Problem z ładowaniem Facebook'a Windows 8

Kviki · 24 Marzec 2015 12:08

Witajcie,

Od pewnego czasu mam problem z ładowaniem się Facebooka. Strona albo nie ładuje się wcale albo ładuje się tylko cząstkowo. Podobną sytuację mam też na inncyh portalach informacyjnych gdzie jest dużo grafik oraz tekstu. Przeskanowałem system i usunąlem kilka malwarów ale nic to nie pomogło.

Poniżej wklejam linki do plików FRST oraz Addition

http://www.wklej.org/id/1670265/

http://www.wklej.org/id/1670264/

Z góry dzieki za pomoc

Adam

Atis · 24 Marzec 2015 16:58

Odinstaluj McAfee Security Scan Plus.

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :

CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-4047087620-4191685209-3508224715-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-4047087620-4191685209-3508224715-1001\...\Run: [Udthmedia] => C:\Users\Adam Kwiek\AppData\Local\Udthmedia\tmp2E15.exe [135240 2015-03-22] ()
Startup: C:\Users\Adam Kwiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AtBroker.lnk
Startup: C:\Users\Adam Kwiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DeviceProperties.lnk
Startup: C:\Users\Adam Kwiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DWWIN.lnk
Startup: C:\Users\Adam Kwiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\grpconv.lnk
Startup: C:\Users\Adam Kwiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\label.lnk
Startup: C:\Users\Adam Kwiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LocationNotifications.lnk
Startup: C:\Users\Adam Kwiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\srdelayed.lnk
SearchScopes: HKU\S-1-5-21-4047087620-4191685209-3508224715-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4047087620-4191685209-3508224715-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
FF Extension: System.Random - C:\Users\Adam Kwiek\AppData\Roaming\Mozilla\Firefox\Profiles\f6zcftps.default\Extensions\{4E6CC0FD-B320-B501-5347-27209A916E48} [2015-03-09]
FF Extension: Strong Signal - C:\Users\Adam Kwiek\AppData\Roaming\Mozilla\Firefox\Profiles\f6zcftps.default\Extensions\{70d7db02-623e-44ed-b5a4-769e869a9322}.xpi [2015-03-11]
FF HKU\S-1-5-21-4047087620-4191685209-3508224715-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.google.com/service/update2/crx
S3 hwusbfake; \SystemRoot\system32\DRIVERS\ewusbfake.sys [X]
S1 kvlfynyy; \??\C:\Windows\system32\drivers\kvlfynyy.sys [X]
S1 lpxhftuf; \??\C:\Windows\system32\drivers\lpxhftuf.sys [X]
U0 msahci; system32\drivers\msahci.sys
S1 qapbgqzp; \??\C:\Windows\system32\drivers\qapbgqzp.sys [X]
S1 reubejfu; \??\C:\Windows\system32\drivers\reubejfu.sys [X]
S1 ssfizgyo; \??\C:\Windows\system32\drivers\ssfizgyo.sys [X]
S1 thikmweb; \??\C:\Windows\system32\drivers\thikmweb.sys [X]
S1 vnkzmxcn; \??\C:\Windows\system32\drivers\vnkzmxcn.sys [X]
S1 vxjpecbi; \??\C:\Windows\system32\drivers\vxjpecbi.sys [X]
2015-03-18 15:56 - 2015-03-18 16:55 - 00000000 ____ D () C:\AdwCleaner
015-03-09 16:10 - 2015-03-22 21:06 - 00000000 ____ D () C:\Users\Adam Kwiek\AppData\Local\Udthmedia
2015-03-09 16:10 - 2015-03-15 21:40 - 00000000 ____ D () C:\Users\Adam Kwiek\AppData\Local\Ujpzmedia
2015-02-23 10:56 - 2015-02-23 10:57 - 00000000 ____ D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-07-30 10:16 - 2014-09-25 18:07 - 0000346 ___SH () C:\Users\Adam Kwiek\AppData\Local\70149b02515b3bb20dd492.47983420
2014-09-09 11:51 - 2014-09-09 11:51 - 0617277 _____ (ClickMeIn Limited) C:\Users\Adam Kwiek\AppData\Local\nsvF62E.tmp
2014-03-08 15:13 - 2014-03-08 15:13 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2014-03-08 15:12 - 2014-03-08 15:13 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log
2014-03-08 15:11 - 2014-03-08 15:12 - 0000110 _____ () C:\ProgramData\{E3739848-5329-48E3-8D28-5BBD6E8BE384}.log
C:\Windows\Tasks\{93B25E72-9BB0-483B-9A0E-AA558E1AD8B1}.job
Task: {3A6FA503-5C7B-453F-B31B-41C7660B05D6} - System32\Tasks\Trojan Killer => C:\Program Files\GridinSoft Trojan Killer\trojankiller.exe
Task: {6E86EAEC-5B7B-4236-BF79-DB6DB26DE916} - System32\Tasks\{93B25E72-9BB0-483B-9A0E-AA558E1AD8B1} => C:\Users\ADAMKW~1\AppData\Local\Temp\is-SJKL8.tmp\XRD Manager.exe <==== ATTENTION
Task: {83322123-B589-432A-BB1C-1ACD63E69E42} - System32\Tasks\srdelayed => C:\Users\Adam Kwiek\AppData\Roaming\Microsoft\Windows\IEUpdate\srdelayed.exe
Task: {881157C0-E8BD-4FE0-A0F2-73BFFD4E3254} - \AutoPico Daily Restart No Task File <==== ATTENTION
Task: {8EE14E5D-DA4A-4E82-A822-5FACA49A67CD} - System32\Tasks\YTDownloader => C:\Program Files (x86)\YTDownloader\YTDownloader.exe <==== ATTENTION
Task: {BE60EC88-A400-4BBE-BF25-835D38982E1E} - System32\Tasks\SMupdate1 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update1 <==== ATTENTION
Task: C:\Windows\Tasks\{93B25E72-9BB0-483B-9A0E-AA558E1AD8B1}.job => C:\Users\ADAMKW~1\AppData\Local\Temp\is-SJKL8.tmp\XRD Manager.exe/exenoupdates /exelang 1045 /noprereqs /qr AI_RESUME=1 ADDLOCAL=MainFeature,XRDdrivers64 ACTION=INSTALL EXECUTEACTION=INSTALL ROOTDRIVE D:\ TRANSFORMS=:1045 AI_PREREQFILES=C:\Users\ADAMKW~1\AppData\Local\Temp\{93B25E72-9BB0-483B-9A0E-AA558E1AD8B1}\drivers64.msi AI_PREREQDIRS=C:\Users\ADAMKW~1\AppData\Local\Temp AI_SETUPEXEPATH=C:\Users\ADAMKW~1\AppData\Local\Temp\is-SJKL8.tmp\XRD Manager.exe SETUPEXEDIR=C:\Users\ADAMKW~1\AppData\Local\Temp\is-SJKL8.tmp <==== ATTENTION
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
EmptyTemp:

Uruchom FRST i kliknij Fix. Pokaż raport z usuwania Fixlog.

Kliknij Scan i pokaż nowy raport z FRST bez Addition.

Kviki · 24 Marzec 2015 17:56

Poniżej logi:

http://wklej.org/id/1670556/ - fixlog

http://wklej.org/id/1670564/ - FRST

I do tego po ponownym uruchomieniu komputera dostałem taki komunikat:

Atis · 24 Marzec 2015 22:49

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :

CloseProcesses:
ShellIconOverlayIdentifiers: [0WinSecurityProvider] -> {F76FA5C2-3B6A-451E-8CA5-34C8D0AE0637} => C:\ProgramData\Microsoft\Security\Client\SecurityProvider.dll ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local: [ActivePolicy] SOFTWARE\Policies\Microsoft\Windows\IPSEC\Policy\Local\ipsecPolicy{022c570a-dc82-48e2-9e18-5c7b4739ed95} <======= ATTENTION (Policy Restriction on IP)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.<HTML><HEAD><TITLE> Web Authentication Redirect</TITLE><META http-equiv="Cache-control" content="no-cache"><META http-equiv="Pragma" content="no-cache"><META http-equiv="Expires" content="-1"><META http-equiv="refresh" content="1; URL=https://wifiguest-pl.D???.com/?type=hppp&ts=1420404331&from=cor&uid=HGSTXHTS721075A9E630_JR12006QG0KLHEG0KLHEX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://isearch.<HTML><HEAD><TITLE> Web Authentication Redirect</TITLE><META http-equiv="Cache-control" content="no-cache"><META http-equiv="Pragma" content="no-cache"><META http-equiv="Expires" content="-1"><META http-equiv="refresh" content="1; URL=https://wifiguest-pl.D???.com/?type=hppp&ts=1420404331&from=cor&uid=HGSTXHTS721075A9E630_JR12006QG0KLHEG0KLHEX
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.<HTML><HEAD><TITLE> Web Authentication Redirect</TITLE><META http-equiv="Cache-control" content="no-cache"><META http-equiv="Pragma" content="no-cache"><META http-equiv="Expires" content="-1"><META http-equiv="refresh" content="1; URL=https://wifiguest-pl.D???.com/?type=hppp&ts=1420404331&from=cor&uid=HGSTXHTS721075A9E630_JR12006QG0KLHEG0KLHEX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.<HTML><HEAD><TITLE> Web Authentication Redirect</TITLE><META http-equiv="Cache-control" content="no-cache"><META http-equiv="Pragma" content="no-cache"><META http-equiv="Expires" content="-1"><META http-equiv="refresh" content="1; URL=https://wifiguest-pl.D???.com/?type=hppp&ts=1420404331&from=cor&uid=HGSTXHTS721075A9E630_JR12006QG0KLHEG0KLHEX
HKU\S-1-5-21-4047087620-4191685209-3508224715-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.<HTML><HEAD><TITLE> Web Authentication Redirect</TITLE><META http-equiv="Cache-control" content="no-cache"><META http-equiv="Pragma" content="no-cache"><META http-equiv="Expires" content="-1"><META http-equiv="refresh" content="1; URL=https://wifiguest-pl.D???.com/?type=hppp&ts=1420404331&from=cor&uid=HGSTXHTS721075A9E630_JR12006QG0KLHEG0KLHEX
HKU\S-1-5-21-4047087620-4191685209-3508224715-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.<HTML><HEAD><TITLE> Web Authentication Redirect</TITLE><META http-equiv="Cache-control" content="no-cache"><META http-equiv="Pragma" content="no-cache"><META http-equiv="Expires" content="-1"><META http-equiv="refresh" content="1; URL=https://wifiguest-pl.D???.com/?type=hppp&ts=1420404331&from=cor&uid=HGSTXHTS721075A9E630_JR12006QG0KLHEG0KLHEX
FF Plugin-x32: adobe.com/AdobeExManDetect -> F:\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll No File
2015-01-07 15:43 - 2015-01-07 15:43 - 0000268 ___RH () C:\Users\Adam Kwiek\AppData\Roaming\manual
2014-10-05 19:23 - 2015-03-11 10:22 - 0000549 _____() C:\Users\Adam Kwiek\AppData\Roaming\__AvidCloudManager.log
2014-10-05 19:23 - 2015-02-13 12:23 - 0000904 _____() C:\Users\Adam Kwiek\AppData\Roaming\__AvidCloudManagerPrevious.log
C:\ProgramData\Microsoft\Security
EmptyTemp:

Uruchom FRST i kliknij Fix. Pokaż raport z usuwania Fixlog.

Kliknij Scan i pokaż nowy raport z FRST bez Addition.