\Extensions\kcdeaofcapijfmeopimkgcepdpbdepnb [2015-01-26]
    OPR Extension: (ace race) - C:\Users\bogdan\AppData\Roaming\Opera Software\Opera Stable\Extensions\nofipaokfpfmoiijkdjolhcjhamjccgb [2015-04-22]
    R2 cae99edb; c:\Program Files (x86)\Super Optimizer\SupOptStats.dll [1622632 2015-01-26] ()
    R2 qrsvc_1.10.0.12; C:\Program Files (x86)\QuickRef_1.10.0.12\Service\qrsvc.exe [278592 2015-03-26] (Quick Ref)
    R2 serverca; C:\Users\bogdan\AppData\Local\ConvertAd\CASrv.exe [143872 2015-01-07] () [Brak podpisu cyfrowego]
    R2 Update ace race; C:\Program Files (x86)\ace race\updateacerace.exe [651992 2016-01-29] ()
    R2 Util ace race; C:\Program Files (x86)\ace race\bin\utilacerace.exe [651992 2016-01-29] ()
    S2 0289981449000664mcinstcleanup; C:\Users\bogdan\AppData\Local\Temp\028998~1.EXE -cleanup -nolog [X]
    R1 qrnfd_1_10_0_12; C:\Windows\System32\drivers\qrnfd_1_10_0_12.sys [58224 2015-03-26] (Quick Ref)
    R2 stdmfpam; C:\Program Files (x86)\HomeTab\stdmfpam.dll [67968 2015-01-29] ()
    R1 {56db9de0-c769-4563-8e82-7e39885bf1ad}Gw64; C:\Windows\System32\drivers\{56db9de0-c769-4563-8e82-7e39885bf1ad}Gw64.sys [48784 2015-01-25] (StdLib)
    R1 {7a11bc7a-fa65-4d5a-ade4-5a0d20eea01d}Gw64; C:\Windows\System32\drivers\{7a11bc7a-fa65-4d5a-ade4-5a0d20eea01d}Gw64.sys [48784 2015-02-04] (StdLib)
    R1 {7a11bc7a-fa65-4d5a-ade4-5a0d20eea01d}w64; C:\Windows\System32\drivers\{7a11bc7a-fa65-4d5a-ade4-5a0d20eea01d}w64.sys [48784 2015-07-21] (StdLib)
    R1 {ebf755a7-a244-4bc6-ac93-a366f9eccf49}Gw64; C:\Windows\System32\drivers\{ebf755a7-a244-4bc6-ac93-a366f9eccf49}Gw64.sys [48784 2015-02-02] (StdLib)
    R1 {f2944598-b89f-4e10-b544-5173761572df}Gw64; C:\Windows\System32\drivers\{f2944598-b89f-4e10-b544-5173761572df}Gw64.sys [48784 2015-01-28] (StdLib)
    S1 cqjuvhmv; \??\C:\WINDOWS\system32\drivers\cqjuvhmv.sys [X]
    2016-01-29 17:44 - 2016-01-29 17:44 - 04810368 _____ ( ) C:\Users\bogdan\Desktop\setup_gmsd_en.exe
    2016-01-01 14:11 - 2016-01-01 14:11 - 00000000 ____D C:\Users\bogdan\AppData\Roaming\Soft-4-Free.com
    2016-01-01 14:08 - 2016-01-01 14:09 - 08324128 _____ (Soft-4-Free.com) C:\Users\bogdan\Downloads\Avast-Free-Antivirus_setup.exe
    2016-01-01 14:08 - 2016-01-01 14:09 - 08324128 _____ (Soft-4-Free.com) C:\Users\bogdan\Downloads\Avast-Free-Antivirus_setup (2).exe
    2016-01-01 14:08 - 2016-01-01 14:09 - 08324128 _____ (Soft-4-Free.com) C:\Users\bogdan\Downloads\Avast-Free-Antivirus_setup (1).exe
    2016-01-01 12:58 - 2016-01-01 12:58 - 00003598 _____ C:\WINDOWS\System32\Tasks\snp
    2016-01-01 12:58 - 2016-01-01 12:58 - 00003244 _____ C:\WINDOWS\System32\Tasks\snf
    2016-01-01 12:26 - 2016-01-01 12:26 - 00000000 ____D C:\Users\epodka1\AppData\Local\rec_pl_150
    2016-01-01 12:26 - 2016-01-01 12:26 - 00000000 ____D C:\Users\epodka1\AppData\Local\rec_pl_145
    2016-01-29 19:07 - 2015-12-26 19:50 - 00000000 ____D C:\Program Files (x86)\rec_pl_145
    2016-01-29 19:07 - 2015-11-05 22:49 - 00000000 ____D C:\Users\bogdan\AppData\Local\Gameo
    2016-01-29 19:07 - 2015-10-03 20:23 - 00003142 _____ C:\WINDOWS\System32\Tasks\FRAPS
    2016-01-29 19:07 - 2015-01-25 20:56 - 00000000 ____D C:\Program Files (x86)\ace race
    2016-01-29 19:06 - 2015-02-04 18:01 - 00002100 _____ C:\WINDOWS\Tasks\12bba012-4970-483b-91ec-0f2801ae17e5-10_user.job
    2016-01-29 19:06 - 2015-01-26 11:11 - 00003500 _____ C:\WINDOWS\Tasks\2ebcb731-8793-4c5a-bf96-b1beb9f80864-1.job
    2016-01-29 19:06 - 2015-01-26 11:11 - 00002474 _____ C:\WINDOWS\Tasks\2ebcb731-8793-4c5a-bf96-b1beb9f80864-5_user.job
    2016-01-29 19:06 - 2015-01-26 11:11 - 00002474 _____ C:\WINDOWS\Tasks\2ebcb731-8793-4c5a-bf96-b1beb9f80864-5.job
    2016-01-29 19:06 - 2015-01-26 11:10 - 00005212 _____ C:\WINDOWS\Tasks\2ebcb731-8793-4c5a-bf96-b1beb9f80864-11.job
    2016-01-29 19:06 - 2015-01-26 11:10 - 00000000 ____D C:\Program Files (x86)\PlusHD Cinema 2.1cV25.01
    2016-01-29 19:06 - 2015-01-25 21:02 - 00000000 ____D C:\Program Files (x86)\HomeTab
    2016-01-29 19:04 - 2014-09-03 14:31 - 00004608 _____ C:\WINDOWS\system32\VfService.trf
    2016-01-29 19:03 - 2015-03-29 18:43 - 00000000 ____D C:\Program Files (x86)\freaedeliivery
    2016-01-29 19:03 - 2015-03-29 18:43 - 00000000 ____D C:\Program Files (x86)\FFree2oyou
    2016-01-29 19:03 - 2015-03-29 18:24 - 00000000 ____D C:\Program Files (x86)\oFfferrssoft
    2016-01-29 19:03 - 2015-03-29 18:23 - 00000000 ____D C:\Program Files (x86)\offeersoFtt
    2016-01-29 19:03 - 2015-03-28 21:54 - 00000000 ____D C:\Program Files (x86)\lowPriices
    2016-01-29 18:35 - 2015-02-04 18:01 - 00003090 _____ C:\WINDOWS\System32\Tasks\RegClean Pro
    2016-01-29 18:27 - 2015-03-29 18:23 - 00000000 ____D C:\Program Files (x86)\cheAp4alol
    2016-01-29 18:27 - 2015-03-28 21:53 - 00000000 ____D C:\Program Files (x86)\burowseaonddshop
    2016-01-29 17:53 - 2015-11-05 22:48 - 00000000 ____D C:\Users\bogdan\AppData\Roaming\WarThunder
    2016-01-29 17:43 - 2015-08-24 10:43 - 00000362 _____ C:\WINDOWS\Tasks\Optscan.job
    2016-01-15 17:44 - 2015-01-07 20:37 - 00003890 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1420659417
    2016-01-01 15:02 - 2015-02-04 18:01 - 00000280 _____ C:\WINDOWS\Tasks\RegClean Pro_DEFAULT.job
    2016-01-01 12:58 - 2015-11-05 22:52 - 00002377 _____ C:\WINDOWS\SysWOW64\findit.xml
    2015-01-07 20:38 - 2015-01-07 20:38 - 0613057 _____ (CMI Limited) C:\Users\bogdan\AppData\Local\nstF22.tmp
    EmptyTemp:

    W FRST wybierz Napraw.

    Usun wszystko co wykyl mbam.

    Po wykonaniu zamiesc nowe logi z FRST, ze skanowania.

    0