Elektroda.pl
Elektroda.pl
X
CControls
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Chrome i Yoursites123 z "kumplami" - jak usunąć?

arczi72 10 Sty 2016 19:47 744 6
  • #1 10 Sty 2016 19:47
    arczi72
    Poziom 8  

    Jak wielu innych, mam problem z yoursites123 i kumplami (tbsearch.ask.com, yoursearching). Naprawiałem to resetując ustawienia Chrome i czyszcząc system AdwCleanerem wydawało mi się, że wszystko gra (Chrome działa normalnie), jednak po uruchomieniu (Chrome) i późniejszym skanowaniu AdwCleaner zawsze coś znajduje.

    W załączniku raporty z AdwCleanera i pliki FRST.
    To jest 1 komputer, którego dotyczy ten problem.

    0 6
  • CControls
  • #2 10 Sty 2016 20:35
    krzychupar
    Poziom 40  

    Odinstaluj
    AVG PC TuneUp
    Java 7 Update 71
    Otwórz notatnik systemowy i wklej:
    Task: {1CCAD82F-28F2-4DBC-B259-4686F2849F1E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA
    Task: {43CF2D8E-F07D-428B-B49C-9699C11F60FC} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA
    Task: {577105E4-5100-49BD-9395-EFF1F7E8CC98} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA
    Task: {66035F18-13BC-4112-87D1-8A06FD841F5C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA
    Task: {6D8BC274-8019-4055-BC55-09D7F04F95C1} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA
    Task: {7230879C-B31E-4F1C-BE95-F005BC588B9D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA
    Task: {BAF0C521-BEC7-475B-A45E-414B45645B60} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Brak pliku <==== UWAGA
    Task: {C4327429-EB1A-4348-84DF-020549C1C985} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA
    Task: {CA8F06DA-A4DA-4D20-B36D-E85BB40C3D6B} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA
    Task: {DBC3C269-9AE6-48F7-82FE-A21EEBF4DA11} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA
    Task: {F8D9B0B1-57D5-4F7B-A680-70A1134A40FD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"




    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
    HKLM\...\StartupApproved\Run: => "ThpSrv"
    HKLM\...\StartupApproved\Run: => "TPwrMain"
    HKLM\...\StartupApproved\Run: => "EvtMgr6"
    HKLM\...\StartupApproved\Run32: => "Adobe ARM"
    HKLM\...\StartupApproved\Run32: => "ISUSScheduler"
    HKLM\...\StartupApproved\Run32: => "TOSDCR"
    HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
    HKU\S-1-5-21-455602408-429144425-2276812224-1001\...\StartupApproved\StartupFolder: => "Tworzenie wycinków ekranu i uruchamianie programu OneNote 2010.lnk"
    HKU\S-1-5-21-455602408-429144425-2276812224-1001\...\StartupApproved\Run: => "IDMan"
    HKU\S-1-5-21-455602408-429144425-2276812224-1001\...\StartupApproved\Run: => "ISUSPM Startup"
    HKU\S-1-5-21-455602408-429144425-2276812224-1001\...\StartupApproved\Run: => "OfficeSyncProcess"
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
    HKLM\...\Run: [ThpSrv] => C:\Windows\system32\thpsrv /logon
    HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [1139112 2015-12-08] (AVG Technologies CZ, s.r.o.)
    HKU\S-1-5-21-455602408-429144425-2276812224-1001\...\RunOnce: [Uninstall C:\Users\Artur\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Artur\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"
    IFEO\AcroRd32.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\bip_camera1.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\bradminv3.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\btassist1.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\eccenter1.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\hwsetup.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\javacpl.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\javaw.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\javaws.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\msoxmled.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\mspscan.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\mspview.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\offdiag.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\pcdiag.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\silverlight.configuration.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\tosbtmng.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\tosbtproc1.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\tospu.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\usrguide.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO\wirelessftp1.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    SearchScopes: HKU\S-1-5-21-455602408-429144425-2276812224-1001 -> {74B898C3-CE9E-43EB-8B86-8CF6B45365E0} URL = hxxp://www.google.com/search?hl=pl&q={searchTerms}
    IE Session Restore: HKU\S-1-5-21-455602408-429144425-2276812224-1001 -> [funkcja włączona]
    DPF: HKLM-x32 {92ECE6FA-AC2E-4042-BFAE-0C8608E52A43} hxxps://www.bph.pl/pi/components/bph/SignActivX.cab
    2016-01-08 18:54 - 2016-01-10 18:05 - 00000000 ____D C:\AdwCleaner

    EmptyTemp:

    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom jako administrator FRST i kliknij w Fix/Napraw.

    0
  • CControls
  • #4 10 Sty 2016 21:47
    krzychupar
    Poziom 40  

    Usuń ręcznie C:\FRST i C:\AdwCleaner i te trzy pliki podane w Adwcleaner i wtedy sprawdź.

    0
  • #7 11 Sty 2016 09:06
    arczi72
    Poziom 8  

    Zgadza się, ale rest Chrom niewiele da, jeżeli później nie odznaczymy pól, tak na załączonym wyżej zrzucie. W sytuacji, kiedy mamy jedno konto na kilku komputerach, to za każdym Chrom pobierze sobie dane z chmury i problem o którym pisałem ciągle powraca. Dzięki za pomoc, może moja uwaga komuś pomoże :).

    0