Ponowny problem

[heisenberg03]

Witam,
Kilka tygodni temu miałem problem z komputerem, wszystko działało dobrze po naprawieniu, teraz ponownie mam ten sam problem: bezpieczenstwo/bardzo-wolno-dzialajacy-laptop-strony-internetowe-t32302.html

Wstawiam aktualne logi:
Dostępne tylko dla zarejestrowanych użytkowników
Dostępne tylko dla zarejestrowanych użytkowników
Dostępne tylko dla zarejestrowanych użytkowników

Pozdrawiam

[djarta]

1. Otwórz notatnik i wklej:

CloseProcesses:
R1 {11ae8de1-edc8-48db-89f9-6fe01ea64977}Gw; C:\Windows\System32\drivers\{11ae8de1-edc8-48db-89f9-6fe01ea64977}Gw.sys [43160 2015-01-11] (StdLib)
R1 {3ccdf8a3-c4bd-43a9-8881-19acc521372a}Gw; C:\Windows\System32\drivers\{3ccdf8a3-c4bd-43a9-8881-19acc521372a}Gw.sys [43160 2015-01-14] (StdLib)
R1 {9664e2fb-2479-4d9b-8d32-25d1e0f46b03}Gw; C:\Windows\System32\drivers\{9664e2fb-2479-4d9b-8d32-25d1e0f46b03}Gw.sys [43160 2015-01-17] (StdLib)
R2 SPDRIVER_1473.0.0.0; C:\Program Files\ShopperPro\JSDriver\1473.0.0.0\jsdrv.sys [41320 2015-01-15] ()
C:\Program Files\ShopperPro
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [464384 2015-01-15] (SysTool PasSame LIMITED) [File not signed]
R2 Update Reverse Page; C:\Program Files\Reverse Page\updateReversePage.exe [529656 2015-01-20] ()
R2 Util Reverse Page; C:\Program Files\Reverse Page\bin\utilReversePage.exe [529656 2015-01-20] ()
R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [6079848 2015-01-14] (Reimage®)
R2 IHProtect Service; C:\Program Files\XTab\ProtectService.exe [158864 2015-01-08] (XTab system)
CHR HKLM\...\Chrome\Extension: [aaaaadgepjkdffhjbkfjgnnffnfcffbg] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaadgepjkdffhjbkfjgnnffnfcffbg.crx [2015-01-16]
C:\Users\Perek\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkpckdjkmmgflnghjdokniaakigbfofa
C:\Users\Perek\AppData\Local\Google\Chrome\User Data\Default\Extensions\hndhjghaemchoegbhdbaokppddnoieif
C:\Users\Perek\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi
C:\Users\Perek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaadgepjkdffhjbkfjgnnffnfcffbg
CHR HomePage: Default -> hxxp://isearch.omiga-plus.com/?type=hp& ... PJEGAUPJEX
CHR StartupUrls: Default -> "hxxp://isearch.omiga-plus.com/?type=hp&ts=1421355967&from=pcs&uid=HitachiXHTS547564A9E384_J25N0054GAUPJEGAUPJEX"
CHR DefaultSearchKeyword: Default -> omiga-plus
AutoConfigURL: [S-1-5-21-214469192-3729643725-152540026-1000] => file://C:\Program Files\Reverse Page\bin\Pac9064.js
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Dostępne tylko dla zarejestrowanych użytkowników
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Dostępne tylko dla zarejestrowanych użytkowników
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}
HKU\S-1-5-21-214469192-3729643725-152540026-1000\Software\Microsoft\Internet Explorer\Main,Start Page = Dostępne tylko dla zarejestrowanych użytkowników
HKU\S-1-5-21-214469192-3729643725-152540026-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Dostępne tylko dla zarejestrowanych użytkowników
URLSearchHook: [S-1-5-21-214469192-3729643725-152540026-1000] ATTENTION ==> Default URLSearchHook is missing.
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM -> {589B893E-773C-4941-88C2-0DCC718E621C} URL = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&a=tpl_idaddy2_15_02&cd=2XzuyEtN2Y1L1Qzu0EtD0Bzy0AyDtDyCyB0Ezzzzzzzz0DzytN0D0Tzu0StCtCtDyCtN1L2XzutAtFyCtFyCtFtDtN1L1Czu2Z1E1I1V1L1Q1T1Q1Q2UtBtN1L1G1B1V1N2Y1L1Qzu2SyEyDtDtAzz0A0FtCtGtAtDzyyDtG0EyDyB0DtGtA0F0F0EtGtCtDyC0B0E0EyDzzyD0Fzz0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyDyByDtAtA0AyCtGtC0C0ByDtGyE0EtDyCtG0B0DtCtBtG0EtAyB0C0BtA0DzzzytA0Azy2Q&cr=1613293932&ir=
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&a=tpl_idaddy2_15_02&cd=2XzuyEtN2Y1L1Qzu0EtD0Bzy0AyDtDyCyB0Ezzzzzzzz0DzytN0D0Tzu0StCtCtDyCtN1L2XzutAtFyCtFyCtFtDtN1L1Czu2Z1E1I1V1L1Q1T1Q1Q2UtBtN1L1G1B1V1N2Y1L1Qzu2StAtBtC0Dzz0DzztDtGyE0FtC0BtGzzzyyC0AtGyByE0D0CtGtD0Dzz0Dzz0BtDyCzyyByE0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyDyByDtAtA0AyCtGtC0C0ByDtGyE0EtDyCtG0B0DtCtBtG0EtAyB0C0BtA0DzzzytA0Azy2Q&cr=782774570&ir=
SearchScopes: HKU\S-1-5-21-214469192-3729643725-152540026-1000 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}
SearchScopes: HKU\S-1-5-21-214469192-3729643725-152540026-1000 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}
SearchScopes: HKU\S-1-5-21-214469192-3729643725-152540026-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}
SearchScopes: HKU\S-1-5-21-214469192-3729643725-152540026-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}
SearchScopes: HKU\S-1-5-21-214469192-3729643725-152540026-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}
SearchScopes: HKU\S-1-5-21-214469192-3729643725-152540026-1000 -> {589B893E-773C-4941-88C2-0DCC718E621C} URL = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}
SearchScopes: HKU\S-1-5-21-214469192-3729643725-152540026-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}
SearchScopes: HKU\S-1-5-21-214469192-3729643725-152540026-1000 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}
SearchScopes: HKU\S-1-5-21-214469192-3729643725-152540026-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-214469192-3729643725-152540026-1000\...\Run: [SPDriver] => C:\Program Files\ShopperPro\JSDriver\1473.0.0.0\jsdrv.exe [3224576 2015-01-15] ()
HKU\S-1-5-21-214469192-3729643725-152540026-1000\...\MountPoints2: {7ab2a8f1-9776-11e2-9c10-6c626d2b98fd} - G:\autorun.exe
HKU\S-1-5-21-214469192-3729643725-152540026-1001\...\Run: [ROC_JAN2013_TB] => "C:\Program Files\AVG Secure Search\ROC_JAN2013_TB.exe" /PROMPT /CMPID=JAN2013_TB
AppInit_DLLs: C:/PROGRA~2/{4C8EA~1/dani.dll => C:/PROGRA~2/{4C8EA~1/dani.dll [634880 2014-12-22] ()
HKLM\...\Run: [ApnTBMon] => C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1938840 2015-01-15] (APN)
HKLM\...\Run: [SPDriver] => C:\Program Files\ShopperPro\JSDriver\1473.0.0.0\jsdrv.exe [3224576 2015-01-15] ()
C:/PROGRA~2/{4C8EA~1
2015-01-17 17:20 - 2015-01-17 17:20 - 00007421 _____ () C:\Windows\system32\ScanResults.xml
2015-01-17 16:36 - 2015-01-17 16:36 - 00000000 ____D () C:\Users\Perek\AppData\Local\AskPartnerNetwork
2015-01-17 16:35 - 2015-01-17 16:35 - 00662424 _____ (Ask Partner Network) C:\Users\Perek\Documents\APNSetup.exe
2015-01-17 16:35 - 2015-01-17 16:35 - 00000000 ____D () C:\ProgramData\AskPartnerNetwork
2015-01-17 16:35 - 2015-01-17 16:35 - 00000000 ____D () C:\ProgramData\APN
2015-01-17 16:35 - 2015-01-17 16:35 - 00000000 ____D () C:\Program Files\AskPartnerNetwork
2015-01-17 16:21 - 2015-01-17 06:34 - 00043160 _____ (StdLib) C:\Windows\system32\Drivers\{9664e2fb-2479-4d9b-8d32-25d1e0f46b03}Gw.sys
2015-01-15 21:06 - 2015-01-15 21:23 - 00000000 ____D () C:\ProgramData\MailUpdate
2015-01-15 21:06 - 2015-01-15 21:06 - 00000000 ____D () C:\Users\Perek\AppData\Roaming\omiga-plus
2015-01-15 21:06 - 2015-01-15 21:06 - 00000000 ____D () C:\Users\Perek\AppData\Roaming\MailUpdate
2015-01-15 21:06 - 2015-01-15 21:06 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2015-01-15 21:06 - 2015-01-15 21:06 - 00000000 ____D () C:\ProgramData\IHProtectUpDate
2015-01-15 21:06 - 2015-01-15 21:06 - 00000000 ____D () C:\Program Files\XTab
2015-01-15 20:54 - 2015-01-15 20:54 - 00001093 _____ () C:\Users\Perek\Desktop\Continue Live Installation.lnk
2015-01-15 18:44 - 2015-01-15 18:44 - 00000000 ____D () C:\Users\Perek\Documents\DoctorPC
2015-01-15 18:44 - 2015-01-15 18:44 - 00000000 ____D () C:\Users\Perek\AppData\Local\Doctor_PC
2015-01-15 18:43 - 2015-01-15 18:43 - 05028808 _____ (Doctor PC) C:\Users\Perek\Desktop\Setup_product_24735.exe
2015-01-15 18:43 - 2015-01-15 18:43 - 00000000 ____D () C:\Program Files\Search Extensions
2015-01-15 18:41 - 2015-01-15 18:41 - 00000000 ____D () C:\Users\Public\Documents\ShopperPro
2015-01-15 18:41 - 2015-01-15 18:41 - 00000000 ____D () C:\ProgramData\ShopperPro
2015-01-15 18:41 - 2015-01-15 18:41 - 00000000 ____D () C:\Program Files\ShopperPro
2015-01-15 18:40 - 2015-01-15 18:43 - 00000000 ____D () C:\Users\Perek\Documents\ProPCCleaner
2015-01-15 18:40 - 2015-01-15 18:40 - 00000000 ____D () C:\Users\Perek\AppData\Local\Pro_PC_Cleaner
2015-01-15 18:40 - 2015-01-15 18:40 - 00000000 ____D () C:\Users\Perek\AppData\Local\CrashRpt
2015-01-14 21:57 - 2015-01-14 13:35 - 00043160 _____ (StdLib) C:\Windows\system32\Drivers\{3ccdf8a3-c4bd-43a9-8881-19acc521372a}Gw.sys
2015-01-13 18:14 - 2015-01-13 18:14 - 00243664 _____ () C:\Users\Perek\Downloads\Firefox Setup Stub 35.0.exe
2015-01-11 19:23 - 2015-01-11 07:26 - 00043160 _____ (StdLib) C:\Windows\system32\Drivers\{11ae8de1-edc8-48db-89f9-6fe01ea64977}Gw.sys
2015-01-11 19:17 - 2015-01-11 19:17 - 00000000 ____D () C:\Program Files\WSE_Taplika
2015-01-11 19:16 - 2015-01-20 17:36 - 00000000 ____D () C:\Program Files\Reverse Page
2015-01-11 19:15 - 2015-01-16 07:49 - 00000000 ____D () C:\Program Files\globalUpdate
2015-01-11 19:15 - 2015-01-15 18:39 - 00000000 ____D () C:\Program Files\TheHDvid-Codec C+
2015-01-11 19:15 - 2015-01-11 19:15 - 00000000 ____D () C:\Users\Perek\AppData\Local\globalUpdate
2014-12-30 18:27 - 2015-01-17 17:17 - 00000464 _____ () C:\Windows\system32\ScannerSettings
2014-12-28 18:33 - 2014-12-28 18:33 - 00076224 _____ () C:\Users\Perek\Downloads\FLVPlayer-Chrome.exe
2014-12-22 16:21 - 2014-12-22 16:21 - 00000000 ____D () C:\Users\Perek\Documents\Temp
2014-12-22 16:21 - 2014-12-22 16:21 - 00000000 ____D () C:\Users\Perek\AppData\Roaming\AnvSoft
2014-12-22 15:24 - 2015-01-14 16:13 - 00000000 ____D () C:\ProgramData\Reimage Protector
2014-12-22 15:24 - 2014-12-27 12:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair
2014-12-22 15:24 - 2014-12-22 15:24 - 00002014 _____ () C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk
2014-12-22 15:23 - 2015-01-14 16:13 - 00000099 _____ () C:\Windows\Reimage.ini
2014-12-22 15:23 - 2014-12-27 12:51 - 00000000 ____D () C:\ProgramData\{4C8EA44D-1C0C-75CB-AD8A-05497D08D6C7}
2014-12-22 15:23 - 2014-12-27 12:50 - 00000000 ____D () C:\Program Files\WSE_Vosteran
2014-12-22 15:23 - 2014-12-22 15:24 - 00000000 ____D () C:\rei
2014-12-22 15:23 - 2014-12-22 15:24 - 00000000 ____D () C:\Program Files\Reimage
2014-12-22 15:23 - 2014-12-22 15:23 - 07725608 _____ (Alcohol Soft Development Team) C:\Users\Perek\Downloads\Alcohol120_FE_2.0.3.6951.exe
2014-12-22 15:23 - 2014-12-22 15:23 - 00000000 ____D () C:\Users\Perek\AppData\Roaming\WSE_Vosteran
2014-12-22 15:21 - 2014-12-22 15:21 - 00762432 _____ ( ) C:\Users\Perek\Downloads\pobierz_Alcohol_FE.exe
2014-09-01 08:18 - 2014-09-01 08:18 - 0002086 _____ () C:\Users\Perek\AppData\Roaming\AK
2014-09-01 08:18 - 2014-09-01 08:18 - 0001248 _____ () C:\Users\Perek\AppData\Roaming\ELGJJRO
Task: {0C826767-E8F0-4233-BCD0-C274C90592B7} - System32\Tasks\{B25EA380-07B2-45D6-A8B2-B418412B3C1B} => pcalua.exe -a C:\Users\Perek\AppData\Roaming\omiga-plus\UninstallManager.exe -c -ptid=tugs <==== ATTENTION
Task: {17366593-FA61-4369-9BFC-2AE8F2227270} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-214469192-3729643725-152540026-1000Core => C:\Users\Perek\AppData\Local\Google\Update\GoogleUpdate.exe [2014-12-03] (Google Inc.)
Task: {31AE38C1-BCFF-4F27-B92F-C57C53E72A37} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION
Task: {3FCC291A-68BE-4EC6-BC5A-44DBD7030367} - System32\Tasks\SMupdate1 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update1 <==== ATTENTION
Task: {4E524C52-B194-403C-88D3-3F63C9D9F83E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-12-03] (Google Inc.)
Task: {4ECD4225-46ED-4ED9-864B-C2043B22C3BF} - System32\Tasks\SPDriver => C:\Program Files\ShopperPro\JSDriver\1473.0.0.0\jsdrv.exe [2015-01-15] () <==== ATTENTION
Task: {51E77D80-D269-4210-9B60-223F7D6772A7} - System32\Tasks\{2D09B206-0372-4BD3-894D-A0759514B8E9} => pcalua.exe -a C:\Users\Perek\AppData\Local\Temp\$PowerISO$\Setup.exe -d "C:\Users\Perek\Downloads\The Sting"
Task: {61902E4F-B4CB-46FA-84E1-04915248858B} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2015-01-14] (Reimage®) <==== ATTENTION
Task: {6CC425B0-A74F-496B-B28D-05A4FE64631B} - System32\Tasks\YTDownloader => C:\Program Files\YTDownloader\YTDownloader.exe [2015-01-13] (YTDownloader) <==== ATTENTION
Task: {7191D1DB-2FF4-4908-AC1F-55E6F91DA4EE} - System32\Tasks\ShopperPro => C:\Program Files\ShopperPro\ShopperPro.exe [2015-01-15] (Goobzo LTD) <==== ATTENTION
Task: {8AB7ACC3-9BAF-4297-9F32-9106D410BCD5} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {8F40A9E1-BBD0-4D39-AF8C-F9D2C233ACC4} - System32\Tasks\ProPCCleaner_Start => C:\Program Files\Pro PC Cleaner\ProPCCleaner.exe
Task: {A9B71345-77EE-4EE9-9751-A5DC8A14EC63} - System32\Tasks\ShopperProJSUpd => C:\Program Files\ShopperPro\updater.exe [2015-01-15] (Goobzo) <==== ATTENTION
Task: {AC1942B2-AC18-4B1C-B6CD-68FB828780DC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-214469192-3729643725-152540026-1000UA => C:\Users\Perek\AppData\Local\Google\Update\GoogleUpdate.exe [2014-12-03] (Google Inc.)
Task: {AE9D471E-48EE-4154-BFE8-2D21A9C5E540} - System32\Tasks\ProPCCleaner_Popup => C:\Program Files\Pro PC Cleaner\Splash.exe
Task: {AFEDCDF7-C48C-449F-9936-658C5A52D926} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-12-03] (Google Inc.)
Task: {D33CA95D-AC75-43B3-8E5B-4747D7B5E4F4} - System32\Tasks\DoctorPC_Start => C:\Program Files\Doctor PC\DoctorPC.exe
Task: {D576EDB0-6C2A-4492-99A5-0D2BAE8B0EAC} - System32\Tasks\YTDownloaderUpd => C:\Program Files\YTDownloader\updater.exe [2015-01-13] (Goobzo) <==== ATTENTION
Task: {D64E9190-C799-499E-926B-056166DD5062} - System32\Tasks\DoctorPC_Popup => C:\Program Files\Doctor PC\Splash.exe
Task: {E8750239-F2E2-4342-86A8-6B7EFD16408D} - System32\Tasks\RocketTab Update Task => C:\Program Files\Search Extensions\uninstall.exe [2015-01-15] () <==== ATTENTION
Task: {E91620FD-DA1A-4AA3-9A54-95F69F101888} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION
Task: {EE0A1A44-9F71-4C42-B035-485ECD525842} - System32\Tasks\RocketTab => cmd.exe /C start "" "C:\Program Files\Search Extensions\Client.exe" /Preferred=true <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> "C:\Users\Perek\AppData\Local\Google\Update\1.3.22.3\GoogleUpdateOnDemand.exe" No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1000_Classes\CLSID\{29338A4E-EA7B-C60B-E375-0A0639D4CE92}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> "C:\Users\Perek\AppData\Local\Google\Update\1.3.22.3\GoogleUpdateOnDemand.exe" No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1000_Classes\CLSID\{343AAE16-A167-0F63-19E2-7E08693A5A98}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Perek\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> "C:\Users\Perek\AppData\Local\Google\Update\1.3.22.3\GoogleUpdateOnDemand.exe" No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1000_Classes\CLSID\{56CBD3CF-BF99-4DF5-851F-F5B9B57496A1}\InprocServer32 -> C:\ProgramData\{D9E629DC-CB1C-4A97-9900-81922B4EFFD4}\perftrack.dll No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1000_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\Perek\AppData\Local\Google\Chrome\Application\39.0.2171.71\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Perek\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1000_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\Perek\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Perek\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Perek\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Perek\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Perek\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> "C:\Users\Perek\AppData\Local\Google\Update\1.3.22.3\GoogleUpdateOnDemand.exe" No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Perek\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{010833F3-751A-402F-9FCC-C365B6A12E41}\localserver32 -> C:\Users\UpdatusUser\Downloads\BESTplayer.exe No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Perek\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.99\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Perek\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.69\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> "C:\Users\Perek\AppData\Local\Google\Update\1.3.21.79\GoogleUpdateOnDemand.exe" No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{29338A4E-EA7B-C60B-E375-0A0639D4CE92}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> "C:\Users\Perek\AppData\Local\Google\Update\1.3.21.79\GoogleUpdateOnDemand.exe" No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.79\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{343AAE16-A167-0F63-19E2-7E08693A5A98}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\UpdatusUser\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> "C:\Users\Perek\AppData\Local\Google\Update\1.3.21.79\GoogleUpdateOnDemand.exe" No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{56CBD3CF-BF99-4DF5-851F-F5B9B57496A1}\InprocServer32 -> C:\ProgramData\{D9E629DC-CB1C-4A97-9900-81922B4EFFD4}\perftrack.dll No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> "C:\Users\Perek\AppData\Local\Google\Chrome\Application\21.0.1180.83\delegate_execute.exe" No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\UpdatusUser\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.115\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb.dll No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> "C:\Users\Perek\AppData\Local\Google\Update\1.3.21.79\GoogleUpdateOnDemand.exe" No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.79\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File
Emptytemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok narzędzia FRST. Uruchom FRST i kliknij w Fix.

2. Odinstaluj: Buzzdock / FLVPlayer / omiga-plus uninstall / Reverse Page / RocketTab / Search App by Ask / Shopper-Pro

3. Użyj >Dostępne tylko dla zarejestrowanych użytkowników
najpierw kliknij na SZUKAJ, a dopiero po zakończeniu skanowania, gdy uaktywni się przycisk USUŃ, to kliknij na niego.
Pokaż raport z niego C:\AdwCleaner\AdwCleaner[S].txt

4. Uruchom Dostępne tylko dla zarejestrowanych użytkowników. Wciśnij dowolny klawisz i czekaj, aż skończy się operacja. (UWAGA: podczas pobierania, programy mogą wskazywać, że to jest zagrożenie, proszę to zignorować). Pokaż raport.

5. Wykonaj i wklej nowe logi z FRST.

[heisenberg03]

Adw-cleaner:
Dostępne tylko dla zarejestrowanych użytkowników

JRT:
Dostępne tylko dla zarejestrowanych użytkowników

Nowe logi:
Dostępne tylko dla zarejestrowanych użytkowników
Dostępne tylko dla zarejestrowanych użytkowników
Dostępne tylko dla zarejestrowanych użytkowników

[djarta]

1. Otwórz notatnik i wklej:

CloseProcesses:
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U45) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll No File
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\39.0.2171.99\internal-nacl-plugin No File
C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Users\Perek\AppData\Roaming\Mozilla\Firefox\Profiles\kl9gwzk2.default\extensions\{11ae8de1-edc8-48db-89f9-6fe01ea64977}.xpi
URLSearchHook: [S-1-5-21-214469192-3729643725-152540026-1000] ATTENTION ==> Default URLSearchHook is missing.
HKU\S-1-5-21-214469192-3729643725-152540026-1001\...\Run: [ROC_JAN2013_TB] => "C:\Program Files\AVG Secure Search\ROC_JAN2013_TB.exe" /PROMPT /CMPID=JAN2013_TB
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{010833F3-751A-402F-9FCC-C365B6A12E41}\localserver32 -> C:\Users\UpdatusUser\Downloads\BESTplayer.exe No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Perek\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.99\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Perek\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.69\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> "C:\Users\Perek\AppData\Local\Google\Update\1.3.21.79\GoogleUpdateOnDemand.exe" No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{29338A4E-EA7B-C60B-E375-0A0639D4CE92}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> "C:\Users\Perek\AppData\Local\Google\Update\1.3.21.79\GoogleUpdateOnDemand.exe" No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.79\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{343AAE16-A167-0F63-19E2-7E08693A5A98}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\UpdatusUser\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> "C:\Users\Perek\AppData\Local\Google\Update\1.3.21.79\GoogleUpdateOnDemand.exe" No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{56CBD3CF-BF99-4DF5-851F-F5B9B57496A1}\InprocServer32 -> C:\ProgramData\{D9E629DC-CB1C-4A97-9900-81922B4EFFD4}\perftrack.dll No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> "C:\Users\Perek\AppData\Local\Google\Chrome\Application\21.0.1180.83\delegate_execute.exe" No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\UpdatusUser\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.115\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb.dll No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> "C:\Users\Perek\AppData\Local\Google\Update\1.3.21.79\GoogleUpdateOnDemand.exe" No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.79\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-214469192-3729643725-152540026-1001_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File

Plik zapisz pod nazwą fixlist.txt i umieść obok narzędzia FRST. Uruchom FRST i kliknij w Fix.

2. Wykonaj wszystko z tego tematu: Kroki kończące temat.
Końcowo pokazujesz: raport z DelFix oraz raport z pełnego skanowania Malwarebytes

[heisenberg03]

Kroki kończące:
Dostępne tylko dla zarejestrowanych użytkowników
Dostępne tylko dla zarejestrowanych użytkowników

[djarta]

Te dwa śmietki do usunięcia.